Merge branch 'main' into mcobbett-mutex-locking-in-mock-filesystem

.github/workflows/build.yml

@@ -59,7 +59,13 @@ jobs:
       # Generate client code so galasactl can communicate with the API server.
       - name: Generate Go client code using openapi.yaml
         run : |
-          docker run --rm -v ${{ github.workspace }}:/var/workspace ghcr.io/galasa-dev/openapi:main java -jar /opt/openapi/openapi-generator-cli.jar generate -i /var/workspace/build/dependencies/openapi.yaml -g go -o /var/workspace/pkg/galasaapi --additional-properties=packageName=galasaapi --global-property=apiTests=false
+          docker run --rm --user $(id -u):$(id -g) -v ${{ github.workspace }}:/var/workspace ghcr.io/galasa-dev/openapi:main java -jar /opt/openapi/openapi-generator-cli.jar generate -i /var/workspace/build/dependencies/openapi.yaml -g go -o /var/workspace/pkg/galasaapi --additional-properties=packageName=galasaapi --global-property=apiTests=false
+
+      # The generated code needs adjustment for various reasons.
+      - name: Fix generated code
+        run : |
+          chmod +x ./fix-generated-code.sh
+          ./fix-generated-code.sh
 
       # The go.mod and go.sum are out of date, as they do not include the generated code so they are deleted here. They get re-generated when we compile.
       # Due to permissions, deleting the go.mod and go.sum must be done by the openapi image as the image generated those files.

.github/workflows/pr-build.yml

@@ -50,7 +50,13 @@ jobs:
       # Generate client code so galasactl can communicate with the API server.
       - name: Generate Go client code using openapi.yaml
         run : |
-          docker run --rm -v ${{ github.workspace }}:/var/workspace ghcr.io/galasa-dev/openapi:main java -jar /opt/openapi/openapi-generator-cli.jar generate -i /var/workspace/build/dependencies/openapi.yaml -g go -o /var/workspace/pkg/galasaapi --additional-properties=packageName=galasaapi --global-property=apiTests=false
+          docker run --rm --user $(id -u):$(id -g) -v ${{ github.workspace }}:/var/workspace ghcr.io/galasa-dev/openapi:main java -jar /opt/openapi/openapi-generator-cli.jar generate -i /var/workspace/build/dependencies/openapi.yaml -g go -o /var/workspace/pkg/galasaapi --additional-properties=packageName=galasaapi --global-property=apiTests=false
+
+      # The generated code needs adjustment for various reasons.
+      - name: Fix generated code
+        run : |
+          chmod +x ./fix-generated-code.sh
+          ./fix-generated-code.sh
 
       # The go.mod and go.sum are out of date, as they do not include the generated code so they are deleted here. They get re-generated when we compile.
       # Due to permissions, deleting the go.mod and go.sum must be done by the openapi image as the image generated those files.

.secrets.baseline

@@ -206,16 +206,6 @@
         "verified_result": null
       }
     ],
-    "pkg/secretsformatter/GalasaSecret.go": [
-      {
-        "hashed_secret": "1949c4c92eb313637b3b6f654f5cce42df0dde88",
-        "is_secret": false,
-        "is_verified": false,
-        "line_number": 62,
-        "type": "Secret Keyword",
-        "verified_result": null
-      }
-    ],
     "pkg/secretsformatter/summaryFormatter.go": [
       {
         "hashed_secret": "4d55af37dbbb6a42088d917caa1ca25428ec42c9",

README.md

@@ -728,6 +728,39 @@ galasactl secrets delete --name SYSTEM1
 
 For a complete list of supported parameters see [here](./docs/generated/galasactl_secrets_delete.md).
 
