Merge pull request #20270 from vespa-engine/bjorncs/alias

Add deprecated and hidden 'api-key'/'cert' commands
author: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2021-12-02 10:33:16 +0100
committer: GitHub <noreply@github.com> 2021-12-02 10:33:16 +0100
commit: 33b26cb478b1681017ae66e7e0175953931b0da2 (patch)
tree: 64ea7b705d5450feee1ebca771293ce76680f437 /client
parent: 48f295e3b87a0565fc3ee984af9346d1d6c18b76 (diff)
parent: f33d88f96fbca58d065ed0437a6a81f27253caa8 (diff)
3 files changed, 129 insertions, 102 deletions
diff --git a/client/go/cmd/api_key.go b/client/go/cmd/api_key.go
index f6113adf5d6..032d98c96fe 100644
--- a/client/go/cmd/api_key.go
+++ b/client/go/cmd/api_key.go
@@ -36,41 +36,54 @@ var apiKeyCmd = &cobra.Command{
 	Example:           apiKeyExample(),
 	DisableAutoGenTag: true,
 	Args:              cobra.ExactArgs(0),
-	Run: func(cmd *cobra.Command, args []string) {
-		cfg, err := LoadConfig()
-		if err != nil {
-			fatalErr(err, "Could not load config")
-			return
-		}
-		app := getApplication()
-		apiKeyFile := cfg.APIKeyPath(app.Tenant)
-		if util.PathExists(apiKeyFile) && !overwriteKey {
-			printErrHint(fmt.Errorf("File %s already exists", apiKeyFile), "Use -f to overwrite it")
-			printPublicKey(apiKeyFile, app.Tenant)
-			return
-		}
-		apiKey, err := vespa.CreateAPIKey()
-		if err != nil {
-			fatalErr(err, "Could not create API key")
-			return
-		}
-		if err := ioutil.WriteFile(apiKeyFile, apiKey, 0600); err == nil {
-			printSuccess("API private key written to ", apiKeyFile)
-			printPublicKey(apiKeyFile, app.Tenant)
-			if vespa.Auth0AccessTokenEnabled() {
-				if err == nil {
-					if err := cfg.Set(cloudAuthFlag, "api-key"); err != nil {
-						fatalErr(err, "Could not write config")
-					}
-					if err := cfg.Write(); err != nil {
-						fatalErr(err)
-					}
+	Run:               doApiKey,
+}
+
+var deprecatedApiKeyCmd = &cobra.Command{
+	Use:               "api-key",
+	Short:             "Create a new user API key for authentication with Vespa Cloud",
+	Example:           apiKeyExample(),
+	DisableAutoGenTag: true,
+	Args:              cobra.ExactArgs(0),
+	Hidden:            true,
+	Deprecated:        "use 'vespa auth api-key' instead",
+	Run:               doApiKey,
+}
+
+func doApiKey(_ *cobra.Command, _ []string) {
+	cfg, err := LoadConfig()
+	if err != nil {
+		fatalErr(err, "Could not load config")
+		return
+	}
+	app := getApplication()
+	apiKeyFile := cfg.APIKeyPath(app.Tenant)
+	if util.PathExists(apiKeyFile) && !overwriteKey {
+		printErrHint(fmt.Errorf("File %s already exists", apiKeyFile), "Use -f to overwrite it")
+		printPublicKey(apiKeyFile, app.Tenant)
+		return
+	}
+	apiKey, err := vespa.CreateAPIKey()
+	if err != nil {
+		fatalErr(err, "Could not create API key")
+		return
+	}
+	if err := ioutil.WriteFile(apiKeyFile, apiKey, 0600); err == nil {
+		printSuccess("API private key written to ", apiKeyFile)
+		printPublicKey(apiKeyFile, app.Tenant)
+		if vespa.Auth0AccessTokenEnabled() {
+			if err == nil {
+				if err := cfg.Set(cloudAuthFlag, "api-key"); err != nil {
+					fatalErr(err, "Could not write config")
+				}
+				if err := cfg.Write(); err != nil {
+					fatalErr(err)
 				}
 			}
-		} else {
-			fatalErr(err, "Failed to write ", apiKeyFile)
 		}
-	},
+	} else {
+		fatalErr(err, "Failed to write ", apiKeyFile)
+	}
 }
 
