From 94c92e1b30a18c5eee2f652794788da199641744 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Tue, 11 Jul 2023 11:25:53 -0500 Subject: [PATCH 01/43] Update zarf-managed secrets in all namespaces on a reinit --- src/internal/cluster/secrets.go | 87 ++++++++++++++++++----- src/internal/cluster/state.go | 2 + src/internal/cluster/zarf.go | 16 ++--- src/internal/packager/helm/post-render.go | 22 ++---- 4 files changed, 86 insertions(+), 41 deletions(-) diff --git a/src/internal/cluster/secrets.go b/src/internal/cluster/secrets.go index dd42ef76fe..56fce02a48 100644 --- a/src/internal/cluster/secrets.go +++ b/src/internal/cluster/secrets.go @@ -7,11 +7,13 @@ package cluster import ( "encoding/base64" "encoding/json" - "fmt" + "reflect" corev1 "k8s.io/api/core/v1" + "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/pkg/message" + "github.com/defenseunicorns/zarf/src/types" ) // DockerConfig contains the authentication information from the machine's docker config. @@ -28,26 +30,16 @@ type DockerConfigEntryWithAuth struct { } // GenerateRegistryPullCreds generates a secret containing the registry credentials. -func (c *Cluster) GenerateRegistryPullCreds(namespace, name string) (*corev1.Secret, error) { - message.Debugf("k8s.GenerateRegistryPullCreds(%s, %s)", namespace, name) +func (c *Cluster) GenerateRegistryPullCreds(namespace, name string, registryInfo types.RegistryInfo) *corev1.Secret { + message.Debugf("k8s.GenerateRegistryPullCreds(%s, %s, registryInfo)", namespace, name) secretDockerConfig := c.Kube.GenerateSecret(namespace, name, corev1.SecretTypeDockerConfigJson) - // Get the registry credentials from the ZarfState secret - zarfState, err := c.LoadZarfState() - if err != nil { - return nil, err - } - credential := zarfState.RegistryInfo.PullPassword - if credential == "" { - return nil, fmt.Errorf("generating pull credential failed") - } - // Auth field must be username:password and base64 encoded - fieldValue := zarfState.RegistryInfo.PullUsername + ":" + credential + fieldValue := registryInfo.PullUsername + ":" + registryInfo.PullPassword authEncodedValue := base64.StdEncoding.EncodeToString([]byte(fieldValue)) - registry := zarfState.RegistryInfo.Address + registry := registryInfo.Address // Create the expected structure for the dockerconfigjson dockerConfigJSON := DockerConfig{ Auths: DockerConfigEntry{ @@ -60,11 +52,72 @@ func (c *Cluster) GenerateRegistryPullCreds(namespace, name string) (*corev1.Sec // Convert to JSON dockerConfigData, err := json.Marshal(dockerConfigJSON) if err != nil { - return nil, err + message.WarnErrorf(err, "Unable to marshal the .dockerconfigjson secret data for the image pull secret") } // Add to the secret data secretDockerConfig.Data[".dockerconfigjson"] = dockerConfigData - return secretDockerConfig, nil + return secretDockerConfig +} + +// GenerateGitPullCreds generates a secret containing the git credentials. +func (c *Cluster) GenerateGitPullCreds(namespace, name string, gitServerInfo types.GitServerInfo) *corev1.Secret { + message.Debugf("k8s.GenerateGitPullCreds(%s, %s, gitServerInfo)", namespace, name) + + gitServerSecret := c.Kube.GenerateSecret(name, config.ZarfGitServerSecretName, corev1.SecretTypeOpaque) + gitServerSecret.StringData = map[string]string{ + "username": gitServerInfo.PullUsername, + "password": gitServerInfo.PullPassword, + } + + return gitServerSecret +} + +// UpdateZarfManagedSecrets updates all Zarf-managed secrets in all namespaces based on state +func (c *Cluster) UpdateZarfManagedSecrets(state types.ZarfState) { + spinner := message.NewProgressSpinner("Updating existing Zarf-manged secrets") + defer spinner.Stop() + + if namespaces, err := c.Kube.GetNamespaces(); err != nil { + spinner.Errorf(err, "Unable to get k8s namespaces") + } else { + // Update all image pull secrets + for _, namespace := range namespaces.Items { + currentRegistrySecret, err := c.Kube.GetSecret(namespace.Name, config.ZarfImagePullSecretName) + if err != nil { + continue + } + + if currentRegistrySecret.Labels[config.ZarfManagedByLabel] == "zarf" { + // Create the secret + newRegistrySecret := c.GenerateRegistryPullCreds(namespace.Name, config.ZarfImagePullSecretName, state.RegistryInfo) + if !reflect.DeepEqual(currentRegistrySecret.Data, newRegistrySecret.Data) { + // Create or update the zarf registry secret + if err := c.Kube.CreateOrUpdateSecret(newRegistrySecret); err != nil { + message.WarnErrorf(err, "Problem creating registry secret for the %s namespace", namespace.Name) + } + } + } + } + + // Update all git pull secrets + for _, namespace := range namespaces.Items { + currentGitSecret, err := c.Kube.GetSecret(namespace.Name, config.ZarfGitServerSecretName) + if err != nil { + continue + } + + if currentGitSecret.Labels[config.ZarfManagedByLabel] == "zarf" { + // Create the secret + newGitSecret := c.GenerateGitPullCreds(namespace.Name, config.ZarfGitServerSecretName, state.GitServer) + if !reflect.DeepEqual(currentGitSecret.StringData, newGitSecret.StringData) { + // Create or update the zarf git secret + if err := c.Kube.CreateOrUpdateSecret(newGitSecret); err != nil { + message.WarnErrorf(err, "Problem creating git server secret for the %s namespace", namespace.Name) + } + } + } + } + } } diff --git a/src/internal/cluster/state.go b/src/internal/cluster/state.go index da5bdcee1d..07b2ee4f71 100644 --- a/src/internal/cluster/state.go +++ b/src/internal/cluster/state.go @@ -143,6 +143,8 @@ func (c *Cluster) InitZarfState(initOptions types.ZarfInitOptions) error { return fmt.Errorf("unable to save the Zarf state: %w", err) } + c.UpdateZarfManagedSecrets(state) + return nil } diff --git a/src/internal/cluster/zarf.go b/src/internal/cluster/zarf.go index 13859d7e65..991bc4bee9 100644 --- a/src/internal/cluster/zarf.go +++ b/src/internal/cluster/zarf.go @@ -42,7 +42,7 @@ func (c *Cluster) GetDeployedZarfPackages() ([]types.DeployedPackage, []error) { } - // TODO: If we move this function out of `internal` we should return a more standard singular error. + // TODO: If we move this function out of `internal` we should return a more standard singular error. return deployedPackages, errorList } @@ -84,14 +84,12 @@ func (c *Cluster) StripZarfLabelsAndSecretsFromNamespaces() { } } - for _, namespace := range namespaces.Items { - spinner.Updatef("Removing Zarf secrets for namespace %s", namespace.Name) - err := c.Kube.Clientset.CoreV1(). - Secrets(namespace.Name). - DeleteCollection(context.TODO(), deleteOptions, listOptions) - if err != nil { - spinner.Errorf(err, "Unable to delete secrets from namespace %s", namespace.Name) - } + spinner.Updatef("Removing Zarf secrets for namespace %s", namespace.Name) + err := c.Kube.Clientset.CoreV1(). + Secrets(namespace.Name). + DeleteCollection(context.TODO(), deleteOptions, listOptions) + if err != nil { + spinner.Errorf(err, "Unable to delete secrets from namespace %s", namespace.Name) } } } diff --git a/src/internal/packager/helm/post-render.go b/src/internal/packager/helm/post-render.go index ff9b909a56..8f1049cdbc 100644 --- a/src/internal/packager/helm/post-render.go +++ b/src/internal/packager/helm/post-render.go @@ -204,32 +204,24 @@ func (r *renderer) Run(renderedManifests *bytes.Buffer) (*bytes.Buffer, error) { } // Create the secret - validSecret, err := c.GenerateRegistryPullCreds(name, config.ZarfImagePullSecretName) - if err != nil { - return nil, fmt.Errorf("unable to generate the registry pull secret for namespace %s", name) - } + validRegistrySecret := c.GenerateRegistryPullCreds(name, config.ZarfImagePullSecretName, r.options.Cfg.State.RegistryInfo) // Try to get a valid existing secret - currentSecret, _ := c.Kube.GetSecret(name, config.ZarfImagePullSecretName) - if currentSecret.Name != config.ZarfImagePullSecretName || !reflect.DeepEqual(currentSecret.Data, validSecret.Data) { - // Create or update the missing zarf registry secret - if err := c.Kube.CreateOrUpdateSecret(validSecret); err != nil { + currentRegistrySecret, _ := c.Kube.GetSecret(name, config.ZarfImagePullSecretName) + if currentRegistrySecret.Name != config.ZarfImagePullSecretName || !reflect.DeepEqual(currentRegistrySecret.Data, validRegistrySecret.Data) { + // Create or update the zarf registry secret + if err := c.Kube.CreateOrUpdateSecret(validRegistrySecret); err != nil { message.WarnErrorf(err, "Problem creating registry secret for the %s namespace", name) } // Generate the git server secret - gitServerSecret := c.Kube.GenerateSecret(name, config.ZarfGitServerSecretName, corev1.SecretTypeOpaque) - gitServerSecret.StringData = map[string]string{ - "username": r.options.Cfg.State.GitServer.PullUsername, - "password": r.options.Cfg.State.GitServer.PullPassword, - } + gitServerSecret := c.GenerateGitPullCreds(name, config.ZarfGitServerSecretName, r.options.Cfg.State.GitServer) - // Create or update the git server secret + // Create or update the zarf git server secret if err := c.Kube.CreateOrUpdateSecret(gitServerSecret); err != nil { message.WarnErrorf(err, "Problem creating git server secret for the %s namespace", name) } } - } // Send the bytes back to helm From cc7d8c55ecc1e0462d3f219dd29c4ded23b10b60 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Tue, 11 Jul 2023 14:54:54 -0500 Subject: [PATCH 02/43] Fix git pull secret creation --- src/internal/cluster/secrets.