From c0bc7f8df1b09ca20bb66ff0d2de432fc1cb355c Mon Sep 17 00:00:00 2001 From: Wojciech Trocki Date: Thu, 28 Oct 2021 13:02:20 +0100 Subject: [PATCH] fix: service account creation printing extra steps (#1262) * fix: use all alias for cluster connect * fix: print extra steps when sa is created * fix: update documentation * fix: language and message fixes Co-authored-by: Ben Hardesty Co-authored-by: Ben Hardesty --- docs/commands/rhoas_cluster_connect.adoc | 2 +- pkg/cmd/serviceaccount/create/create.go | 5 ++++- pkg/localize/locales/en/cmd/cluster.en.toml | 4 ++-- pkg/localize/locales/en/cmd/serviceaccount.en.toml | 13 ++++++++++++- 4 files changed, 19 insertions(+), 5 deletions(-) diff --git a/docs/commands/rhoas_cluster_connect.adoc b/docs/commands/rhoas_cluster_connect.adoc index ea7858a3a..0cf588b76 100644 --- a/docs/commands/rhoas_cluster_connect.adoc +++ b/docs/commands/rhoas_cluster_connect.adoc @@ -25,7 +25,7 @@ the Service Binding operator (https://github.com/redhat-developer/service-bindin NOTE: Created service account will need to be given permissions to specified service For example for Kafka service you should execute the following command to grant access to the service account - $ rhoas kafka acl grant-access --producer --consumer --service-account your-sa --topic "*" --group "*" + $ rhoas kafka acl grant-access --producer --consumer --service-account your-sa --topic all --group all diff --git a/pkg/cmd/serviceaccount/create/create.go b/pkg/cmd/serviceaccount/create/create.go index 6b8ab1706..658c6fead 100644 --- a/pkg/cmd/serviceaccount/create/create.go +++ b/pkg/cmd/serviceaccount/create/create.go @@ -165,7 +165,10 @@ func runCreate(opts *options) error { return fmt.Errorf("%v: %w", opts.localizer.MustLocalize("serviceAccount.common.error.couldNotSaveCredentialsFile"), err) } - opts.Logger.Info(icon.SuccessPrefix(), opts.localizer.MustLocalize("serviceAccount.common.log.info.credentialsSaved", localize.NewEntry("FilePath", color.CodeSnippet(opts.filename)))) + opts.Logger.Info(icon.SuccessPrefix(), opts.localizer.MustLocalize("serviceAccount.common.log.info.credentialsSaved", + localize.NewEntry("FilePath", color.CodeSnippet(opts.filename)), + localize.NewEntry("ClientID", color.Success(creds.ClientID)), + )) return nil } diff --git a/pkg/localize/locales/en/cmd/cluster.en.toml b/pkg/localize/locales/en/cmd/cluster.en.toml index c17c3f95c..a5e21f485 100644 --- a/pkg/localize/locales/en/cmd/cluster.en.toml +++ b/pkg/localize/locales/en/cmd/cluster.en.toml @@ -166,7 +166,7 @@ the Service Binding operator (https://github.com/redhat-developer/service-bindin NOTE: Created service account will need to be given permissions to specified service For example for Kafka service you should execute the following command to grant access to the service account - $ rhoas kafka acl grant-access --producer --consumer --service-account your-sa --topic "*" --group "*" + $ rhoas kafka acl grant-access --producer --consumer --service-account your-sa --topic all --group all ''' @@ -303,7 +303,7 @@ Make a copy of the client ID to store in a safe place. Credentials won't appear You will need to assign permissions to service account in order to use it. For example for Kafka service you should execute the following command to grant access to the service account: - $ rhoas kafka acl grant-access --producer --consumer --service-account {{.ClientID}} --topic "*" --group "*" + $ rhoas kafka acl grant-access --producer --consumer --service-account {{.ClientID}} --topic all --group all ''' diff --git a/pkg/localize/locales/en/cmd/serviceaccount.en.toml b/pkg/localize/locales/en/cmd/serviceaccount.en.toml index 6c5613f48..870e5c18e 100644 --- a/pkg/localize/locales/en/cmd/serviceaccount.en.toml +++ b/pkg/localize/locales/en/cmd/serviceaccount.en.toml @@ -41,7 +41,18 @@ other = 'you are forbidden to {{.Operation}} these service accounts' [serviceAccount.common.log.info.credentialsSaved] description = 'Credentials file saved message' -one = 'Credentials saved to {{.FilePath}}' +one = '''Credentials saved to {{.FilePath}} + +You can now set access rules for your current services. +To grant full access to produce and consume Kafka messages, enter this command: + + $ rhoas kafka acl grant-access --producer --consumer --service-account {{.ClientID}} --topic all --group all + +To grant read and write access to the currently selected Service Registry instance, enter this command: + + $ rhoas service-registry role add --role DEVELOPER --service-account {{.ClientID}} + +''' [serviceAccount.common.input.credentialsFileLocation.message] description = 'Input message for credentials file location'