Skip to content

Commit

Permalink
Update, Delete and List operations for Relationships CLI (#224)
Browse files Browse the repository at this point in the history
Signed-off-by: Max Lambrecht <maxlambrecht@gmail.com>
  • Loading branch information
mgbcaio authored Jul 19, 2023
1 parent 41dbb8b commit c31d7a1
Show file tree
Hide file tree
Showing 13 changed files with 992 additions and 141 deletions.
17 changes: 17 additions & 0 deletions cmd/common/cli/consent_status.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
package cli

import (
"fmt"
"strings"
)

var ValidConsentStatusValues = []string{"approved", "denied", "pending"}

func ValidateConsentStatusValue(status string) error {
for _, validValue := range ValidConsentStatusValues {
if status == validValue {
return nil
}
}
return fmt.Errorf("invalid value for status. Valid values: %s", strings.Join(ValidConsentStatusValues, ", "))
}
2 changes: 2 additions & 0 deletions cmd/common/cli/flags.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ const (
TrustDomainBFlagName = "trustDomainB"
TrustDomainDescriptionFlagName = "trustDomainDescription"
ConsentStatusFlagName = "status"
ConsentStatusAFlagName = "statusA"
ConsentStatusBFlagName = "statusB"
TTLFlagName = "ttl"
RelationshipIDFlagName = "relationshipID"
JoinTokenFlagName = "joinToken"
Expand Down
15 changes: 2 additions & 13 deletions cmd/harvester/cli/relationship.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,6 @@ import (
"github.com/spf13/cobra"
)

var validConsentStatusValues = []string{"approved", "denied", "pending"}

var relationshipCmd = &cobra.Command{
Use: "relationship",
Args: cobra.ExactArgs(0),
Expand Down Expand Up @@ -187,24 +185,15 @@ func init() {
fmt.Printf("cannot mark relationshipID flag as required: %v", err)
}

listRelationshipCmd.Flags().StringP(cli.ConsentStatusFlagName, "s", "", fmt.Sprintf("Consent status to filter relationships by. Valid values: %s", strings.Join(validConsentStatusValues, ", ")))
listRelationshipCmd.Flags().StringP(cli.ConsentStatusFlagName, "s", "", fmt.Sprintf("Consent status to filter relationships by. Valid values: %s", strings.Join(cli.ValidConsentStatusValues, ", ")))
listRelationshipCmd.PreRunE = func(cmd *cobra.Command, args []string) error {
status, err := cmd.Flags().GetString(cli.ConsentStatusFlagName)
if err != nil {
return fmt.Errorf("cannot get status flag: %v", err)
}
if status != "" {
return validateConsentStatusValue(status)
return cli.ValidateConsentStatusValue(status)
}
return nil
}
}

func validateConsentStatusValue(status string) error {
for _, validValue := range validConsentStatusValues {
if status == validValue {
return nil
}
}
return fmt.Errorf("invalid value for status. Valid values: %s", strings.Join(validConsentStatusValues, ", "))
}
200 changes: 192 additions & 8 deletions cmd/server/cli/relationship.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,13 @@ package cli
import (
"context"
"fmt"
"strings"

"github.com/HewlettPackard/galadriel/cmd/common/cli"
"github.com/HewlettPackard/galadriel/cmd/server/util"
"github.com/HewlettPackard/galadriel/pkg/common/api"
"github.com/HewlettPackard/galadriel/pkg/common/entity"
"github.com/google/uuid"
"github.com/spf13/cobra"
"github.com/spiffe/go-spiffe/v2/spiffeid"
)
Expand Down Expand Up @@ -52,10 +55,6 @@ Importantly, the initiation of a federation relationship is a two-party agreemen
return fmt.Errorf("cannot get trust domain A flag: %v", err)
}

if tdA == "" {
return fmt.Errorf("trust domain A flag is required")
}

trustDomain1, err := spiffeid.TrustDomainFromString(tdA)
if err != nil {
return err
Expand All @@ -66,10 +65,6 @@ Importantly, the initiation of a federation relationship is a two-party agreemen
return fmt.Errorf("cannot get trust domain B flag: %v", err)
}

if tdB == "" {
return fmt.Errorf("trust domain B flag is required")
}

trustDomain2, err := spiffeid.TrustDomainFromString(tdB)
if err != nil {
return err
Expand Down Expand Up @@ -98,6 +93,47 @@ var listRelationshipCmd = &cobra.Command{
Long: `The 'list' command allows you to retrieve a list of registered relationships.`,

