Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-08-06 14:04:17 -04:00
Code Issues Projects Releases Packages Wiki Activity

cli: add --workspace flag to set base directory for Constellation workspace (#2148)

Browse source 
* Remove `--config` and `--master-secret` falgs

* Add `--workspace` flag

* In CLI, only work on files with paths created from `cli/internal/cmd`

* Properly print values for GCP on IAM create when not directly updating the config

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße 2023-08-04 13:53:51 +02:00 committed by GitHub
parent ec33530c38
commit d1ace13713
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
57 changed files with 966 additions and 1145 deletions
Download patch file Download diff file Expand all files Collapse all files

159
cli/internal/cmd/iamcreate_test.go
View file

@ -88,7 +88,6 @@ func TestIAMCreateAWS(t *testing.T) {
prefixFlag string
yesFlag bool
updateConfigFlag bool
configFlag string
existingConfigFiles []string
existingDirs []string
stdin string
@ -121,7 +120,6 @@ func TestIAMCreateAWS(t *testing.T) {
zoneFlag: "us-east-2a",
prefixFlag: "test",
yesFlag: true,
configFlag: constants.ConfigFilename,
updateConfigFlag: true,
existingConfigFiles: []string{constants.ConfigFilename},
},
@ -160,28 +158,6 @@ func TestIAMCreateAWS(t *testing.T) {
prefixFlag: "test",
yesFlag: true,
},
"iam create aws --update-config with --config": {
setupFs: defaultFs,
creator: &stubIAMCreator{id: validIAMIDFile},
provider: cloudprovider.AWS,
zoneFlag: "us-east-2a",
prefixFlag: "test",
yesFlag: true,
updateConfigFlag: true,
configFlag: "custom-config.yaml",
existingConfigFiles: []string{"custom-config.yaml"},
},
"iam create aws --update-config --config path doesn't exist": {
setupFs: defaultFs,
creator: &stubIAMCreator{id: validIAMIDFile},
provider: cloudprovider.AWS,
zoneFlag: "us-east-2a",
prefixFlag: "test",
yesFlag: true,
updateConfigFlag: true,
wantErr: true,
configFlag: constants.ConfigFilename,
},
"iam create aws existing terraform dir": {
setupFs: defaultFs,
creator: &stubIAMCreator{id: validIAMIDFile},
@ -207,7 +183,6 @@ func TestIAMCreateAWS(t *testing.T) {
zoneFlag: "us-east-2a",
prefixFlag: "test",
stdin: "yes\n",
configFlag: constants.ConfigFilename,
updateConfigFlag: true,
existingConfigFiles: []string{constants.ConfigFilename},
},
@ -228,7 +203,6 @@ func TestIAMCreateAWS(t *testing.T) {
prefixFlag: "test",
stdin: "no\n",
updateConfigFlag: true,
configFlag: constants.ConfigFilename,
wantAbort: true,
existingConfigFiles: []string{constants.ConfigFilename},
},
@ -250,7 +224,6 @@ func TestIAMCreateAWS(t *testing.T) {
yesFlag: true,
updateConfigFlag: true,
wantErr: true,
configFlag: constants.ConfigFilename,
},
}
@ -265,7 +238,7 @@ func TestIAMCreateAWS(t *testing.T) {
cmd.SetIn(bytes.NewBufferString(tc.stdin))
// register persistent flags manually
cmd.Flags().String("config", constants.ConfigFilename, "")
cmd.Flags().String("workspace", "", "")
cmd.Flags().Bool("update-config", false, "")
cmd.Flags().Bool("yes", false, "")
cmd.Flags().String("name", "constell", "")
@ -283,9 +256,6 @@ func TestIAMCreateAWS(t *testing.T) {
if tc.updateConfigFlag {
require.NoError(cmd.Flags().Set("update-config", "true"))
}
if tc.configFlag != "" {
require.NoError(cmd.Flags().Set("config", tc.configFlag))