+## roles get
+To list the roles which are available on a Galasa service.
+
+Note: Roles are currently read-only and cannot be used in conjunction with the `galasactl resources apply -f` or similar commands at this time.
+
+### Examples
+```
+> galasactl roles get
+name        description
+admin       Administrator access
+deactivated User has no access
+tester      Test developer and runner
+
+Total:3
+```
+
+To get a named role in yaml format
+```
+>galasactl roles get --name admin --format yaml
+apiVersion: galasa-dev/v1alpha1
+kind: GalasaRole
+metadata:
+    id: "2"
+    name: admin
+    description: Administrator access
+    url: http://prod1-galasa-dev.cicsk8s.hursley.ibm.com/rbac/roles/2
+data:
+    actions:
+        - GENERAL_API_ACCESS
+        - SECRETS_GET
+        - USER_ROLE_UPDATE_ANY
+```
+
 ## Reference Material
 
 ### Syntax

build-locally.sh

@@ -181,6 +181,14 @@ function generate_rest_client {
     rc=$? ; if [[ "${rc}" != "0" ]]; then cat build/generate-log.txt ; error "Failed to generate II the code from the yaml file. rc=${rc}" ; exit 1 ; fi
     rm -f build/generate-log.txt
     success "Code generation part II - OK"
+
+    #--------------------------------------------------------------------------
+    # Invoke the generator again with different parameters
+    h2 "Generate the openapi client go code... part III - fixing it up."
+    ./fix-generated-code.sh 2>&1 > build/generate-fix-log.txt
+    rc=$? ; if [[ "${rc}" != "0" ]]; then cat build/generate-fix-log.txt ; error "Failed to generate III the code. (Fixing it) rc=${rc}" ; exit 1 ; fi
+    rm -f build/generate-fix-log.txt
+    success "Code generation part III - OK"
 }
 
 #--------------------------------------------------------------------------
@@ -632,7 +640,7 @@ function check_secrets {
 clean
 download_dependencies
 generate_rest_client
-go_mod_tidy
+# go_mod_tidy - don't tidy the go.mod as it gets rid of transitive/indirect dependencies.
 build_executables
 
 

docs/generated/errors-list.md

@@ -204,15 +204,8 @@ The `galasactl` tool can generate the following errors:
 - GAL1206E: Failed to get roles. Unexpected http status code {} received from the server. Error details from the server are not in a valid json format. Cause: '{}'
 - GAL1207E: Failed to get roles. Unexpected http status code {} received from the server. Error details from the server are: '{}'
 - GAL1208E: Failed to get roles. Unexpected http status code {} received from the server. Error details from the server are not in the json format.
-- GAL1209E: An attempt to get a role named '{}' failed. Unexpected http status code {} received from the server.
-- GAL1210E: An attempt to get a role named '{}' failed. Unexpected http status code {} received from the server. Error details from the server could not be read. Cause: {}
-- GAL1211E: An attempt to get a role named '{}' failed. Unexpected http status code {} received from the server. Error details from the server are not in a valid json format. Cause: '{}'
-- GAL1212E: An attempt to get a role named '{}' failed. Unexpected http status code {} received from the server. Error details from the server are: '{}'
-- GAL1213E: An attempt to get a role named '{}' failed. Unexpected http status code {} received from the server. Error details from the server are not in the json format.
-- GAL1214E: An attempt to get a role named '{}' failed. Sending the get request to the Galasa service failed. Cause is {}
-- GAL1215E: Invalid role name provided. The name provided with the --name flag cannot be empty, contain spaces or dots (.), and must only contain characters in the Latin-1 character set.
-- GAL1216E: Role name {} is not known on the Galasa service.
-- GAL1217E: Role output format {} is not usable when a list of roles is requested. Use the --name flag if you wish to see a role in yaml format.
+- GAL1209E: Invalid role name provided. The name provided with the --name flag cannot be empty, contain spaces or dots (.), and must only contain characters in the Latin-1 character set.
+- GAL1210E: Role name {} is not known on the Galasa service.
 - GAL1225E: Failed to open file '{}' cause: {}. Check that this file exists, and that you have read permissions.
 - GAL1226E: Internal failure. Contents of gzip could be read, but not decoded. New gzip reader failed: file: {} error: {}
 - GAL1227E: Internal failure. Contents of gzip could not be decoded. {} error: {}