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/internal/cluster/secrets.go b/src/internal/cluster/secrets.go index 56fce02a48..448829d1e0 100644 --- a/src/internal/cluster/secrets.go +++ b/src/internal/cluster/secrets.go @@ -65,7 +65,7 @@ func (c *Cluster) GenerateRegistryPullCreds(namespace, name string, registryInfo func (c *Cluster) GenerateGitPullCreds(namespace, name string, gitServerInfo types.GitServerInfo) *corev1.Secret { message.Debugf("k8s.GenerateGitPullCreds(%s, %s, gitServerInfo)", namespace, name) - gitServerSecret := c.Kube.GenerateSecret(name, config.ZarfGitServerSecretName, corev1.SecretTypeOpaque) + gitServerSecret := c.Kube.GenerateSecret(namespace, name, corev1.SecretTypeOpaque) gitServerSecret.StringData = map[string]string{ "username": gitServerInfo.PullUsername, "password": gitServerInfo.PullPassword, From 7fcde6c068f783c1b6a7d85c1a3bfb202dfe3e05 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Thu, 13 Jul 2023 10:44:20 -0500 Subject: [PATCH 03/43] Add replicaCount and accessMode to the gitea chart --- packages/gitea/gitea-values.yaml | 4 ++++ packages/gitea/zarf.yaml | 10 +++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/packages/gitea/gitea-values.yaml b/packages/gitea/gitea-values.yaml index 5d3814b74a..3ac892ba27 100644 --- a/packages/gitea/gitea-values.yaml +++ b/packages/gitea/gitea-values.yaml @@ -2,6 +2,10 @@ persistence: storageClass: "###ZARF_STORAGE_CLASS###" existingClaim: "###ZARF_VAR_GIT_SERVER_EXISTING_PVC###" size: "###ZARF_VAR_GIT_SERVER_PVC_SIZE###" + accessModes: + - "###ZARF_VAR_GIT_SERVER_PVC_ACCESS_MODE###" + +replicaCount: "###ZARF_VAR_GIT_SERVER_REPLICA_COUNT###" gitea: admin: diff --git a/packages/gitea/zarf.yaml b/packages/gitea/zarf.yaml index e750ef3e92..70894dc271 100644 --- a/packages/gitea/zarf.yaml +++ b/packages/gitea/zarf.yaml @@ -8,9 +8,13 @@ variables: default: "" - name: GIT_SERVER_PVC_SIZE - description: The size of the persistent volume claim for git server + description: The size of the persistent volume claim for the git server default: 10Gi + - name: GIT_SERVER_PVC_ACCESS_MODE + description: The access mode of the persistent volume claim for the git server + default: ReadWriteOnce + - name: GIT_SERVER_CPU_REQ description: The CPU request for git server default: 200m @@ -27,6 +31,10 @@ variables: description: The memory limit for git server default: 2Gi + - name: GIT_SERVER_REPLICA_COUNT + description: The number of git server replicas to deploy + default: "1" + components: - name: git-server description: | From f689e87e3e2f3811ecf8b8cd9ae85f5429396931 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Thu, 13 Jul 2023 11:17:34 -0500 Subject: [PATCH 04/43] Add a test for the registry/git secrets --- src/test/upgrade/previously_built_test.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/test/upgrade/previously_built_test.go b/src/test/upgrade/previously_built_test.go index e823b7a8ce..b8dcb80c70 100644 --- a/src/test/upgrade/previously_built_test.go +++ b/src/test/upgrade/previously_built_test.go @@ -35,6 +35,14 @@ func TestPreviouslyBuiltZarfPackage(t *testing.T) { kubectlOut, _, _ = kubectl("-n=podinfo-upgrade", "get", "deployment", "podinfo-upgrade", "-o=jsonpath={.metadata.labels}}") require.Contains(t, kubectlOut, "6.3.3") + // Verify that the private-registry secret and private-git-server secret in the podinfo-upgrade namespace are the same after re-init + zarfRegistrySecret, _, _ := kubectl("-n=zarf", "get", "secret", "private-registry", "-o", "jsonpath={.data}") + podinfoRegistrySecret, _, _ := kubectl("-n=podinfo-upgrade", "get", "secret", "private-registry", "-o", "jsonpath={.data}") + require.Equal(t, zarfRegistrySecret, podinfoRegistrySecret, "the zarf registry secret and podinfo-upgrade registry secret did not match") + zarfGitServerSecret, _, _ := kubectl("-n=zarf", "get", "secret", "private-git-server", "-o", "jsonpath={.data}") + podinfoGitServerSecret, _, _ := kubectl("-n=podinfo-upgrade", "get", "secret", "private-git-server", "-o", "jsonpath={.data}") + require.Equal(t, zarfGitServerSecret, podinfoGitServerSecret, "the zarf git server secret and podinfo-upgrade git server secret did not match") + // We also expect a 6.3.4 package to have been previously built previouslyBuiltPackage := "../../../zarf-package-test-upgrade-package-amd64-6.3.4.tar.zst" From 3c0e24bfe78c81cd97d136574fe2029b25961cf3 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Thu, 13 Jul 2023 16:47:21 -0500 Subject: [PATCH 05/43] Initial layout of update-creds command --- src/cmd/initialize.go | 17 +- src/cmd/root.go | 2 +- src/cmd/tools/common.go | 9 +- src/cmd/tools/zarf.go | 385 +++++++++++++++++++++------------- src/config/lang/english.go | 83 ++++++-- src/internal/cluster/state.go | 14 +- src/pkg/utils/credentials.go | 37 +++- 7 files changed, 344 insertions(+), 203 deletions(-) diff --git a/src/cmd/initialize.go b/src/cmd/initialize.go index bf6bbf055d..da8035986e 100644 --- a/src/cmd/initialize.go +++ b/src/cmd/initialize.go @@ -166,25 +166,10 @@ func init() { rootCmd.AddCommand(initCmd) - // Init package variables + // Init package variable defaults that are non-zero values v.SetDefault(V_PKG_DEPLOY_SET, map[string]string{}) - - v.SetDefault(V_INIT_COMPONENTS, "") - v.SetDefault(V_INIT_STORAGE_CLASS, "") - - v.SetDefault(V_INIT_GIT_URL, "") v.SetDefault(V_INIT_GIT_PUSH_USER, config.ZarfGitPushUser) - v.SetDefault(V_INIT_GIT_PUSH_PASS, "") - v.SetDefault(V_INIT_GIT_PULL_USER, "") - v.SetDefault(V_INIT_GIT_PULL_PASS, "") - - v.SetDefault(V_INIT_REGISTRY_URL, "") - v.SetDefault(V_INIT_REGISTRY_NODEPORT, 0) - v.SetDefault(V_INIT_REGISTRY_SECRET, "") v.SetDefault(V_INIT_REGISTRY_PUSH_USER, config.ZarfRegistryPushUser) - v.SetDefault(V_INIT_REGISTRY_PUSH_PASS, "") - v.SetDefault(V_INIT_REGISTRY_PULL_USER, "") - v.SetDefault(V_INIT_REGISTRY_PULL_PASS, "") // Init package set variable flags initCmd.Flags().StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(V_PKG_DEPLOY_SET), lang.CmdInitFlagSet) diff --git a/src/cmd/root.go b/src/cmd/root.go index 8117d4eeab..a77f6dc68c 100644 --- a/src/cmd/root.go +++ b/src/cmd/root.go @@ -72,7 +72,7 @@ func Execute() { func init() { // Add the tools commands - tools.Include(rootCmd) + tools.Include(rootCmd, v) // Skip for vendor-only commands if tools.CheckVendorOnlyFromArgs() { diff --git a/src/cmd/tools/common.go b/src/cmd/tools/common.go index 18f5da8c7c..05881a164a 100644 --- a/src/cmd/tools/common.go +++ b/src/cmd/tools/common.go @@ -13,6 +13,7 @@ import ( "github.com/defenseunicorns/zarf/src/pkg/utils/exec" "github.com/defenseunicorns/zarf/src/pkg/utils/helpers" "github.com/spf13/cobra" + "github.com/spf13/viper" ) var vendorCmds = []string{ @@ -31,6 +32,11 @@ var vendorCmds = []string{ "r", } +var ( + // Viper instance used by the tools package (shared with cmd) + v *viper.Viper +) + var toolsCmd = &cobra.Command{ Use: "tools", Aliases: []string{"t"}, @@ -42,8 +48,9 @@ var toolsCmd = &cobra.Command{ } // Include adds the tools command to the root command. -func Include(rootCmd *cobra.Command) { +func Include(rootCmd *cobra.Command, cmdViper *viper.Viper) { rootCmd.AddCommand(toolsCmd) + v = cmdViper } // CheckVendorOnlyFromArgs checks if the command being run is a vendor-only command diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 0243105e96..38748b0611 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -17,175 +17,260 @@ import ( "github.com/defenseunicorns/zarf/src/pkg/packager" "github.com/defenseunicorns/zarf/src/pkg/pki" "github.com/defenseunicorns/zarf/src/pkg/utils" + "github.com/defenseunicorns/zarf/src/types" "github.com/sigstore/cosign/pkg/cosign" "github.com/spf13/cobra" ) -func init() { - var subAltNames []string - var outputDirectory string - - readCredsCmd := &cobra.Command{ - Use: "get-git-password", - Hidden: true, - Short: lang.CmdToolsGetGitPasswdShort, - Long: lang.CmdToolsGetGitPasswdLong, - Run: func(cmd *cobra.Command, args []string) { - state, err := cluster.NewClusterOrDie().LoadZarfState() - if err != nil || state.Distro == "" { - // If no distro the zarf secret did not load properly - message.Fatalf(nil, lang.ErrLoadState) - } +// TODO: Ewww +const ( + // Init Git config keys + V_INIT_GIT_URL = "init.git.url" + V_INIT_GIT_PUSH_USER = "init.git.push_username" + V_INIT_GIT_PUSH_PASS = "init.git.push_password" + V_INIT_GIT_PULL_USER = "init.git.pull_username" + V_INIT_GIT_PULL_PASS = "init.git.pull_password" - message.Note(lang.CmdToolsGetGitPasswdInfo) - message.Warn(lang.CmdToolsGetGitPasswdDeprecation) - utils.PrintComponentCredential(state, "git") - }, - } - - readAllCredsCmd := &cobra.Command{ - Use: "get-creds", - Short: lang.CmdToolsGetCredsShort, - Long: lang.CmdToolsGetCredsLong, - Aliases: []string{"gc"}, - Args: cobra.MaximumNArgs(1), - Run: func(cmd *cobra.Command, args []string) { - state, err := cluster.NewClusterOrDie().LoadZarfState() - if err != nil || state.Distro == "" { - // If no distro the zarf secret did not load properly - message.Fatalf(nil, lang.ErrLoadState) - } + // Init Registry config keys + V_INIT_REGISTRY_URL = "init.registry.url" + V_INIT_REGISTRY_NODEPORT = "init.registry.nodeport" + V_INIT_REGISTRY_SECRET = "init.registry.secret" + V_INIT_REGISTRY_PUSH_USER = "init.registry.push_username" + V_INIT_REGISTRY_PUSH_PASS = "init.registry.push_password" + V_INIT_REGISTRY_PULL_USER = "init.registry.pull_username" + V_INIT_REGISTRY_PULL_PASS = "init.registry.pull_password" - if len(args) > 0 { - // If a component name is provided, only show that component's credentials - utils.PrintComponentCredential(state, args[0]) - } else { - utils.PrintCredentialTable(state, nil) - } - }, - } - - clearCacheCmd := &cobra.Command{ - Use: "clear-cache", - Aliases: []string{"c"}, - Short: lang.CmdToolsClearCacheShort, - Run: func(cmd *cobra.Command, args []string) { - message.Notef(lang.CmdToolsClearCacheDir, config.GetAbsCachePath()) - if err := os.RemoveAll(config.GetAbsCachePath()); err != nil { - message.Fatalf(err, lang.CmdToolsClearCacheErr, config.GetAbsCachePath()) - } - message.Successf(lang.CmdToolsClearCacheSuccess, config.GetAbsCachePath()) - }, - } - - downloadInitCmd := &cobra.Command{ - Use: "download-init", - Short: lang.CmdToolsDownloadInitShort, - Run: func(cmd *cobra.Command, args []string) { - initPackageName := packager.GetInitPackageName("") - target := filepath.Join(outputDirectory, initPackageName) - url := packager.GetInitPackageRemote("") - err := utils.DownloadToFile(url, target, "") - if err != nil { - message.Fatalf(err, lang.CmdToolsDownloadInitErr, err.Error()) + // Init Package config keys + V_INIT_ARTIFACT_URL = "init.artifact.url" + V_INIT_ARTIFACT_PUSH_USER = "init.artifact.push_username" + V_INIT_ARTIFACT_PUSH_TOKEN = "init.artifact.push_token" +) + +var subAltNames []string +var outputDirectory string +var updateCredsInitOpts types.ZarfInitOptions + +var deprecatedGetGitCredsCmd = &cobra.Command{ + Use: "get-git-password", + Hidden: true, + Short: lang.CmdToolsGetGitPasswdShort, + Long: lang.CmdToolsGetGitPasswdLong, + Run: func(cmd *cobra.Command, args []string) { + state, err := cluster.NewClusterOrDie().LoadZarfState() + if err != nil || state.Distro == "" { + // If no distro the zarf secret did not load properly + message.Fatalf(nil, lang.ErrLoadState) + } + + message.Note(lang.CmdToolsGetGitPasswdInfo) + message.Warn(lang.CmdToolsGetGitPasswdDeprecation) + utils.PrintComponentCredential(state, "git") + }, +} + +var getCredsCmd = &cobra.Command{ + Use: "get-creds", + Short: lang.CmdToolsGetCredsShort, + Long: lang.CmdToolsGetCredsLong, + Example: lang.CmdToolsGetCredsExample, + Aliases: []string{"gc"}, + Args: cobra.MaximumNArgs(1), + Run: func(cmd *cobra.Command, args []string) { + state, err := cluster.NewClusterOrDie().LoadZarfState() + if err != nil || state.Distro == "" { + // If no distro the zarf secret did not load properly + message.Fatalf(nil, lang.ErrLoadState) + } + + if len(args) > 0 { + // If a component name is provided, only show that component's credentials + utils.PrintComponentCredential(state, args[0]) + } else { + utils.PrintCredentialTable(state, nil) + } + }, +} + +var updateCredsCmd = &cobra.Command{ + Use: "update-creds", + Short: lang.CmdToolsUpdateCredsShort, + Long: lang.CmdToolsUpdateCredsLong, + Example: lang.CmdToolsUpdateCredsExample, + Aliases: []string{"uc"}, + Args: cobra.MaximumNArgs(1), + Run: func(cmd *cobra.Command, args []string) { + // TODO: Do some input validation on this command (like we do for init) + c := cluster.NewClusterOrDie() + state, err := c.LoadZarfState() + if err != nil || state.Distro == "" { + // If no distro the zarf secret did not load properly + message.Fatalf(nil, lang.ErrLoadState) + } + + // TODO: Handle different components individually + // Print a confirmation for what we are about to do (and support --confirm) + updateCredsInitOpts.RegistryInfo.NodePort = state.RegistryInfo.NodePort + updateCredsInitOpts.RegistryInfo.Secret = state.RegistryInfo.Secret + + state.GitServer = c.FillInEmptyGitServerValues(updateCredsInitOpts.GitServer) + state.RegistryInfo = c.FillInEmptyContainerRegistryValues(updateCredsInitOpts.RegistryInfo) + state.ArtifactServer = c.FillInEmptyArtifactServerValues(updateCredsInitOpts.ArtifactServer) + state.LoggingSecret = utils.RandomString(config.ZarfGeneratedPasswordLen) + + err = c.SaveZarfState(state) + if err != nil { + message.Fatalf(nil, lang.ErrSaveState) + } + c.UpdateZarfManagedSecrets(state) + // TODO: Apply the updates to the registry and git-server helm charts (if internal) + }, +} + +var clearCacheCmd = &cobra.Command{ + Use: "clear-cache", + Aliases: []string{"c"}, + Short: lang.CmdToolsClearCacheShort, + Run: func(cmd *cobra.Command, args []string) { + message.Notef(lang.CmdToolsClearCacheDir, config.GetAbsCachePath()) + if err := os.RemoveAll(config.GetAbsCachePath()); err != nil { + message.Fatalf(err, lang.CmdToolsClearCacheErr, config.GetAbsCachePath()) + } + message.Successf(lang.CmdToolsClearCacheSuccess, config.GetAbsCachePath()) + }, +} + +var downloadInitCmd = &cobra.Command{ + Use: "download-init", + Short: lang.CmdToolsDownloadInitShort, + Run: func(cmd *cobra.Command, args []string) { + initPackageName := packager.GetInitPackageName("") + target := filepath.Join(outputDirectory, initPackageName) + url := packager.GetInitPackageRemote("") + err := utils.DownloadToFile(url, target, "") + if err != nil { + message.Fatalf(err, lang.CmdToolsDownloadInitErr, err.Error()) + } + }, +} + +var generatePKICmd = &cobra.Command{ + Use: "gen-pki HOST", + Aliases: []string{"pki"}, + Short: lang.CmdToolsGenPkiShort, + Args: cobra.ExactArgs(1), + Run: func(cmd *cobra.Command, args []string) { + pki := pki.GeneratePKI(args[0], subAltNames...) + if err := os.WriteFile("tls.ca", pki.CA, 0644); err != nil { + message.Fatalf(err, lang.ErrWritingFile, "tls.ca", err.Error()) + } + if err := os.WriteFile("tls.crt", pki.Cert, 0644); err != nil { + message.Fatalf(err, lang.ErrWritingFile, "tls.crt", err.Error()) + } + if err := os.WriteFile("tls.key", pki.Key, 0600); err != nil { + message.Fatalf(err, lang.ErrWritingFile, "tls.key", err.Error()) + } + message.Successf(lang.CmdToolsGenPkiSuccess, args[0]) + }, +} + +var generateKeyCmd = &cobra.Command{ + Use: "gen-key", + Aliases: []string{"key"}, + Short: lang.CmdToolsGenKeyShort, + Run: func(cmd *cobra.Command, args []string) { + // Utility function to prompt the user for the password to the private key + passwordFunc := func(bool) ([]byte, error) { + // perform the first prompt + var password string + prompt := &survey.Password{ + Message: lang.CmdToolsGenKeyPrompt, } - }, - } - - generatePKICmd := &cobra.Command{ - Use: "gen-pki HOST", - Aliases: []string{"pki"}, - Short: lang.CmdToolsGenPkiShort, - Args: cobra.ExactArgs(1), - Run: func(cmd *cobra.Command, args []string) { - pki := pki.GeneratePKI(args[0], subAltNames...) - if err := os.WriteFile("tls.ca", pki.CA, 0644); err != nil { - message.Fatalf(err, lang.ErrWritingFile, "tls.ca", err.Error()) + if err := survey.AskOne(prompt, &password); err != nil { + return nil, fmt.Errorf(lang.CmdToolsGenKeyErrUnableGetPassword, err.Error()) } - if err := os.WriteFile("tls.crt", pki.Cert, 0644); err != nil { - message.Fatalf(err, lang.ErrWritingFile, "tls.crt", err.Error()) + + // perform the second prompt + var doubleCheck string + rePrompt := &survey.Password{ + Message: lang.CmdToolsGenKeyPromptAgain, } - if err := os.WriteFile("tls.key", pki.Key, 0600); err != nil { - message.Fatalf(err, lang.ErrWritingFile, "tls.key", err.Error()) + if err := survey.AskOne(rePrompt, &doubleCheck); err != nil { + return nil, fmt.Errorf(lang.CmdToolsGenKeyErrUnableGetPassword, err.Error()) } - message.Successf(lang.CmdToolsGenPkiSuccess, args[0]) - }, - } - - generateKeyCmd := &cobra.Command{ - Use: "gen-key", - Aliases: []string{"key"}, - Short: lang.CmdToolsGenKeyShort, - Run: func(cmd *cobra.Command, args []string) { - // Utility function to prompt the user for the password to the private key - passwordFunc := func(bool) ([]byte, error) { - // perform the first prompt - var password string - prompt := &survey.Password{ - Message: lang.CmdToolsGenKeyPrompt, - } - if err := survey.AskOne(prompt, &password); err != nil { - return nil, fmt.Errorf(lang.CmdToolsGenKeyErrUnableGetPassword, err.Error()) - } - - // perform the second prompt - var doubleCheck string - rePrompt := &survey.Password{ - Message: lang.CmdToolsGenKeyPromptAgain, - } - if err := survey.AskOne(rePrompt, &doubleCheck); err != nil { - return nil, fmt.Errorf(lang.CmdToolsGenKeyErrUnableGetPassword, err.Error()) - } - - // check if the passwords match - if password != doubleCheck { - return nil, fmt.Errorf(lang.CmdToolsGenKeyErrPasswordsNotMatch) - } - - return []byte(password), nil + + // check if the passwords match + if password != doubleCheck { + return nil, fmt.Errorf(lang.CmdToolsGenKeyErrPasswordsNotMatch) } - // Use cosign to generate the keypair - keyBytes, err := cosign.GenerateKeyPair(passwordFunc) + return []byte(password), nil + } + + // Use cosign to generate the keypair + keyBytes, err := cosign.GenerateKeyPair(passwordFunc) + if err != nil { + message.Fatalf(err, lang.CmdToolsGenKeyErrUnableToGenKeypair, err.Error()) + } + + prvKeyFileName := "cosign.key" + pubKeyFileName := "cosign.pub" + + // Check if we are about to overwrite existing key files + _, prvKeyExistsErr := os.Stat(prvKeyFileName) + _, pubKeyExistsErr := os.Stat(pubKeyFileName) + if prvKeyExistsErr == nil || pubKeyExistsErr == nil { + var confirm bool + confirmOverwritePrompt := &survey.Confirm{ + Message: fmt.Sprintf(lang.CmdToolsGenKeyPromptExists, prvKeyFileName), + } + err := survey.AskOne(confirmOverwritePrompt, &confirm) if err != nil { - message.Fatalf(err, lang.CmdToolsGenKeyErrUnableToGenKeypair, err.Error()) + message.Fatalf(err, lang.CmdToolsGenKeyErrNoConfirmOverwrite) } - prvKeyFileName := "cosign.key" - pubKeyFileName := "cosign.pub" - - // Check if we are about to overwrite existing key files - _, prvKeyExistsErr := os.Stat(prvKeyFileName) - _, pubKeyExistsErr := os.Stat(pubKeyFileName) - if prvKeyExistsErr == nil || pubKeyExistsErr == nil { - var confirm bool - confirmOverwritePrompt := &survey.Confirm{ - Message: fmt.Sprintf(lang.CmdToolsGenKeyPromptExists, prvKeyFileName), - } - err := survey.AskOne(confirmOverwritePrompt, &confirm) - if err != nil { - message.Fatalf(err, lang.CmdToolsGenKeyErrNoConfirmOverwrite) - } - - if !confirm { - message.Fatal(nil, lang.CmdToolsGenKeyErrNoConfirmOverwrite) - } + if !confirm { + message.Fatal(nil, lang.CmdToolsGenKeyErrNoConfirmOverwrite) } + } - // Write the key file contents to disk - if err := os.WriteFile(prvKeyFileName, keyBytes.PrivateBytes, 0600); err != nil { - message.Fatalf(err, lang.ErrWritingFile, prvKeyFileName, err.Error()) - } - if err := os.WriteFile(pubKeyFileName, keyBytes.PublicBytes, 