From f5c8ee1136234485b556f081f233f5f4c11cda3c Mon Sep 17 00:00:00 2001 From: Luke Murphy Date: Fri, 1 Jan 2021 17:27:23 +0100 Subject: [PATCH] Merge auto/generate and use --secrets Closes https://git.autonomic.zone/coop-cloud/abra/issues/58. --- CHANGELOG.md | 1 + abra | 185 ++++++++++++++++++++++++++------------------------- 2 files changed, 95 insertions(+), 91 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 93169dc..b59f382 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,6 @@ # abra x.x.x (UNRELEASED) +- `secret auto` merged into `secret generate` and `app new --auto ` is now `app new --secrets` ([#64](https://git.autonomic.zone/coop-cloud/abra/pulls/64)) - Avoid outputting length during secret generation when not in use ([#67](https://git.autonomic.zone/coop-cloud/abra/issues/67)) - Support graceful failure when missing secret generation commands ([44d3ac3a1cb86edc9b9e91eea1a00e70eae14965](https://git.autonomic.zone/coop-cloud/abra/commit/44d3ac3a1cb86edc9b9e91eea1a00e70eae14965)) - Fix secret detection when using new `.env` file format in apps ([55324524ca77141666ffe6cc41b62cc71cf89ace](https://git.autonomic.zone/coop-cloud/abra/commit/55324524ca77141666ffe6cc41b62cc71cf89ace)) diff --git a/abra b/abra index b3e272e..498a7be 100755 --- a/abra +++ b/abra @@ -12,7 +12,7 @@ DOC=" The cooperative cloud utility belt 🎩🐇 Usage: - abra [options] app new [--server=] [--domain=] [--app-name=] [--pass] [--auto] + abra [options] app new [--server=] [--domain=] [--app-name=] [--pass] [--secrets] abra [options] app (list|ls) [--status] [--server=] abra [options] app deploy [--skip-check] abra [options] app undeploy @@ -23,8 +23,7 @@ Usage: abra [options] app check abra [options] app ps abra [options] app run [--no-tty] [--user=] ... - abra [options] app secret auto [--pass] - abra [options] app secret generate [] [--pass] + abra [options] app secret generate ( |--all) [] [--pass] abra [options] app secret insert [--pass] abra [options] app secret (delete|rm) (|--all) [--pass] [--force] abra [options] app [...] @@ -144,69 +143,70 @@ eval "var_$1+=($value)"; else eval "var_$1=$value"; fi; return 0; fi; done return 1; }; stdout() { printf -- "cat <<'EOM'\n%s\nEOM\n" "$1"; }; stderr() { printf -- "cat <<'EOM' >&2\n%s\nEOM\n" "$1"; }; error() { [[ -n $1 ]] && stderr "$1"; stderr "$usage"; _return 1; }; _return() { -printf -- "exit %d\n" "$1"; exit "$1"; }; set -e; trimmed_doc=${DOC:1:1477} -usage=${DOC:40:1206}; digest=859ab -shorts=(-h -e -s '' '' '' '' '' '' '' '' '' '' '') -longs=(--help --env --stack --server --domain --app-name --pass --auto --status --skip-check --force --no-tty --user --all) +printf -- "exit %d\n" "$1"; exit "$1"; }; set -e; trimmed_doc=${DOC:1:1440} +usage=${DOC:40:1169}; digest=3ce63 +shorts=(-h -s -e '' '' '' '' '' '' '' '' '' '' '') +longs=(--help --stack --env --server --domain --app-name --pass --secrets --status --skip-check --force --no-tty --user --all) argcounts=(0 1 1 1 1 1 0 0 0 0 0 0 1 0); node_0(){ switch __help 0; }; node_1(){ -value __env 1; }; node_2(){ value __stack 2; }; node_3(){ value __server 3; } +value __stack 1; }; node_2(){ value __env 2; }; node_3(){ value __server 3; } node_4(){ value __domain 4; }; node_5(){ value __app_name 5; }; node_6(){ -switch __pass 6; }; node_7(){ switch __auto 7; }; node_8(){ switch __status 8; } -node_9(){ switch __skip_check 9; }; node_10(){ switch __force 10; }; node_11(){ -switch __no_tty 11; }; node_12(){ value __user 12; }; node_13(){ switch __all 