diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2021-12-02 10:33:16 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-12-02 10:33:16 +0100 |
commit | 33b26cb478b1681017ae66e7e0175953931b0da2 (patch) | |
tree | 64ea7b705d5450feee1ebca771293ce76680f437 /client/go/cmd | |
parent | 48f295e3b87a0565fc3ee984af9346d1d6c18b76 (diff) | |
parent | f33d88f96fbca58d065ed0437a6a81f27253caa8 (diff) |
Merge pull request #20270 from vespa-engine/bjorncs/alias
Add deprecated and hidden 'api-key'/'cert' commands
Diffstat (limited to 'client/go/cmd')
-rw-r--r-- | client/go/cmd/api_key.go | 77 | ||||
-rw-r--r-- | client/go/cmd/auth.go | 2 | ||||
-rw-r--r-- | client/go/cmd/cert.go | 152 |
3 files changed, 129 insertions, 102 deletions
diff --git a/client/go/cmd/api_key.go b/client/go/cmd/api_key.go index f6113adf5d6..032d98c96fe 100644 --- a/client/go/cmd/api_key.go +++ b/client/go/cmd/api_key.go @@ -36,41 +36,54 @@ var apiKeyCmd = &cobra.Command{ Example: apiKeyExample(), DisableAutoGenTag: true, Args: cobra.ExactArgs(0), - Run: func(cmd *cobra.Command, args []string) { - cfg, err := LoadConfig() - if err != nil { - fatalErr(err, "Could not load config") - return - } - app := getApplication() - apiKeyFile := cfg.APIKeyPath(app.Tenant) - if util.PathExists(apiKeyFile) && !overwriteKey { - printErrHint(fmt.Errorf("File %s already exists", apiKeyFile), "Use -f to overwrite it") - printPublicKey(apiKeyFile, app.Tenant) - return - } - apiKey, err := vespa.CreateAPIKey() - if err != nil { - fatalErr(err, "Could not create API key") - return - } - if err := ioutil.WriteFile(apiKeyFile, apiKey, 0600); err == nil { - printSuccess("API private key written to ", apiKeyFile) - printPublicKey(apiKeyFile, app.Tenant) - if vespa.Auth0AccessTokenEnabled() { - if err == nil { - if err := cfg.Set(cloudAuthFlag, "api-key"); err != nil { - fatalErr(err, "Could not write config") - } - if err := cfg.Write(); err != nil { - fatalErr(err) - } + Run: doApiKey, +} + +var deprecatedApiKeyCmd = &cobra.Command{ + Use: "api-key", + Short: "Create a new user API key for authentication with Vespa Cloud", + Example: apiKeyExample(), + DisableAutoGenTag: true, + Args: cobra.ExactArgs(0), + Hidden: true, + Deprecated: "use 'vespa auth api-key' instead", + Run: doApiKey, +} + +func doApiKey(_ *cobra.Command, _ []string) { + cfg, err := LoadConfig() + if err != nil { + fatalErr(err, "Could not load config") + return + } + app := getApplication() + apiKeyFile := cfg.APIKeyPath(app.Tenant) + if util.PathExists(apiKeyFile) && !overwriteKey { + printErrHint(fmt.Errorf("File %s already exists", apiKeyFile), "Use -f to overwrite it") + printPublicKey(apiKeyFile, app.Tenant) + return + } + apiKey, err := vespa.CreateAPIKey() + if err != nil { + fatalErr(err, "Could not create API key") + return + } + if err := ioutil.WriteFile(apiKeyFile, apiKey, 0600); err == nil { + printSuccess("API private key written to ", apiKeyFile) + printPublicKey(apiKeyFile, app.Tenant) + if vespa.Auth0AccessTokenEnabled() { + if err == nil { + if err := cfg.Set(cloudAuthFlag, "api-key"); err != nil { + fatalErr(err, "Could not write config") + } + if err := cfg.Write(); err != nil { + fatalErr(err) } } - } else { - fatalErr(err, "Failed to write ", apiKeyFile) } - }, + } else { + fatalErr(err, "Failed to write ", apiKeyFile) + } } func printPublicKey(apiKeyFile, tenant string) { diff --git a/client/go/cmd/auth.go b/client/go/cmd/auth.go index 8f306356267..9322f8d0808 100644 --- a/client/go/cmd/auth.go +++ b/client/go/cmd/auth.go @@ -8,6 +8,8 @@ import ( func init() { if vespa.Auth0AccessTokenEnabled() { rootCmd.AddCommand(authCmd) + rootCmd.AddCommand(deprecatedCertCmd) + rootCmd.AddCommand(deprecatedApiKeyCmd) authCmd.AddCommand(certCmd) authCmd.AddCommand(apiKeyCmd) authCmd.AddCommand(loginCmd) diff --git a/client/go/cmd/cert.go b/client/go/cmd/cert.go index 6fbe19b524d..e79a45d3af8 100644 --- a/client/go/cmd/cert.go +++ b/client/go/cmd/cert.go @@ -5,12 +5,11 @@ package cmd import ( "fmt" - "os" - "path/filepath" - "github.com/spf13/cobra" "github.com/vespa-engine/vespa/client/go/util" "github.com/vespa-engine/vespa/client/go/vespa" + "os" + "path/filepath" ) var overwriteCertificate bool @@ -34,80 +33,93 @@ var certCmd = &cobra.Command{ Example: certExample(), DisableAutoGenTag: true, Args: cobra.MaximumNArgs(1), - Run: func(cmd *cobra.Command, args []string) { - app := getApplication() - pkg, err := vespa.FindApplicationPackage(applicationSource(args), false) - if err != nil { - fatalErr(err) - return - } - cfg, err := LoadConfig() - if err != nil { - fatalErr(err) - return - } - privateKeyFile, err := cfg.PrivateKeyPath(app) - if err != nil { - fatalErr(err) - return - } - certificateFile, err := cfg.CertificatePath(app) - if err != nil { - fatalErr(err) - return - } + Run: doCert, +} - if !overwriteCertificate { - hint := "Use -f flag to force overwriting" - if pkg.HasCertificate() { - fatalErrHint(fmt.Errorf("Application package %s already contains a certificate", pkg.Path), hint) - return - } - if util.PathExists(privateKeyFile) { - fatalErrHint(fmt.Errorf("Private key %s already exists", color.Cyan(privateKeyFile)), hint) - return - } - if util.PathExists(certificateFile) { - fatalErrHint(fmt.Errorf("Certificate %s already exists", color.Cyan(certificateFile)), hint) - return - } - } - if pkg.IsZip() { - var msg string - if vespa.Auth0AccessTokenEnabled() { - msg = "Try running 'mvn clean' before 'vespa auth cert', and then 'mvn package'" - } else { - msg = "Try running 'mvn clean' before 'vespa cert', and then 'mvn package'" - } - fatalErrHint(fmt.Errorf("Cannot add certificate to compressed application package %s", pkg.Path), - msg) - return - } +var deprecatedCertCmd = &cobra.Command{ + Use: "cert", + Short: "Create a new private key and self-signed certificate for Vespa Cloud deployment", + Example: "$ vespa cert -a my-tenant.my-app.my-instance", + DisableAutoGenTag: true, + Args: cobra.MaximumNArgs(1), + Deprecated: "use 'vespa auth cert' instead", + Hidden: true, + Run: doCert, +} - keyPair, err := vespa.CreateKeyPair() - if err != nil { - fatalErr(err, "Could not create key pair") - return - } - pkgCertificateFile := filepath.Join(pkg.Path, "security", "clients.pem") - if err := os.MkdirAll(filepath.Dir(pkgCertificateFile), 0755); err != nil { - fatalErr(err, "Could not create security directory") +func doCert(_ *cobra.Command, args []string) { + app := getApplication() + pkg, err := vespa.FindApplicationPackage(applicationSource(args), false) + if err != nil { + fatalErr(err) + return + } + cfg, err := LoadConfig() + if err != nil { + fatalErr(err) + return + } + privateKeyFile, err := cfg.PrivateKeyPath(app) + if err != nil { + fatalErr(err) + return + } + certificateFile, err := cfg.CertificatePath(app) + if err != nil { + fatalErr(err) + return + } + + if !overwriteCertificate { + hint := "Use -f flag to force overwriting" + if pkg.HasCertificate() { + fatalErrHint(fmt.Errorf("Application package %s already contains a certificate", pkg.Path), hint) return } - if err := keyPair.WriteCertificateFile(pkgCertificateFile, overwriteCertificate); err != nil { - fatalErr(err, "Could not write certificate") + if util.PathExists(privateKeyFile) { + fatalErrHint(fmt.Errorf("Private key %s already exists", color.Cyan(privateKeyFile)), hint) return } - if err := keyPair.WriteCertificateFile(certificateFile, overwriteCertificate); err != nil { - fatalErr(err, "Could not write certificate") + if util.PathExists(certificateFile) { + fatalErrHint(fmt.Errorf("Certificate %s already exists", color.Cyan(certificateFile)), hint) return } - if err := keyPair.WritePrivateKeyFile(privateKeyFile, overwriteCertificate); err != nil { - fatalErr(err, "Could not write private key") - return + } + if pkg.IsZip() { + var msg string + if vespa.Auth0AccessTokenEnabled() { + msg = "Try running 'mvn clean' before 'vespa auth cert', and then 'mvn package'" + } else { + msg = "Try running 'mvn clean' before 'vespa cert', and then 'mvn package'" } - printSuccess("Certificate written to ", color.Cyan(pkgCertificateFile)) - printSuccess("Certificate written to ", color.Cyan(certificateFile)) - printSuccess("Private key written to ", color.Cyan(privateKeyFile)) - }, + fatalErrHint(fmt.Errorf("Cannot add certificate to compressed application package %s", pkg.Path), + msg) + return + } + + keyPair, err := vespa.CreateKeyPair() + if err != nil { + fatalErr(err, "Could not create key pair") + return + } + pkgCertificateFile := filepath.Join(pkg.Path, "security", "clients.pem") + if err := os.MkdirAll(filepath.Dir(pkgCertificateFile), 0755); err != nil { + fatalErr(err, "Could not create security directory") + return + } + if err := keyPair.WriteCertificateFile(pkgCertificateFile, overwriteCertificate); err != nil { + fatalErr(err, "Could not write certificate") + return + } + if err := keyPair.WriteCertificateFile(certificateFile, overwriteCertificate); err != nil { + fatalErr(err, "Could not write certificate") + return + } + if err := keyPair.WritePrivateKeyFile(privateKeyFile, overwriteCertificate); err != nil { + fatalErr(err, "Could not write private key") + return + } + printSuccess("Certificate written to ", color.Cyan(pkgCertificateFile)) + printSuccess("Certificate written to ", color.Cyan(certificateFile)) + printSuccess("Private key written to ", color.Cyan(privateKeyFile)) } |