chore: remove vault from the CLI (#395)

Qovery · Nov 28, 2024 · 1347362 · 1347362
1 parent 9e4c66d
commit 1347362
Show file tree

Hide file tree

Showing 5 changed files with 72 additions and 270 deletions.
diff --git a/cmd/admin_k9s.go b/cmd/admin_k9s.go
@@ -1,15 +1,18 @@
 package cmd
 
 import (
+	"bytes"
 	"context"
+	"encoding/json"
 	"fmt"
+	"io"
 	"net"
+	"net/http"
 	"os"
 	"os/exec"
 	"syscall"
 	"time"
 
-	"github.com/qovery/qovery-cli/pkg"
 	"github.com/qovery/qovery-cli/utils"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
@@ -52,8 +55,8 @@ func launchK9s(args []string) {
 	}
 
 	clusterId := args[0]
-	vars, err := pkg.GetVarsByClusterId(clusterId)
-	if len(vars) == 0 || err != nil {
+	vars := getClusterCredentials(clusterId)
+	if len(vars) == 0 {
 		return
 	}
 
@@ -85,7 +88,7 @@ func launchK9s(args []string) {
 	cmd.Stdin = os.Stdin
 	cmd.Stderr = os.Stderr
 
-	err = cmd.Run()
+	err := cmd.Run()
 	if err != nil {
 		log.Error("Can't launch k9s : " + err.Error())
 	}
@@ -94,18 +97,6 @@ func launchK9s(args []string) {
 }
 