13 -}; node_14(){ value _type_ a; }; node_15(){ value _app_ a; }; node_16(){ -value _service_ a; }; node_17(){ value _src_ a; }; node_18(){ value _dst_ a; } -node_19(){ value _args_ a true; }; node_20(){ value _secret_ a; }; node_21(){ -value _version_ a; }; node_22(){ value _cmd_ a; }; node_23(){ value _data_ a; } -node_24(){ value _command_ a; }; node_25(){ value _host_ a; }; node_26(){ -value _user_ a; }; node_27(){ value _port_ a; }; node_28(){ +switch __pass 6; }; node_7(){ switch __secrets 7; }; node_8(){ switch __status 8 +}; node_9(){ switch __skip_check 9; }; node_10(){ switch __force 10; } +node_11(){ switch __no_tty 11; }; node_12(){ value __user 12; }; node_13(){ +switch __all 13; }; node_14(){ value _type_ a; }; node_15(){ value _app_ a; } +node_16(){ value _service_ a; }; node_17(){ value _src_ a; }; node_18(){ +value _dst_ a; }; node_19(){ value _args_ a true; }; node_20(){ value _secret_ a +}; node_21(){ value _version_ a; }; node_22(){ value _cmd_ a; }; node_23(){ +value _data_ a; }; node_24(){ value _command_ a; }; node_25(){ value _host_ a; } +node_26(){ value _user_ a; }; node_27(){ value _port_ a; }; node_28(){ value _subcommands_ a true; }; node_29(){ _command app; }; node_30(){ _command new; }; node_31(){ _command list; }; node_32(){ _command ls; } node_33(){ _command deploy; }; node_34(){ _command undeploy; }; node_35(){ _command config; }; node_36(){ _command delete; }; node_37(){ _command rm; } node_38(){ _command logs; }; node_39(){ _command cp; }; node_40(){ _command check; }; node_41(){ _command ps; }; node_42(){ _command run; } -node_43(){ _command secret; }; node_44(){ _command auto; }; node_45(){ -_command generate; }; node_46(){ _command insert; }; node_47(){ _command server -}; node_48(){ _command add; }; node_49(){ _command init; }; node_50(){ -_command apps; }; node_51(){ _command upgrade; }; node_52(){ _command version; } -node_53(){ _command help; }; node_54(){ optional 0 1 2; }; node_55(){ -optional 54; }; node_56(){ optional 3; }; node_57(){ optional 4; }; node_58(){ -optional 5; }; node_59(){ optional 6; }; node_60(){ optional 7; }; node_61(){ -required 55 29 30 56 57 58 59 60 14; }; node_62(){ either 31 32; }; node_63(){ -required 62; }; node_64(){ optional 8; }; node_65(){ required 55 29 63 64 56; } -node_66(){ optional 9; }; node_67(){ required 55 29 15 33 66; }; node_68(){ -required 55 29 15 34; }; node_69(){ required 55 29 15 35; }; node_70(){ -either 36 37; }; node_71(){ required 70; }; node_72(){ optional 10; } -node_73(){ required 55 29 15 71 72; }; node_74(){ optional 16; }; node_75(){ -required 55 29 15 38 74; }; node_76(){ required 55 29 15 39 17 18; }; node_77(){ -required 55 29 15 40; }; node_78(){ required 55 29 15 41; }; node_79(){ -optional 11; }; node_80(){ optional 12; }; node_81(){ oneormore 19; } -node_82(){ required 55 29 15 42 79 80 16 81; }; node_83(){ -required 55 29 15 43 44 59; }; node_84(){ optional 22; }; node_85(){ -required 55 29 15 43 45 20 21 84 59; }; node_86(){ -required 55 29 15 43 46 20 21 23 59; }; node_87(){ either 20 13; }; node_88(){ -required 87; }; node_89(){ required 55 29 15 43 71 88 59 72; }; node_90(){ -optional 81; }; node_91(){ required 55 29 15 24 90; }; node_92(){ optional 26; } -node_93(){ optional 27; }; node_94(){ required 55 47 48 25 92 93; }; node_95(){ -required 55 47 63; }; node_96(){ required 55 47 25 37; }; node_97(){ -required 55 47 25 49; }; node_98(){ required 55 47 25 50 64; }; node_99(){ -required 55 51; }; node_100(){ required 