}
fileHandler := file.NewHandler(tc.setupFs(require, tc.provider, tc.existingConfigFiles, tc.existingDirs))
@ -314,7 +284,7 @@ func TestIAMCreateAWS(t *testing.T) {
if tc.updateConfigFlag {
readConfig := &config.Config{}
readErr := fileHandler.ReadYAML(tc.configFlag, readConfig)
readErr := fileHandler.ReadYAML(constants.ConfigFilename, readConfig)
require.NoError(readErr)
assert.Equal(tc.creator.id.AWSOutput.ControlPlaneInstanceProfile, readConfig.Provider.AWS.IAMProfileControlPlane)
assert.Equal(tc.creator.id.AWSOutput.WorkerNodeInstanceProfile, readConfig.Provider.AWS.IAMProfileWorkerNodes)
@ -329,17 +299,7 @@ func TestIAMCreateAWS(t *testing.T) {
}
func TestIAMCreateAzure(t *testing.T) {
defaultFs := func(require *require.Assertions, provider cloudprovider.Provider, existingConfigFiles []string, existingDirs []string) afero.Fs {
fs := afero.NewMemMapFs()
fileHandler := file.NewHandler(fs)
for _, f := range existingConfigFiles {
require.NoError(fileHandler.WriteYAML(f, createConfig(cloudprovider.Azure), file.OptNone))
}
for _, d := range existingDirs {
require.NoError(fs.MkdirAll(d, 0o755))
}
return fs
}
defaultFs := createFSWithConfig(*createConfig(cloudprovider.Azure))
readOnlyFs := func(require *require.Assertions, provider cloudprovider.Provider, existingConfigFiles []string, existingDirs []string) afero.Fs {
fs := afero.NewReadOnlyFs(afero.NewMemMapFs())
return fs
@ -362,7 +322,6 @@ func TestIAMCreateAzure(t *testing.T) {
resourceGroupFlag string
yesFlag bool
updateConfigFlag bool
configFlag string
existingConfigFiles []string
existingDirs []string
stdin string
@ -396,46 +355,9 @@ func TestIAMCreateAzure(t *testing.T) {
servicePrincipalFlag: "constell-test-sp",
resourceGroupFlag: "constell-test-rg",
updateConfigFlag: true,
configFlag: constants.ConfigFilename,
yesFlag: true,
existingConfigFiles: []string{constants.ConfigFilename},
},
"iam create azure --update-config with --config": {
setupFs: defaultFs,
creator: &stubIAMCreator{id: validIAMIDFile},
provider: cloudprovider.Azure,
regionFlag: "westus",
servicePrincipalFlag: "constell-test-sp",
resourceGroupFlag: "constell-test-rg",
updateConfigFlag: true,
configFlag: "custom-config.yaml",
yesFlag: true,
existingConfigFiles: []string{"custom-config.yaml"},
},
"iam create azure --update-config custom --config path doesn't exist": {
setupFs: defaultFs,
creator: &stubIAMCreator{id: validIAMIDFile},
provider: cloudprovider.Azure,
regionFlag: "westus",
servicePrincipalFlag: "constell-test-sp",
resourceGroupFlag: "constell-test-rg",
updateConfigFlag: true,
yesFlag: true,
wantErr: true,
configFlag: "custom-config.yaml",
},
"iam create azur --update-config --config path doesn't exists": {
setupFs: defaultFs,
creator: &stubIAMCreator{id: validIAMIDFile},
provider: cloudprovider.Azure,
regionFlag: "westus",
servicePrincipalFlag: "constell-test-sp",
resourceGroupFlag: "constell-test-rg",
updateConfigFlag: true,
configFlag: constants.ConfigFilename,
yesFlag: true,
wantErr: true,
},
"iam create azure existing terraform dir": {
setupFs: defaultFs,
creator: &stubIAMCreator{id: validIAMIDFile},
@ -465,7 +387,6 @@ func TestIAMCreateAzure(t *testing.T) {
resourceGroupFlag: "constell-test-rg",
stdin: "yes\n",
updateConfigFlag: true,
configFlag: constants.ConfigFilename,
