deb.open-vault/command/secrets_list.go

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0

package command

import (
	"fmt"
	"sort"
	"strconv"
	"strings"

	"github.com/hashicorp/vault/api"
	"github.com/mitchellh/cli"
	"github.com/posener/complete"
)

var (
	_ cli.Command             = (*SecretsListCommand)(nil)
	_ cli.CommandAutocomplete = (*SecretsListCommand)(nil)
)

type SecretsListCommand struct {
	*BaseCommand

	flagDetailed bool
}

func (c *SecretsListCommand) Synopsis() string {
	return "List enabled secrets engines"
}

func (c *SecretsListCommand) Help() string {
	helpText := `
Usage: vault secrets list [options]

  Lists the enabled secret engines on the Vault server. This command also
  outputs information about the enabled path including configured TTLs and
  human-friendly descriptions. A TTL of "system" indicates that the system
  default is in use.

  List all enabled secrets engines:

      $ vault secrets list

  List all enabled secrets engines with detailed output:

      $ vault secrets list -detailed

` + c.Flags().Help()

	return strings.TrimSpace(helpText)
}

func (c *SecretsListCommand) Flags() *FlagSets {
	set := c.flagSet(FlagSetHTTP | FlagSetOutputFormat)

	f := set.NewFlagSet("Command Options")

	f.BoolVar(&BoolVar{
		Name:    "detailed",
		Target:  &c.flagDetailed,
		Default: false,
		Usage: "Print detailed information such as TTLs and replication status " +
			"about each secrets engine.",
	})

	return set
}

func (c *SecretsListCommand) AutocompleteArgs() complete.Predictor {
	return c.PredictVaultFiles()
}

func (c *SecretsListCommand) AutocompleteFlags() complete.Flags {
	return c.Flags().Completions()
}

func (c *SecretsListCommand) Run(args []string) int {
	f := c.Flags()

	if err := f.Parse(args); err != nil {
		c.UI.Error(err.Error())
		return 1
	}

	args = f.Args()
	if len(args) > 0 {
		c.UI.Error(fmt.Sprintf("Too many arguments (expected 0, got %d)", len(args)))
		return 1
	}

	client, err := c.Client()
	if err != nil {
		c.UI.Error(err.Error())
		return 2
	}

	mounts, err := client.Sys().ListMounts()
	if err != nil {
		c.UI.Error(fmt.Sprintf("Error listing secrets engines: %s", err))
		return 2
	}

	switch Format(c.UI) {
	case "table":
		if c.flagDetailed {
			c.UI.Output(tableOutput(c.detailedMounts(mounts), nil))
			return 0
		}
		c.UI.Output(tableOutput(c.simpleMounts(mounts), nil))
		return 0
	default:
		return OutputData(c.UI, mounts)
	}
}

func (c *SecretsListCommand) simpleMounts(mounts map[string]*api.MountOutput) []string {
	paths := make([]string, 0, len(mounts))
	for path := range mounts {
		paths = append(paths, path)
	}
	sort.Strings(paths)

	out := []string{"Path | Type | Accessor | Description"}
	for _, path := range paths {
		mount := mounts[path]
		out = append(out, fmt.Sprintf("%s | %s | %s | %s", path, mount.Type, mount.Accessor, mount.Description))
	}

	return out
}

func (c *SecretsListCommand) detailedMounts(mounts map[string]*api.MountOutput) []string {
	paths := make([]string, 0, len(mounts))
	for path := range mounts {
		paths = append(paths, path)
	}
	sort.Strings(paths)

	calcTTL := func(typ string, ttl int) string {
		switch {
		case typ == "system", typ == "cubbyhole":
			return ""
		case ttl != 0:
			return strconv.Itoa(ttl)
		default:
			return "system"
		}
	}

	out := []string{"Path | Plugin | Accessor | Default TTL | Max TTL | Force No Cache | Replication | Seal Wrap | External Entropy Access | Options | Description | UUID | Version | Running Version | Running SHA256 | Deprecation Status"}
	for _, path := range paths {
		mount := mounts[path]

		defaultTTL := calcTTL(mount.Type, mount.Config.DefaultLeaseTTL)
		maxTTL := calcTTL(mount.Type, mount.Config.MaxLeaseTTL)

		replication := "replicated"
		if mount.Local {
			replication = "local"
		}

		pluginName := mount.Type
		if pluginName == "plugin" {
			pluginName = mount.Config.PluginName
		}

		out = append(out, fmt.Sprintf("%s | %s | %s | %s | %s | %t | %s | %t | %v | %s | %s | %s | %s | %s | %s | %s",
			path,
			pluginName,
			mount.Accessor,
			defaultTTL,
			maxTTL,
			mount.Config.ForceNoCache,
			replication,
			mount.SealWrap,
			mount.ExternalEntropyAccess,
			mount.Options,
			mount.Description,
			mount.UUID,
			mount.PluginVersion,
			mount.RunningVersion,
			mount.RunningSha256,
			mount.DeprecationStatus,
		))
	}

	return out
}
New upstream version 1.14.8 2024-04-20 12:23:50 +00:00			`// Copyright (c) HashiCorp, Inc.`
			`// SPDX-License-Identifier: MPL-2.0`

			`package command`

			`import (`
			`"fmt"`
			`"sort"`
			`"strconv"`
			`"strings"`

			`"github.com/hashicorp/vault/api"`
			`"github.com/mitchellh/cli"`
			`"github.com/posener/complete"`
			`)`