 func checkEnv() {
-	if _, ok := os.LookupEnv("VAULT_ADDR"); !ok {
-		log.Error("You must set vault address env variable (VAULT_ADDR).")
-		os.Exit(1)
-		panic("unreachable") // staticcheck false positive: https://staticcheck.io/docs/checks#SA5011
-	}
-
-	if _, ok := os.LookupEnv("VAULT_TOKEN"); !ok {
-		log.Error("You must set vault token env variable (VAULT_TOKEN).")
-		os.Exit(1)
-		panic("unreachable") // staticcheck false positive: https://staticcheck.io/docs/checks#SA5011
-	}
-
 	if _, ok := os.LookupEnv("BASTION_ADDR"); !ok {
 		log.Error("You must set the bastion address (BASTION_ADDR).")
 		os.Exit(1)
@@ -198,3 +189,66 @@ func waitForSSHConnection(ctx context.Context, address string, timeout time.Dura
 		}
 	}
 }
+
+func getClusterCredentials(clusterId string) []utils.Var {
+	tokenType, token, err := utils.GetAccessToken()
+	if err != nil {
+		utils.PrintlnError(err)
+		os.Exit(0)
+	}
+
+	url := fmt.Sprintf("%s/cluster/%s/credential", utils.AdminUrl, clusterId)
+	req, err := http.NewRequest(http.MethodGet, url, bytes.NewBuffer([]byte("{}")))
+	if err != nil {
+		log.Fatal(err)
+	}
+	req.Header.Set("Authorization", utils.GetAuthorizationHeaderValue(tokenType, token))
+	req.Header.Set("Content-Type", "application/json")
+
+	res, err := http.DefaultClient.Do(req)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	body, _ := io.ReadAll(res.Body)
+	if res.StatusCode != http.StatusOK {
+		err := fmt.Errorf("error uploading debug logs: %s %s", res.Status, body)
+		utils.PrintlnError(err)
+		log.Fatal(err)
+	}
+
+	payload := map[string]string{}
+	err = json.Unmarshal(body, &payload)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	var clusterCreds []utils.Var
+	for key, value := range payload {
+		switch key {
+		case "access_key_id":
+			clusterCreds = append(clusterCreds, utils.Var{Key: "AWS_ACCESS_KEY_ID", Value: value})
+		case "region":
+			clusterCreds = append(clusterCreds, utils.Var{Key: "AWS_DEFAULT_REGION", Value: value})
+		case "scaleway_access_key":
+			clusterCreds = append(clusterCreds, utils.Var{Key: "SCW_ACCESS_KEY", Value: value})
+		case "scaleway_secret_key":
+			clusterCreds = append(clusterCreds, utils.Var{Key: "SCW_SECRET_KEY", Value: value})
+		case "scaleway_project_id":
+			clusterCreds = append(clusterCreds, utils.Var{Key: "SCW_PROJECT_ID", Value: value})
+		case "scaleway_organization_id":
+			clusterCreds = append(clusterCreds, utils.Var{Key: "SCW_ORGANIZATION_ID", Value: value})
+		case "AWS_SECRET_ACCESS_KEY", "secret_access_key":
+			clusterCreds = append(clusterCreds, utils.Var{Key: "AWS_SECRET_ACCESS_KEY", Value: value})
+		case "json_credentials":
+			filepath := utils.WriteInFile(clusterId, "google_creds.json", []byte(value))
+
+			clusterCreds = append(clusterCreds, utils.Var{Key: "CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE", Value: filepath})
+			clusterCreds = append(clusterCreds, utils.Var{Key: "GOOGLE_CREDENTIALS", Value: value})
+		case "kubeconfig":
+			filePath := utils.WriteInFile(clusterId, "kubeconfig", []byte(value))
+			clusterCreds = append(clusterCreds, utils.Var{Key: "KUBECONFIG", Value: filePath})
+		}
+	}
+	return clusterCreds
+}
diff --git a/cmd/admin_vault_token.go b/cmd/admin_vault_token.go
diff --git a/go.mod b/go.mod
@@ -9,10 +9,11 @@ require (
 	github.com/containerd/console v1.0.4
 	github.com/fatih/color v1.17.0
 	github.com/go-errors/errors v1.5.1
+	github.com/go-jose/go-jose/v4 v4.0.1
 	github.com/golang-jwt/jwt v3.2.2+incompatible
+	github.com/golang-jwt/jwt/v5 v5.2.1
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/websocket v1.5.3
-	github.com/hashicorp/vault/api v1.15.0
 	github.com/jarcoal/httpmock v1.3.1
 	github.com/joho/godotenv v1.5.1
 	github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0
@@ -39,23 +40,11 @@ require (
 	atomicgo.dev/keyboard v0.2.9 // indirect
 	atomicgo.dev/schedule v0.1.0 // indirect
 	github.com/andybalholm/brotli v1.0.5 // indirect
-	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
 	github.com/chzyer/readline v1.5.1 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect
-	github.com/go-jose/go-jose/v4 v4.0.1 // indirect
-	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
 	github.com/gookit/color v1.5.4 // indirect
-	github.com/hashicorp/errwrap v1.1.0 // indirect
-	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
-	github.com/hashicorp/go-multierror v1.1.1 // indirect
-	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
-	github.com/hashicorp/go-rootcerts v1.0.2 // indirect
-	github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 // indirect
-	github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
-	github.com/hashicorp/go-sockaddr v1.0.2 // indirect
-	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
 	github.com/klauspost/compress v1.16.0 // indirect
@@ -65,18 +54,13 @@ require (
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-runewidth v0.0.15 // indirect
 	github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
-	github.com/mitchellh/go-homedir v1.1.0 // indirect
-	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/nwaples/rardecode v1.1.3 // indirect
 	github.com/pierrec/lz4/v4 v4.1.17 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/rivo/uniseg v0.4.4 // indirect
-	github.com/ryanuber/go-glob v1.0.0 // indirect
 	github.com/ulikunitz/xz v0.5.11 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
 	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
-	golang.org/x/crypto v0.27.0 // indirect
 	golang.org/x/term v0.24.0 // indirect
 	golang.org/x/text v0.18.0 // indirect
-	golang.org/x/time v0.3.0 // indirect
 )