0644); err != nil { - message.Fatalf(err, lang.ErrWritingFile, pubKeyFileName, err.Error()) - } + // Write the key file contents to disk + if err := os.WriteFile(prvKeyFileName, keyBytes.PrivateBytes, 0600); err != nil { + message.Fatalf(err, lang.ErrWritingFile, prvKeyFileName, err.Error()) + } + if err := os.WriteFile(pubKeyFileName, keyBytes.PublicBytes, 0644); err != nil { + message.Fatalf(err, lang.ErrWritingFile, pubKeyFileName, err.Error()) + } + + message.Successf(lang.CmdToolsGenKeySuccess, prvKeyFileName, pubKeyFileName) + }, +} + +func init() { + toolsCmd.AddCommand(deprecatedGetGitCredsCmd) + toolsCmd.AddCommand(getCredsCmd) + + toolsCmd.AddCommand(updateCredsCmd) + + // Flags for using an external Git server + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.Address, "git-url", v.GetString(V_INIT_GIT_URL), lang.CmdInitFlagGitURL) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushUsername, "git-push-username", v.GetString(V_INIT_GIT_PUSH_USER), lang.CmdInitFlagGitPushUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushPassword, "git-push-password", v.GetString(V_INIT_GIT_PUSH_PASS), lang.CmdInitFlagGitPushPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullUsername, "git-pull-username", v.GetString(V_INIT_GIT_PULL_USER), lang.CmdInitFlagGitPullUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullPassword, "git-pull-password", v.GetString(V_INIT_GIT_PULL_PASS), lang.CmdInitFlagGitPullPass) + + // Flags for using an external registry + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.Address, "registry-url", v.GetString(V_INIT_REGISTRY_URL), lang.CmdInitFlagRegURL) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushUsername, "registry-push-username", v.GetString(V_INIT_REGISTRY_PUSH_USER), lang.CmdInitFlagRegPushUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushPassword, "registry-push-password", v.GetString(V_INIT_REGISTRY_PUSH_PASS), lang.CmdInitFlagRegPushPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullUsername, "registry-pull-username", v.GetString(V_INIT_REGISTRY_PULL_USER), lang.CmdInitFlagRegPullUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullPassword, "registry-pull-password", v.GetString(V_INIT_REGISTRY_PULL_PASS), lang.CmdInitFlagRegPullPass) - message.Successf(lang.CmdToolsGenKeySuccess, prvKeyFileName, pubKeyFileName) - }, - } + // Flags for using an external artifact server + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.Address, "artifact-url", v.GetString(V_INIT_ARTIFACT_URL), lang.CmdInitFlagArtifactURL) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushUsername, "artifact-push-username", v.GetString(V_INIT_ARTIFACT_PUSH_USER), lang.CmdInitFlagArtifactPushUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushToken, "artifact-push-token", v.GetString(V_INIT_ARTIFACT_PUSH_TOKEN), lang.CmdInitFlagArtifactPushToken) - toolsCmd.AddCommand(readCredsCmd) - toolsCmd.AddCommand(readAllCredsCmd) + updateCredsCmd.Flags().SortFlags = true toolsCmd.AddCommand(clearCacheCmd) clearCacheCmd.Flags().StringVar(&config.CommonOptions.CachePath, "zarf-cache", config.ZarfDefaultCachePath, lang.CmdToolsClearCacheFlagCachePath) diff --git a/src/config/lang/english.go b/src/config/lang/english.go index 86498572df..c2845e8c62 100644 --- a/src/config/lang/english.go +++ b/src/config/lang/english.go @@ -17,6 +17,7 @@ import "errors" const ( ErrLoadingConfig = "failed to load config: %w" ErrLoadState = "Failed to load the Zarf State from the Kubernetes cluster." + ErrSaveState = "Failed to save the Zarf State to the Kubernetes cluster." ErrLoadPackageSecret = "Failed to load %s's secret from the Kubernetes cluster" ErrMarshal = "failed to marshal file: %w" ErrNoClusterConnection = "Failed to connect to the Kubernetes cluster." @@ -121,6 +122,11 @@ const ( # Initializing w/ an external git server: zarf init --git-push-password={PASSWORD} --git-push-username={USERNAME} --git-url={URL} + + # Initializing w/ an external artifact server: + zarf init --artifact-push-password={PASSWORD} --artifact-push-username={USERNAME} --artifact-url={URL} + + # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well ` CmdInitErrFlags = "Invalid command flags were provided." @@ -403,22 +409,22 @@ const ( "This command can be used to wait for a Kubernetes resources to exist and be ready that may be created by a Gitops tool or a Kubernetes operator.\n" + "You can also wait for arbitrary network endpoints using REST or TCP checks.\n\n" CmdToolsWaitForExample = ` - Wait for Kubernetes resources: - zarf tools wait-for pod my-pod-name ready -n default # wait for pod my-pod-name in namespace default to be ready - zarf tools wait-for p cool-pod-name ready -n cool # wait for pod (using p alias) cool-pod-name in namespace cool to be ready - zarf tools wait-for deployment podinfo available -n podinfo # wait for deployment podinfo in namespace podinfo to be available - zarf tools wait-for pod app=podinfo ready -n podinfo # wait for pod with label app=podinfo in namespace podinfo to be ready - zarf tools wait-for svc zarf-docker-registry exists -n zarf # wait for service zarf-docker-registry in namespace zarf to exist - zarf tools wait-for svc zarf-docker-registry -n zarf # same as above, except exists is the default condition - zarf tools wait-for crd addons.k3s.cattle.io # wait for crd addons.k3s.cattle.io to exist - zarf tools wait-for sts test-sts '{.status.availableReplicas}'=23 # wait for statefulset test-sts to have 23 available replicas - - Wait for network endpoints: - zarf tools wait-for http localhost:8080 200 # wait for a 200 response from http://localhost:8080 - zarf tools wait-for tcp localhost:8080 # wait for a connection to be established on localhost:8080 - zarf tools wait-for https 1.1.1.1 200 # wait for a 200 response from https://1.1.1.1 - zarf tools wait-for http google.com # wait for any 2xx response from http://google.com - zarf tools wait-for http google.com success # wait for any 2xx response from http://google.com + # Wait for Kubernetes resources: + zarf tools wait-for pod my-pod-name ready -n default # wait for pod my-pod-name in namespace default to be ready + zarf tools wait-for p cool-pod-name ready -n cool # wait for pod (using p alias) cool-pod-name in namespace cool to be ready + zarf tools wait-for deployment podinfo available -n podinfo # wait for deployment podinfo in namespace podinfo to be available + zarf tools wait-for pod app=podinfo ready -n podinfo # wait for pod with label app=podinfo in namespace podinfo to be ready + zarf tools wait-for svc zarf-docker-registry exists -n zarf # wait for service zarf-docker-registry in namespace zarf to exist + zarf tools wait-for svc zarf-docker-registry -n zarf # same as above, except exists is the default condition + zarf tools wait-for crd addons.k3s.cattle.io # wait for crd addons.k3s.cattle.io to exist + zarf tools wait-for sts test-sts '{.status.availableReplicas}'=23 # wait for statefulset test-sts to have 23 available replicas + + # Wait for network endpoints: + zarf tools wait-for http localhost:8080 200 # wait for a 200 response from http://localhost:8080 + zarf tools wait-for tcp localhost:8080 # wait for a connection to be established on localhost:8080 + zarf tools wait-for https 1.1.1.1 200 # wait for a 200 response from https://1.1.1.1 + zarf tools wait-for http google.com # wait for any 2xx response from http://google.com + zarf tools wait-for http google.com success # wait for any 2xx response from http://google.com ` CmdToolsWaitForFlagTimeout = "Specify the timeout duration for the wait command." CmdToolsWaitForErrTimeoutString = "Invalid timeout duration. Please use a valid duration string (e.g. 1s, 2m, 3h)." @@ -429,8 +435,49 @@ const ( CmdToolsKubectlDocs = "Kubectl command. See https://kubernetes.io/docs/reference/kubectl/overview/ for more information." - CmdToolsGetCredsShort = "Displays a Table of credentials for deployed components. Pass a component name to get a single credential" - CmdToolsGetCredsLong = "Display a Table of credentials for deployed components. Pass a component name to get a single credential. i.e. 'zarf tools get-creds registry'" + CmdToolsGetCredsShort = "Displays a table of credentials for deployed Zarf services. Pass a service key to get a single credential" + CmdToolsGetCredsLong = "Display a table of credentials for deployed Zarf services. Pass a service key to get a single credential. i.e. 'zarf tools get-creds registry'" + CmdToolsGetCredsExample = ` + # Print all Zarf credentials: + zarf tools get-creds + + # Get specific Zarf credentials: + zarf tools get-creds registry + zarf tools get-creds registry-readonly + zarf tools get-creds git + zarf tools get-creds git-readonly + zarf tools get-creds artifact + zarf tools get-creds logging +` + + CmdToolsUpdateCredsShort = "Updates the credentials for deployed Zarf services. Pass a service key to update credentials for a single service" + CmdToolsUpdateCredsLong = "Updates the credentials for deployed Zarf services. Pass a service key to update credentials for a single service. i.e. 