 func printPublicKey(apiKeyFile, tenant string) {
diff --git a/client/go/cmd/auth.go b/client/go/cmd/auth.go
index 8f306356267..9322f8d0808 100644
--- a/client/go/cmd/auth.go
+++ b/client/go/cmd/auth.go
@@ -8,6 +8,8 @@ import (
 func init() {
 	if vespa.Auth0AccessTokenEnabled() {
 		rootCmd.AddCommand(authCmd)
+		rootCmd.AddCommand(deprecatedCertCmd)
+		rootCmd.AddCommand(deprecatedApiKeyCmd)
 		authCmd.AddCommand(certCmd)
 		authCmd.AddCommand(apiKeyCmd)
 		authCmd.AddCommand(loginCmd)
diff --git a/client/go/cmd/cert.go b/client/go/cmd/cert.go
index 6fbe19b524d..e79a45d3af8 100644
--- a/client/go/cmd/cert.go
+++ b/client/go/cmd/cert.go
@@ -5,12 +5,11 @@ package cmd
 
 import (
 	"fmt"
-	"os"
-	"path/filepath"
-
 	"github.com/spf13/cobra"
 	"github.com/vespa-engine/vespa/client/go/util"
 	"github.com/vespa-engine/vespa/client/go/vespa"
+	"os"
+	"path/filepath"
 )
 
 var overwriteCertificate bool
@@ -34,80 +33,93 @@ var certCmd = &cobra.Command{
 	Example:           certExample(),
 	DisableAutoGenTag: true,
 	Args:              cobra.MaximumNArgs(1),
-	Run: func(cmd *cobra.Command, args []string) {
-		app := getApplication()
-		pkg, err := vespa.FindApplicationPackage(applicationSource(args), false)
-		if err != nil {
-			fatalErr(err)
-			return
-		}
-		cfg, err := LoadConfig()
-		if err != nil {
-			fatalErr(err)
-			return
-		}
-		privateKeyFile, err := cfg.PrivateKeyPath(app)
-		if err != nil {
-			fatalErr(err)
-			return
-		}
-		certificateFile, err := cfg.CertificatePath(app)
-		if err != nil {
-			fatalErr(err)
-			return
-		}
+	Run:               doCert,
+}
 
-		if !overwriteCertificate {
-			hint := "Use -f flag to force overwriting"
-			if pkg.HasCertificate() {
-				fatalErrHint(fmt.Errorf("Application package %s already contains a certificate", pkg.Path), hint)
-				return
-			}
-			if util.PathExists(privateKeyFile) {
-				fatalErrHint(fmt.Errorf("Private key %s already exists", color.Cyan(privateKeyFile)), hint)
-				return
-			}
-			if util.PathExists(certificateFile) {
-				fatalErrHint(fmt.Errorf("Certificate %s already exists", color.Cyan(certificateFile)), hint)
-				return
-			}
-		}
-		if pkg.IsZip() {
-			var msg string
-			if vespa.Auth0AccessTokenEnabled() {
-				msg = "Try running 'mvn clean' before 'vespa auth cert', and then 'mvn package'"
-			} else {
-				msg = "Try running 'mvn clean' before 'vespa cert', and then 'mvn package'"
-			}
-			fatalErrHint(fmt.Errorf("Cannot add certificate to compressed application package %s", pkg.Path),
-				msg)
-			return
-		}
+var deprecatedCertCmd = &cobra.Command{
+	Use:               "cert",
+	Short:             "Create a new private key and self-signed certificate for Vespa Cloud deployment",
+	Example:           "$ vespa cert -a my-tenant.my-app.my-instance",
+	DisableAutoGenTag: true,
+	Args:              cobra.MaximumNArgs(1),
+	Deprecated:        "use 'vespa auth cert' instead",
+	Hidden:            true,
+	Run:               doCert,
+}
 
