diff options
author | Martin Polden <mpolden@mpolden.no> | 2022-04-07 10:33:43 +0200 |
---|---|---|
committer | Martin Polden <mpolden@mpolden.no> | 2022-04-07 14:41:02 +0200 |
commit | 03d1c32a0a2bb967a1bb56da4e584f24edc7690f (patch) | |
tree | 1e0baceb4c74902d66f493ff406d85811f362cba /client | |
parent | 4c3de59b341522a53e3ebbf8ad40bd2b12aff86e (diff) |
Remove -k flag and simplify
Diffstat (limited to 'client')
-rw-r--r-- | client/go/cmd/config.go | 32 | ||||
-rw-r--r-- | client/go/cmd/config_test.go | 11 | ||||
-rw-r--r-- | client/go/cmd/prod_test.go | 6 | ||||
-rw-r--r-- | client/go/cmd/root.go | 7 |
4 files changed, 25 insertions, 31 deletions
diff --git a/client/go/cmd/config.go b/client/go/cmd/config.go index 447bad14444..417dfd77198 100644 --- a/client/go/cmd/config.go +++ b/client/go/cmd/config.go @@ -252,8 +252,18 @@ func (c *Config) x509KeyPair(app vespa.ApplicationID) (KeyPair, error) { }, nil } +func (c *Config) apiKeyFileFromEnv() (string, bool) { + override, ok := c.environment["VESPA_CLI_API_KEY_FILE"] + return override, ok +} + +func (c *Config) apiKeyFromEnv() ([]byte, bool) { + override, ok := c.environment["VESPA_CLI_API_KEY"] + return []byte(override), ok +} + func (c *Config) apiKeyPath(tenantName string) string { - if override, ok := c.get(apiKeyFileFlag); ok { + if override, ok := c.apiKeyFileFromEnv(); ok { return override } return filepath.Join(c.homeDir, tenantName+".api-key.pem") @@ -264,26 +274,25 @@ func (c *Config) authConfigPath() string { } func (c *Config) readAPIKey(tenantName string) ([]byte, error) { - if override, ok := c.get(apiKeyFlag); ok { - return []byte(override), nil + if override, ok := c.apiKeyFromEnv(); ok { + return override, nil } return os.ReadFile(c.apiKeyPath(tenantName)) } // useAPIKey returns true if an API key should be used when authenticating with system. func (c *Config) useAPIKey(cli *CLI, system vespa.System, tenantName string) bool { - if _, ok := c.get(apiKeyFlag); ok { + if _, ok := c.apiKeyFromEnv(); ok { return true } - if _, ok := c.get(apiKeyFileFlag); ok { + if _, ok := c.apiKeyFileFromEnv(); ok { return true } - // If no Auth0 token is created, fall back to tenant api key, but warn that this functionality is deprecated - // TODO: Remove this when users have had time to migrate over to Auth0 device flow authentication if !cli.isCI() { - a, err := auth0.New(c.authConfigPath(), system.Name, system.URL) - if err != nil || !a.HasCredentials() { - cli.printWarning("Use of API key is deprecated", "Authenticate with Auth0 instead: 'vespa auth login'") + // Fall back to API key, if present and Auth0 has not been configured + client, err := auth0.New(c.authConfigPath(), system.Name, system.URL) + if err != nil || !client.HasCredentials() { + cli.printWarning("Regular authentication is preferred over API key in a non-CI context", "Authenticate with 'vespa auth login'") return util.PathExists(c.apiKeyPath(tenantName)) } } @@ -387,9 +396,6 @@ func (c *Config) set(option, value string) error { viper.Set(option, value) return nil } - case apiKeyFileFlag: - viper.Set(option, value) - return nil } return fmt.Errorf("invalid option or value: %q: %q", option, value) } diff --git a/client/go/cmd/config_test.go b/client/go/cmd/config_test.go index 0d47d170845..4fb9ac606cc 100644 --- a/client/go/cmd/config_test.go +++ b/client/go/cmd/config_test.go @@ -22,17 +22,12 @@ func TestConfig(t *testing.T) { assertConfigCommand(t, "", "config", "set", "target", "http://127.0.0.1:8080") assertConfigCommand(t, "", "config", "set", "target", "https://127.0.0.1") assertConfigCommand(t, "target = https://127.0.0.1\n", "config", "get", "target") - assertEnvConfigCommand(t, "api-key-file = /tmp/private.key\n", []string{"VESPA_CLI_API_KEY_FILE=/tmp/private.key"}, "config", "get", "api-key-file") - assertConfigCommand(t, "", "config", "set", "api-key-file", "/tmp/private.key") - assertConfigCommand(t, "api-key-file = /tmp/private.key\n", "config", "get", "api-key-file") assertConfigCommandErr(t, "Error: invalid application: \"foo\"\n", "config", "set", "application", "foo") assertConfigCommand(t, "application = <unset>\n", "config", "get", "application") assertConfigCommand(t, "", "config", "set", "application", "t1.a1.i1") assertConfigCommand(t, "application = t1.a1.i1\n", "config", "get", "application") - assertConfigCommand(t, "api-key-file = /tmp/private.key\napplication = t1.a1.i1\ncolor = auto\ninstance = <unset>\nquiet = false\ntarget = https://127.0.0.1\nwait = 0\nzone = <unset>\n", "config", "get") - assertConfigCommand(t, "", "config", "set", "wait", "60") assertConfigCommandErr(t, "Error: wait option must be an integer >= 0, got \"foo\"\n", "config", "set", "wait", "foo") assertConfigCommand(t, "wait = 60\n", "config", "get", "wait") @@ -67,17 +62,15 @@ func assertConfigCommandErr(t *testing.T, expected string, args ...string) { func TestUseAPIKey(t *testing.T) { cli, _, _ := newTestCLI(t) - assert.False(t, cli.config.useAPIKey(cli, vespa.PublicSystem, "t1")) - cli.config.set(apiKeyFileFlag, "/tmp/foo") + cli, _, _ = newTestCLI(t, "VESPA_CLI_API_KEY_FILE=/tmp/foo") assert.True(t, cli.config.useAPIKey(cli, vespa.PublicSystem, "t1")) - cli.config.set(apiKeyFileFlag, "") cli, _, _ = newTestCLI(t, "VESPA_CLI_API_KEY=foo") assert.True(t, cli.config.useAPIKey(cli, vespa.PublicSystem, "t1")) - // Test deprecated functionality + // Prefer Auth0, if configured authContent := ` { "version": 1, diff --git a/client/go/cmd/prod_test.go b/client/go/cmd/prod_test.go index 30c801c5612..9ccc39e02a1 100644 --- a/client/go/cmd/prod_test.go +++ b/client/go/cmd/prod_test.go @@ -184,7 +184,8 @@ func TestProdSubmit(t *testing.T) { } stdout.Reset() - assert.Nil(t, cli.Run("prod", "submit", "-k", filepath.Join(cli.config.homeDir, "t1.api-key.pem"))) + cli.Environment["VESPA_CLI_API_KEY_FILE"] = filepath.Join(cli.config.homeDir, "t1.api-key.pem") + assert.Nil(t, cli.Run("prod", "submit")) assert.Contains(t, stdout.String(), "Success: Submitted") assert.Contains(t, stdout.String(), "See https://console.vespa-cloud.com/tenant/t1/application/a1/prod/deployment for deployment progress") } @@ -210,7 +211,8 @@ func TestProdSubmitWithJava(t *testing.T) { copyFile(t, filepath.Join(pkgDir, "target", "application-test.zip"), testZipFile) stdout.Reset() - assert.Nil(t, cli.Run("prod", "submit", "-k", filepath.Join(cli.config.homeDir, "t1.api-key.pem"), pkgDir)) + cli.Environment["VESPA_CLI_API_KEY_FILE"] = filepath.Join(cli.config.homeDir, "t1.api-key.pem") + assert.Nil(t, cli.Run("prod", "submit", pkgDir)) assert.Contains(t, stdout.String(), "Success: Submitted") assert.Contains(t, stdout.String(), "See https://console.vespa-cloud.com/tenant/t1/application/a1/prod/deployment for deployment progress") } diff --git a/client/go/cmd/root.go b/client/go/cmd/root.go index 452b1f30834..92ff98d8756 100644 --- a/client/go/cmd/root.go +++ b/client/go/cmd/root.go @@ -33,8 +33,6 @@ const ( waitFlag = "wait" colorFlag = "color" quietFlag = "quiet" - apiKeyFileFlag = "api-key-file" - apiKeyFlag = "api-key" ) // CLI holds the Vespa CLI command tree, configuration and dependencies. @@ -65,7 +63,6 @@ type Flags struct { waitSecs int color string quiet bool - apiKeyFile string } // ErrCLI is an error returned to the user. It wraps an exit status, a regular error and optional hints for resolving @@ -158,9 +155,6 @@ func (c *CLI) loadConfig() error { bindings.bindFlag(waitFlag, c.cmd) bindings.bindFlag(colorFlag, c.cmd) bindings.bindFlag(quietFlag, c.cmd) - bindings.bindFlag(apiKeyFileFlag, c.cmd) - bindings.bindEnvironment(apiKeyFlag, "VESPA_CLI_API_KEY") // not bound to a flag because we don't want secrets in argv - bindings.bindEnvironment(apiKeyFileFlag, "VESPA_CLI_API_KEY_FILE") config, err := loadConfig(c.Environment, bindings) if err != nil { return err @@ -206,7 +200,6 @@ func (c *CLI) configureFlags() { c.cmd.PersistentFlags().IntVarP(&flags.waitSecs, waitFlag, "w", 0, "Number of seconds to wait for a service to become ready") c.cmd.PersistentFlags().StringVarP(&flags.color, colorFlag, "c", "auto", "Whether to use colors in output.") c.cmd.PersistentFlags().BoolVarP(&flags.quiet, quietFlag, "q", false, "Quiet mode. Only errors will be printed") - c.cmd.PersistentFlags().StringVarP(&flags.apiKeyFile, apiKeyFileFlag, "k", "", "Path to API key used for cloud authentication") c.flags = &flags } |