existingConfigFiles: []string{constants.ConfigFilename},
},
"interactive abort": {
@ -499,7 +420,6 @@ func TestIAMCreateAzure(t *testing.T) {
resourceGroupFlag: "constell-test-rg",
yesFlag: true,
updateConfigFlag: true,
configFlag: constants.ConfigFilename,
wantErr: true,
},
}
@ -515,7 +435,7 @@ func TestIAMCreateAzure(t *testing.T) {
cmd.SetIn(bytes.NewBufferString(tc.stdin))
// register persistent flags manually
cmd.Flags().String("config", constants.ConfigFilename, "")
cmd.Flags().String("workspace", "", "")
cmd.Flags().Bool("update-config", false, "")
cmd.Flags().Bool("yes", false, "")
cmd.Flags().String("name", "constell", "")
@ -536,9 +456,6 @@ func TestIAMCreateAzure(t *testing.T) {
if tc.updateConfigFlag {
require.NoError(cmd.Flags().Set("update-config", "true"))
}
if tc.configFlag != "" {
require.NoError(cmd.Flags().Set("config", tc.configFlag))
}
fileHandler := file.NewHandler(tc.setupFs(require, tc.provider, tc.existingConfigFiles, tc.existingDirs))
@ -566,7 +483,7 @@ func TestIAMCreateAzure(t *testing.T) {
if tc.updateConfigFlag {
readConfig := &config.Config{}
readErr := fileHandler.ReadYAML(tc.configFlag, readConfig)
readErr := fileHandler.ReadYAML(constants.ConfigFilename, readConfig)
require.NoError(readErr)
assert.Equal(tc.creator.id.AzureOutput.SubscriptionID, readConfig.Provider.Azure.SubscriptionID)
assert.Equal(tc.creator.id.AzureOutput.TenantID, readConfig.Provider.Azure.TenantID)
@ -582,17 +499,7 @@ func TestIAMCreateAzure(t *testing.T) {
}
func TestIAMCreateGCP(t *testing.T) {
defaultFs := func(require *require.Assertions, provider cloudprovider.Provider, existingConfigFiles []string, existingDirs []string) afero.Fs {
fs := afero.NewMemMapFs()
fileHandler := file.NewHandler(fs)
for _, f := range existingConfigFiles {
require.NoError(fileHandler.WriteYAML(f, createConfig(cloudprovider.GCP), file.OptNone))
}
for _, d := range existingDirs {
require.NoError(fs.MkdirAll(d, 0o755))
}
return fs
}
defaultFs := createFSWithConfig(*createConfig(cloudprovider.GCP))
readOnlyFs := func(require *require.Assertions, provider cloudprovider.Provider, existingConfigFiles []string, existingDirs []string) afero.Fs {
fs := afero.NewReadOnlyFs(afero.NewMemMapFs())
return fs
@ -619,7 +526,6 @@ func TestIAMCreateGCP(t *testing.T) {
projectIDFlag string
yesFlag bool
updateConfigFlag bool
configFlag string
existingConfigFiles []string
existingDirs []string
stdin string
@ -653,46 +559,9 @@ func TestIAMCreateGCP(t *testing.T) {
serviceAccountIDFlag: "constell-test",
projectIDFlag: "constell-1234",
updateConfigFlag: true,
configFlag: constants.ConfigFilename,
yesFlag: true,
existingConfigFiles: []string{constants.ConfigFilename},
},
"iam create gcp --update-config with --config": {
setupFs: defaultFs,
creator: &stubIAMCreator{id: validIAMIDFile},
provider: cloudprovider.GCP,
zoneFlag: "europe-west1-a",
serviceAccountIDFlag: "constell-test",
projectIDFlag: "constell-1234",
updateConfigFlag: true,
configFlag: "custom-config.yaml",
yesFlag: true,
existingConfigFiles: []string{"custom-config.yaml"},
},
"iam create gcp --update-config --config path doesn't exists": {
setupFs: defaultFs,
creator: &stubIAMCreator{id: validIAMIDFile},
provider: cloudprovider.GCP,
zoneFlag: "europe-west1-a",
serviceAccountIDFlag: "constell-test",