-		keyPair, err := vespa.CreateKeyPair()
-		if err != nil {
-			fatalErr(err, "Could not create key pair")
-			return
-		}
-		pkgCertificateFile := filepath.Join(pkg.Path, "security", "clients.pem")
-		if err := os.MkdirAll(filepath.Dir(pkgCertificateFile), 0755); err != nil {
-			fatalErr(err, "Could not create security directory")
+func doCert(_ *cobra.Command, args []string) {
+	app := getApplication()
+	pkg, err := vespa.FindApplicationPackage(applicationSource(args), false)
+	if err != nil {
+		fatalErr(err)
+		return
+	}
+	cfg, err := LoadConfig()
+	if err != nil {
+		fatalErr(err)
+		return
+	}
+	privateKeyFile, err := cfg.PrivateKeyPath(app)
+	if err != nil {
+		fatalErr(err)
+		return
+	}
+	certificateFile, err := cfg.CertificatePath(app)
+	if err != nil {
+		fatalErr(err)
+		return
+	}
+
+	if !overwriteCertificate {
+		hint := "Use -f flag to force overwriting"
+		if pkg.HasCertificate() {
+			fatalErrHint(fmt.Errorf("Application package %s already contains a certificate", pkg.Path), hint)
 			return
 		}
-		if err := keyPair.WriteCertificateFile(pkgCertificateFile, overwriteCertificate); err != nil {
-			fatalErr(err, "Could not write certificate")
+		if util.PathExists(privateKeyFile) {
+			fatalErrHint(fmt.Errorf("Private key %s already exists", color.Cyan(privateKeyFile)), hint)
 			return
 		}
-		if err := keyPair.WriteCertificateFile(certificateFile, overwriteCertificate); err != nil {
-			fatalErr(err, "Could not write certificate")
+		if util.PathExists(certificateFile) {
+			fatalErrHint(fmt.Errorf("Certificate %s already exists", color.Cyan(certificateFile)), hint)
 			return
 		}
-		if err := keyPair.WritePrivateKeyFile(privateKeyFile, overwriteCertificate); err != nil {
-			fatalErr(err, "Could not write private key")
-			return
+	}
+	if pkg.IsZip() {
+		var msg string
+		if vespa.Auth0AccessTokenEnabled() {
+			msg = "Try running 'mvn clean' before 'vespa auth cert', and then 'mvn package'"
+		} else {
+			msg = "Try running 'mvn clean' before 'vespa cert', and then 'mvn package'"
 		}
-		printSuccess("Certificate written to ", color.Cyan(pkgCertificateFile))
-		printSuccess("Certificate written to ", color.Cyan(certificateFile))
-		printSuccess("Private key written to ", color.Cyan(privateKeyFile))
-	},
+		fatalErrHint(fmt.Errorf("Cannot add certificate to compressed application package %s", pkg.Path),
+			msg)
+		return
+	}
+
+	keyPair, err := vespa.CreateKeyPair()
+	if err != nil {
+		fatalErr(err, "Could not create key pair")
+		return
+	}
+	pkgCertificateFile := filepath.Join(pkg.Path, "security", "clients.pem")
+	if err := os.MkdirAll(filepath.Dir(pkgCertificateFile), 0755); err != nil {
+		fatalErr(err, "Could not create security directory")
+		return
+	}
+	if err := keyPair.WriteCertificateFile(pkgCertificateFile, overwriteCertificate); err != nil {
+		fatalErr(err, "Could not write certificate")
+		return
+	}
+	if err := keyPair.WriteCertificateFile(certificateFile, overwriteCertificate); err != nil {
+		fatalErr(err, "Could not write certificate")
+		return
+	}
+	if err := keyPair.WritePrivateKeyFile(privateKeyFile, overwriteCertificate); err != nil {
+		fatalErr(err, "Could not write private key")
+		return
+	}
+	printSuccess("Certificate written to ", color.Cyan(pkgCertificateFile))
+	printSuccess("Certificate written to ", color.Cyan(certificateFile))
+	printSuccess("Private key written to ", color.Cyan(privateKeyFile))
 }
author	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2021-12-02 10:33:16 +0100
committer	GitHub <noreply@github.com>	2021-12-02 10:33:16 +0100
commit	33b26cb478b1681017ae66e7e0175953931b0da2 (patch)
tree	64ea7b705d5450feee1ebca771293ce76680f437 /client
parent	48f295e3b87a0565fc3ee984af9346d1d6c18b76 (diff)
parent	f33d88f96fbca58d065ed0437a6a81f27253caa8 (diff)