package lease import ( "context" "fmt" "time" "edge-infra.dev/pkg/edge/api/graph/model" "edge-infra.dev/pkg/edge/edgeadmin/registrar" "edge-infra.dev/pkg/edge/edgecli" "edge-infra.dev/pkg/edge/edgecli/constructors" "edge-infra.dev/pkg/edge/edgecli/flagutil" "edge-infra.dev/pkg/lib/cli/command" "edge-infra.dev/pkg/lib/cli/rags" ) func getFlags(cfg *edgecli.Config) []*rags.Rag { flagsets := append(flagutil.GetCommonFlags(), flagutil.GetConnectionFlags(cfg)...) return append(flagsets, &rags.Rag{ Name: flagutil.StoreFlag, Value: &rags.String{}, Usage: "Store name", Required: true, }, &rags.Rag{ Name: flagutil.BannerFlag, Value: &rags.String{}, Usage: "Banner name", Required: true, }, &rags.Rag{ Name: flagutil.SecretTypeFlag, Value: &rags.String{}, Usage: "Secret type", Required: true, }, ) } // NewCmd command to view cluster secret lease func NewCmd(cfg *edgecli.Config) *command.Command { return &command.Command{ ShortUsage: "edge clustersecret lease", ShortHelp: "Commands to view/release/revoke cluster secrets", Commands: []*command.Command{ View(cfg), Release(cfg), Revoke(cfg), }, } } func View(cfg *edgecli.Config) *command.Command { var cmd *command.Command cmd = &command.Command{ ShortUsage: "edge clustersecret lease view", ShortHelp: "View the cluster secret lease credentials", Flags: getFlags(cfg), Exec: func(_ context.Context, _ []string) error { if err := flagutil.ValidateRequiredFlags(cmd.Rags); err != nil { return err } registrar, err := constructors.BuildRegistrar(cmd.Rags) if err != nil { return err } cluster, err := getCluster(cmd, registrar) if err != nil { fmt.Println("an error occurred whilst getting the cluster") return err } clusterSecretLease, err := getClusterSecretLease(cmd, registrar, cluster.ClusterEdgeID) if err != nil { fmt.Println("an error occurred whilst getting the cluster secret lease") return err } fmt.Printf("Cluster Secret Lease \n Owner: %s \n Expiration Time: %s \n Secret Types: %s \n", clusterSecretLease.Owner, clusterSecretLease.ExpiresAt, clusterSecretLease.SecretTypes) return nil }, } return cmd } func Release(cfg *edgecli.Config) *command.Command { var cmd *command.Command cmd = &command.Command{ ShortUsage: "edge clustersecret release", ShortHelp: "Release the cluster secret lease", Flags: getFlags(cfg), Exec: func(_ context.Context, _ []string) error { if err := flagutil.ValidateRequiredFlags(cmd.Rags); err != nil { return err } registrar, err := constructors.BuildRegistrar(cmd.Rags) if err != nil { return err } cluster, err := getCluster(cmd, registrar) if err != nil { fmt.Println("an error occurred whilst getting the cluster") return err } released, err := releaseClusterSecretLease(cmd, registrar, cluster.ClusterEdgeID) if err != nil { fmt.Println("an error occurred whilst releasing the cluster secret lease") return err } fmt.Printf("Released access: %t \n", released) return nil }, } return cmd } func Revoke(cfg *edgecli.Config) *command.Command { var cmd *command.Command cmd = &command.Command{ ShortUsage: "edge clustersecret revoke", ShortHelp: "Revoke the cluster secret lease credentials for another user", Flags: append(getFlags(cfg), &rags.Rag{ Name: flagutil.RevokeUsername, Value: &rags.String{}, Usage: "Revoke user", Required: true, }), Exec: func(_ context.Context, _ []string) error { if err := flagutil.ValidateRequiredFlags(cmd.Rags); err != nil { return err } registrar, err := constructors.BuildRegistrar(cmd.Rags) if err != nil { return err } cluster, err := getCluster(cmd, registrar) if err != nil { fmt.Println("an error occurred whilst getting the cluster") return err } username := flagutil.GetStringFlag(cmd.Rags, flagutil.RevokeUsername) if username == "" { fmt.Println("must provide revoke-username flag") return nil } revoked, err := revokeClusterSecretLease(cmd, registrar, cluster.ClusterEdgeID, username) if err != nil { fmt.Println("an error occurred whilst revoking the cluster secret lease") return err } fmt.Printf("Revoked access: %t \n", revoked) return nil }, } return cmd } func getCluster(cmd *command.Command, registrar *registrar.Registrar) (*registrar.Cluster, error) { storeName := flagutil.GetStringFlag(cmd.Rags, flagutil.StoreFlag) bannerName := flagutil.GetStringFlag(cmd.Rags, flagutil.BannerFlag) reqCtx, cancelReq := context.WithTimeout(context.Background(), time.Duration(30)*time.Second) defer cancelReq() cluster, err := registrar.GetCluster(reqCtx, storeName, bannerName) if err != nil { return nil, err } return &cluster, nil } func getClusterSecretLease(cmd *command.Command, registrar *registrar.Registrar, clusterEdgeID string) (*model.ClusterSecretLease, error) { secretType := flagutil.GetStringFlag(cmd.Rags, flagutil.SecretTypeFlag) reqCtx, cancelReq := context.WithTimeout(context.Background(), time.Duration(30)*time.Second) defer cancelReq() return registrar.GetClusterSecretLease(reqCtx, clusterEdgeID, secretType) } func revokeClusterSecretLease(cmd *command.Command, registrar *registrar.Registrar, clusterEdgeID string, username string) (bool, error) { secretType := flagutil.GetStringFlag(cmd.Rags, flagutil.SecretTypeFlag) reqCtx, cancelReq := context.WithTimeout(context.Background(), time.Duration(30)*time.Second) defer cancelReq() return registrar.RevokeClusterSecretLease(reqCtx, clusterEdgeID, secretType, username) } func releaseClusterSecretLease(cmd *command.Command, registrar *registrar.Registrar, clusterEdgeID string) (bool, error) { secretType := flagutil.GetStringFlag(cmd.Rags, flagutil.SecretTypeFlag) reqCtx, cancelReq := context.WithTimeout(context.Background(), time.Duration(30)*time.Second) defer cancelReq() return registrar.ReleaseClusterSecretLease(reqCtx, clusterEdgeID, secretType) }