mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
cli: automatically add iam values to config (#782)
* AB#2706 Automatically add IAM values to config
This commit is contained in:
Moritz Sanft
GitHub
parent
c66119fe93
commit
64ec0408da
@ -60,15 +60,10 @@ func (cg *configGenerateCmd) configGenerate(cmd *cobra.Command, fileHandler file
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
cg.log.Debugf("Parsed flags as %v", flags)
|
||||
conf := config.Default()
|
||||
conf.RemoveProviderExcept(provider)
|
||||
cg.log.Debugf("Using cloud provider %s", provider.String())
|
||||
// set a lower default for QEMU's state disk
|
||||
if provider == cloudprovider.QEMU {
|
||||
conf.StateDiskSizeGB = 10
|
||||
}
|
||||
|
||||
cg.log.Debugf("Parsed flags as %v", flags)
|
||||
cg.log.Debugf("Using cloud provider %s", provider.String())
|
||||
conf := createConfig(provider)
|
||||
if flags.file == "-" {
|
||||
content, err := encoder.NewEncoder(conf).Encode()
|
||||
if err != nil {
|
||||
@ -84,6 +79,7 @@ func (cg *configGenerateCmd) configGenerate(cmd *cobra.Command, fileHandler file
|
||||
if err := fileHandler.WriteYAML(flags.file, conf, file.OptMkdirAll); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
cmd.Println("Config file written to", flags.file)
|
||||
cmd.Println("Please fill in your CSP-specific configuration before proceeding.")
|
||||
cmd.Println("For more information refer to the documentation:")
|
||||
@ -92,6 +88,19 @@ func (cg *configGenerateCmd) configGenerate(cmd *cobra.Command, fileHandler file
|
||||
return nil
|
||||
}
|
||||
|
||||
// createConfig creates a config file for the given provider.
|
||||
func createConfig(provider cloudprovider.Provider) *config.Config {
|
||||
conf := config.Default()
|
||||
conf.RemoveProviderExcept(provider)
|
||||
|
||||
// set a lower default for QEMU's state disk
|
||||
if provider == cloudprovider.QEMU {
|
||||
conf.StateDiskSizeGB = 10
|
||||
}
|
||||
|
||||
return conf
|
||||
}
|
||||
|
||||
func parseGenerateFlags(cmd *cobra.Command) (generateFlags, error) {
|
||||
file, err := cmd.Flags().GetString("file")
|
||||
if err != nil {
|
||||
|
||||
@ -32,6 +32,8 @@ func newIAMCreateCmd() *cobra.Command {
|
||||
Args: cobra.ExactArgs(0),
|
||||
}
|
||||
|
||||
cmd.PersistentFlags().Bool("generate-config", false, "Automatically generate a config file and fill in the required fields")
|
||||
|
||||
cmd.AddCommand(newIAMCreateAWSCmd())
|
||||
cmd.AddCommand(newIAMCreateAzureCmd())
|
||||
cmd.AddCommand(newIAMCreateGCPCmd())
|
||||
|
||||
@ -11,6 +11,8 @@ import (
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/file"
|
||||
"github.com/spf13/afero"
|
||||
"github.com/spf13/cobra"
|
||||
)
|
||||
|
||||
@ -28,7 +30,7 @@ func newIAMCreateAWSCmd() *cobra.Command {
|
||||
must(cobra.MarkFlagRequired(cmd.Flags(), "prefix"))
|
||||
cmd.Flags().String("zone", "", "AWS availability zone the resources will be created in (e.g. us-east-2a). Find available zones here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones. Note that we do not support every zone / region. You can find a list of all supported regions in our docs.")
|
||||
must(cobra.MarkFlagRequired(cmd.Flags(), "zone"))
|
||||
cmd.Flags().Bool("yes", false, "Create the IAM configuration without further confirmation")
|
||||
cmd.Flags().Bool("yes", false, "Create the IAM configuration without further confirmation.")
|
||||
|
||||
return cmd
|
||||
}
|
||||
@ -36,12 +38,13 @@ func newIAMCreateAWSCmd() *cobra.Command {
|
||||
func runIAMCreateAWS(cmd *cobra.Command, args []string) error {
|
||||
spinner := newSpinner(cmd.ErrOrStderr())
|
||||
defer spinner.Stop()
|
||||
fileHandler := file.NewHandler(afero.NewOsFs())
|
||||
creator := cloudcmd.NewIAMCreator(spinner)
|
||||
|
||||
return iamCreateAWS(cmd, spinner, creator)
|
||||
return iamCreateAWS(cmd, spinner, creator, fileHandler)
|
||||
}
|
||||
|
||||
func iamCreateAWS(cmd *cobra.Command, spinner spinnerInterf, creator iamCreator) error {
|
||||
func iamCreateAWS(cmd *cobra.Command, spinner spinnerInterf, creator iamCreator, fileHandler file.Handler) error {
|
||||
// Get input variables.
|
||||
awsFlags, err := parseAWSFlags(cmd)
|
||||
if err != nil {
|
||||
@ -50,9 +53,12 @@ func iamCreateAWS(cmd *cobra.Command, spinner spinnerInterf, creator iamCreator)
|
||||
|
||||
// Confirmation.
|
||||
if !awsFlags.yesFlag {
|
||||
cmd.Printf("The following IAM configuration will be created:\n")
|
||||
cmd.Printf("Region:\t%s\n", awsFlags.region)
|
||||
cmd.Printf("Name Prefix:\t%s\n", awsFlags.prefix)
|
||||
cmd.Printf("The following IAM configuration will be created:\n\n")
|
||||
cmd.Printf("Region:\t\t%s\n", awsFlags.region)
|
||||
cmd.Printf("Name Prefix:\t%s\n\n", awsFlags.prefix)
|
||||
if awsFlags.generateConfig {
|
||||
cmd.Printf("The configuration file %s will be automatically generated and populated with the IAM values.\n", awsFlags.configPath)
|
||||
}
|
||||
ok, err := askToConfirm(cmd, "Do you want to create the configuration?")
|
||||
if err != nil {
|
||||
return err
|
||||
@ -65,21 +71,39 @@ func iamCreateAWS(cmd *cobra.Command, spinner spinnerInterf, creator iamCreator)
|
||||
|
||||
// Creation.
|
||||
spinner.Start("Creating", false)
|
||||
|
||||
conf := createConfig(cloudprovider.AWS)
|
||||
|
||||
iamFile, err := creator.Create(cmd.Context(), cloudprovider.AWS, &cloudcmd.IAMConfig{
|
||||
AWS: cloudcmd.AWSIAMConfig{
|
||||
Region: awsFlags.region,
|
||||
Prefix: awsFlags.prefix,
|
||||
},
|
||||
})
|
||||
|
||||
spinner.Stop()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
cmd.Println() // Print empty line to separate after spinner ended.
