Tighten up options for secret commands

This commit is contained in:
3wc 2020-10-30 18:24:22 +02:00
parent 0433da3689
commit 50ca4f8029

79
abra
View File

@ -23,9 +23,9 @@ Usage:
abra [options] app <domain> run [--user=<user>] <service> <args>... abra [options] app <domain> run [--user=<user>] <service> <args>...
abra [options] app <domain> run <service> <args>... abra [options] app <domain> run <service> <args>...
abra [options] app <domain> secret auto abra [options] app <domain> secret auto
abra [options] app <domain> secret generate <secret> <version> [<cmd>] abra [options] app <domain> secret generate <secret> <version> [<cmd>] [--pass]
abra [options] app <domain> secret insert <secret> <version> <data> abra [options] app <domain> secret insert <secret> <version> <data> [--pass]
abra [options] app <domain> secret (delete|rm) [<secret>] [--all --pass --force] abra [options] app <domain> secret (delete|rm) (<secret>|--all) [--pass --force]
abra [options] server add <host> [<user>] [<port>] abra [options] server add <host> [<user>] [<port>]
abra [options] server (list|ls) abra [options] server (list|ls)
abra [options] server rm <host> abra [options] server rm <host>
@ -142,12 +142,12 @@ eval "var_$1+=($value)"; else eval "var_$1=$value"; fi; return 0; fi; done
return 1; }; stdout() { printf -- "cat <<'EOM'\n%s\nEOM\n" "$1"; }; stderr() { return 1; }; stdout() { printf -- "cat <<'EOM'\n%s\nEOM\n" "$1"; }; stderr() {
printf -- "cat <<'EOM' >&2\n%s\nEOM\n" "$1"; }; error() { printf -- "cat <<'EOM' >&2\n%s\nEOM\n" "$1"; }; error() {
[[ -n $1 ]] && stderr "$1"; stderr "$usage"; _return 1; }; _return() { [[ -n $1 ]] && stderr "$1"; stderr "$usage"; _return 1; }; _return() {
printf -- "exit %d\n" "$1"; exit "$1"; }; set -e; trimmed_doc=${DOC:1:1366} printf -- "exit %d\n" "$1"; exit "$1"; }; set -e; trimmed_doc=${DOC:1:1384}
usage=${DOC:40:1058}; digest=a7cb3; shorts=(-h -e -s -v '' '' '' '' '' '') usage=${DOC:40:1076}; digest=c5735; shorts=(-e -s -v -h '' '' '' '' '' '')
longs=(--help --env --stack --version --server --domain --pass --force --user --all) longs=(--env --stack --version --help --server --domain --pass --force --user --all)
argcounts=(0 1 1 0 1 1 0 0 1 0); node_0(){ switch __help 0; }; node_1(){ argcounts=(1 1 0 0 1 1 0 0 1 0); node_0(){ value __env 0; }; node_1(){
value __env 1; }; node_2(){ value __stack 2; }; node_3(){ switch __version 3; } value __stack 1; }; node_2(){ switch __version 2; }; node_3(){ switch __help 3
node_4(){ value __server 4; }; node_5(){ value __domain 5; }; node_6(){ }; node_4(){ value __server 4; }; node_5(){ value __domain 5; }; node_6(){
switch __pass 6; }; node_7(){ switch __force 7; }; node_8(){ value __user 8; } switch __pass 6; }; node_7(){ switch __force 7; }; node_8(){ value __user 8; }
node_9(){ switch __all 9; }; node_10(){ value _app_ a; }; node_11(){ node_9(){ switch __all 9; }; node_10(){ value _app_ a; }; node_11(){
value _domain_ a; }; node_12(){ value _service_ a; }; node_13(){ value _src_ a value _domain_ a; }; node_12(){ value _service_ a; }; node_13(){ value _src_ a