docs/generated/galasactl_Roles_get.md

@@ -15,7 +15,7 @@ galasactl roles get [flags]
 ```
       --format string   the output format of the returned Roles. Supported formats are: 'summary', 'yaml'. (default "summary")
   -h, --help            Displays the options for the 'roles get' command.
-      --name string     An optional flag that identifies the secret to be retrieved.
+      --name string     An optional flag that identifies the role to be retrieved by name.
 ```
 
 ### Options inherited from parent commands

fix-generated-code.sh

@@ -0,0 +1,101 @@
+#! /usr/bin/env sh 
+
+#
+# Copyright contributors to the Galasa project
+#
+# SPDX-License-Identifier: EPL-2.0
+#
+
+#-----------------------------------------------------------------------------------------                   
+#
+# Objectives: Fix anything we need to in the generated code.
+# 
+#-----------------------------------------------------------------------------------------                   
+
+# Where is this script executing from ?
+BASEDIR=$(dirname "$0");pushd $BASEDIR 2>&1 >> /dev/null ;BASEDIR=$(pwd);popd 2>&1 >> /dev/null
+# echo "Running from directory ${BASEDIR}"
+export ORIGINAL_DIR=$(pwd)
+# cd "${BASEDIR}"
+
+#-----------------------------------------------------------------------------------------                   
+#
+# Set Colors
+#
+#-----------------------------------------------------------------------------------------                   
+bold=$(tput bold)
+underline=$(tput sgr 0 1)
+reset=$(tput sgr0)
+red=$(tput setaf 1)
+green=$(tput setaf 76)
+white=$(tput setaf 7)
+tan=$(tput setaf 202)
+blue=$(tput setaf 25)
+
+#-----------------------------------------------------------------------------------------                   
+#
+# Headers and Logging
+#
+#-----------------------------------------------------------------------------------------                   
+underline() { printf "${underline}${bold}%s${reset}\n" "$@" ;}
+h1() { printf "\n${underline}${bold}${blue}%s${reset}\n" "$@" ;}
+h2() { printf "\n${underline}${bold}${white}%s${reset}\n" "$@" ;}
+debug() { printf "${white}%s${reset}\n" "$@" ;}
+info() { printf "${white}➜ %s${reset}\n" "$@" ;}
+success() { printf "${green}✔ %s${reset}\n" "$@" ;}
+error() { printf "${red}✖ %s${reset}\n" "$@" ;}
+warn() { printf "${tan}➜ %s${reset}\n" "$@" ;}
+bold() { printf "${bold}%s${reset}\n" "$@" ;}
+note() { printf "\n${underline}${bold}${blue}Note:${reset} ${blue}%s${reset}\n" "$@" ;}
+
+mkdir -p temp
+
+# Explanation:
+# ------------
+# We have a bunch of model files generated.
+# They all have this inside: for example:
+#
+#   ApiVersion *string `json:"apiVersion,omitempty"`
+#   Kind *string `json:"kind,omitempty"`
+#
+# This is OK, but when rendering to yaml all the names of properties get screwed up. 
+# eg: the `ApiVersion` field is rendered as `apiVersion` in json (good) but in yaml it renders as `apiversion` (bad).
+# ... but we want them to contain the same property names for json or yaml.
+#
+# So we need to add the yaml annotations to make it look like this:
+#
+#   ApiVersion *string `json:"apiVersion,omitempty" yaml:"apiVersion,omitempty"`
+#   Kind *string `json:"kind,omitempty" yaml:"kind,omitempty"`
+#
+# Then the `ApiVersion` field can render to `apiVersion` in the yaml just as it does in the json. To be consistent.
+#
+cd pkg/galasaapi
+rc=$? ; if [[ "$rc" != "0" ]]; then error "Failed to change folders into the generated code" ; exit 1; fi
+
+# List all the model files we want to run the blanket transform over...
+ls model*.go > $BASEDIR/temp/file-list.txt
+rc=$? ; if [[ "$rc" != "0" ]]; then error "Failed to list generated model files" ; exit 1; fi
+
+while IFS= read -r file_to_process; do
+    info "Processing file: ${file_to_process}"
+
+    # Note the following about sed:
+    # (.*) collects the group. The name of the property as json will render it.
+    # \1 repeats that group in the substitution. So we can use it twice, once to repeat the json annotation, and once for the yaml one.
+    # eg: In the following example, the string "apiVersion,omitempty" is collected as the first group... so...
+    #
+    #   ApiVersion *string `json:"apiVersion,omitempty"`
+    # 
+    # ...will become...
+    #
+    #   ApiVersion *string `json:"apiVersion,omitempty" yaml:"apiVersion,omitempty"`
+    #
+    cat ${file_to_process} | sed "s/json:\(.*\)\"\`/json:\1\" yaml:\1\"\`/g" > ${BASEDIR}/temp/${file_to_process}.temp
+    rc=$? ; if [[ "$rc" != "0" ]]; then error "Failed to substitute yaml serialisation annotation into generated model file ${file_to_process}" ; exit 1; fi
+
+    # Copy the transformed version over the top of the original, leaving a copy in the temp folder to diagnose problems with.
+    cp ${BASEDIR}/temp/${file_to_process}.temp ${file_to_process}
+    rc=$? ; if [[ "$rc" != "0" ]]; then error "Failed to copy fixed code over the generated original code at ${file_to_process}" ; exit 1; fi
+
+done < $BASEDIR/temp/file-list.txt
+rc=$? ; if [[ "$rc" != "0" ]]; then error "Failed inside while loop." ; exit 1; fi