'zarf tools update-creds registry'" + CmdToolsUpdateCredsExample = ` + # Autogenerate all Zarf credentials at once: + zarf tools update-creds + + # Autogenerate specific Zarf service credentials: + zarf tools update-creds registry + zarf tools update-creds git + zarf tools update-creds artifact + zarf tools update-creds logging + + # Update all Zarf credentials w/external services at once: + zarf tools update-creds \ + --registry-url={URL} --registry-push-username={USERNAME} --registry-push-password={PASSWORD} \ + --git-url={URL} --git-push-username={USERNAME} --git-push-password={PASSWORD} \ + --artifact-url={URL} --artifact-push-username={USERNAME} --artifact-push-token={PASSWORD} + + # NOTE: Any credentials omitted from flags without a service key specified will be autogenerated - URLs will only change if specified + # config options can also be set with the 'init' section of a Zarf config file + + # Update specific Zarf credentials w/external services: + zarf tools update-creds registry --registry-url={URL} --registry-push-username={USERNAME} --registry-push-password={PASSWORD} + zarf tools update-creds git --git-url={URL} --git-push-username={USERNAME} --git-push-password={PASSWORD} + zarf tools update-creds artifact --artifact-url={URL} --artifact-push-username={USERNAME} --artifact-push-token={PASSWORD} + + # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well +` // zarf version CmdVersionShort = "Shows the version of the running Zarf binary" diff --git a/src/internal/cluster/state.go b/src/internal/cluster/state.go index 07b2ee4f71..4f93d02093 100644 --- a/src/internal/cluster/state.go +++ b/src/internal/cluster/state.go @@ -132,9 +132,9 @@ func (c *Cluster) InitZarfState(initOptions types.ZarfInitOptions) error { state.StorageClass = initOptions.StorageClass } - state.GitServer = c.fillInEmptyGitServerValues(initOptions.GitServer) - state.RegistryInfo = c.fillInEmptyContainerRegistryValues(initOptions.RegistryInfo) - state.ArtifactServer = c.fillInEmptyArtifactServerValues(initOptions.ArtifactServer) + state.GitServer = c.FillInEmptyGitServerValues(initOptions.GitServer) + state.RegistryInfo = c.FillInEmptyContainerRegistryValues(initOptions.RegistryInfo) + state.ArtifactServer = c.FillInEmptyArtifactServerValues(initOptions.ArtifactServer) spinner.Success() @@ -143,8 +143,6 @@ func (c *Cluster) InitZarfState(initOptions types.ZarfInitOptions) error { return fmt.Errorf("unable to save the Zarf state: %w", err) } - c.UpdateZarfManagedSecrets(state) - return nil } @@ -234,7 +232,7 @@ func (c *Cluster) SaveZarfState(state types.ZarfState) error { return nil } -func (c *Cluster) fillInEmptyContainerRegistryValues(containerRegistry types.RegistryInfo) types.RegistryInfo { +func (c *Cluster) FillInEmptyContainerRegistryValues(containerRegistry types.RegistryInfo) types.RegistryInfo { // Set default NodePort if none was provided if containerRegistry.NodePort == 0 { containerRegistry.NodePort = config.ZarfInClusterContainerRegistryNodePort @@ -277,7 +275,7 @@ func (c *Cluster) fillInEmptyContainerRegistryValues(containerRegistry types.Reg } // Fill in empty GitServerInfo values with the defaults. -func (c *Cluster) fillInEmptyGitServerValues(gitServer types.GitServerInfo) types.GitServerInfo { +func (c *Cluster) FillInEmptyGitServerValues(gitServer types.GitServerInfo) types.GitServerInfo { // Set default svc url if an external repository was not provided if gitServer.Address == "" { gitServer.Address = config.ZarfInClusterGitServiceURL @@ -309,7 +307,7 @@ func (c *Cluster) fillInEmptyGitServerValues(gitServer types.GitServerInfo) type } // Fill in empty ArtifactServerInfo values with the defaults. -func (c *Cluster) fillInEmptyArtifactServerValues(artifactServer types.ArtifactServerInfo) types.ArtifactServerInfo { +func (c *Cluster) FillInEmptyArtifactServerValues(artifactServer types.ArtifactServerInfo) types.ArtifactServerInfo { // Set default svc url if an external registry was not provided if artifactServer.Address == "" { artifactServer.Address = config.ZarfInClusterArtifactServiceURL diff --git a/src/pkg/utils/credentials.go b/src/pkg/utils/credentials.go index 83d64ac981..2e93d55d8c 100644 --- a/src/pkg/utils/credentials.go +++ b/src/pkg/utils/credentials.go @@ -15,6 +15,15 @@ import ( "github.com/pterm/pterm" ) +const ( + registryKey = "registry" + registryReadKey = "registry-readonly" + gitKey = "git" + gitReadKey = "git-readonly" + artifactKey = "artifact" + loggingKey = "logging" +) + // PrintCredentialTable displays credentials in a table func PrintCredentialTable(state types.ZarfState, componentsToDeploy []types.DeployedComponent) { if len(componentsToDeploy) == 0 { @@ -26,24 +35,28 @@ func PrintCredentialTable(state types.ZarfState, componentsToDeploy []types.Depl pterm.Println() loginTableHeader := pterm.TableData{ - {" Application", "Username", "Password", "Connect"}, + {" Application", "Username", "Password", "Connect", "Get-Creds Key"}, } loginTable := pterm.TableData{} if state.RegistryInfo.InternalRegistry { - loginTable = append(loginTable, pterm.TableData{{" Registry", state.RegistryInfo.PushUsername, state.RegistryInfo.PushPassword, "zarf connect registry"}}...) + loginTable = append(loginTable, pterm.TableData{ + {" Registry", state.RegistryInfo.PushUsername, state.RegistryInfo.PushPassword, "zarf connect registry", registryKey}, + {" Registry (read-only)", state.RegistryInfo.PullUsername, state.RegistryInfo.PullPassword, "zarf connect registry", registryReadKey}, + }...) } for _, component := range componentsToDeploy { // Show message if including logging stack if component.Name == "logging" { - loginTable = append(loginTable, pterm.TableData{{" Logging", "zarf-admin", state.LoggingSecret, "zarf connect logging"}}...) + loginTable = append(loginTable, pterm.TableData{{" Logging", "zarf-admin", state.LoggingSecret, "zarf connect logging", loggingKey}}...) } // Show message if including git-server if component.Name == "git-server" { loginTable = append(loginTable, pterm.TableData{ - {" Git", state.GitServer.PushUsername, state.GitServer.PushPassword, "zarf connect git"}, - {" Git (read-only)", state.GitServer.PullUsername, state.GitServer.PullPassword, "zarf connect git"}, + {" Git", state.GitServer.PushUsername, state.GitServer.PushPassword, "zarf connect git", gitKey}, + {" Git (read-only)", state.GitServer.PullUsername, state.GitServer.PullPassword, "zarf connect git", gitReadKey}, + {" Artifact Token", state.ArtifactServer.PushUsername, state.ArtifactServer.PushToken, "zarf connect git", artifactKey}, }...) } } @@ -62,18 +75,24 @@ func PrintCredentialTable(state types.ZarfState, componentsToDeploy []types.Depl // PrintComponentCredential displays credentials for a single component func PrintComponentCredential(state types.ZarfState, componentName string) { switch strings.ToLower(componentName) { - case "logging": + case loggingKey: message.Note("Logging credentials (username: zarf-admin):") fmt.Println(state.LoggingSecret) - case "git": + case gitKey: message.Note("Git Server push password (username: " + state.GitServer.PushUsername + "):") fmt.Println(state.GitServer.PushPassword) - case "git-readonly": + case gitReadKey: message.Note("Git Server (read-only) password (username: " + state.GitServer.PullUsername + "):") fmt.Println(state.GitServer.PullPassword) - case "registry": + case artifactKey: + message.Note("Artifact Server token (username: " + state.ArtifactServer.PushUsername + "):") + fmt.Println(state.ArtifactServer.PushToken) + case registryKey: message.Note("Image Registry password (username: " + state.RegistryInfo.PushUsername + "):") fmt.Println(state.RegistryInfo.PushPassword) + case registryReadKey: + message.Note("Image Registry (read-only) password (username: " + state.RegistryInfo.PullUsername + "):") + fmt.Println(state.RegistryInfo.PullPassword) default: message.Warn("Unknown component: " + componentName) } From f19967faf551090adbd9618d36b46ed355a05a61 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Thu, 13 Jul 2023 17:21:40 -0500 Subject: [PATCH 06/43] Fix the viper location and clarify language --- src/cmd/initialize.go | 48 ++++++----- src/cmd/package.go | 118 +++++++++++++------------- src/cmd/prepare.go | 11 ++- src/cmd/root.go | 41 +++++---- src/cmd/tools/common.go | 9 +- src/cmd/tools/zarf.go | 53 ++++-------- src/cmd/{viper.go => viper/common.go} | 23 ++--- src/config/lang/english.go | 20 ++--- 8 files changed, 152 insertions(+), 171 deletions(-) rename src/cmd/{viper.go => viper/common.go} (94%) diff --git a/src/cmd/initialize.go b/src/cmd/initialize.go index da8035986e..b87d1bf6a0 100644 --- a/src/cmd/initialize.go +++ b/src/cmd/initialize.go @@ -13,6 +13,7 @@ import ( "strings" "github.com/AlecAivazis/survey/v2" + "github.com/defenseunicorns/zarf/src/cmd/viper" "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/message" @@ -51,7 +52,8 @@ var initCmd = &cobra.Command{ pkgConfig.PkgSourcePath = pkgConfig.DeployOpts.PackagePath // Ensure uppercase keys from viper - viperConfig := helpers.TransformMapKeys(v.GetStringMapString(V_PKG_DEPLOY_SET), strings.ToUpper) + v := viper.Get() + viperConfig := helpers.TransformMapKeys(v.GetStringMapString(viper.V_PKG_DEPLOY_SET), strings.ToUpper) pkgConfig.DeployOpts.SetVariables = helpers.MergeMap(viperConfig, pkgConfig.DeployOpts.SetVariables) // Configure the packager @@ -162,43 +164,43 @@ func validateInitFlags() error { } func init() { - initViper() + v := viper.Init() rootCmd.AddCommand(initCmd) // Init package variable defaults that are non-zero values - v.SetDefault(V_PKG_DEPLOY_SET, map[string]string{}) - v.SetDefault(V_INIT_GIT_PUSH_USER, config.ZarfGitPushUser) - v.SetDefault(V_INIT_REGISTRY_PUSH_USER, config.ZarfRegistryPushUser) + v.SetDefault(viper.V_PKG_DEPLOY_SET, map[string]string{}) + v.SetDefault(viper.V_INIT_GIT_PUSH_USER, config.ZarfGitPushUser) + v.SetDefault(viper.V_INIT_REGISTRY_PUSH_USER, config.ZarfRegistryPushUser) // Init package set variable flags - initCmd.Flags().StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(V_PKG_DEPLOY_SET), lang.CmdInitFlagSet) + initCmd.Flags().StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(viper.V_PKG_DEPLOY_SET), lang.CmdInitFlagSet) // Continue to require --confirm flag for init command to avoid accidental deployments