|
||||
|
||||
cmd.Printf("region:\t%s\n", awsFlags.region)
|
||||
cmd.Printf("zone:\t%s\n", awsFlags.zone)
|
||||
if awsFlags.generateConfig {
|
||||
conf.Provider.AWS.Region = awsFlags.region
|
||||
conf.Provider.AWS.Zone = awsFlags.zone
|
||||
conf.Provider.AWS.IAMProfileControlPlane = iamFile.AWSOutput.ControlPlaneInstanceProfile
|
||||
conf.Provider.AWS.IAMProfileWorkerNodes = iamFile.AWSOutput.WorkerNodeInstanceProfile
|
||||
|
||||
if err := fileHandler.WriteYAML(awsFlags.configPath, conf, file.OptMkdirAll); err != nil {
|
||||
return err
|
||||
}
|
||||
cmd.Printf("Your IAM configuration was created and filled into %s successfully.\n", awsFlags.configPath)
|
||||
return nil
|
||||
}
|
||||
|
||||
cmd.Printf("region:\t\t\t%s\n", awsFlags.region)
|
||||
cmd.Printf("zone:\t\t\t%s\n", awsFlags.zone)
|
||||
cmd.Printf("iamProfileControlPlane:\t%s\n", iamFile.AWSOutput.ControlPlaneInstanceProfile)
|
||||
cmd.Printf("iamProfileWorkerNodes:\t%s\n", iamFile.AWSOutput.WorkerNodeInstanceProfile)
|
||||
cmd.Printf("iamProfileWorkerNodes:\t%s\n\n", iamFile.AWSOutput.WorkerNodeInstanceProfile)
|
||||
cmd.Println("Your IAM configuration was created successfully. Please fill the above values into your configuration file.")
|
||||
|
||||
return nil
|
||||
@ -106,23 +130,34 @@ func parseAWSFlags(cmd *cobra.Command) (awsFlags, error) {
|
||||
} else {
|
||||
return awsFlags{}, fmt.Errorf("invalid AWS region, to find a correct region please refer to our docs and https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones")
|
||||
}
|
||||
|
||||
configPath, err := cmd.Flags().GetString("config")
|
||||
if err != nil {
|
||||
return awsFlags{}, fmt.Errorf("parsing config string: %w", err)
|
||||
}
|
||||
generateConfig, err := cmd.Flags().GetBool("generate-config")
|
||||
if err != nil {
|
||||
return awsFlags{}, fmt.Errorf("parsing generate-config bool: %w", err)
|
||||
}
|
||||
yesFlag, err := cmd.Flags().GetBool("yes")
|
||||
if err != nil {
|
||||
return awsFlags{}, fmt.Errorf("parsing yes bool: %w", err)
|
||||
}
|
||||
return awsFlags{
|
||||
zone: zone,
|
||||
prefix: prefix,
|
||||
region: region,
|
||||
yesFlag: yesFlag,
|
||||
zone: zone,
|
||||
prefix: prefix,
|
||||
region: region,
|
||||
generateConfig: generateConfig,
|
||||
configPath: configPath,
|
||||
yesFlag: yesFlag,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// awsFlags contains the parsed flags of the iam create aws command.
|
||||
type awsFlags struct {
|
||||
prefix string
|
||||
region string
|
||||
zone string
|
||||
yesFlag bool
|
||||
prefix string
|
||||
region string
|
||||
zone string
|
||||
generateConfig bool
|
||||
configPath string
|
||||
yesFlag bool
|
||||
}
|
||||
|
||||
@ -7,6 +7,7 @@ package cmd
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/cli/internal/iamid"
|
||||
@ -20,10 +21,16 @@ import (
|
||||
)
|
||||
|
||||
func TestIAMCreateAWS(t *testing.T) {
|
||||
fsWithDefaultConfig := func(require *require.Assertions, provider cloudprovider.Provider) afero.Fs {
|
||||
defaultFs := func(require *require.Assertions, provider cloudprovider.Provider, existingFiles []string) afero.Fs {
|
||||
fs := afero.NewMemMapFs()
|
||||
file := file.NewHandler(fs)
|
||||
require.NoError(file.WriteYAML(constants.ConfigFilename, defaultConfigWithExpectedMeasurements(t, config.Default(), provider)))
|
||||
fileHandler := file.NewHandler(fs)
|
||||
for _, f := range existingFiles {
|
||||
require.NoError(fileHandler.Write(f, []byte{1, 2, 3}, file.OptNone))
|
||||
}
|
||||
return fs
|
||||
}
|
||||
readOnlyFs := func(require *require.Assertions, provider cloudprovider.Provider, existingFiles []string) afero.Fs {
|
||||
fs := afero.NewReadOnlyFs(afero.NewMemMapFs())
|
||||
return fs
|
||||
}
|
||||
validIAMIDFile := iamid.File{
|
||||
@ -35,34 +42,91 @@ func TestIAMCreateAWS(t *testing.T) {
|
||||
}
|
||||
|
||||
testCases := map[string]struct {
|
||||
setupFs func(*require.Assertions, cloudprovider.Provider) afero.Fs
|
||||
creator *stubIAMCreator
|
||||
provider cloudprovider.Provider
|
||||
zoneFlag string
|
||||
prefixFlag string
|
||||
yesFlag bool
|
||||
stdin string
|
||||
wantAbort bool
|
||||
wantErr bool
|
||||
setupFs func(require *require.Assertions, provider cloudprovider.Provider, existingFiles []string) afero.Fs
|
||||
creator *stubIAMCreator
|
||||
provider cloudprovider.Provider
|
||||
zoneFlag string
|
||||
prefixFlag string
|
||||
yesFlag bool
|
||||
generateConfigFlag bool
|
||||
configFlag string
|
||||
existingFiles []string
|
||||
stdin string
|
||||
wantAbort bool
|
||||
wantErr bool
|
||||
}{
|
||||
"iam create aws": {
|
||||
setupFs: fsWithDefaultConfig,
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.AWS,
|
||||
zoneFlag: "us-east-2a",
|
||||
prefixFlag: "test",
|
||||
yesFlag: true,
|
||||
},
|
||||
"iam create aws generate config": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.AWS,
|
||||
zoneFlag: "us-east-2a",
|
||||
prefixFlag: "test",
|
||||
yesFlag: true,
|
||||
configFlag: constants.ConfigFilename,
|
||||
generateConfigFlag: true,
|
||||
},
|
||||
"iam create aws generate config custom path": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.AWS,
|
||||
zoneFlag: "us-east-2a",
|
||||
prefixFlag: "test",
|
||||
yesFlag: true,
|
||||
generateConfigFlag: true,
|
||||
configFlag: "custom-config.yaml",
|
||||
},
|
||||
"iam create aws generate config path already exists": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.AWS,
|
||||
zoneFlag: "us-east-2a",
|
||||
prefixFlag: "test",
|
||||
yesFlag: true,
|
||||
generateConfigFlag: true,
|
||||
wantErr: true,
|
||||
configFlag: constants.ConfigFilename,
|
||||