RunE: func(cmd *cobra.Command, args []string) error {
socketPath, err := cmd.Flags().GetString(cli.SocketPathFlagName)
if err != nil {
return fmt.Errorf("cannot get socket path flag: %v", err)
}

status, err := cmd.Flags().GetString(cli.ConsentStatusFlagName)
if err != nil {
return fmt.Errorf("cannot get consent status flag: %v", err)
}

trustDomainName, err := cmd.Flags().GetString(cli.TrustDomainFlagName)
if err != nil {
return fmt.Errorf("cannot get trust domain flag: %v", err)
}

consentStatus := api.ConsentStatus(status)

ctx, cancel := context.WithCancel(context.Background())
defer cancel()

client, err := util.NewGaladrielUDSClient(socketPath, nil)
if err != nil {
return err
}

relationships, err := client.GetRelationships(ctx, consentStatus, trustDomainName)
if err != nil {
return err
}

if len(relationships) == 0 {
fmt.Println("No relationships found")
return nil
}

fmt.Println()
for _, r := range relationships {
fmt.Printf("%s\n", r.ConsoleString())
}
fmt.Println()

return nil
},
}
Expand All @@ -116,6 +152,31 @@ Before deleting a relationship, carefully consider the implications it may have
Exercise caution when using this command, as it permanently removes the relationship configuration and may affect the ability of workloads in different trust domains to securely communicate with each other.
`,
RunE: func(cmd *cobra.Command, args []string) error {
socketPath, err := cmd.Flags().GetString(cli.SocketPathFlagName)
if err != nil {
return fmt.Errorf("cannot get socket path flag: %v", err)
}

relID, err := getRelationshipIDAndParse(cmd)
if err != nil {
return err
}

ctx, cancel := context.WithCancel(context.Background())
defer cancel()

client, err := util.NewGaladrielUDSClient(socketPath, nil)
if err != nil {
return err
}

err = client.DeleteRelationshipByID(ctx, relID)
if err != nil {
return err
}

fmt.Printf("Relationship deleted.\n")

return nil
},
}
Expand All @@ -128,6 +189,44 @@ var updateRelationshipCmd = &cobra.Command{
in the Galadriel Server.`,

RunE: func(cmd *cobra.Command, args []string) error {
socketPath, err := cmd.Flags().GetString(cli.SocketPathFlagName)
if err != nil {
return fmt.Errorf("cannot get socket path flag: %v", err)
}

relID, err := getRelationshipIDAndParse(cmd)
if err != nil {
return err
}

statusA, err := cmd.Flags().GetString(cli.ConsentStatusAFlagName)
if err != nil {
return fmt.Errorf("cannot get consent status for trust domain A flag: %v", err)
}

statusB, err := cmd.Flags().GetString(cli.ConsentStatusBFlagName)
if err != nil {
return fmt.Errorf("cannot get consent status for trust domain B flag: %v", err)
}

consentStatusA := api.ConsentStatus(statusA)
consentStatusB := api.ConsentStatus(statusB)

ctx, cancel := context.WithCancel(context.Background())
defer cancel()

client, err := util.NewGaladrielUDSClient(socketPath, nil)
if err != nil {
return err
}

rel, err := client.PatchRelationshipByID(ctx, relID, consentStatusA, consentStatusB)
if err != nil {
return err
}

fmt.Printf("Relationship %q updated.\n", rel.ID.UUID.String())

return nil
},
}
Expand All @@ -140,5 +239,90 @@ func init() {
relationshipCmd.AddCommand(updateRelationshipCmd)

createRelationshipCmd.Flags().StringP(cli.TrustDomainAFlagName, "a", "", "The name of a SPIFFE trust domain to participate in the relationship.")
err := createRelationshipCmd.MarkFlagRequired(cli.TrustDomainAFlagName)
if err != nil {
fmt.Printf(errMarkFlagAsRequired, cli.TrustDomainAFlagName, err)
}
createRelationshipCmd.Flags().StringP(cli.TrustDomainBFlagName, "b", "", "The name of a SPIFFE trust domain to participate in the relationship.")
err = createRelationshipCmd.MarkFlagRequired(cli.TrustDomainBFlagName)
if err != nil {
fmt.Printf(errMarkFlagAsRequired, cli.TrustDomainBFlagName, err)
}

