Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: remove vault from the CLI #395

Merged
merged 1 commit into from
Nov 28, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
86 changes: 70 additions & 16 deletions cmd/admin_k9s.go
Original file line number Diff line number Diff line change
@@ -1,15 +1,18 @@
package cmd

import (
"bytes"
"context"
"encoding/json"
"fmt"
"io"
"net"
"net/http"
"os"
"os/exec"
"syscall"
"time"

"github.com/qovery/qovery-cli/pkg"
"github.com/qovery/qovery-cli/utils"
log "github.com/sirupsen/logrus"
"github.com/spf13/cobra"
Expand Down Expand Up @@ -52,8 +55,8 @@ func launchK9s(args []string) {
}

clusterId := args[0]
vars, err := pkg.GetVarsByClusterId(clusterId)
if len(vars) == 0 || err != nil {
vars := getClusterCredentials(clusterId)
if len(vars) == 0 {
return
}

Expand Down Expand Up @@ -85,7 +88,7 @@ func launchK9s(args []string) {
cmd.Stdin = os.Stdin
cmd.Stderr = os.Stderr

err = cmd.Run()
err := cmd.Run()
if err != nil {
log.Error("Can't launch k9s : " + err.Error())
}
Expand All @@ -94,18 +97,6 @@ func launchK9s(args []string) {
}

func checkEnv() {
if _, ok := os.LookupEnv("VAULT_ADDR"); !ok {
log.Error("You must set vault address env variable (VAULT_ADDR).")
os.Exit(1)
panic("unreachable") // staticcheck false positive: https://staticcheck.io/docs/checks#SA5011
}

if _, ok := os.LookupEnv("VAULT_TOKEN"); !ok {
log.Error("You must set vault token env variable (VAULT_TOKEN).")
os.Exit(1)
panic("unreachable") // staticcheck false positive: https://staticcheck.io/docs/checks#SA5011
}

if _, ok := os.LookupEnv("BASTION_ADDR"); !ok {
log.Error("You must set the bastion address (BASTION_ADDR).")
os.Exit(1)
Expand Down Expand Up @@ -198,3 +189,66 @@ func waitForSSHConnection(ctx context.Context, address string, timeout time.Dura
}
}
}

func getClusterCredentials(clusterId string) []utils.Var {
tokenType, token, err := utils.GetAccessToken()
if err != nil {
utils.PrintlnError(err)
os.Exit(0)
}

url := fmt.Sprintf("%s/cluster/%s/credential", utils.AdminUrl, clusterId)
req, err := http.NewRequest(http.MethodGet, url, bytes.NewBuffer([]byte("{}")))
if err != nil {
log.Fatal(err)
}
req.Header.Set("Authorization", utils.GetAuthorizationHeaderValue(tokenType, token))
req.Header.Set("Content-Type", "application/json")

res, err := http.DefaultClient.Do(req)
if err != nil {
log.Fatal(err)
}

body, _ := io.ReadAll(res.Body)
if res.StatusCode != http.StatusOK {
err := fmt.Errorf("error uploading debug logs: %s %s", res.Status, body)
utils.PrintlnError(err)
log.Fatal(err)
}

payload := map[string]string{}
err = json.Unmarshal(body, &payload)
if err != nil {
log.Fatal(err)
}

var clusterCreds []utils.Var
for key, value := range payload {
switch key {
case "access_key_id":
clusterCreds = append(clusterCreds, utils.Var{Key: "AWS_ACCESS_KEY_ID", Value: value})
case "region":
clusterCreds = append(clusterCreds, utils.Var{Key: "AWS_DEFAULT_REGION", Value: value})
case "scaleway_access_key":
clusterCreds = append(clusterCreds, utils.Var{Key: "SCW_ACCESS_KEY", Value: value})
case "scaleway_secret_key":
clusterCreds = append(clusterCreds, utils.Var{Key: "SCW_SECRET_KEY", Value: value})
case "scaleway_project_id":
clusterCreds = append(clusterCreds, utils.Var{Key: "SCW_PROJECT_ID", Value: value})
case "scaleway_organization_id":
clusterCreds = append(clusterCreds, utils.Var{Key: "SCW_ORGANIZATION_ID", Value: value})
case "AWS_SECRET_ACCESS_KEY", "secret_access_key":
clusterCreds = append(clusterCreds, utils.Var{Key: "AWS_SECRET_ACCESS_KEY", Value: value})
case "json_credentials":
filepath := utils.WriteInFile(clusterId, "google_creds.json", []byte(value))

clusterCreds = append(clusterCreds, utils.Var{Key: "CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE", Value: filepath})
clusterCreds = append(clusterCreds, utils.Var{Key: "GOOGLE_CREDENTIALS", Value: value})
case "kubeconfig":
filePath := utils.WriteInFile(clusterId, "kubeconfig", []byte(value))
clusterCreds = append(clusterCreds, utils.Var{Key: "KUBECONFIG", Value: filePath})
}
}
return clusterCreds
}
110 changes: 0 additions & 110 deletions cmd/admin_vault_token.go

This file was deleted.

20 changes: 2 additions & 18 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,11 @@ require (
github.com/containerd/console v1.0.4
github.com/fatih/color v1.17.0
github.com/go-errors/errors v1.5.1
github.com/go-jose/go-jose/v4 v4.0.1
github.com/golang-jwt/jwt v3.2.2+incompatible
github.com/golang-jwt/jwt/v5 v5.2.1
github.com/google/uuid v1.6.0
github.com/gorilla/websocket v1.5.3
github.com/hashicorp/vault/api v1.15.0
github.com/jarcoal/httpmock v1.3.1
github.com/joho/godotenv v1.5.1
github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0
Expand All @@ -39,23 +40,11 @@ require (
atomicgo.dev/keyboard v0.2.9 // indirect
atomicgo.dev/schedule v0.1.0 // indirect
github.com/andybalholm/brotli v1.0.5 // indirect
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
github.com/chzyer/readline v1.5.1 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect
github.com/go-jose/go-jose/v4 v4.0.1 // indirect
github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
github.com/golang/snappy v0.0.4 // indirect
github.com/gookit/color v1.5.4 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
github.com/hashicorp/go-rootcerts v1.0.2 // indirect
github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 // indirect
github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
github.com/hashicorp/go-sockaddr v1.0.2 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
github.com/klauspost/compress v1.16.0 // indirect
Expand All @@ -65,18 +54,13 @@ require (
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/mattn/go-runewidth v0.0.15 // indirect
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
github.com/mitchellh/go-homedir v1.1.0 // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect
github.com/nwaples/rardecode v1.1.3 // indirect
github.com/pierrec/lz4/v4 v4.1.17 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/rivo/uniseg v0.4.4 // indirect
github.com/ryanuber/go-glob v1.0.0 // indirect
github.com/ulikunitz/xz v0.5.11 // indirect
github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
golang.org/x/crypto v0.27.0 // indirect
golang.org/x/term v0.24.0 // indirect
golang.org/x/text v0.18.0 // indirect
golang.org/x/time v0.3.0 // indirect
)
Loading
Loading