initCmd.Flags().BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdInitFlagConfirm) - initCmd.Flags().StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(V_INIT_COMPONENTS), lang.CmdInitFlagComponents) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.StorageClass, "storage-class", v.GetString(V_INIT_STORAGE_CLASS), lang.CmdInitFlagStorageClass) + initCmd.Flags().StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(viper.V_INIT_COMPONENTS), lang.CmdInitFlagComponents) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.StorageClass, "storage-class", v.GetString(viper.V_INIT_STORAGE_CLASS), lang.CmdInitFlagStorageClass) // Flags for using an external Git server - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.Address, "git-url", v.GetString(V_INIT_GIT_URL), lang.CmdInitFlagGitURL) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PushUsername, "git-push-username", v.GetString(V_INIT_GIT_PUSH_USER), lang.CmdInitFlagGitPushUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PushPassword, "git-push-password", v.GetString(V_INIT_GIT_PUSH_PASS), lang.CmdInitFlagGitPushPass) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PullUsername, "git-pull-username", v.GetString(V_INIT_GIT_PULL_USER), lang.CmdInitFlagGitPullUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PullPassword, "git-pull-password", v.GetString(V_INIT_GIT_PULL_PASS), lang.CmdInitFlagGitPullPass) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.Address, "git-url", v.GetString(viper.V_INIT_GIT_URL), lang.CmdInitFlagGitURL) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PushUsername, "git-push-username", v.GetString(viper.V_INIT_GIT_PUSH_USER), lang.CmdInitFlagGitPushUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PushPassword, "git-push-password", v.GetString(viper.V_INIT_GIT_PUSH_PASS), lang.CmdInitFlagGitPushPass) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PullUsername, "git-pull-username", v.GetString(viper.V_INIT_GIT_PULL_USER), lang.CmdInitFlagGitPullUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PullPassword, "git-pull-password", v.GetString(viper.V_INIT_GIT_PULL_PASS), lang.CmdInitFlagGitPullPass) // Flags for using an external registry - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.Address, "registry-url", v.GetString(V_INIT_REGISTRY_URL), lang.CmdInitFlagRegURL) - initCmd.Flags().IntVar(&pkgConfig.InitOpts.RegistryInfo.NodePort, "nodeport", v.GetInt(V_INIT_REGISTRY_NODEPORT), lang.CmdInitFlagRegNodePort) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PushUsername, "registry-push-username", v.GetString(V_INIT_REGISTRY_PUSH_USER), lang.CmdInitFlagRegPushUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PushPassword, "registry-push-password", v.GetString(V_INIT_REGISTRY_PUSH_PASS), lang.CmdInitFlagRegPushPass) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PullUsername, "registry-pull-username", v.GetString(V_INIT_REGISTRY_PULL_USER), lang.CmdInitFlagRegPullUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PullPassword, "registry-pull-password", v.GetString(V_INIT_REGISTRY_PULL_PASS), lang.CmdInitFlagRegPullPass) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.Secret, "registry-secret", v.GetString(V_INIT_REGISTRY_SECRET), lang.CmdInitFlagRegSecret) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.Address, "registry-url", v.GetString(viper.V_INIT_REGISTRY_URL), lang.CmdInitFlagRegURL) + initCmd.Flags().IntVar(&pkgConfig.InitOpts.RegistryInfo.NodePort, "nodeport", v.GetInt(viper.V_INIT_REGISTRY_NODEPORT), lang.CmdInitFlagRegNodePort) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PushUsername, "registry-push-username", v.GetString(viper.V_INIT_REGISTRY_PUSH_USER), lang.CmdInitFlagRegPushUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PushPassword, "registry-push-password", v.GetString(viper.V_INIT_REGISTRY_PUSH_PASS), lang.CmdInitFlagRegPushPass) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PullUsername, "registry-pull-username", v.GetString(viper.V_INIT_REGISTRY_PULL_USER), lang.CmdInitFlagRegPullUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PullPassword, "registry-pull-password", v.GetString(viper.V_INIT_REGISTRY_PULL_PASS), lang.CmdInitFlagRegPullPass) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.Secret, "registry-secret", v.GetString(viper.V_INIT_REGISTRY_SECRET), lang.CmdInitFlagRegSecret) // Flags for using an external artifact server - initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.Address, "artifact-url", v.GetString(V_INIT_ARTIFACT_URL), lang.CmdInitFlagArtifactURL) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.PushUsername, "artifact-push-username", v.GetString(V_INIT_ARTIFACT_PUSH_USER), lang.CmdInitFlagArtifactPushUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.PushToken, "artifact-push-token", v.GetString(V_INIT_ARTIFACT_PUSH_TOKEN), lang.CmdInitFlagArtifactPushToken) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.Address, "artifact-url", v.GetString(viper.V_INIT_ARTIFACT_URL), lang.CmdInitFlagArtifactURL) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.PushUsername, "artifact-push-username", v.GetString(viper.V_INIT_ARTIFACT_PUSH_USER), lang.CmdInitFlagArtifactPushUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.PushToken, "artifact-push-token", v.GetString(viper.V_INIT_ARTIFACT_PUSH_TOKEN), lang.CmdInitFlagArtifactPushToken) initCmd.Flags().SortFlags = true } diff --git a/src/cmd/package.go b/src/cmd/package.go index 9976fef180..06f1663186 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -10,6 +10,7 @@ import ( "regexp" "strings" + "github.com/defenseunicorns/zarf/src/cmd/viper" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/message" "github.com/defenseunicorns/zarf/src/pkg/utils/helpers" @@ -22,6 +23,7 @@ import ( "github.com/defenseunicorns/zarf/src/pkg/packager" "github.com/defenseunicorns/zarf/src/pkg/utils" "github.com/spf13/cobra" + spf13viper "github.com/spf13/viper" ) var includeInspectSBOM bool @@ -56,7 +58,8 @@ var packageCreateCmd = &cobra.Command{ } // Ensure uppercase keys from viper - viperConfig := helpers.TransformMapKeys(v.GetStringMapString(V_PKG_CREATE_SET), strings.ToUpper) + v := viper.Get() + viperConfig := helpers.TransformMapKeys(v.GetStringMapString(viper.V_PKG_CREATE_SET), strings.ToUpper) pkgConfig.CreateOpts.SetVariables = helpers.MergeMap(viperConfig, pkgConfig.CreateOpts.SetVariables) // Configure the packager @@ -80,7 +83,8 @@ var packageDeployCmd = &cobra.Command{ pkgConfig.DeployOpts.PackagePath = choosePackage(args) // Ensure uppercase keys from viper and CLI --set - viperConfigSetVariables := helpers.TransformMapKeys(v.GetStringMapString(V_PKG_DEPLOY_SET), strings.ToUpper) + v := viper.Get() + viperConfigSetVariables := helpers.TransformMapKeys(v.GetStringMapString(viper.V_PKG_DEPLOY_SET), strings.ToUpper) pkgConfig.DeployOpts.SetVariables = helpers.TransformMapKeys(pkgConfig.DeployOpts.SetVariables, strings.ToUpper) // Merge the viper config file variables and provided CLI flag variables (CLI takes precedence)) @@ -260,7 +264,7 @@ func choosePackage(args []string) string { } func init() { - initViper() + v := viper.Init() rootCmd.AddCommand(packageCmd) packageCmd.AddCommand(packageCreateCmd) @@ -271,57 +275,57 @@ func init() { packageCmd.AddCommand(packagePublishCmd) packageCmd.AddCommand(packagePullCmd) - bindPackageFlags() - bindCreateFlags() - bindDeployFlags() - bindInspectFlags() - bindRemoveFlags() - bindPublishFlags() - bindPullFlags() + bindPackageFlags(v) + bindCreateFlags(v) + bindDeployFlags(v) + bindInspectFlags(v) + bindRemoveFlags(v) + bindPublishFlags(v) + bindPullFlags(v) } -func bindPackageFlags() { +func bindPackageFlags(v *spf13viper.Viper) { packageFlags := packageCmd.PersistentFlags() - v.SetDefault(V_PKG_OCI_CONCURRENCY, 3) - packageFlags.IntVar(&config.CommonOptions.OCIConcurrency, "oci-concurrency", v.GetInt(V_PKG_OCI_CONCURRENCY), lang.CmdPackageFlagConcurrency) + v.SetDefault(viper.V_PKG_OCI_CONCURRENCY, 3) + packageFlags.IntVar(&config.CommonOptions.OCIConcurrency, "oci-concurrency", v.GetInt(viper.V_PKG_OCI_CONCURRENCY), lang.CmdPackageFlagConcurrency) } -func bindCreateFlags() { +func bindCreateFlags(v *spf13viper.Viper) { createFlags := packageCreateCmd.Flags() // Always require confirm flag (no viper) createFlags.BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdPackageCreateFlagConfirm) - v.SetDefault(V_PKG_CREATE_SET, map[string]string{}) - v.SetDefault(V_PKG_CREATE_OUTPUT, "") - v.SetDefault(V_PKG_CREATE_SBOM, false) - v.SetDefault(V_PKG_CREATE_SBOM_OUTPUT, "") - v.SetDefault(V_PKG_CREATE_SKIP_SBOM, false) - v.SetDefault(V_PKG_CREATE_MAX_PACKAGE_SIZE, 0) - v.SetDefault(V_PKG_CREATE_SIGNING_KEY, "") + v.SetDefault(viper.V_PKG_CREATE_SET, map[string]string{}) + v.SetDefault(viper.V_PKG_CREATE_OUTPUT, "") + v.SetDefault(viper.V_PKG_CREATE_SBOM, false) + v.SetDefault(viper.V_PKG_CREATE_SBOM_OUTPUT, "") + v.SetDefault(viper.V_PKG_CREATE_SKIP_SBOM, false) + v.SetDefault(viper.V_PKG_CREATE_MAX_PACKAGE_SIZE, 0) + v.SetDefault(viper.V_PKG_CREATE_SIGNING_KEY, "") outputDirectory := v.GetString("package.create.output_directory") - output := v.GetString(V_PKG_CREATE_OUTPUT) + output := v.GetString(viper.V_PKG_CREATE_OUTPUT) if outputDirectory != "" && output == "" { - v.Set(V_PKG_CREATE_OUTPUT, outputDirectory) + v.Set(viper.V_PKG_CREATE_OUTPUT, outputDirectory) } createFlags.StringVar(&pkgConfig.CreateOpts.Output, "output-directory", v.GetString("package.create.output_directory"), lang.CmdPackageCreateFlagOutput) - createFlags.StringVarP(&pkgConfig.CreateOpts.Output, "output", "o", v.GetString(V_PKG_CREATE_OUTPUT), lang.CmdPackageCreateFlagOutput) - - createFlags.StringVar(&pkgConfig.CreateOpts.DifferentialData.DifferentialPackagePath, "differential", v.GetString(V_PKG_CREATE_DIFFERENTIAL), lang.CmdPackageCreateFlagDifferential) - createFlags.StringToStringVar(&pkgConfig.CreateOpts.SetVariables, "set", v.GetStringMapString(V_PKG_CREATE_SET), lang.CmdPackageCreateFlagSet) - createFlags.BoolVarP(&pkgConfig.CreateOpts.ViewSBOM, "sbom", "s", v.GetBool(V_PKG_CREATE_SBOM), lang.CmdPackageCreateFlagSbom) - createFlags.StringVar(&pkgConfig.CreateOpts.SBOMOutputDir, "sbom-out", v.GetString(V_PKG_CREATE_SBOM_OUTPUT), lang.CmdPackageCreateFlagSbomOut) - createFlags.BoolVar(&pkgConfig.CreateOpts.SkipSBOM, "skip-sbom", v.GetBool(V_PKG_CREATE_SKIP_SBOM), lang.CmdPackageCreateFlagSkipSbom) - createFlags.IntVarP(&pkgConfig.CreateOpts.MaxPackageSizeMB, "max-package-size", "m", v.GetInt(V_PKG_CREATE_MAX_PACKAGE_SIZE), lang.CmdPackageCreateFlagMaxPackageSize) - createFlags.StringVarP(&pkgConfig.CreateOpts.SigningKeyPath, "key", "k", v.GetString(V_PKG_CREATE_SIGNING_KEY), lang.CmdPackageCreateFlagSigningKey) - createFlags.StringVar(&pkgConfig.CreateOpts.SigningKeyPassword, "key-pass", v.GetString(V_PKG_CREATE_SIGNING_KEY_PASSWORD), lang.CmdPackageCreateFlagSigningKeyPassword) - createFlags.StringToStringVar(&pkgConfig.CreateOpts.RegistryOverrides, "registry-override", v.GetStringMapString(V_PKG_CREATE_REGISTRY_OVERRIDE), lang.CmdPackageCreateFlagRegistryOverride) + createFlags.StringVarP(&pkgConfig.CreateOpts.Output, "output", "o", v.GetString(viper.V_PKG_CREATE_OUTPUT), lang.CmdPackageCreateFlagOutput) + + createFlags.StringVar(&pkgConfig.CreateOpts.DifferentialData.DifferentialPackagePath, "differential", v.GetString(viper.V_PKG_CREATE_DIFFERENTIAL), lang.CmdPackageCreateFlagDifferential) + createFlags.StringToStringVar(&pkgConfig.CreateOpts.SetVariables, "set", v.GetStringMapString(viper.V_PKG_CREATE_SET), lang.CmdPackageCreateFlagSet) + createFlags.BoolVarP(&pkgConfig.CreateOpts.ViewSBOM, "sbom", "s", v.GetBool(viper.V_PKG_CREATE_SBOM), lang.CmdPackageCreateFlagSbom) + createFlags.StringVar(&pkgConfig.CreateOpts.SBOMOutputDir, "sbom-out", v.GetString(viper.V_PKG_CREATE_SBOM_OUTPUT), lang.CmdPackageCreateFlagSbomOut) + createFlags.BoolVar(&pkgConfig.CreateOpts.SkipSBOM, "skip-sbom", v.GetBool(viper.V_PKG_CREATE_SKIP_SBOM), lang.CmdPackageCreateFlagSkipSbom) + createFlags.IntVarP(&pkgConfig.CreateOpts.MaxPackageSizeMB, "max-package-size", "m", v.GetInt(viper.V_PKG_CREATE_MAX_PACKAGE_SIZE), lang.CmdPackageCreateFlagMaxPackageSize) + createFlags.StringVarP(&pkgConfig.CreateOpts.SigningKeyPath, "key", "k", v.GetString(viper.V_PKG_CREATE_SIGNING_KEY), lang.CmdPackageCreateFlagSigningKey) + createFlags.StringVar(&pkgConfig.CreateOpts.SigningKeyPassword, "key-pass", v.GetString(viper.V_PKG_CREATE_SIGNING_KEY_PASSWORD), lang.CmdPackageCreateFlagSigningKeyPassword) + createFlags.StringToStringVar(&pkgConfig.CreateOpts.RegistryOverrides, "registry-override", v.GetStringMapString(viper.V_PKG_CREATE_REGISTRY_OVERRIDE), lang.CmdPackageCreateFlagRegistryOverride) createFlags.MarkHidden("output-directory") } -func bindDeployFlags() { +func bindDeployFlags(v *spf13viper.Viper) { deployFlags := packageDeployCmd.Flags() // Always require confirm flag (no viper) @@ -330,42 +334,42 @@ func bindDeployFlags() { // Always require adopt-existing-resources flag (no viper) deployFlags.BoolVar(&pkgConfig.DeployOpts.AdoptExistingResources, "adopt-existing-resources", false, lang.CmdPackageDeployFlagAdoptExistingResources) - v.SetDefault(V_PKG_DEPLOY_SET, map[string]string{}) - v.SetDefault(V_PKG_DEPLOY_COMPONENTS, "") - v.SetDefault(V_PKG_DEPLOY_SHASUM, "") - v.SetDefault(V_PKG_DEPLOY_SGET, "") - v.SetDefault(V_PKG_DEPLOY_PUBLIC_KEY, "") - - deployFlags.StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(V_PKG_DEPLOY_SET), lang.CmdPackageDeployFlagSet) - deployFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(V_PKG_DEPLOY_COMPONENTS), lang.CmdPackageDeployFlagComponents) - deployFlags.StringVar(&pkgConfig.DeployOpts.Shasum, "shasum", v.GetString(V_PKG_DEPLOY_SHASUM), lang.CmdPackageDeployFlagShasum) - deployFlags.StringVar(&pkgConfig.DeployOpts.SGetKeyPath, "sget", v.GetString(V_PKG_DEPLOY_SGET), lang.CmdPackageDeployFlagSget) - deployFlags.StringVarP(&pkgConfig.DeployOpts.PublicKeyPath, "key", "k", v.GetString(V_PKG_DEPLOY_PUBLIC_KEY), lang.CmdPackageDeployFlagPublicKey) + v.SetDefault(viper.V_PKG_DEPLOY_SET, map[string]string{}) + v.SetDefault(viper.V_PKG_DEPLOY_COMPONENTS, "") + v.SetDefault(viper.V_PKG_DEPLOY_SHASUM, "") + v.SetDefault(viper.V_PKG_DEPLOY_SGET, "") + v.SetDefault(viper.V_PKG_DEPLOY_PUBLIC_KEY, "") + + deployFlags.StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(viper.V_PKG_DEPLOY_SET), lang.CmdPackageDeployFlagSet) + deployFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(viper.V_PKG_DEPLOY_COMPONENTS), lang.CmdPackageDeployFlagComponents) + deployFlags.StringVar(&pkgConfig.DeployOpts.Shasum, "shasum", v.GetString(viper.V_PKG_DEPLOY_SHASUM), lang.CmdPackageDeployFlagShasum) + deployFlags.StringVar(&pkgConfig.DeployOpts.SGetKeyPath, "sget", v.GetString(viper.V_PKG_DEPLOY_SGET), lang.CmdPackageDeployFlagSget) + deployFlags.StringVarP(&pkgConfig.DeployOpts.PublicKeyPath, "key", "k", v.GetString(viper.V_PKG_DEPLOY_PUBLIC_KEY), lang.CmdPackageDeployFlagPublicKey) } -func bindInspectFlags() { +func bindInspectFlags(v *spf13viper.Viper) { inspectFlags := packageInspectCmd.Flags() inspectFlags.BoolVarP(&includeInspectSBOM, "sbom", "s", false, lang.CmdPackageInspectFlagSbom) inspectFlags.StringVar(&outputInspectSBOM, "sbom-out", "", lang.CmdPackageInspectFlagSbomOut) - inspectFlags.StringVarP(&inspectPublicKey, "key", "k", v.GetString(V_PKG_DEPLOY_PUBLIC_KEY), lang.CmdPackageInspectFlagPublicKey) + inspectFlags.StringVarP(&inspectPublicKey, "key", "k", v.GetString(viper.V_PKG_DEPLOY_PUBLIC_KEY), lang.CmdPackageInspectFlagPublicKey) } -func bindRemoveFlags() { +func bindRemoveFlags(v *spf13viper.Viper) { removeFlags := packageRemoveCmd.Flags() removeFlags.BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdPackageRemoveFlagConfirm) - removeFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(V_PKG_DEPLOY_COMPONENTS), lang.CmdPackageRemoveFlagComponents) + removeFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(viper.V_PKG_DEPLOY_COMPONENTS), lang.CmdPackageRemoveFlagComponents) _ = packageRemoveCmd.MarkFlagRequired("confirm") } -func bindPublishFlags() { +func bindPublishFlags(v *spf13viper.Viper) { publishFlags := packagePublishCmd.Flags() - publishFlags.StringVarP(&pkgConfig.PublishOpts.SigningKeyPath, "key", "k", v.GetString(V_PKG_PUBLISH_SIGNING_KEY), lang.CmdPackagePublishFlagSigningKey) - publishFlags.StringVar(&pkgConfig.PublishOpts.SigningKeyPassword, "key-pass", v.GetString(V_PKG_PUBLISH_SIGNING_KEY_PASSWORD), lang.CmdPackagePublishFlagSigningKeyPassword) + publishFlags.StringVarP(&pkgConfig.PublishOpts.SigningKeyPath, "key", "k", v.GetString(viper.V_PKG_PUBLISH_SIGNING_KEY), lang.CmdPackagePublishFlagSigningKey) + publishFlags.StringVar(&pkgConfig.PublishOpts.SigningKeyPassword, "key-pass", v.GetString(viper.V_PKG_PUBLISH_SIGNING_KEY_PASSWORD), lang.CmdPackagePublishFlagSigningKeyPassword) } -func bindPullFlags() { +func bindPullFlags(v *spf13viper.Viper) { pullFlags := packagePullCmd.Flags() - v.SetDefault(V_PKG_PULL_OUTPUT_DIR, "") - pullFlags.StringVarP(&pkgConfig.PullOpts.OutputDirectory, "output-directory", "o", v.GetString(V_PKG_PULL_OUTPUT_DIR), lang.CmdPackagePullFlagOutputDirectory) - pullFlags.StringVarP(&pkgConfig.PullOpts.PublicKeyPath, "key", "k", v.GetString(V_PKG_PULL_PUBLIC_KEY), lang.CmdPackagePullFlagPublicKey) + v.SetDefault(viper.V_PKG_PULL_OUTPUT_DIR, "") + pullFlags.StringVarP(&pkgConfig.PullOpts.OutputDirectory, "output-directory", "o", v.GetString(viper.V_PKG_PULL_OUTPUT_DIR), lang.CmdPackagePullFlagOutputDirectory) + pullFlags.StringVarP(&pkgConfig.PullOpts.PublicKeyPath, "key", "k", v.GetString(viper.V_PKG_PULL_PUBLIC_KEY), lang.CmdPackagePullFlagPublicKey) } diff --git a/src/cmd/prepare.go b/src/cmd/prepare.go index 81117b8ad8..f989e52d1f 100644 --- a/src/cmd/prepare.go +++ b/src/cmd/prepare.go @@ -11,6 +11,7 @@ import ( "strings" "github.com/AlecAivazis/survey/v2" + "github.com/defenseunicorns/zarf/src/cmd/viper" "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/message" @@ -102,7 +103,8 @@ var prepareFindImages = &cobra.Command{ } // Ensure uppercase keys from viper - viperConfig := helpers.TransformMapKeys(v.GetStringMapString(V_PKG_CREATE_SET), strings.ToUpper) + v := viper.Get() + viperConfig := helpers.TransformMapKeys(v.GetStringMapString(viper.V_PKG_CREATE_SET), strings.ToUpper) pkgConfig.CreateOpts.SetVariables = helpers.MergeMap(viperConfig, pkgConfig.CreateOpts.SetVariables) // Configure the packager @@ -130,6 +132,7 @@ var prepareGenerateConfigFile = &cobra.Command{ fileName = args[0] } + v := viper.Get() if err := v.SafeWriteConfigAs(fileName); err != nil { message.Fatalf(err, lang.CmdPrepareGenerateConfigErr, fileName) } @@ -137,7 +140,7 @@ var prepareGenerateConfigFile = &cobra.Command{ } func init() { - initViper() + v := viper.Init() rootCmd.AddCommand(prepareCmd) prepareCmd.AddCommand(prepareTransformGitLinks) @@ -145,11 +148,11 @@ func init() { prepareCmd.AddCommand(prepareFindImages) prepareCmd.AddCommand(prepareGenerateConfigFile) - v.SetDefault(V_PKG_CREATE_SET, map[string]string{}) + v.SetDefault(viper.V_PKG_CREATE_SET, map[string]string{}) prepareFindImages.Flags().StringVarP(&repoHelmChartPath, "repo-chart-path", "p", "", lang.CmdPrepareFlagRepoChartPath) // use the package create config for this and reset it here to avoid overwriting the config.CreateOptions.SetVariables - prepareFindImages.Flags().StringToStringVar(&pkgConfig.CreateOpts.SetVariables, "set", v.GetStringMapString(V_PKG_CREATE_SET), lang.CmdPrepareFlagSet) + prepareFindImages.Flags().StringToStringVar(&pkgConfig.CreateOpts.SetVariables, "set", v.GetStringMapString(viper.V_PKG_CREATE_SET), lang.CmdPrepareFlagSet) // allow