listRelationshipCmd.Flags().StringP(cli.TrustDomainFlagName, "t", "", "The name of a trust domain to filter relationships by.")
err = listRelationshipCmd.MarkFlagRequired(cli.TrustDomainFlagName)
if err != nil {
fmt.Printf(errMarkFlagAsRequired, cli.TrustDomainFlagName, err)
}
listRelationshipCmd.Flags().StringP(cli.ConsentStatusFlagName, "s", "", fmt.Sprintf("Consent status to filter relationships by. Valid values: %s", strings.Join(cli.ValidConsentStatusValues, ", ")))
err = listRelationshipCmd.MarkFlagRequired(cli.ConsentStatusFlagName)
if err != nil {
fmt.Printf(errMarkFlagAsRequired, cli.ConsentStatusFlagName, err)
}
listRelationshipCmd.PreRunE = func(cmd *cobra.Command, args []string) error {
status, err := cmd.Flags().GetString(cli.ConsentStatusFlagName)
if err != nil {
return fmt.Errorf("cannot get status flag: %v", err)
}

if status != "" {
return cli.ValidateConsentStatusValue(status)
}
return nil
}

updateRelationshipCmd.Flags().StringP(cli.RelationshipIDFlagName, "r", "", "The ID of the relationship to be updated.")
err = updateRelationshipCmd.MarkFlagRequired(cli.RelationshipIDFlagName)
if err != nil {
fmt.Printf(errMarkFlagAsRequired, cli.RelationshipIDFlagName, err)
}
updateRelationshipCmd.Flags().StringP(cli.ConsentStatusAFlagName, "a", "", fmt.Sprintf("Trust domain A consent status to update. Valid values: %s", strings.Join(cli.ValidConsentStatusValues, ", ")))
err = updateRelationshipCmd.MarkFlagRequired(cli.ConsentStatusAFlagName)
if err != nil {
fmt.Printf(errMarkFlagAsRequired, cli.ConsentStatusAFlagName, err)
}
updateRelationshipCmd.Flags().StringP(cli.ConsentStatusBFlagName, "b", "", fmt.Sprintf("Trust domain B consent status to update. Valid values: %s", strings.Join(cli.ValidConsentStatusValues, ", ")))
err = updateRelationshipCmd.MarkFlagRequired(cli.ConsentStatusBFlagName)
if err != nil {
fmt.Printf(errMarkFlagAsRequired, cli.ConsentStatusBFlagName, err)
}
updateRelationshipCmd.PreRunE = func(cmd *cobra.Command, args []string) error {
statusA, err := cmd.Flags().GetString(cli.ConsentStatusAFlagName)
if err != nil {
return fmt.Errorf("cannot get consent status A flag: %v", err)
}
if statusA != "" {
return cli.ValidateConsentStatusValue(statusA)
}

statusB, err := cmd.Flags().GetString(cli.ConsentStatusBFlagName)
if err != nil {
return fmt.Errorf("cannot get consent status B flag: %v", err)
}
if statusB != "" {
return cli.ValidateConsentStatusValue(statusB)
}

return nil
}

deleteRelationshipCmd.Flags().StringP(cli.RelationshipIDFlagName, "r", "", "The ID of the relationship to be deleted.")
err = deleteRelationshipCmd.MarkFlagRequired(cli.RelationshipIDFlagName)
if err != nil {
fmt.Printf(errMarkFlagAsRequired, cli.RelationshipIDFlagName, err)
}
}

func getRelationshipIDAndParse(cmd *cobra.Command) (uuid.UUID, error) {
idStr, err := cmd.Flags().GetString(cli.RelationshipIDFlagName)
if err != nil {
return uuid.Nil, fmt.Errorf("cannot get relationship ID flag: %v", err)
}

relID, err := uuid.Parse(idStr)
if err != nil {
return uuid.Nil, fmt.Errorf("cannot parse relationship ID: %v", err)
}

return relID, nil
}
Loading

0 comments on commit c31d7a1

Please sign in to comment.