55 52; }; node_101(){ oneormore 28; } -node_102(){ optional 101; }; node_103(){ required 55 53 102; }; node_104(){ -either 61 65 67 68 69 73 75 76 77 78 82 83 85 86 89 91 94 95 96 97 98 99 100 103 -}; node_105(){ required 104; }; cat <<<' docopt_exit() { -[[ -n $1 ]] && printf "%s\n" "$1" >&2; printf "%s\n" "${DOC:40:1206}" >&2 -exit 1; }'; unset var___help var___env var___stack var___server var___domain \ -var___app_name var___pass var___auto var___status var___skip_check var___force \ -var___no_tty var___user var___all var__type_ var__app_ var__service_ var__src_ \ -var__dst_ var__args_ var__secret_ var__version_ var__cmd_ var__data_ \ -var__command_ var__host_ var__user_ var__port_ var__subcommands_ var_app \ -var_new var_list var_ls var_deploy var_undeploy var_config var_delete var_rm \ -var_logs var_cp var_check var_ps var_run var_secret var_auto var_generate \ -var_insert var_server var_add var_init var_apps var_upgrade var_version var_help -parse 105 "$@"; local prefix=${DOCOPT_PREFIX:-''}; unset "${prefix}__help" \ -"${prefix}__env" "${prefix}__stack" "${prefix}__server" "${prefix}__domain" \ -"${prefix}__app_name" "${prefix}__pass" "${prefix}__auto" "${prefix}__status" \ +node_43(){ _command secret; }; node_44(){ _command generate; }; node_45(){ +_command insert; }; node_46(){ _command server; }; node_47(){ _command add; } +node_48(){ _command init; }; node_49(){ _command apps; }; node_50(){ +_command upgrade; }; node_51(){ _command version; }; node_52(){ _command help; } +node_53(){ optional 0 1 2; }; node_54(){ optional 53; }; node_55(){ optional 3 +}; node_56(){ optional 4; }; node_57(){ optional 5; }; node_58(){ optional 6; } +node_59(){ optional 7; }; node_60(){ required 54 29 30 55 56 57 58 59 14; } +node_61(){ either 31 32; }; node_62(){ required 61; }; node_63(){ optional 8; } +node_64(){ required 54 29 62 63 55; }; node_65(){ optional 9; }; node_66(){ +required 54 29 15 33 65; }; node_67(){ required 54 29 15 34; }; node_68(){ +required 54 29 15 35; }; node_69(){ either 36 37; }; node_70(){ required 69; } +node_71(){ optional 10; }; node_72(){ required 54 29 15 70 71; }; node_73(){ +optional 16; }; node_74(){ required 54 29 15 38 73; }; node_75(){ +required 54 29 15 39 17 18; }; node_76(){ required 54 29 15 40; }; node_77(){ +required 54 29 15 41; }; node_78(){ optional 11; }; node_79(){ optional 12; } +node_80(){ oneormore 19; }; node_81(){ required 54 29 15 42 78 79 16 80; } +node_82(){ required 20 21; }; node_83(){ either 82 13; }; node_84(){ required 83 +}; node_85(){ optional 22; }; node_86(){ required 54 29 15 43 44 84 85 58; } +node_87(){ required 54 29 15 43 45 20 21 23 58; }; node_88(){ either 20 13; } +node_89(){ required 88; }; node_90(){ required 54 29 15 43 70 89 58 71; } +node_91(){ optional 80; }; node_92(){ required 54 29 15 24 91; }; node_93(){ +optional 26; }; node_94(){ optional 27; }; node_95(){ required 54 46 47 25 93 94 +}; node_96(){ required 54 46 62; }; node_97(){ required 54 46 25 37; } +node_98(){ required 54 46 25 48; }; node_99(){ required 54 46 25 49 63; } +node_100(){ required 54 50; }; node_101(){ required 54 51; }; node_102(){ +oneormore 28; }; node_103(){ optional 102; }; node_104(){ required 54 52 103; } +node_105(){ +either 60 64 66 67 68 72 74 75 76 77 81 86 87 90 92 95 96 97 98 99 100 101 104 +}; node_106(){ required 105; }; cat <<<' docopt_exit() { +[[ -n $1 ]] && printf "%s\n" "$1" >&2; printf "%s\n" "${DOC:40:1169}" >&2 +exit 1; }'; unset var___help var___stack var___env