2017-09-15 04:19:56 +00:00
|
|
|
package command
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
|
|
|
|
"io/ioutil"
|
|
|
|
|
"os"
|
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
|
|
"github.com/hashicorp/nomad/api"
|
|
|
|
|
"github.com/posener/complete"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type ACLPolicyApplyCommand struct {
|
|
|
|
|
Meta
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *ACLPolicyApplyCommand) Help() string {
|
|
|
|
|
helpText := `
|
|
|
|
|
Usage: nomad acl policy apply [options] <name> <path>
|
|
|
|
|
|
2017-10-13 21:36:02 +00:00
|
|
|
Apply is used to create or update an ACL policy. The policy is
|
|
|
|
|
sourced from <path> or from stdin if path is "-".
|
2017-09-15 04:19:56 +00:00
|
|
|
|
2020-11-19 21:38:08 +00:00
|
|
|
This command requires a management ACL token.
|
|
|
|
|
|
2017-09-15 04:19:56 +00:00
|
|
|
General Options:
|
|
|
|
|
|
2020-11-19 16:15:23 +00:00
|
|
|
` + generalOptionsUsage(usageOptsDefault|usageOptsNoNamespace) + `
|
2017-09-15 04:19:56 +00:00
|
|
|
|
|
|
|
|
Apply Options:
|
|
|
|
|
|
|
|
|
|
-description
|
|
|
|
|
Specifies a human readable description for the policy.
|
|
|
|
|
|
|
|
|
|
`
|
|
|
|
|
return strings.TrimSpace(helpText)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *ACLPolicyApplyCommand) AutocompleteFlags() complete.Flags {
|
|
|
|
|
return mergeAutocompleteFlags(c.Meta.AutocompleteFlags(FlagSetClient),
|
|
|
|
|
complete.Flags{})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *ACLPolicyApplyCommand) AutocompleteArgs() complete.Predictor {
|
|
|
|
|
return complete.PredictNothing
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *ACLPolicyApplyCommand) Synopsis() string {
|
|
|
|
|
return "Create or update an ACL policy"
|
|
|
|
|
}
|
|
|
|
|
|
2018-04-18 16:02:11 +00:00
|
|
|
func (c *ACLPolicyApplyCommand) Name() string { return "acl policy apply" }
|
|
|
|
|
|
2017-09-15 04:19:56 +00:00
|
|
|
func (c *ACLPolicyApplyCommand) Run(args []string) int {
|
|
|
|
|
var description string
|
2018-04-18 16:02:11 +00:00
|
|
|
flags := c.Meta.FlagSet(c.Name(), FlagSetClient)
|
2017-09-15 04:19:56 +00:00
|
|
|
flags.Usage = func() { c.Ui.Output(c.Help()) }
|
|
|
|
|
flags.StringVar(&description, "description", "", "")
|
|
|
|
|
if err := flags.Parse(args); err != nil {
|
|
|
|
|
return 1
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check that we got two arguments
|
|
|
|
|
args = flags.Args()
|
|
|
|
|
if l := len(args); l != 2 {
|
2018-04-18 17:55:51 +00:00
|
|
|
c.Ui.Error("This command takes two arguments: <name> and <path>")
|
2018-04-18 16:02:11 +00:00
|
|
|
c.Ui.Error(commandErrorText(c))
|
2017-09-15 04:19:56 +00:00
|
|
|
return 1
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Get the policy name
|
|
|
|
|
policyName := args[0]
|
|
|
|
|
|
|
|
|
|
// Read the file contents
|
|
|
|
|
file := args[1]
|
|
|
|
|
var rawPolicy []byte
|
|
|
|
|
var err error
|
|
|
|
|
if file == "-" {
|
|
|
|
|
rawPolicy, err = ioutil.ReadAll(os.Stdin)
|
|
|
|
|
if err != nil {
|
|
|
|
|
c.Ui.Error(fmt.Sprintf("Failed to read stdin: %v", err))
|
|
|
|
|
return 1
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
rawPolicy, err = ioutil.ReadFile(file)
|
|
|
|
|
if err != nil {
|
|
|
|
|
c.Ui.Error(fmt.Sprintf("Failed to read file: %v", err))
|
|
|
|
|
return 1
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Construct the policy
|
|
|
|
|
ap := &api.ACLPolicy{
|
|
|
|
|
Name: policyName,
|
|
|
|
|
Description: description,
|
|
|
|
|
Rules: string(rawPolicy),
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Get the HTTP client
|
|
|
|
|
client, err := c.Meta.Client()
|
|
|
|
|
if err != nil {
|
|
|
|
|
c.Ui.Error(fmt.Sprintf("Error initializing client: %s", err))
|
|
|
|
|
return 1
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Upsert the policy
|
|
|
|
|
_, err = client.ACLPolicies().Upsert(ap, nil)
|
|
|
|
|
if err != nil {
|
|
|
|
|
c.Ui.Error(fmt.Sprintf("Error writing ACL policy: %s", err))
|
|
|
|
|
return 1
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
c.Ui.Output(fmt.Sprintf("Successfully wrote %q ACL policy!",
|
|
|
|
|
policyName))
|
|
|
|
|
return 0
|
|
|
|
|
}
|