existingFiles: []string{constants.ConfigFilename},
|
||||
},
|
||||
"iam create aws generate config custom path already exists": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.AWS,
|
||||
zoneFlag: "us-east-2a",
|
||||
prefixFlag: "test",
|
||||
yesFlag: true,
|
||||
generateConfigFlag: true,
|
||||
wantErr: true,
|
||||
configFlag: "custom-config.yaml",
|
||||
existingFiles: []string{"custom-config.yaml"},
|
||||
},
|
||||
"interactive": {
|
||||
setupFs: fsWithDefaultConfig,
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.AWS,
|
||||
zoneFlag: "us-east-2a",
|
||||
prefixFlag: "test",
|
||||
stdin: "yes\n",
|
||||
},
|
||||
"interactive generate config": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.AWS,
|
||||
zoneFlag: "us-east-2a",
|
||||
prefixFlag: "test",
|
||||
stdin: "yes\n",
|
||||
configFlag: constants.ConfigFilename,
|
||||
generateConfigFlag: true,
|
||||
},
|
||||
"interactive abort": {
|
||||
setupFs: fsWithDefaultConfig,
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.AWS,
|
||||
zoneFlag: "us-east-2a",
|
||||
@ -70,8 +134,19 @@ func TestIAMCreateAWS(t *testing.T) {
|
||||
stdin: "no\n",
|
||||
wantAbort: true,
|
||||
},
|
||||
"interactive generate config abort": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.AWS,
|
||||
zoneFlag: "us-east-2a",
|
||||
prefixFlag: "test",
|
||||
stdin: "no\n",
|
||||
generateConfigFlag: true,
|
||||
configFlag: constants.ConfigFilename,
|
||||
wantAbort: true,
|
||||
},
|
||||
"invalid zone": {
|
||||
setupFs: fsWithDefaultConfig,
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.AWS,
|
||||
zoneFlag: "us-west-5b",
|
||||
@ -79,6 +154,17 @@ func TestIAMCreateAWS(t *testing.T) {
|
||||
yesFlag: true,
|
||||
wantErr: true,
|
||||
},
|
||||
"unwritable fs": {
|
||||
setupFs: readOnlyFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.AWS,
|
||||
zoneFlag: "us-east-2a",
|
||||
prefixFlag: "test",
|
||||
yesFlag: true,
|
||||
generateConfigFlag: true,
|
||||
wantErr: true,
|
||||
configFlag: constants.ConfigFilename,
|
||||
},
|
||||
}
|
||||
|
||||
for name, tc := range testCases {
|
||||
@ -90,6 +176,10 @@ func TestIAMCreateAWS(t *testing.T) {
|
||||
cmd.SetOut(&bytes.Buffer{})
|
||||
cmd.SetErr(&bytes.Buffer{})
|
||||
cmd.SetIn(bytes.NewBufferString(tc.stdin))
|
||||
|
||||
cmd.Flags().String("config", constants.ConfigFilename, "") // register persistent flag manually
|
||||
cmd.Flags().Bool("generate-config", false, "") // register persistent flag manually
|
||||
|
||||
if tc.zoneFlag != "" {
|
||||
require.NoError(cmd.Flags().Set("zone", tc.zoneFlag))
|
||||
}
|
||||
@ -99,20 +189,39 @@ func TestIAMCreateAWS(t *testing.T) {
|
||||
if tc.yesFlag {
|
||||
require.NoError(cmd.Flags().Set("yes", "true"))
|
||||
}
|
||||
if tc.generateConfigFlag {
|
||||
require.NoError(cmd.Flags().Set("generate-config", "true"))
|
||||
}
|
||||
if tc.configFlag != "" {
|
||||
require.NoError(cmd.Flags().Set("config", tc.configFlag))
|
||||
}
|
||||
|
||||
err := iamCreateAWS(cmd, &nopSpinner{}, tc.creator)
|
||||
fileHandler := file.NewHandler(tc.setupFs(require, tc.provider, tc.existingFiles))
|
||||
|
||||
err := iamCreateAWS(cmd, &nopSpinner{}, tc.creator, fileHandler)
|
||||
|
||||
if tc.wantErr {
|
||||
assert.Error(err)
|
||||
} else {
|
||||
if tc.wantAbort {
|
||||
assert.False(tc.creator.createCalled)
|
||||
} else {
|
||||
assert.NoError(err)
|
||||
assert.True(tc.creator.createCalled)
|
||||
assert.Equal(tc.creator.id.AWSOutput, validIAMIDFile.AWSOutput)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
if tc.wantAbort {
|
||||
assert.False(tc.creator.createCalled)
|
||||
return
|
||||
}
|
||||
|
||||
if tc.generateConfigFlag {
|
||||
readConfig := &config.Config{}
|
||||
readErr := fileHandler.ReadYAML(tc.configFlag, readConfig)
|
||||
require.NoError(readErr)
|
||||
assert.Equal(tc.creator.id.AWSOutput.ControlPlaneInstanceProfile, readConfig.Provider.AWS.IAMProfileControlPlane)
|
||||
assert.Equal(tc.creator.id.AWSOutput.WorkerNodeInstanceProfile, readConfig.Provider.AWS.IAMProfileWorkerNodes)
|
||||
assert.Equal(tc.zoneFlag, readConfig.Provider.AWS.Zone)
|
||||
assert.True(strings.HasPrefix(readConfig.Provider.AWS.Zone, readConfig.Provider.AWS.Region))
|
||||
}
|
||||
require.NoError(err)
|
||||
assert.True(tc.creator.createCalled)
|
||||
assert.Equal(tc.creator.id.AWSOutput, validIAMIDFile.AWSOutput)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
@ -10,6 +10,8 @@ import (
|
||||
|
||||
"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
|
||||
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
||||
"github.com/edgelesssys/constellation/v2/internal/file"
|
||||
"github.com/spf13/afero"
|
||||
"github.com/spf13/cobra"
|
||||
)
|
||||
|
||||
@ -23,13 +25,13 @@ func newIAMCreateAzureCmd() *cobra.Command {
|
||||
RunE: runIAMCreateAzure,
|
||||
}
|
||||
|
||||
cmd.Flags().String("resourceGroup", "", "Name of the resource group your IAM resources will be created in.")
|
||||
cmd.Flags().String("resourceGroup", "", "Name prefix of the two resource groups your cluster / IAM resources will be created in.")
|
||||
must(cobra.MarkFlagRequired(cmd.Flags(), "resourceGroup"))
|
||||
cmd.Flags().String("region", "", "Region the resources will be created in. (e.g. westus)")
|
||||
must(cobra.MarkFlagRequired(cmd.Flags(), "region"))
|
||||
cmd.Flags().String("servicePrincipal", "", "Name of the service principal that will be created.")
|
||||
must(cobra.MarkFlagRequired(cmd.Flags(), "servicePrincipal"))
|
||||
cmd.Flags().Bool("yes", false, "Create the IAM configuration without further confirmation")
|
||||
cmd.Flags().Bool("yes", false, "Create the IAM configuration without further confirmation.")