var___server var___domain \ +var___app_name var___pass var___secrets var___status var___skip_check \ +var___force var___no_tty var___user var___all var__type_ var__app_ \ +var__service_ var__src_ var__dst_ var__args_ var__secret_ var__version_ \ +var__cmd_ var__data_ var__command_ var__host_ var__user_ var__port_ \ +var__subcommands_ var_app var_new var_list var_ls var_deploy var_undeploy \ +var_config var_delete var_rm var_logs var_cp var_check var_ps var_run \ +var_secret var_generate var_insert var_server var_add var_init var_apps \ +var_upgrade var_version var_help; parse 106 "$@" +local prefix=${DOCOPT_PREFIX:-''}; unset "${prefix}__help" "${prefix}__stack" \ +"${prefix}__env" "${prefix}__server" "${prefix}__domain" "${prefix}__app_name" \ +"${prefix}__pass" "${prefix}__secrets" "${prefix}__status" \ "${prefix}__skip_check" "${prefix}__force" "${prefix}__no_tty" \ "${prefix}__user" "${prefix}__all" "${prefix}_type_" "${prefix}_app_" \ "${prefix}_service_" "${prefix}_src_" "${prefix}_dst_" "${prefix}_args_" \ @@ -215,17 +215,17 @@ parse 105 "$@"; local prefix=${DOCOPT_PREFIX:-''}; unset "${prefix}__help" \ "${prefix}_subcommands_" "${prefix}app" "${prefix}new" "${prefix}list" \ "${prefix}ls" "${prefix}deploy" "${prefix}undeploy" "${prefix}config" \ "${prefix}delete" "${prefix}rm" "${prefix}logs" "${prefix}cp" "${prefix}check" \ -"${prefix}ps" "${prefix}run" "${prefix}secret" "${prefix}auto" \ -"${prefix}generate" "${prefix}insert" "${prefix}server" "${prefix}add" \ -"${prefix}init" "${prefix}apps" "${prefix}upgrade" "${prefix}version" \ -"${prefix}help"; eval "${prefix}"'__help=${var___help:-false}' -eval "${prefix}"'__env=${var___env:-}' +"${prefix}ps" "${prefix}run" "${prefix}secret" "${prefix}generate" \ +"${prefix}insert" "${prefix}server" "${prefix}add" "${prefix}init" \ +"${prefix}apps" "${prefix}upgrade" "${prefix}version" "${prefix}help" +eval "${prefix}"'__help=${var___help:-false}' eval "${prefix}"'__stack=${var___stack:-}' +eval "${prefix}"'__env=${var___env:-}' eval "${prefix}"'__server=${var___server:-}' eval "${prefix}"'__domain=${var___domain:-}' eval "${prefix}"'__app_name=${var___app_name:-}' eval "${prefix}"'__pass=${var___pass:-false}' -eval "${prefix}"'__auto=${var___auto:-false}' +eval "${prefix}"'__secrets=${var___secrets:-false}' eval "${prefix}"'__status=${var___status:-false}' eval "${prefix}"'__skip_check=${var___skip_check:-false}' eval "${prefix}"'__force=${var___force:-false}' @@ -258,7 +258,6 @@ eval "${prefix}"'cp=${var_cp:-false}' eval "${prefix}"'check=${var_check:-false}' eval "${prefix}"'ps=${var_ps:-false}'; eval "${prefix}"'run=${var_run:-false}' eval "${prefix}"'secret=${var_secret:-false}' -eval "${prefix}"'auto=${var_auto:-false}' eval "${prefix}"'generate=${var_generate:-false}' eval "${prefix}"'insert=${var_insert:-false}' eval "${prefix}"'server=${var_server:-false}' @@ -269,9 +268,9 @@ eval "${prefix}"'upgrade=${var_upgrade:-false}' eval "${prefix}"'version=${var_version:-false}' eval "${prefix}"'help=${var_help:-false}'; local docopt_i=1 [[ $BASH_VERSION =~ ^4.3 ]] && docopt_i=2; for ((;docopt_i>0;docopt_i--)); do -declare -p "${prefix}__help" "${prefix}__env" "${prefix}__stack" \ +declare -p "${prefix}__help" "${prefix}__stack" "${prefix}__env" \ "${prefix}__server" "${prefix}__domain" "${prefix}__app_name" \ -"${prefix}__pass" "${prefix}__auto" "${prefix}__status" \ +"${prefix}__pass" "${prefix}__secrets" "${prefix}__status" \ "${prefix}__skip_check" "${prefix}__force" "${prefix}__no_tty" \ "${prefix}__user" "${prefix}__all" "${prefix}_type_" "${prefix}_app_" \ "${prefix}_service_" "${prefix}_src_" "${prefix}_dst_" "${prefix}_args_" \ @@ -280,10 +279,9 @@ declare -p "${prefix}__help" "${prefix}__env" "${prefix}__stack" \ "${prefix}_subcommands_" "${prefix}app" "${prefix}new" "${prefix}list" \ "${prefix}ls" "${prefix}deploy" "${prefix}undeploy" "${prefix}config" \ "${prefix}delete" "${prefix}rm" "${prefix}logs" "${prefix}cp" "${prefix}check" \ -"${prefix}ps" "${prefix}run" "${prefix}secret" "${prefix}auto" \ -"${prefix}generate" "${prefix}insert" "${prefix}server" "${prefix}add" \ -"${prefix}init" "${prefix}apps" "${prefix}upgrade" "${prefix}version" \ -"${prefix}help"; done; } +"${prefix}ps" "${prefix}run" "${prefix}secret" "${prefix}generate" \ +"${prefix}insert" "${prefix}server" "${prefix}add" "${prefix}init" \ +"${prefix}apps" "${prefix}upgrade" "${prefix}version" "${prefix}help"; done; } # docopt parser above, complete command for generating this parser is `docopt.sh abra` PROGRAM_NAME=$(basename "$0") @@ -493,6 +491,18 @@ stack_logs (){ sleep infinity } +auto_gen_secrets (){ + get_app_secrets + + for PASSWORD in "${PASSWORDS[@]}"; do + parse_secret "$PASSWORD" + done + + for KEY in "${KEYS[@]}"; do + parse_secret "$KEY" + done +} + ####################################### # abra app .. ####################################### @@ -661,8 +671,8 @@ sub_app_new (){ get_app_secrets - if [ "${#PASSWORDS[@]}" -gt 0 ] || [ "${#KEYS[@]}" -gt 0 ] && [ "$abra___auto" == "true" ]; then - sub_app_secret_auto + if [ "${#PASSWORDS[@]}" -gt 0 ] || [ "${#KEYS[@]}" -gt 0 ] && [ "$abra___secrets" == "true" ]; then + auto_gen_secrets fi echo "$(tput setaf 4)Your new '$TYPE' is ready for action:$(tput sgr0)" @@ -962,6 +972,14 @@ sub_app_secret_generate(){ VERSION="$abra__version_" LENGTH="$abra__length_" + if [ "$abra___all" == "true" ]; then + # Note(decentral1se): we need to reset the flag here to avoid the infinite + # recursion of auto_gen_secrets which calls this function itself + abra___all="false" + + auto_gen_secrets + fi + if [[ "$SECRET" == *"password"* ]]; then require_pwqgen PWGEN="${abra__cmd_:-pwqgen}" @@ -970,7 +988,7 @@ sub_app_secret_generate(){ PWGEN=${abra__cmd_:-pwgen -s "$LENGTH" 1} fi - if [ -z "$SECRET" ] || [ -z "$VERSION" ]; then + if [ -z "$SECRET" ] || [ -z "$VERSION" ] && [ "$abra___all" == "false" ]; then error "Required arguments missing" fi @@ -985,21 +1003,6 @@ sub_app_secret_generate(){ sub_app_secret_insert } -sub_app_secret_auto(){ - load_instance - load_instance_env - - get_app_secrets - - for PASSWORD in "${PASSWORDS[@]}"; do - parse_secret "$PASSWORD" - done - - for KEY in "${KEYS[@]}"; do - parse_secret "$KEY" - done -} - ###### .. app run help_app_run (){ echo "abra [options] app run [--no-tty] [--user=] ... @@ -1009,7 +1012,7 @@ container. OPTIONS --no-tty Don't allocate a TTY; sometimes running \`mysql\` enjoys this - --user= Run as the UNIX user , e.g. for running Wordpress-CLI + --user= Run as the UNIX user , e.g. for running Wordpress-CLI as www-data EXAMPLES @@ -1357,7 +1360,7 @@ abra() { abra__secret_ abra__version_ abra__data_ abra___user abra__host_ \ abra__type_ abra__port_ abra__user_ abra__service_ abra__src_ abra__dst_ \ abra___server abra___domain abra___force abra___pass \ - abra___auto abra___status abra___no_tty abra___skip_check \ + abra___secrets abra___status abra___no_tty abra___skip_check \ abra__subcommands_ abra___app_name if ! type tput > /dev/null 2>&1; then