go.mod

@@ -9,7 +9,10 @@ require (
 	github.com/spf13/cobra v1.8.0
 	github.com/spf13/pflag v1.0.5
 	github.com/stretchr/testify v1.10.0
+	golang.org/x/crypto v0.31.0 // indirect
 	golang.org/x/image v0.23.0
+	golang.org/x/net v0.26.0 // indirect
+	golang.org/x/term v0.27.0 // indirect
 	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
 	gopkg.in/yaml.v3 v3.0.1
 )

go.sum

@@ -38,6 +38,9 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
 golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
 golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
+golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI=
+golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM=
+golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
 golang.org/x/image v0.23.0 h1:HseQ7c2OpPKTPVzNjG5fwJsOTCiiwS4QdsYi5XU6H68=
 golang.org/x/image v0.23.0/go.mod h1:wJJBTdLfCCf3tiHa1fNxpZmUI4mmoZvwMCPP0ddoNKY=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
@@ -53,6 +56,8 @@ golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
 golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
 golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
+golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
+golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -70,6 +75,8 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -78,6 +85,8 @@ golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
 golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
 golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
 golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
+golang.org/x/term v0.21.0/go.mod h1:ooXLefLobQVslOqselCNF4SxFAaoS6KujMbsGzSDmX0=
+golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
@@ -86,6 +95,7 @@ golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
 golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
 golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

pkg/cmd/roles.go

@@ -80,9 +80,9 @@ func addRolesNameFlag(cmd *cobra.Command, isMandatory bool, RolesCmdValues *Role
 	flagName := "name"
 	var description string
 	if isMandatory {
-		description = "A mandatory flag that identifies the secret to be created or manipulated."
+		description = "A mandatory flag that identifies the role to be created or manipulated."
 	} else {
-		description = "An optional flag that identifies the secret to be retrieved."
+		description = "An optional flag that identifies the role to be retrieved by name."
 	}
 
 	cmd.Flags().StringVar(&RolesCmdValues.name, flagName, "", description)