cli: oss refactors to support making the auth method CLI aware of namespace rules in enterprise (#7812)
This commit is contained in:
parent
2d657c3c0f
commit
bf70ad1802
|
@ -42,6 +42,8 @@ type cmd struct {
|
|||
format string
|
||||
|
||||
testStdin io.Reader
|
||||
|
||||
enterpriseCmd
|
||||
}
|
||||
|
||||
func (c *cmd) init() {
|
||||
|
@ -124,6 +126,8 @@ func (c *cmd) init() {
|
|||
"given to indicate that the config is available on stdin",
|
||||
)
|
||||
|
||||
c.initEnterpriseFlags()
|
||||
|
||||
c.http = &flags.HTTPFlags{}
|
||||
flags.Merge(c.flags, c.http.ClientFlags())
|
||||
flags.Merge(c.flags, c.http.ServerFlags())
|
||||
|
@ -162,6 +166,11 @@ func (c *cmd) Run(args []string) int {
|
|||
newAuthMethod.MaxTokenTTL = c.maxTokenTTL
|
||||
}
|
||||
|
||||
if err := c.enterprisePopulateAuthMethod(newAuthMethod); err != nil {
|
||||
c.UI.Error(err.Error())
|
||||
return 1
|
||||
}
|
||||
|
||||
if c.config != "" {
|
||||
if c.k8sHost != "" || c.k8sCACert != "" || c.k8sServiceAccountJWT != "" {
|
||||
c.UI.Error(fmt.Sprintf("Cannot use command line arguments with '-config' flags"))
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
// +build !consulent
|
||||
|
||||
package authmethodcreate
|
||||
|
||||
import "github.com/hashicorp/consul/api"
|
||||
|
||||
type enterpriseCmd struct {
|
||||
}
|
||||
|
||||
func (c *cmd) initEnterpriseFlags() {}
|
||||
|
||||
func (c *cmd) enterprisePopulateAuthMethod(method *api.ACLAuthMethod) error {
|
||||
return nil
|
||||
}
|
|
@ -97,11 +97,12 @@ func TestAuthMethodCreateCommand(t *testing.T) {
|
|||
})
|
||||
|
||||
t.Run("create testing", func(t *testing.T) {
|
||||
name := getTestName(t)
|
||||
args := []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-token=root",
|
||||
"-type=testing",
|
||||
"-name=test",
|
||||
"-name", name,
|
||||
"-description=desc",
|
||||
"-display-name=display",
|
||||
}
|
||||
|
@ -113,9 +114,9 @@ func TestAuthMethodCreateCommand(t *testing.T) {
|
|||
require.Equal(t, code, 0)
|
||||
require.Empty(t, ui.ErrorWriter.String())
|
||||
|
||||
got := getTestMethod(t, client, "test")
|
||||
got := getTestMethod(t, client, name)
|
||||
expect := &api.ACLAuthMethod{
|
||||
Name: "test",
|
||||
Name: name,
|
||||
Type: "testing",
|
||||
DisplayName: "display",
|
||||
Description: "desc",
|
||||
|
@ -124,11 +125,12 @@ func TestAuthMethodCreateCommand(t *testing.T) {
|
|||
})
|
||||
|
||||
t.Run("create testing with max token ttl", func(t *testing.T) {
|
||||
name := getTestName(t)
|
||||
args := []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-token=root",
|
||||
"-type=testing",
|
||||
"-name=test",
|
||||
"-name", name,
|
||||
"-description=desc",
|
||||
"-display-name=display",
|
||||
"-max-token-ttl=5m",
|
||||
|
@ -141,9 +143,9 @@ func TestAuthMethodCreateCommand(t *testing.T) {
|
|||
require.Equal(t, code, 0, "err: "+ui.ErrorWriter.String())
|
||||
require.Empty(t, ui.ErrorWriter.String())
|
||||
|
||||
got := getTestMethod(t, client, "test")
|
||||
got := getTestMethod(t, client, name)
|
||||
expect := &api.ACLAuthMethod{
|
||||
Name: "test",
|
||||
Name: name,
|
||||
Type: "testing",
|
||||
DisplayName: "display",
|
||||
Description: "desc",
|
||||
|
@ -188,11 +190,12 @@ func TestAuthMethodCreateCommand_JSON(t *testing.T) {
|
|||
})
|
||||
|
||||
t.Run("create testing", func(t *testing.T) {
|
||||
name := getTestName(t)
|
||||
args := []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-token=root",