|
||||
|
||||
return cmd
|
||||
}
|
||||
@ -37,12 +39,13 @@ func newIAMCreateAzureCmd() *cobra.Command {
|
||||
func runIAMCreateAzure(cmd *cobra.Command, args []string) error {
|
||||
spinner := newSpinner(cmd.ErrOrStderr())
|
||||
defer spinner.Stop()
|
||||
fileHandler := file.NewHandler(afero.NewOsFs())
|
||||
creator := cloudcmd.NewIAMCreator(spinner)
|
||||
|
||||
return iamCreateAzure(cmd, spinner, creator)
|
||||
return iamCreateAzure(cmd, spinner, creator, fileHandler)
|
||||
}
|
||||
|
||||
func iamCreateAzure(cmd *cobra.Command, spinner spinnerInterf, creator iamCreator) error {
|
||||
func iamCreateAzure(cmd *cobra.Command, spinner spinnerInterf, creator iamCreator, fileHandler file.Handler) error {
|
||||
// Get input variables.
|
||||
azureFlags, err := parseAzureFlags(cmd)
|
||||
if err != nil {
|
||||
@ -51,10 +54,13 @@ func iamCreateAzure(cmd *cobra.Command, spinner spinnerInterf, creator iamCreato
|
||||
|
||||
// Confirmation.
|
||||
if !azureFlags.yesFlag {
|
||||
cmd.Printf("The following IAM configuration will be created:\n")
|
||||
cmd.Printf("Region:\t%s\n", azureFlags.region)
|
||||
cmd.Printf("Resource Group:\t%s\n", azureFlags.resourceGroup)
|
||||
cmd.Printf("Service Principal:\t%s\n", azureFlags.servicePrincipal)
|
||||
cmd.Printf("The following IAM configuration will be created:\n\n")
|
||||
cmd.Printf("Region:\t\t\t%s\n", azureFlags.region)
|
||||
cmd.Printf("Resource Group:\t\t%s\n", azureFlags.resourceGroup)
|
||||
cmd.Printf("Service Principal:\t%s\n\n", azureFlags.servicePrincipal)
|
||||
if azureFlags.generateConfig {
|
||||
cmd.Printf("The configuration file %s will be automatically generated and populated with the IAM values.\n", azureFlags.configPath)
|
||||
}
|
||||
ok, err := askToConfirm(cmd, "Do you want to create the configuration?")
|
||||
if err != nil {
|
||||
return err
|
||||
@ -67,6 +73,9 @@ func iamCreateAzure(cmd *cobra.Command, spinner spinnerInterf, creator iamCreato
|
||||
|
||||
// Creation.
|
||||
spinner.Start("Creating", false)
|
||||
|
||||
conf := createConfig(cloudprovider.Azure)
|
||||
|
||||
iamFile, err := creator.Create(cmd.Context(), cloudprovider.Azure, &cloudcmd.IAMConfig{
|
||||
Azure: cloudcmd.AzureIAMConfig{
|
||||
Region: azureFlags.region,
|
||||
@ -74,18 +83,35 @@ func iamCreateAzure(cmd *cobra.Command, spinner spinnerInterf, creator iamCreato
|
||||
ResourceGroup: azureFlags.resourceGroup,
|
||||
},
|
||||
})
|
||||
|
||||
spinner.Stop()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
cmd.Println() // Print empty line to separate after spinner ended.
|
||||
|
||||
cmd.Printf("subscription:\t%s\n", iamFile.AzureOutput.SubscriptionID)
|
||||
cmd.Printf("tenant:\t%s\n", iamFile.AzureOutput.TenantID)
|
||||
cmd.Printf("location:\t%s\n", azureFlags.region)
|
||||
cmd.Printf("resourceGroup:\t%s\n", azureFlags.resourceGroup)
|
||||
if azureFlags.generateConfig {
|
||||
conf.Provider.Azure.SubscriptionID = iamFile.AzureOutput.SubscriptionID
|
||||
conf.Provider.Azure.TenantID = iamFile.AzureOutput.TenantID
|
||||
conf.Provider.Azure.Location = azureFlags.region
|
||||
conf.Provider.Azure.ResourceGroup = azureFlags.resourceGroup
|
||||
conf.Provider.Azure.UserAssignedIdentity = iamFile.AzureOutput.UAMIID
|
||||
conf.Provider.Azure.AppClientID = iamFile.AzureOutput.ApplicationID
|
||||
conf.Provider.Azure.ClientSecretValue = iamFile.AzureOutput.ApplicationClientSecretValue
|
||||
if err := fileHandler.WriteYAML(azureFlags.configPath, conf, file.OptMkdirAll); err != nil {
|
||||
return err
|
||||
}
|
||||
cmd.Printf("Your IAM configuration was created and filled into %s successfully.\n", azureFlags.configPath)
|
||||
return nil
|
||||
}
|
||||
|
||||
cmd.Printf("subscription:\t\t%s\n", iamFile.AzureOutput.SubscriptionID)
|
||||
cmd.Printf("tenant:\t\t\t%s\n", iamFile.AzureOutput.TenantID)
|
||||
cmd.Printf("location:\t\t%s\n", azureFlags.region)
|
||||
cmd.Printf("resourceGroup:\t\t%s\n", azureFlags.resourceGroup)
|
||||
cmd.Printf("userAssignedIdentity:\t%s\n", iamFile.AzureOutput.UAMIID)
|
||||
cmd.Printf("appClientID:\t%s\n", iamFile.AzureOutput.ApplicationID)
|
||||
cmd.Printf("appClientSecretValue:\t%s\n", iamFile.AzureOutput.ApplicationClientSecretValue)
|
||||
cmd.Printf("appClientID:\t\t%s\n", iamFile.AzureOutput.ApplicationID)
|
||||
cmd.Printf("appClientSecretValue:\t%s\n\n", iamFile.AzureOutput.ApplicationClientSecretValue)
|
||||
cmd.Println("Your IAM configuration was created successfully. Please fill the above values into your configuration file.")