@ -174,26 +174,28 @@ required 47 24 11 33 60; }; node_62(){ required 47 24 11 34; }; node_63(){
required 47 24 11 35 13 14; }; node_64(){ optional 8; }; node_65(){ oneormore 15 required 47 24 11 35 13 14; }; node_64(){ optional 8; }; node_65(){ oneormore 15
}; node_66(){ required 47 24 11 36 64 12 65; }; node_67(){ }; node_66(){ required 47 24 11 36 64 12 65; }; node_67(){
required 47 24 11 36 12 65; }; node_68(){ required 47 24 11 37 38; }; node_69(){ required 47 24 11 36 12 65; }; node_68(){ required 47 24 11 37 38; }; node_69(){
optional 18; }; node_70(){ required 47 24 11 37 39 16 17 69; }; node_71(){ optional 18; }; node_70(){ optional 6; }; node_71(){
required 47 24 11 37 40 16 17 19; }; node_72(){ optional 16; }; node_73(){ required 47 24 11 37 39 16 17 69 70; }; node_72(){
optional 9 6 7; }; node_74(){ required 47 24 11 37 57 72 73; }; node_75(){ required 47 24 11 37 40 16 17 19 70; }; node_73(){ either 16 9; }; node_74(){
optional 21; }; node_76(){ optional 22; }; node_77(){ required 47 41 42 20 75 76 required 73; }; node_75(){ optional 6 7; }; node_76(){
}; node_78(){ required 47 41 51; }; node_79(){ required 47 41 32 20; } required 47 24 11 37 57 74 75; }; node_77(){ optional 21; }; node_78(){
node_80(){ required 47 41 43 20; }; node_81(){ required 47 41 44 20; } optional 22; }; node_79(){ required 47 41 42 20 77 78; }; node_80(){
node_82(){ required 47 45; }; node_83(){ optional 65; }; node_84(){ required 47 41 51; }; node_81(){ required 47 41 32 20; }; node_82(){
required 47 23 83; }; node_85(){ required 47 41 43 20; }; node_83(){ required 47 41 44 20; }; node_84(){
either 49 52 53 54 55 59 61 62 63 66 67 68 70 71 74 77 78 79 80 81 82 84; } required 47 45; }; node_85(){ optional 65; }; node_86(){ required 47 23 85; }
node_86(){ required 85; }; cat <<<' docopt_exit() { node_87(){
[[ -n $1 ]] && printf "%s\n" "$1" >&2; printf "%s\n" "${DOC:40:1058}" >&2 either 49 52 53 54 55 59 61 62 63 66 67 68 71 72 76 79 80 81 82 83 84 86; }
exit 1; }'; unset var___help var___env var___stack var___version var___server \ node_88(){ required 87; }; cat <<<' docopt_exit() {
[[ -n $1 ]] && printf "%s\n" "$1" >&2; printf "%s\n" "${DOC:40:1076}" >&2
exit 1; }'; unset var___env var___stack var___version var___help var___server \
var___domain var___pass var___force var___user var___all var__app_ \ var___domain var___pass var___force var___user var___all var__app_ \
var__domain_ var__service_ var__src_ var__dst_ var__args_ var__secret_ \ var__domain_ var__service_ var__src_ var__dst_ var__args_ var__secret_ \
var__version_ var__cmd_ var__data_ var__host_ var__user_ var__port_ \ var__version_ var__cmd_ var__data_ var__host_ var__user_ var__port_ \
var__command_ var_app var_new var_list var_ls var_deploy var_undeploy \ var__command_ var_app var_new var_list var_ls var_deploy var_undeploy \
var_config var_delete var_rm var_logs var_multilogs var_cp var_run var_secret \ var_config var_delete var_rm var_logs var_multilogs var_cp var_run var_secret \
