Implement OTS-CLI utility (#117)

2025-07-21 13:48:57 -04:00 · 2023-10-04 22:27:14 +02:00 · 2023-10-04 22:27:14 +02:00 · 546481dcfc
commit 546481dcfc
parent c5124731f5
20 changed files with 861 additions and 70 deletions
--- a/cmd/ots-cli/cmd_create.go
+++ b/cmd/ots-cli/cmd_create.go
@ -0,0 +1,105 @@
+package main
+
+import (
+	"fmt"
+	"io"
+	"mime"
+	"os"
+	"path"
+
+	"github.com/Luzifer/ots/pkg/client"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+)
+
+var createCmd = &cobra.Command{
+	Use:     "create [-f file]... [--instance url] [--secret-from file]",
+	Short:   "Create a new encrypted secret in the given OTS instance",
+	Long:    "",
+	Example: `echo "I'm a very secret secret" | ots-cli create`,
+	Args:    cobra.NoArgs,
+	RunE:    createRunE,
+}
+
+func init() {
+	createCmd.Flags().Duration("expire", 0, "When to expire the secret (0 to use server-default)")
+	createCmd.Flags().String("instance", "https://ots.fyi/", "Instance to create the secret with")
+	createCmd.Flags().StringSliceP("file", "f", nil, "File(s) to attach to the secret")
+	createCmd.Flags().String("secret-from", "-", `File to read the secret content from ("-" for STDIN)`)
+	rootCmd.AddCommand(createCmd)
+}
+
+func createRunE(cmd *cobra.Command, _ []string) error {
+	var secret client.Secret
+
+	// Read the secret content
+	logrus.Info("reading secret content...")
+	secretSourceName, err := cmd.Flags().GetString("secret-from")
+	if err != nil {
+		return fmt.Errorf("getting secret-from flag: %w", err)
+	}
+
+	var secretSource io.Reader
+	if secretSourceName == "-" {
+		secretSource = os.Stdin
+	} else {
+		f, err := os.Open(secretSourceName) //#nosec:G304 // Opening user specified file is intended
+		if err != nil {
+			return fmt.Errorf("opening secret-from file: %w", err)
+		}
+		defer f.Close() //nolint:errcheck // The file will be force-closed by program exit
+		secretSource = f
+	}
+
+	secretContent, err := io.ReadAll(secretSource)
+	if err != nil {
+		return fmt.Errorf("reading secret content: %w", err)
+	}
+	secret.Secret = string(secretContent)
+
+	// Attach any file given
+	files, err := cmd.Flags().GetStringSlice("file")
+	if err != nil {
+		return fmt.Errorf("getting file flag: %w", err)
+	}
+	for _, f := range files {
+		logrus.WithField("file", f).Info("attaching file...")
+		content, err := os.ReadFile(f) //#nosec:G304 // Opening user specified file is intended
+		if err != nil {
+			return fmt.Errorf("reading attachment %q: %w", f, err)
+		}
+
+		secret.Attachments = append(secret.Attachments, client.SecretAttachment{
+			Name:    f,
+			Type:    mime.TypeByExtension(path.Ext(f)),
+			Content: content,
+		})
+	}
+
+	// Create the secret
+	logrus.Info("creating the secret...")
+	instanceURL, err := cmd.Flags().GetString("instance")
+	if err != nil {
+		return fmt.Errorf("getting instance flag: %w", err)
+	}
+
+	expire, err := cmd.Flags().GetDuration("expire")
+	if err != nil {
+		return fmt.Errorf("getting expire flag: %w", err)
+	}
+
+	secretURL, expiresAt, err := client.Create(instanceURL, secret, expire)
+	if err != nil {
+		return fmt.Errorf("creating secret: %w", err)
+	}
+
+	// Tell them where to find the secret
+	if expiresAt.IsZero() {
+		logrus.Info("secret created, see URL below")
+	} else {
+		logrus.WithField("expires-at", expiresAt).Info("secret created, see URL below")
+	}
+	fmt.Println(secretURL) //nolint:forbidigo // Output intended for STDOUT
+
+	return nil
+}