|
||||
|
||||
return nil
|
||||
@ -97,22 +123,38 @@ func parseAzureFlags(cmd *cobra.Command) (azureFlags, error) {
|
||||
if err != nil {
|
||||
return azureFlags{}, fmt.Errorf("parsing region string: %w", err)
|
||||
}
|
||||
|
||||
resourceGroup, err := cmd.Flags().GetString("resourceGroup")
|
||||
if err != nil {
|
||||
return azureFlags{}, fmt.Errorf("parsing resourceGroup string: %w", err)
|
||||
}
|
||||
|
||||
servicePrincipal, err := cmd.Flags().GetString("servicePrincipal")
|
||||
if err != nil {
|
||||
return azureFlags{}, fmt.Errorf("parsing servicePrincipal string: %w", err)
|
||||
}
|
||||
|
||||
configPath, err := cmd.Flags().GetString("config")
|
||||
if err != nil {
|
||||
return azureFlags{}, fmt.Errorf("parsing config string: %w", err)
|
||||
}
|
||||
|
||||
generateConfig, err := cmd.Flags().GetBool("generate-config")
|
||||
if err != nil {
|
||||
return azureFlags{}, fmt.Errorf("parsing generate-config bool: %w", err)
|
||||
}
|
||||
|
||||
yesFlag, err := cmd.Flags().GetBool("yes")
|
||||
if err != nil {
|
||||
return azureFlags{}, fmt.Errorf("parsing yes bool: %w", err)
|
||||
}
|
||||
|
||||
return azureFlags{
|
||||
servicePrincipal: servicePrincipal,
|
||||
resourceGroup: resourceGroup,
|
||||
region: region,
|
||||
generateConfig: generateConfig,
|
||||
configPath: configPath,
|
||||
yesFlag: yesFlag,
|
||||
}, nil
|
||||
}
|
||||
@ -122,5 +164,8 @@ type azureFlags struct {
|
||||
region string
|
||||
resourceGroup string
|
||||
servicePrincipal string
|
||||
yesFlag bool
|
||||
|
||||
generateConfig bool
|
||||
configPath string
|
||||
yesFlag bool
|
||||
}
|
||||
|
||||
@ -20,10 +20,16 @@ import (
|
||||
)
|
||||
|
||||
func TestIAMCreateAzure(t *testing.T) {
|
||||
fsWithDefaultConfig := func(require *require.Assertions, provider cloudprovider.Provider) afero.Fs {
|
||||
defaultFs := func(require *require.Assertions, provider cloudprovider.Provider, existingFiles []string) afero.Fs {
|
||||
fs := afero.NewMemMapFs()
|
||||
file := file.NewHandler(fs)
|
||||
require.NoError(file.WriteYAML(constants.ConfigFilename, defaultConfigWithExpectedMeasurements(t, config.Default(), provider)))
|
||||
fileHandler := file.NewHandler(fs)
|
||||
for _, f := range existingFiles {
|
||||
require.NoError(fileHandler.Write(f, []byte{1, 2, 3}, file.OptNone))
|
||||
}
|
||||
return fs
|
||||
}
|
||||
readOnlyFs := func(require *require.Assertions, provider cloudprovider.Provider, existingFiles []string) afero.Fs {
|
||||
fs := afero.NewReadOnlyFs(afero.NewMemMapFs())
|
||||
return fs
|
||||
}
|
||||
validIAMIDFile := iamid.File{
|
||||
@ -38,19 +44,22 @@ func TestIAMCreateAzure(t *testing.T) {
|
||||
}
|
||||
|
||||
testCases := map[string]struct {
|
||||
setupFs func(*require.Assertions, cloudprovider.Provider) afero.Fs
|
||||
setupFs func(require *require.Assertions, provider cloudprovider.Provider, existingFiles []string) afero.Fs
|
||||
creator *stubIAMCreator
|
||||
provider cloudprovider.Provider
|
||||
regionFlag string
|
||||
servicePrincipalFlag string
|
||||
resourceGroupFlag string
|
||||
yesFlag bool
|
||||
generateConfigFlag bool
|
||||
configFlag string
|
||||
existingFiles []string
|
||||
stdin string
|
||||
wantAbort bool
|
||||
wantErr bool
|
||||
}{
|
||||
"iam create azure": {
|
||||
setupFs: fsWithDefaultConfig,
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.Azure,
|
||||
regionFlag: "westus",
|
||||
@ -58,8 +67,56 @@ func TestIAMCreateAzure(t *testing.T) {
|
||||
resourceGroupFlag: "constell-test-rg",
|
||||
yesFlag: true,
|
||||
},
|
||||
"iam create azure generate config": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.Azure,
|
||||
regionFlag: "westus",
|
||||
servicePrincipalFlag: "constell-test-sp",
|
||||
resourceGroupFlag: "constell-test-rg",
|
||||
generateConfigFlag: true,
|
||||
configFlag: constants.ConfigFilename,
|
||||
yesFlag: true,
|
||||
},
|
||||
"iam create azure generate config custom path": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.Azure,
|
||||
regionFlag: "westus",
|
||||
servicePrincipalFlag: "constell-test-sp",
|
||||
resourceGroupFlag: "constell-test-rg",
|
||||
generateConfigFlag: true,
|
||||
configFlag: "custom-config.yaml",
|
||||
yesFlag: true,
|
||||
},
|
||||
"iam create azure generate config custom path already exists": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.Azure,
|
||||
regionFlag: "westus",
|
||||
servicePrincipalFlag: "constell-test-sp",
|
||||
resourceGroupFlag: "constell-test-rg",
|
||||
generateConfigFlag: true,
|
||||
yesFlag: true,
|
||||
wantErr: true,
|
||||
configFlag: "custom-config.yaml",
|
||||
existingFiles: []string{"custom-config.yaml"},
|
||||
},
|
||||
"iam create generate config path already exists": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.Azure,
|
||||
regionFlag: "westus",
|
||||
servicePrincipalFlag: "constell-test-sp",
|
||||
resourceGroupFlag: "constell-test-rg",
|
||||
generateConfigFlag: true,
|
||||
configFlag: constants.ConfigFilename,
|
||||
existingFiles: []string{constants.ConfigFilename},
|
||||
yesFlag: true,
|
||||
wantErr: true,
|
||||
},
|
||||
"interactive": {
|
||||
setupFs: fsWithDefaultConfig,
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.Azure,
|
||||
regionFlag: "westus",
|
||||
@ -67,8 +124,19 @@ func TestIAMCreateAzure(t *testing.T) {
|
||||
resourceGroupFlag: "constell-test-rg",
|
||||
stdin: "yes\n",
|
||||
},
|
||||
"interactive generate config": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.Azure,
|
||||
regionFlag: "westus",
|
||||
servicePrincipalFlag: "constell-test-sp",
|
||||
resourceGroupFlag: "constell-test-rg",
|
||||
stdin: "yes\n",
|
||||
generateConfigFlag: true,
|
||||
configFlag: constants.ConfigFilename,
|
||||
},
|
||||
"interactive abort": {
|
||||
setupFs: fsWithDefaultConfig,
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.Azure,
|
||||
regionFlag: "westus",
|
||||