var_auto var_generate var_insert var_server var_add var_use var_init var_upgrade var_auto var_generate var_insert var_server var_add var_use var_init var_upgrade
parse 86 "$@"; local prefix=${DOCOPT_PREFIX:-''}; unset "${prefix}__help" \ parse 88 "$@"; local prefix=${DOCOPT_PREFIX:-''}; unset "${prefix}__env" \
"${prefix}__env" "${prefix}__stack" "${prefix}__version" "${prefix}__server" \ "${prefix}__stack" "${prefix}__version" "${prefix}__help" "${prefix}__server" \
"${prefix}__domain" "${prefix}__pass" "${prefix}__force" "${prefix}__user" \ "${prefix}__domain" "${prefix}__pass" "${prefix}__force" "${prefix}__user" \
"${prefix}__all" "${prefix}_app_" "${prefix}_domain_" "${prefix}_service_" \ "${prefix}__all" "${prefix}_app_" "${prefix}_domain_" "${prefix}_service_" \
"${prefix}_src_" "${prefix}_dst_" "${prefix}_args_" "${prefix}_secret_" \ "${prefix}_src_" "${prefix}_dst_" "${prefix}_args_" "${prefix}_secret_" \
@ -204,10 +206,10 @@ parse 86 "$@"; local prefix=${DOCOPT_PREFIX:-''}; unset "${prefix}__help" \
"${prefix}logs" "${prefix}multilogs" "${prefix}cp" "${prefix}run" \ "${prefix}logs" "${prefix}multilogs" "${prefix}cp" "${prefix}run" \
"${prefix}secret" "${prefix}auto" "${prefix}generate" "${prefix}insert" \ "${prefix}secret" "${prefix}auto" "${prefix}generate" "${prefix}insert" \
"${prefix}server" "${prefix}add" "${prefix}use" "${prefix}init" \ "${prefix}server" "${prefix}add" "${prefix}use" "${prefix}init" \
"${prefix}upgrade"; eval "${prefix}"'__help=${var___help:-false}' "${prefix}upgrade"; eval "${prefix}"'__env=${var___env:-}'
eval "${prefix}"'__env=${var___env:-}'
eval "${prefix}"'__stack=${var___stack:-}' eval "${prefix}"'__stack=${var___stack:-}'
eval "${prefix}"'__version=${var___version:-false}' eval "${prefix}"'__version=${var___version:-false}'
eval "${prefix}"'__help=${var___help:-false}'
eval "${prefix}"'__server=${var___server:-}' eval "${prefix}"'__server=${var___server:-}'
eval "${prefix}"'__domain=${var___domain:-}' eval "${prefix}"'__domain=${var___domain:-}'
eval "${prefix}"'__pass=${var___pass:-false}' eval "${prefix}"'__pass=${var___pass:-false}'
@ -245,8 +247,8 @@ eval "${prefix}"'add=${var_add:-false}'; eval "${prefix}"'use=${var_use:-false}'
eval "${prefix}"'init=${var_init:-false}' eval "${prefix}"'init=${var_init:-false}'
eval "${prefix}"'upgrade=${var_upgrade:-false}'; local docopt_i=1 eval "${prefix}"'upgrade=${var_upgrade:-false}'; local docopt_i=1
[[ $BASH_VERSION =~ ^4.3 ]] && docopt_i=2; for ((;docopt_i>0;docopt_i--)); do [[ $BASH_VERSION =~ ^4.3 ]] && docopt_i=2; for ((;docopt_i>0;docopt_i--)); do
declare -p "${prefix}__help" "${prefix}__env" "${prefix}__stack" \ declare -p "${prefix}__env" "${prefix}__stack" "${prefix}__version" \
"${prefix}__version" "${prefix}__server" "${prefix}__domain" "${prefix}__pass" \ "${prefix}__help" "${prefix}__server" "${prefix}__domain" "${prefix}__pass" \
"${prefix}__force" "${prefix}__user" "${prefix}__all" "${prefix}_app_" \ "${prefix}__force" "${prefix}__user" "${prefix}__all" "${prefix}_app_" \
"${prefix}_domain_" "${prefix}_service_" "${prefix}_src_" "${prefix}_dst_" \ "${prefix}_domain_" "${prefix}_service_" "${prefix}_src_" "${prefix}_dst_" \