			`var (`
			`_ cli.Command = (*SecretsListCommand)(nil)`
			`_ cli.CommandAutocomplete = (*SecretsListCommand)(nil)`
			`)`

			`type SecretsListCommand struct {`
			`*BaseCommand`

			`flagDetailed bool`
			`}`

			`func (c *SecretsListCommand) Synopsis() string {`
			`return "List enabled secrets engines"`
			`}`

			`func (c *SecretsListCommand) Help() string {`
			helpText := `
			`Usage: vault secrets list [options]`

			`Lists the enabled secret engines on the Vault server. This command also`
			`outputs information about the enabled path including configured TTLs and`
			`human-friendly descriptions. A TTL of "system" indicates that the system`
			`default is in use.`

			`List all enabled secrets engines:`

			`$ vault secrets list`

			`List all enabled secrets engines with detailed output:`

			`$ vault secrets list -detailed`

			` + c.Flags().Help()

			`return strings.TrimSpace(helpText)`
			`}`

			`func (c SecretsListCommand) Flags() FlagSets {`
			`set := c.flagSet(FlagSetHTTP \| FlagSetOutputFormat)`

			`f := set.NewFlagSet("Command Options")`

			`f.BoolVar(&BoolVar{`
			`Name: "detailed",`
			`Target: &c.flagDetailed,`
			`Default: false,`
			`Usage: "Print detailed information such as TTLs and replication status " +`
			`"about each secrets engine.",`
			`})`

			`return set`
			`}`

			`func (c *SecretsListCommand) AutocompleteArgs() complete.Predictor {`
			`return c.PredictVaultFiles()`
			`}`

			`func (c *SecretsListCommand) AutocompleteFlags() complete.Flags {`
			`return c.Flags().Completions()`
			`}`

			`func (c *SecretsListCommand) Run(args []string) int {`
			`f := c.Flags()`

			`if err := f.Parse(args); err != nil {`
			`c.UI.Error(err.Error())`
			`return 1`
			`}`

			`args = f.Args()`
			`if len(args) > 0 {`
			`c.UI.Error(fmt.Sprintf("Too many arguments (expected 0, got %d)", len(args)))`
			`return 1`
			`}`

			`client, err := c.Client()`
			`if err != nil {`
			`c.UI.Error(err.Error())`
			`return 2`
			`}`

			`mounts, err := client.Sys().ListMounts()`
			`if err != nil {`
			`c.UI.Error(fmt.Sprintf("Error listing secrets engines: %s", err))`
			`return 2`
			`}`

			`switch Format(c.UI) {`
			`case "table":`
			`if c.flagDetailed {`
			`c.UI.Output(tableOutput(c.detailedMounts(mounts), nil))`
			`return 0`
			`}`
			`c.UI.Output(tableOutput(c.simpleMounts(mounts), nil))`
			`return 0`
			`default:`
			`return OutputData(c.UI, mounts)`
			`}`
			`}`

			`func (c SecretsListCommand) simpleMounts(mounts map[string]api.MountOutput) []string {`
			`paths := make([]string, 0, len(mounts))`
			`for path := range mounts {`
			`paths = append(paths, path)`
			`}`
			`sort.Strings(paths)`

			`out := []string{"Path \| Type \| Accessor \| Description"}`
			`for _, path := range paths {`
			`mount := mounts[path]`
			`out = append(out, fmt.Sprintf("%s \| %s \| %s \| %s", path, mount.Type, mount.Accessor, mount.Description))`
			`}`

			`return out`
			`}`

			`func (c SecretsListCommand) detailedMounts(mounts map[string]api.MountOutput) []string {`
			`paths := make([]string, 0, len(mounts))`
			`for path := range mounts {`
			`paths = append(paths, path)`
			`}`
			`sort.Strings(paths)`

			`calcTTL := func(typ string, ttl int) string {`
			`switch {`
			`case typ == "system", typ == "cubbyhole":`
			`return ""`
			`case ttl != 0:`
			`return strconv.Itoa(ttl)`
			`default:`
			`return "system"`
			`}`
			`}`

			`out := []string{"Path \| Plugin \| Accessor \| Default TTL \| Max TTL \| Force No Cache \| Replication \| Seal Wrap \| External Entropy Access \| Options \| Description \| UUID \| Version \| Running Version \| Running SHA256 \| Deprecation Status"}`
			`for _, path := range paths {`
			`mount := mounts[path]`

			`defaultTTL := calcTTL(mount.Type, mount.Config.DefaultLeaseTTL)`
			`maxTTL := calcTTL(mount.Type, mount.Config.MaxLeaseTTL)`

			`replication := "replicated"`
			`if mount.Local {`
			`replication = "local"`
			`}`

			`pluginName := mount.Type`
			`if pluginName == "plugin" {`
			`pluginName = mount.Config.PluginName`
			`}`

			`out = append(out, fmt.Sprintf("%s \| %s \| %s \| %s \| %s \| %t \| %s \| %t \| %v \| %s \| %s \| %s \| %s \| %s \| %s \| %s",`
			`path,`
			`pluginName,`
			`mount.Accessor,`
			`defaultTTL,`
			`maxTTL,`
			`mount.Config.ForceNoCache,`
			`replication,`
			`mount.SealWrap,`
			`mount.ExternalEntropyAccess,`
			`mount.Options,`
			`mount.Description,`
			`mount.UUID,`
			`mount.PluginVersion,`
			`mount.RunningVersion,`
			`mount.RunningSha256,`
			`mount.DeprecationStatus,`
			`))`
			`}`

			`return out`
			`}`