@ -77,6 +145,29 @@ func TestIAMCreateAzure(t *testing.T) {
|
||||
stdin: "no\n",
|
||||
wantAbort: true,
|
||||
},
|
||||
"interactive generate config abort": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.Azure,
|
||||
regionFlag: "westus",
|
||||
servicePrincipalFlag: "constell-test-sp",
|
||||
resourceGroupFlag: "constell-test-rg",
|
||||
stdin: "no\n",
|
||||
generateConfigFlag: true,
|
||||
wantAbort: true,
|
||||
},
|
||||
"unwritable fs": {
|
||||
setupFs: readOnlyFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.Azure,
|
||||
regionFlag: "westus",
|
||||
servicePrincipalFlag: "constell-test-sp",
|
||||
resourceGroupFlag: "constell-test-rg",
|
||||
yesFlag: true,
|
||||
generateConfigFlag: true,
|
||||
configFlag: constants.ConfigFilename,
|
||||
wantErr: true,
|
||||
},
|
||||
}
|
||||
|
||||
for name, tc := range testCases {
|
||||
@ -88,6 +179,10 @@ func TestIAMCreateAzure(t *testing.T) {
|
||||
cmd.SetOut(&bytes.Buffer{})
|
||||
cmd.SetErr(&bytes.Buffer{})
|
||||
cmd.SetIn(bytes.NewBufferString(tc.stdin))
|
||||
|
||||
cmd.Flags().String("config", constants.ConfigFilename, "") // register persistent flag manually
|
||||
cmd.Flags().Bool("generate-config", false, "") // register persistent flag manually
|
||||
|
||||
if tc.regionFlag != "" {
|
||||
require.NoError(cmd.Flags().Set("region", tc.regionFlag))
|
||||
}
|
||||
@ -100,20 +195,42 @@ func TestIAMCreateAzure(t *testing.T) {
|
||||
if tc.yesFlag {
|
||||
require.NoError(cmd.Flags().Set("yes", "true"))
|
||||
}
|
||||
if tc.generateConfigFlag {
|
||||
require.NoError(cmd.Flags().Set("generate-config", "true"))
|
||||
}
|
||||
if tc.configFlag != "" {
|
||||
require.NoError(cmd.Flags().Set("config", tc.configFlag))
|
||||
}
|
||||
|
||||
err := iamCreateAzure(cmd, &nopSpinner{}, tc.creator)
|
||||
fileHandler := file.NewHandler(tc.setupFs(require, tc.provider, tc.existingFiles))
|
||||
|
||||
err := iamCreateAzure(cmd, &nopSpinner{}, tc.creator, fileHandler)
|
||||
|
||||
if tc.wantErr {
|
||||
assert.Error(err)
|
||||
} else {
|
||||
if tc.wantAbort {
|
||||
assert.False(tc.creator.createCalled)
|
||||
} else {
|
||||
assert.NoError(err)
|
||||
assert.True(tc.creator.createCalled)
|
||||
assert.Equal(tc.creator.id.AzureOutput, validIAMIDFile.AzureOutput)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
if tc.wantAbort {
|
||||
assert.False(tc.creator.createCalled)
|
||||
return
|
||||
}
|
||||
|
||||
if tc.generateConfigFlag {
|
||||
readConfig := &config.Config{}
|
||||
readErr := fileHandler.ReadYAML(tc.configFlag, readConfig)
|
||||
require.NoError(readErr)
|
||||
assert.Equal(tc.creator.id.AzureOutput.SubscriptionID, readConfig.Provider.Azure.SubscriptionID)
|
||||
assert.Equal(tc.creator.id.AzureOutput.TenantID, readConfig.Provider.Azure.TenantID)
|
||||
assert.Equal(tc.creator.id.AzureOutput.ApplicationID, readConfig.Provider.Azure.AppClientID)
|
||||
assert.Equal(tc.creator.id.AzureOutput.ApplicationClientSecretValue, readConfig.Provider.Azure.ClientSecretValue)
|
||||
assert.Equal(tc.creator.id.AzureOutput.UAMIID, readConfig.Provider.Azure.UserAssignedIdentity)
|
||||
assert.Equal(tc.regionFlag, readConfig.Provider.Azure.Location)
|
||||
assert.Equal(tc.resourceGroupFlag, readConfig.Provider.Azure.ResourceGroup)
|
||||
}
|
||||
require.NoError(err)
|
||||
assert.True(tc.creator.createCalled)
|
||||
assert.Equal(tc.creator.id.AzureOutput, validIAMIDFile.AzureOutput)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
@ -43,7 +43,7 @@ func newIAMCreateGCPCmd() *cobra.Command {
|
||||
must(cobra.MarkFlagRequired(cmd.Flags(), "serviceAccountID"))
|
||||
cmd.Flags().String("projectID", "", "ID of the GCP project the configuration will be created in. Find it on the welcome screen of your project: https://console.cloud.google.com/welcome")
|
||||
must(cobra.MarkFlagRequired(cmd.Flags(), "projectID"))
|
||||
cmd.Flags().Bool("yes", false, "Create the IAM configuration without further confirmation")
|
||||
cmd.Flags().Bool("yes", false, "Create the IAM configuration without further confirmation.")
|
||||
|
||||
return cmd
|
||||
}
|
||||
@ -54,10 +54,10 @@ func runIAMCreateGCP(cmd *cobra.Command, args []string) error {
|
||||
defer spinner.Stop()
|
||||
creator := cloudcmd.NewIAMCreator(spinner)
|
||||
|
||||
return iamCreateGCP(cmd, spinner, fileHandler, creator)
|
||||
return iamCreateGCP(cmd, spinner, creator, fileHandler)
|
||||
}
|
||||
|
||||
func iamCreateGCP(cmd *cobra.Command, spinner spinnerInterf, fileHandler file.Handler, creator iamCreator) error {
|
||||
func iamCreateGCP(cmd *cobra.Command, spinner spinnerInterf, creator iamCreator, fileHandler file.Handler) error {
|
||||
// Get input variables.
|
||||
gcpFlags, err := parseGCPFlags(cmd)
|
||||
if err != nil {
|
||||
@ -66,11 +66,14 @@ func iamCreateGCP(cmd *cobra.Command, spinner spinnerInterf, fileHandler file.Ha
|
||||
|
||||
// Confirmation.
|
||||
if !gcpFlags.yesFlag {
|
||||
cmd.Printf("The following IAM configuration will be created:\n")
|
||||
cmd.Printf("Project ID:\t%s\n", gcpFlags.projectID)
|
||||
cmd.Printf("The following IAM configuration will be created:\n\n")
|
||||
cmd.Printf("Project ID:\t\t%s\n", gcpFlags.projectID)
|
||||
cmd.Printf("Service Account ID:\t%s\n", gcpFlags.serviceAccountID)
|
||||
cmd.Printf("Region:\t%s\n", gcpFlags.region)
|
||||
cmd.Printf("Zone:\t%s\n", gcpFlags.zone)
|
||||
cmd.Printf("Region:\t\t\t%s\n", gcpFlags.region)
|
||||
cmd.Printf("Zone:\t\t\t%s\n\n", gcpFlags.zone)
|
||||
if gcpFlags.generateConfig {
|
||||
cmd.Printf("The configuration file %s will be automatically generated and populated with the IAM values.\n", gcpFlags.configPath)
|
||||
}
|
||||
ok, err := askToConfirm(cmd, "Do you want to create the configuration?")
|
||||
if err != nil {
|
||||
return err
|
||||
@ -83,6 +86,9 @@ func iamCreateGCP(cmd *cobra.Command, spinner spinnerInterf, fileHandler file.Ha
|
||||
|
||||
// Creation.