"${prefix}_args_" "${prefix}_secret_" "${prefix}_version_" "${prefix}_cmd_" \ "${prefix}_args_" "${prefix}_secret_" "${prefix}_version_" "${prefix}_cmd_" \
@ -578,7 +580,7 @@ sub_app_secret_insert() {
echo "$PW" | docker secret create "${STACK_NAME}_${SECRET}_${VERSION}" - > /dev/null echo "$PW" | docker secret create "${STACK_NAME}_${SECRET}_${VERSION}" - > /dev/null
if [ "$STORE_WITH_PASS" == "true" ] && [ type pass > /dev/null 2>&1 ]; then if [ "$STORE_WITH_PASS" == "true" ] && type pass > /dev/null 2>&1; then
echo "$PW" | pass insert "hosts/$DOCKER_CONTEXT/${STACK_NAME}/${SECRET}" -m > /dev/null echo "$PW" | pass insert "hosts/$DOCKER_CONTEXT/${STACK_NAME}/${SECRET}" -m > /dev/null
success "pass: hosts/$DOCKER_CONTEXT/${STACK_NAME}/${SECRET}" success "pass: hosts/$DOCKER_CONTEXT/${STACK_NAME}/${SECRET}"
fi fi
@ -590,23 +592,30 @@ sub_app_secret_delete(){
} }
sub_app_secret_rm(){ sub_app_secret_rm(){
NAMES=$(docker secret ls --filter "name=s1_${abra__secret_}" --format "{{.Name}}") load_instance
load_instance_env
# if --all is provided then $abra__secret_ will be blank and this will work
# auto-magically
NAMES=$(docker secret ls --filter "name=${STACK_NAME}_${abra__secret_}" --format "{{.Name}}")
if [ -z "$NAMES" ]; then if [ -z "$NAMES" ]; then
error "Could not find any secrets under ${STACK_NAME}_${abra__secret_}" error "Could not find any secrets under ${STACK_NAME}_${abra__secret_}"
fi fi
if [ "$abra___force" != "true" ]; then if [ "$abra___force" != "true" ]; then
warning "Delete $(echo $NAMES | paste -d "")?" warning "Delete $(echo "$NAMES" | paste -d "")?"
read -rp "Enter to continue, Ctrl+C to quit" read -rp "Enter to continue, Ctrl+C to quit"
fi fi
for NAME in "${NAMES}"; do for NAME in ${NAMES}; do
docker secret rm "$NAME" > /dev/null docker secret rm "$NAME" > /dev/null
if [ "$abra___pass" == "true" ] && [ type pass > /dev/null 2>&1 ]; then # as above, no need to test for --all, cos if abra__secret_ is blank it'll
pass rm "hosts/$DOCKER_CONTEXT/${STACK_NAME}/${abra__secret_}" > /dev/null # Just Work anyway
success "pass rm'd: hosts/$DOCKER_CONTEXT/${STACK_NAME}/${abra__secret_}" if [ "$abra___pass" == "true" ] && type pass > /dev/null 2>&1; then
pass rm -r "hosts/$DOCKER_CONTEXT/${STACK_NAME}/${abra__secret_}" > /dev/null \
&& success "pass rm'd: hosts/$DOCKER_CONTEXT/${STACK_NAME}/${abra__secret_}"
fi fi
done done
} }
@ -852,7 +861,7 @@ abra() {
declare abra___stack abra___env abra__command_ abra__args_ \ declare abra___stack abra___env abra__command_ abra__args_ \
abra__secret_ abra__version_ abra__data_ abra___user abra__host_ \ abra__secret_ abra__version_ abra__data_ abra___user abra__host_ \
abra__app_ abra__port_ abra__user_ abra__service_ abra__src_ abra__dst_ \ abra__app_ abra__port_ abra__user_ abra__service_ abra__src_ abra__dst_ \
abra__domain_ abra___server abra___domain abra___force abra__domain_ abra___server abra___domain abra___force abra___pass
if ! type tput > /dev/null 2>&1; then if ! type tput > /dev/null 2>&1; then
tput() { tput() {