projectIDFlag: "constell-1234",
updateConfigFlag: true,
configFlag: constants.ConfigFilename,
yesFlag: true,
wantErr: true,
},
"iam create gcp --update-config wrong --config path": {
setupFs: defaultFs,
creator: &stubIAMCreator{id: validIAMIDFile},
provider: cloudprovider.GCP,
zoneFlag: "europe-west1-a",
serviceAccountIDFlag: "constell-test",
projectIDFlag: "constell-1234",
updateConfigFlag: true,
configFlag: "custom-config.yaml",
yesFlag: true,
wantErr: true,
},
"iam create gcp existing terraform dir": {
setupFs: defaultFs,
creator: &stubIAMCreator{id: validIAMIDFile},
@ -740,7 +609,6 @@ func TestIAMCreateGCP(t *testing.T) {
serviceAccountIDFlag: "constell-test",
projectIDFlag: "constell-1234",
stdin: "yes\n",
configFlag: constants.ConfigFilename,
updateConfigFlag: true,
existingConfigFiles: []string{constants.ConfigFilename},
},
@ -763,7 +631,6 @@ func TestIAMCreateGCP(t *testing.T) {
projectIDFlag: "constell-1234",
stdin: "no\n",
wantAbort: true,
configFlag: constants.ConfigFilename,
updateConfigFlag: true,
existingConfigFiles: []string{constants.ConfigFilename},
},
@ -776,7 +643,6 @@ func TestIAMCreateGCP(t *testing.T) {
projectIDFlag: "constell-1234",
yesFlag: true,
updateConfigFlag: true,
configFlag: constants.ConfigFilename,
wantErr: true,
},
}
@ -792,7 +658,7 @@ func TestIAMCreateGCP(t *testing.T) {
cmd.SetIn(bytes.NewBufferString(tc.stdin))
// register persistent flags manually
cmd.Flags().String("config", constants.ConfigFilename, "")
cmd.Flags().String("workspace", "", "")
cmd.Flags().Bool("update-config", false, "")
cmd.Flags().Bool("yes", false, "")
cmd.Flags().String("name", "constell", "")
@ -813,9 +679,6 @@ func TestIAMCreateGCP(t *testing.T) {
if tc.updateConfigFlag {
require.NoError(cmd.Flags().Set("update-config", "true"))
}
if tc.configFlag != "" {
require.NoError(cmd.Flags().Set("config", tc.configFlag))
}
fileHandler := file.NewHandler(tc.setupFs(require, tc.provider, tc.existingConfigFiles, tc.existingDirs))
@ -843,15 +706,15 @@ func TestIAMCreateGCP(t *testing.T) {
if tc.updateConfigFlag {
readConfig := &config.Config{}
readErr := fileHandler.ReadYAML(tc.configFlag, readConfig)
readErr := fileHandler.ReadYAML(constants.ConfigFilename, readConfig)
require.NoError(readErr)
assert.Equal(constants.GCPServiceAccountKeyFile, readConfig.Provider.GCP.ServiceAccountKeyPath)
assert.Equal(gcpServiceAccountKeyFile, readConfig.Provider.GCP.ServiceAccountKeyPath)
}
require.NoError(err)
assert.True(tc.creator.createCalled)
assert.Equal(tc.creator.id.GCPOutput, validIAMIDFile.GCPOutput)
readServiceAccountKey := &map[string]string{}
readErr := fileHandler.ReadJSON(constants.GCPServiceAccountKeyFile, readServiceAccountKey)
readErr := fileHandler.ReadJSON(gcpServiceAccountKeyFile, readServiceAccountKey)
require.NoError(readErr)
assert.Equal("not_a_secret", (*readServiceAccountKey)["private_key_id"])
})
@ -939,7 +802,7 @@ func createFSWithConfig(cfg config.Config) func(require *require.Assertions, pro
fs := afero.NewMemMapFs()
fileHandler := file.NewHandler(fs)
for _, f := range existingConfigFiles {
require.NoError(fileHandler.WriteYAML(f, cfg, file.OptNone))
require.NoError(fileHandler.WriteYAML(f, cfg, file.OptMkdirAll))
}
for _, d := range existingDirs {
require.NoError(fs.MkdirAll(d, 0o755))