|
||||
spinner.Start("Creating", false)
|
||||
|
||||
conf := createConfig(cloudprovider.GCP)
|
||||
|
||||
iamFile, err := creator.Create(cmd.Context(), cloudprovider.GCP, &cloudcmd.IAMConfig{
|
||||
GCP: cloudcmd.GCPIAMConfig{
|
||||
ServiceAccountID: gcpFlags.serviceAccountID,
|
||||
@ -91,10 +97,12 @@ func iamCreateGCP(cmd *cobra.Command, spinner spinnerInterf, fileHandler file.Ha
|
||||
ProjectID: gcpFlags.projectID,
|
||||
},
|
||||
})
|
||||
|
||||
spinner.Stop()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
cmd.Println() // Print empty line to separate after spinner ended.
|
||||
|
||||
// Write back values.
|
||||
tmpOut, err := parseIDFile(iamFile.GCPOutput.ServiceAccountKey)
|
||||
@ -106,7 +114,17 @@ func iamCreateGCP(cmd *cobra.Command, spinner spinnerInterf, fileHandler file.Ha
|
||||
return err
|
||||
}
|
||||
|
||||
cmd.Println(fmt.Sprintf("serviceAccountKeyPath:\t%s", constants.GCPServiceAccountKeyFile))
|
||||
if gcpFlags.generateConfig {
|
||||
conf.Provider.GCP.ServiceAccountKeyPath = constants.GCPServiceAccountKeyFile
|
||||
|
||||
if err := fileHandler.WriteYAML(gcpFlags.configPath, conf, file.OptMkdirAll); err != nil {
|
||||
return err
|
||||
}
|
||||
cmd.Printf("Your IAM configuration was created and filled into %s successfully.\n", gcpFlags.configPath)
|
||||
return nil
|
||||
}
|
||||
|
||||
cmd.Println(fmt.Sprintf("serviceAccountKeyPath:\t%s\n", constants.GCPServiceAccountKeyFile))
|
||||
cmd.Println("Your IAM configuration was created successfully. Please fill the above values into your configuration file.")
|
||||
|
||||
return nil
|
||||
@ -158,7 +176,14 @@ func parseGCPFlags(cmd *cobra.Command) (gcpFlags, error) {
|
||||
if !serviceAccIDRegex.MatchString(serviceAccID) {
|
||||
return gcpFlags{}, fmt.Errorf("invalid serviceAccountID string: %s", serviceAccID)
|
||||
}
|
||||
|
||||
configPath, err := cmd.Flags().GetString("config")
|
||||
if err != nil {
|
||||
return gcpFlags{}, fmt.Errorf("parsing config string: %w", err)
|
||||
}
|
||||
generateConfig, err := cmd.Flags().GetBool("generate-config")
|
||||
if err != nil {
|
||||
return gcpFlags{}, fmt.Errorf("parsing generate-config bool: %w", err)
|
||||
}
|
||||
yesFlag, err := cmd.Flags().GetBool("yes")
|
||||
if err != nil {
|
||||
return gcpFlags{}, fmt.Errorf("parsing yes bool: %w", err)
|
||||
@ -169,6 +194,8 @@ func parseGCPFlags(cmd *cobra.Command) (gcpFlags, error) {
|
||||
zone: zone,
|
||||
region: region,
|
||||
projectID: projectID,
|
||||
generateConfig: generateConfig,
|
||||
configPath: configPath,
|
||||
yesFlag: yesFlag,
|
||||
}, nil
|
||||
}
|
||||
@ -179,5 +206,7 @@ type gcpFlags struct {
|
||||
zone string
|
||||
region string
|
||||
projectID string
|
||||
generateConfig bool
|
||||
configPath string
|
||||
yesFlag bool
|
||||
}
|
||||
|
||||
@ -20,10 +20,16 @@ import (
|
||||
)
|
||||
|
||||
func TestIAMCreateGCP(t *testing.T) {
|
||||
fsWithDefaultConfig := func(require *require.Assertions, provider cloudprovider.Provider) afero.Fs {
|
||||
defaultFs := func(require *require.Assertions, provider cloudprovider.Provider, existingFiles []string) afero.Fs {
|
||||
fs := afero.NewMemMapFs()
|
||||
file := file.NewHandler(fs)
|
||||
require.NoError(file.WriteYAML(constants.ConfigFilename, defaultConfigWithExpectedMeasurements(t, config.Default(), provider)))
|
||||
fileHandler := file.NewHandler(fs)
|
||||
for _, f := range existingFiles {
|
||||
require.NoError(fileHandler.Write(f, []byte{1, 2, 3}, file.OptNone))
|
||||
}
|
||||
return fs
|
||||
}
|
||||
readOnlyFs := func(require *require.Assertions, provider cloudprovider.Provider, existingFiles []string) afero.Fs {
|
||||
fs := afero.NewReadOnlyFs(afero.NewMemMapFs())
|
||||
return fs
|
||||
}
|
||||
validIAMIDFile := iamid.File{
|
||||
@ -40,19 +46,22 @@ func TestIAMCreateGCP(t *testing.T) {
|
||||
}
|
||||
|
||||
testCases := map[string]struct {
|
||||
setupFs func(*require.Assertions, cloudprovider.Provider) afero.Fs
|
||||
setupFs func(require *require.Assertions, provider cloudprovider.Provider, existingFiles []string) afero.Fs
|
||||
creator *stubIAMCreator
|
||||
provider cloudprovider.Provider
|
||||
zoneFlag string
|
||||
serviceAccountIDFlag string
|
||||
projectIDFlag string
|
||||
yesFlag bool
|
||||
generateConfigFlag bool
|
||||
configFlag string
|
||||
existingFiles []string
|
||||
stdin string
|
||||
wantAbort bool
|
||||
wantErr bool
|
||||
}{
|
||||
"iam create gcp": {
|
||||
setupFs: fsWithDefaultConfig,
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.GCP,
|
||||
zoneFlag: "europe-west1-a",
|
||||
@ -60,8 +69,56 @@ func TestIAMCreateGCP(t *testing.T) {
|
||||
projectIDFlag: "constell-1234",
|
||||
yesFlag: true,
|
||||
},
|
||||
"iam create gcp generate config": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.GCP,
|
||||
zoneFlag: "europe-west1-a",
|
||||
serviceAccountIDFlag: "constell-test",
|
||||
projectIDFlag: "constell-1234",
|
||||
generateConfigFlag: true,
|
||||
configFlag: constants.ConfigFilename,
|
||||
yesFlag: true,
|
||||
},
|
||||
"iam create gcp generate config custom path": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.GCP,
|
||||
zoneFlag: "europe-west1-a",
|
||||
serviceAccountIDFlag: "constell-test",
|
||||
projectIDFlag: "constell-1234",
|
||||
generateConfigFlag: true,
|
||||
configFlag: "custom-config.yaml",
|
||||
yesFlag: true,
|
||||
},
|
||||
"iam create gcp generate config path already exists": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.GCP,