|
||||
"-type=testing",
|
||||
"-name=test",
|
||||
"-name", name,
|
||||
"-description=desc",
|
||||
"-display-name=display",
|
||||
"-format=json",
|
||||
|
@ -206,14 +209,14 @@ func TestAuthMethodCreateCommand_JSON(t *testing.T) {
|
|||
|
||||
require.Equal(t, code, 0)
|
||||
require.Empty(t, ui.ErrorWriter.String())
|
||||
require.Contains(t, out, "test")
|
||||
require.Contains(t, out, name)
|
||||
|
||||
var jsonOutput json.RawMessage
|
||||
require.NoError(t, json.Unmarshal([]byte(out), &jsonOutput))
|
||||
|
||||
got := getTestMethod(t, client, "test")
|
||||
got := getTestMethod(t, client, name)
|
||||
expect := &api.ACLAuthMethod{
|
||||
Name: "test",
|
||||
Name: name,
|
||||
Type: "testing",
|
||||
DisplayName: "display",
|
||||
Description: "desc",
|
||||
|
@ -222,11 +225,12 @@ func TestAuthMethodCreateCommand_JSON(t *testing.T) {
|
|||
})
|
||||
|
||||
t.Run("create testing with max token ttl", func(t *testing.T) {
|
||||
name := getTestName(t)
|
||||
args := []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-token=root",
|
||||
"-type=testing",
|
||||
"-name=test",
|
||||
"-name", name,
|
||||
"-description=desc",
|
||||
"-display-name=display",
|
||||
"-max-token-ttl=5m",
|
||||
|
@ -241,11 +245,11 @@ func TestAuthMethodCreateCommand_JSON(t *testing.T) {
|
|||
|
||||
require.Equal(t, code, 0)
|
||||
require.Empty(t, ui.ErrorWriter.String())
|
||||
require.Contains(t, out, "test")
|
||||
require.Contains(t, out, name)
|
||||
|
||||
got := getTestMethod(t, client, "test")
|
||||
got := getTestMethod(t, client, name)
|
||||
expect := &api.ACLAuthMethod{
|
||||
Name: "test",
|
||||
Name: name,
|
||||
Type: "testing",
|
||||
DisplayName: "display",
|
||||
Description: "desc",
|
||||
|
@ -260,7 +264,7 @@ func TestAuthMethodCreateCommand_JSON(t *testing.T) {
|
|||
delete(raw, "Namespace")
|
||||
|
||||
require.Equal(t, map[string]interface{}{
|
||||
"Name": "test",
|
||||
"Name": name,
|
||||
"Type": "testing",
|
||||
"DisplayName": "display",
|
||||
"Description": "desc",
|
||||
|
@ -444,6 +448,7 @@ func TestAuthMethodCreateCommand_config(t *testing.T) {
|
|||
}
|
||||
|
||||
t.Run("config file", func(t *testing.T) {
|
||||
name := getTestName(t)
|
||||
configFile := filepath.Join(testDir, "config.json")
|
||||
jsonConfig := `{"SessionID":"foo"}`
|
||||
require.NoError(t, ioutil.WriteFile(configFile, []byte(jsonConfig), 0644))
|
||||
|
@ -452,7 +457,7 @@ func TestAuthMethodCreateCommand_config(t *testing.T) {
|
|||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-token=root",
|
||||
"-type=testing",
|
||||
"-name=test",
|
||||
"-name", name,
|
||||
"-config=@" + configFile,
|
||||
}
|
||||
ui := cli.NewMockUi()
|
||||
|
@ -460,10 +465,11 @@ func TestAuthMethodCreateCommand_config(t *testing.T) {
|
|||
code := cmd.Run(args)
|
||||
require.Equal(t, 0, code)
|
||||
require.Empty(t, ui.ErrorWriter.String())
|
||||
checkMethod(t, "test")
|
||||
checkMethod(t, name)
|
||||
})
|
||||
|
||||
t.Run("config std-in", func(t *testing.T) {
|
||||
name := getTestName(t)
|
||||
stdinR, stdinW := io.Pipe()
|
||||
ui := cli.NewMockUi()
|
||||
cmd := New(ui)
|
||||
|
@ -477,29 +483,30 @@ func TestAuthMethodCreateCommand_config(t *testing.T) {
|
|||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-token=root",
|
||||
"-type=testing",
|
||||
"-name=test2",
|
||||
"-name", name,
|
||||
"-config=-",
|
||||
}
|
||||
code := cmd.Run(args)
|
||||
require.Equal(t, 0, code)
|
||||