|
||||
zoneFlag: "europe-west1-a",
|
||||
serviceAccountIDFlag: "constell-test",
|
||||
projectIDFlag: "constell-1234",
|
||||
generateConfigFlag: true,
|
||||
configFlag: constants.ConfigFilename,
|
||||
existingFiles: []string{constants.ConfigFilename},
|
||||
yesFlag: true,
|
||||
wantErr: true,
|
||||
},
|
||||
"iam create gcp generate config custom path already exists": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.GCP,
|
||||
zoneFlag: "europe-west1-a",
|
||||
serviceAccountIDFlag: "constell-test",
|
||||
projectIDFlag: "constell-1234",
|
||||
generateConfigFlag: true,
|
||||
configFlag: "custom-config.yaml",
|
||||
existingFiles: []string{"custom-config.yaml"},
|
||||
yesFlag: true,
|
||||
wantErr: true,
|
||||
},
|
||||
"iam create gcp invalid flags": {
|
||||
setupFs: fsWithDefaultConfig,
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.GCP,
|
||||
zoneFlag: "-a",
|
||||
@ -69,7 +126,7 @@ func TestIAMCreateGCP(t *testing.T) {
|
||||
wantErr: true,
|
||||
},
|
||||
"iam create gcp invalid b64": {
|
||||
setupFs: fsWithDefaultConfig,
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: invalidIAMIDFile},
|
||||
provider: cloudprovider.GCP,
|
||||
zoneFlag: "europe-west1-a",
|
||||
@ -79,7 +136,7 @@ func TestIAMCreateGCP(t *testing.T) {
|
||||
wantErr: true,
|
||||
},
|
||||
"interactive": {
|
||||
setupFs: fsWithDefaultConfig,
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.GCP,
|
||||
zoneFlag: "europe-west1-a",
|
||||
@ -87,8 +144,19 @@ func TestIAMCreateGCP(t *testing.T) {
|
||||
projectIDFlag: "constell-1234",
|
||||
stdin: "yes\n",
|
||||
},
|
||||
"interactive generate config": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.GCP,
|
||||
zoneFlag: "europe-west1-a",
|
||||
serviceAccountIDFlag: "constell-test",
|
||||
projectIDFlag: "constell-1234",
|
||||
stdin: "yes\n",
|
||||
configFlag: constants.ConfigFilename,
|
||||
generateConfigFlag: true,
|
||||
},
|
||||
"interactive abort": {
|
||||
setupFs: fsWithDefaultConfig,
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.GCP,
|
||||
zoneFlag: "europe-west1-a",
|
||||
@ -97,6 +165,30 @@ func TestIAMCreateGCP(t *testing.T) {
|
||||
stdin: "no\n",
|
||||
wantAbort: true,
|
||||
},
|
||||
"interactive abort generate config": {
|
||||
setupFs: defaultFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.GCP,
|
||||
zoneFlag: "europe-west1-a",
|
||||
serviceAccountIDFlag: "constell-test",
|
||||
projectIDFlag: "constell-1234",
|
||||
stdin: "no\n",
|
||||
wantAbort: true,
|
||||
configFlag: constants.ConfigFilename,
|
||||
generateConfigFlag: true,
|
||||
},
|
||||
"unwritable fs": {
|
||||
setupFs: readOnlyFs,
|
||||
creator: &stubIAMCreator{id: validIAMIDFile},
|
||||
provider: cloudprovider.GCP,
|
||||
zoneFlag: "europe-west1-a",
|
||||
serviceAccountIDFlag: "constell-test",
|
||||
projectIDFlag: "constell-1234",
|
||||
yesFlag: true,
|
||||
generateConfigFlag: true,
|
||||
configFlag: constants.ConfigFilename,
|
||||
wantErr: true,
|
||||
},
|
||||
}
|
||||
|
||||
for name, tc := range testCases {
|
||||
@ -108,6 +200,10 @@ func TestIAMCreateGCP(t *testing.T) {
|
||||
cmd.SetOut(&bytes.Buffer{})
|
||||
cmd.SetErr(&bytes.Buffer{})
|
||||
cmd.SetIn(bytes.NewBufferString(tc.stdin))
|
||||
|
||||
cmd.Flags().String("config", constants.ConfigFilename, "") // register persistent flag manually
|
||||
cmd.Flags().Bool("generate-config", false, "") // register persistent flag manually
|
||||
|
||||
if tc.zoneFlag != "" {
|
||||
require.NoError(cmd.Flags().Set("zone", tc.zoneFlag))
|
||||
}
|
||||
@ -120,22 +216,40 @@ func TestIAMCreateGCP(t *testing.T) {
|
||||
if tc.yesFlag {
|
||||
require.NoError(cmd.Flags().Set("yes", "true"))
|
||||
}
|
||||
if tc.generateConfigFlag {
|
||||
require.NoError(cmd.Flags().Set("generate-config", "true"))
|
||||
}
|
||||
if tc.configFlag != "" {
|
||||
require.NoError(cmd.Flags().Set("config", tc.configFlag))
|
||||
}
|
||||
|
||||
fileHandler := file.NewHandler(tc.setupFs(require, tc.provider))
|
||||
fileHandler := file.NewHandler(tc.setupFs(require, tc.provider, tc.existingFiles))
|
||||
|
||||
err := iamCreateGCP(cmd, &nopSpinner{}, fileHandler, tc.creator)
|
||||
err := iamCreateGCP(cmd, &nopSpinner{}, tc.creator, fileHandler)
|
||||
|
||||
if tc.wantErr {
|
||||
assert.Error(err)
|
||||
} else {
|
||||
if tc.wantAbort {
|
||||
assert.False(tc.creator.createCalled)
|
||||
} else {
|
||||
assert.NoError(err)
|
||||
assert.True(tc.creator.createCalled)
|
||||
assert.Equal(tc.creator.id.GCPOutput, validIAMIDFile.GCPOutput)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
if tc.wantAbort {
|
||||
assert.False(tc.creator.createCalled)
|
||||
return
|
||||
}
|
||||
|
||||
if tc.generateConfigFlag {
|
||||
readConfig := &config.Config{}
|
||||
readErr := fileHandler.ReadYAML(tc.configFlag, readConfig)
|
||||
require.NoError(readErr)
|
||||
assert.Equal(constants.GCPServiceAccountKeyFile, readConfig.Provider.GCP.ServiceAccountKeyPath)
|
||||
}
|
||||
require.NoError(err)
|
||||
assert.True(tc.creator.createCalled)
|
||||
assert.Equal(tc.creator.id.GCPOutput, validIAMIDFile.GCPOutput)
|
||||
readServiceAccountKey := &map[string]string{}
|
||||
readErr := fileHandler.ReadJSON(constants.GCPServiceAccountKeyFile, readServiceAccountKey)
|
||||
require.NoError(readErr)
|
||||
assert.Equal("not_a_secret", (*readServiceAccountKey)["private_key_id"])
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user