require.Empty(t, ui.ErrorWriter.String())
|
||||
checkMethod(t, "test2")
|
||||
checkMethod(t, name)
|
||||
|
||||
})
|
||||
t.Run("config string", func(t *testing.T) {
|
||||
name := getTestName(t)
|
||||
ui := cli.NewMockUi()
|
||||
cmd := New(ui)
|
||||
args := []string{
|
||||
"-http-addr=" + a.HTTPAddr(),
|
||||
"-token=root",
|
||||
"-type=testing",
|
||||
"-name=test3",
|
||||
"-name", name,
|
||||
"-config=" + `{"SessionID":"foo"}`,
|
||||
}
|
||||
code := cmd.Run(args)
|
||||
require.Equal(t, 0, code)
|
||||
require.Empty(t, ui.ErrorWriter.String())
|
||||
checkMethod(t, "test3")
|
||||
checkMethod(t, name)
|
||||
})
|
||||
}
|
||||
|
||||
|
|
|
@ -58,6 +58,16 @@ func (f *prettyFormatter) FormatAuthMethod(method *api.ACLAuthMethod) (string, e
|
|||
buffer.WriteString(fmt.Sprintf("DisplayName: %s\n", method.DisplayName))
|
||||
}
|
||||
buffer.WriteString(fmt.Sprintf("Description: %s\n", method.Description))
|
||||
if method.MaxTokenTTL > 0 {
|
||||
buffer.WriteString(fmt.Sprintf("MaxTokenTTL: %s\n", method.MaxTokenTTL))
|
||||
}
|
||||
if len(method.NamespaceRules) > 0 {
|
||||
buffer.WriteString(fmt.Sprintln("NamespaceRules:"))
|
||||
for _, rule := range method.NamespaceRules {
|
||||
buffer.WriteString(fmt.Sprintf(" Selector: %s\n", rule.Selector))
|
||||
buffer.WriteString(fmt.Sprintf(" BindNamespace: %s\n", rule.BindNamespace))
|
||||
}
|
||||
}
|
||||
if f.showMeta {
|
||||
buffer.WriteString(fmt.Sprintf("Create Index: %d\n", method.CreateIndex))
|
||||
buffer.WriteString(fmt.Sprintf("Modify Index: %d\n", method.ModifyIndex))
|
||||
|
|
|
@ -43,6 +43,8 @@ type cmd struct {
|
|||
format string
|
||||
|
||||
testStdin io.Reader
|
||||
|
||||
enterpriseCmd
|
||||
}
|
||||
|
||||
func (c *cmd) init() {
|
||||
|
@ -127,6 +129,9 @@ func (c *cmd) init() {
|
|||
authmethod.PrettyFormat,
|
||||
fmt.Sprintf("Output format {%s}", strings.Join(authmethod.GetSupportedFormats(), "|")),
|
||||
)
|
||||
|
||||
c.initEnterpriseFlags()
|
||||
|
||||
c.http = &flags.HTTPFlags{}
|
||||
flags.Merge(c.flags, c.http.ClientFlags())
|
||||
flags.Merge(c.flags, c.http.ServerFlags())
|
||||
|
@ -183,6 +188,11 @@ func (c *cmd) Run(args []string) int {
|
|||
method.MaxTokenTTL = c.maxTokenTTL
|
||||
}
|
||||
|
||||
if err := c.enterprisePopulateAuthMethod(method); err != nil {
|
||||
c.UI.Error(err.Error())
|
||||
return 1
|
||||
}
|
||||
|
||||
if c.config != "" {
|
||||
if c.k8sHost != "" || c.k8sCACert != "" || c.k8sServiceAccountJWT != "" {
|
||||
c.UI.Error(fmt.Sprintf("Cannot use command line arguments with '-config' flag"))
|
||||
|
@ -229,6 +239,10 @@ func (c *cmd) Run(args []string) int {
|
|||
if c.maxTokenTTL > 0 {
|
||||
method.MaxTokenTTL = c.maxTokenTTL
|
||||
}
|
||||
if err := c.enterprisePopulateAuthMethod(method); err != nil {
|
||||
c.UI.Error(err.Error())
|
||||
return 1
|
||||
}
|
||||
if c.config != "" {
|
||||
if c.k8sHost != "" || c.k8sCACert != "" || c.k8sServiceAccountJWT != "" {
|
||||
c.UI.Error(fmt.Sprintf("Cannot use command line arguments with '-config' flag"))
|
||||
|
|
|
@ -0,0 +1,15 @@
|
|||
// +build !consulent
|
||||
|
||||
package authmethodupdate
|
||||
|
||||
import "github.com/hashicorp/consul/api"
|
||||
|
||||
type enterpriseCmd struct {
|
||||
}
|
||||
|
||||
func (c *cmd) initEnterpriseFlags() {
|
||||
}
|
||||
|
||||
func (c *cmd) enterprisePopulateAuthMethod(method *api.ACLAuthMethod) error {
|
||||
return nil
|
||||
}
|
Loading…
Reference in New Issue