for the override of the default helm KubeVersion prepareFindImages.Flags().StringVar(&kubeVersionOverride, "kube-version", "", lang.CmdPrepareFlagKubeVersion) diff --git a/src/cmd/root.go b/src/cmd/root.go index a77f6dc68c..da2b9959f9 100644 --- a/src/cmd/root.go +++ b/src/cmd/root.go @@ -10,6 +10,7 @@ import ( "strings" "github.com/defenseunicorns/zarf/src/cmd/tools" + "github.com/defenseunicorns/zarf/src/cmd/viper" "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/message" @@ -17,7 +18,6 @@ import ( "github.com/defenseunicorns/zarf/src/types" "github.com/pterm/pterm" "github.com/spf13/cobra" - "github.com/spf13/viper" ) var ( @@ -25,9 +25,6 @@ var ( // Default global config for the CLI pkgConfig = types.PackagerConfig{} - - // Viper instance used by the cmd package - v *viper.Viper ) var rootCmd = &cobra.Command{ @@ -72,30 +69,30 @@ func Execute() { func init() { // Add the tools commands - tools.Include(rootCmd, v) + tools.Include(rootCmd) // Skip for vendor-only commands if tools.CheckVendorOnlyFromArgs() { return } - initViper() - - v.SetDefault(V_LOG_LEVEL, "info") - v.SetDefault(V_ARCHITECTURE, "") - v.SetDefault(V_NO_LOG_FILE, false) - v.SetDefault(V_NO_PROGRESS, false) - v.SetDefault(V_INSECURE, false) - v.SetDefault(V_ZARF_CACHE, config.ZarfDefaultCachePath) - v.SetDefault(V_TMP_DIR, "") - - rootCmd.PersistentFlags().StringVarP(&logLevel, "log-level", "l", v.GetString(V_LOG_LEVEL), lang.RootCmdFlagLogLevel) - rootCmd.PersistentFlags().StringVarP(&config.CLIArch, "architecture", "a", v.GetString(V_ARCHITECTURE), lang.RootCmdFlagArch) - rootCmd.PersistentFlags().BoolVar(&config.SkipLogFile, "no-log-file", v.GetBool(V_NO_LOG_FILE), lang.RootCmdFlagSkipLogFile) - rootCmd.PersistentFlags().BoolVar(&message.NoProgress, "no-progress", v.GetBool(V_NO_PROGRESS), lang.RootCmdFlagNoProgress) - rootCmd.PersistentFlags().StringVar(&config.CommonOptions.CachePath, "zarf-cache", v.GetString(V_ZARF_CACHE), lang.RootCmdFlagCachePath) - rootCmd.PersistentFlags().StringVar(&config.CommonOptions.TempDirectory, "tmpdir", v.GetString(V_TMP_DIR), lang.RootCmdFlagTempDir) - rootCmd.PersistentFlags().BoolVar(&config.CommonOptions.Insecure, "insecure", v.GetBool(V_INSECURE), lang.RootCmdFlagInsecure) + v := viper.Init() + + v.SetDefault(viper.V_LOG_LEVEL, "info") + v.SetDefault(viper.V_ARCHITECTURE, "") + v.SetDefault(viper.V_NO_LOG_FILE, false) + v.SetDefault(viper.V_NO_PROGRESS, false) + v.SetDefault(viper.V_INSECURE, false) + v.SetDefault(viper.V_ZARF_CACHE, config.ZarfDefaultCachePath) + v.SetDefault(viper.V_TMP_DIR, "") + + rootCmd.PersistentFlags().StringVarP(&logLevel, "log-level", "l", v.GetString(viper.V_LOG_LEVEL), lang.RootCmdFlagLogLevel) + rootCmd.PersistentFlags().StringVarP(&config.CLIArch, "architecture", "a", v.GetString(viper.V_ARCHITECTURE), lang.RootCmdFlagArch) + rootCmd.PersistentFlags().BoolVar(&config.SkipLogFile, "no-log-file", v.GetBool(viper.V_NO_LOG_FILE), lang.RootCmdFlagSkipLogFile) + rootCmd.PersistentFlags().BoolVar(&message.NoProgress, "no-progress", v.GetBool(viper.V_NO_PROGRESS), lang.RootCmdFlagNoProgress) + rootCmd.PersistentFlags().StringVar(&config.CommonOptions.CachePath, "zarf-cache", v.GetString(viper.V_ZARF_CACHE), lang.RootCmdFlagCachePath) + rootCmd.PersistentFlags().StringVar(&config.CommonOptions.TempDirectory, "tmpdir", v.GetString(viper.V_TMP_DIR), lang.RootCmdFlagTempDir) + rootCmd.PersistentFlags().BoolVar(&config.CommonOptions.Insecure, "insecure", v.GetBool(viper.V_INSECURE), lang.RootCmdFlagInsecure) } func cliSetup() { diff --git a/src/cmd/tools/common.go b/src/cmd/tools/common.go index 05881a164a..18f5da8c7c 100644 --- a/src/cmd/tools/common.go +++ b/src/cmd/tools/common.go @@ -13,7 +13,6 @@ import ( "github.com/defenseunicorns/zarf/src/pkg/utils/exec" "github.com/defenseunicorns/zarf/src/pkg/utils/helpers" "github.com/spf13/cobra" - "github.com/spf13/viper" ) var vendorCmds = []string{ @@ -32,11 +31,6 @@ var vendorCmds = []string{ "r", } -var ( - // Viper instance used by the tools package (shared with cmd) - v *viper.Viper -) - var toolsCmd = &cobra.Command{ Use: "tools", Aliases: []string{"t"}, @@ -48,9 +42,8 @@ var toolsCmd = &cobra.Command{ } // Include adds the tools command to the root command. -func Include(rootCmd *cobra.Command, cmdViper *viper.Viper) { +func Include(rootCmd *cobra.Command) { rootCmd.AddCommand(toolsCmd) - v = cmdViper } // CheckVendorOnlyFromArgs checks if the command being run is a vendor-only command diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 38748b0611..439517420f 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -10,6 +10,7 @@ import ( "path/filepath" "github.com/AlecAivazis/survey/v2" + "github.com/defenseunicorns/zarf/src/cmd/viper" "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/internal/cluster" @@ -22,30 +23,6 @@ import ( "github.com/spf13/cobra" ) -// TODO: Ewww -const ( - // Init Git config keys - V_INIT_GIT_URL = "init.git.url" - V_INIT_GIT_PUSH_USER = "init.git.push_username" - V_INIT_GIT_PUSH_PASS = "init.git.push_password" - V_INIT_GIT_PULL_USER = "init.git.pull_username" - V_INIT_GIT_PULL_PASS = "init.git.pull_password" - - // Init Registry config keys - V_INIT_REGISTRY_URL = "init.registry.url" - V_INIT_REGISTRY_NODEPORT = "init.registry.nodeport" - V_INIT_REGISTRY_SECRET = "init.registry.secret" - V_INIT_REGISTRY_PUSH_USER = "init.registry.push_username" - V_INIT_REGISTRY_PUSH_PASS = "init.registry.push_password" - V_INIT_REGISTRY_PULL_USER = "init.registry.pull_username" - V_INIT_REGISTRY_PULL_PASS = "init.registry.pull_password" - - // Init Package config keys - V_INIT_ARTIFACT_URL = "init.artifact.url" - V_INIT_ARTIFACT_PUSH_USER = "init.artifact.push_username" - V_INIT_ARTIFACT_PUSH_TOKEN = "init.artifact.push_token" -) - var subAltNames []string var outputDirectory string var updateCredsInitOpts types.ZarfInitOptions @@ -246,29 +223,31 @@ var generateKeyCmd = &cobra.Command{ } func init() { + v := viper.Init() + toolsCmd.AddCommand(deprecatedGetGitCredsCmd) toolsCmd.AddCommand(getCredsCmd) toolsCmd.AddCommand(updateCredsCmd) // Flags for using an external Git server - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.Address, "git-url", v.GetString(V_INIT_GIT_URL), lang.CmdInitFlagGitURL) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushUsername, "git-push-username", v.GetString(V_INIT_GIT_PUSH_USER), lang.CmdInitFlagGitPushUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushPassword, "git-push-password", v.GetString(V_INIT_GIT_PUSH_PASS), lang.CmdInitFlagGitPushPass) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullUsername, "git-pull-username", v.GetString(V_INIT_GIT_PULL_USER), lang.CmdInitFlagGitPullUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullPassword, "git-pull-password", v.GetString(V_INIT_GIT_PULL_PASS), lang.CmdInitFlagGitPullPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.Address, "git-url", v.GetString(viper.V_INIT_GIT_URL), lang.CmdInitFlagGitURL) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushUsername, "git-push-username", v.GetString(viper.V_INIT_GIT_PUSH_USER), lang.CmdInitFlagGitPushUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushPassword, "git-push-password", v.GetString(viper.V_INIT_GIT_PUSH_PASS), lang.CmdInitFlagGitPushPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullUsername, "git-pull-username", v.GetString(viper.V_INIT_GIT_PULL_USER), lang.CmdInitFlagGitPullUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullPassword, "git-pull-password", v.GetString(viper.V_INIT_GIT_PULL_PASS), lang.CmdInitFlagGitPullPass) // Flags for using an external registry - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.Address, "registry-url", v.GetString(V_INIT_REGISTRY_URL), lang.CmdInitFlagRegURL) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushUsername, "registry-push-username", v.GetString(V_INIT_REGISTRY_PUSH_USER), lang.CmdInitFlagRegPushUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushPassword, "registry-push-password", v.GetString(V_INIT_REGISTRY_PUSH_PASS), lang.CmdInitFlagRegPushPass) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullUsername, "registry-pull-username", v.GetString(V_INIT_REGISTRY_PULL_USER), lang.CmdInitFlagRegPullUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullPassword, "registry-pull-password", v.GetString(V_INIT_REGISTRY_PULL_PASS), lang.CmdInitFlagRegPullPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.Address, "registry-url", v.GetString(viper.V_INIT_REGISTRY_URL), lang.CmdInitFlagRegURL) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushUsername, "registry-push-username", v.GetString(viper.V_INIT_REGISTRY_PUSH_USER), lang.CmdInitFlagRegPushUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushPassword, "registry-push-password", v.GetString(viper.V_INIT_REGISTRY_PUSH_PASS), lang.CmdInitFlagRegPushPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullUsername, "registry-pull-username", v.GetString(viper.V_INIT_REGISTRY_PULL_USER), lang.CmdInitFlagRegPullUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullPassword, "registry-pull-password", v.GetString(viper.V_INIT_REGISTRY_PULL_PASS), lang.CmdInitFlagRegPullPass) // Flags for using an external artifact server - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.Address, "artifact-url", v.GetString(V_INIT_ARTIFACT_URL), lang.CmdInitFlagArtifactURL) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushUsername, "artifact-push-username", v.GetString(V_INIT_ARTIFACT_PUSH_USER), lang.CmdInitFlagArtifactPushUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushToken, "artifact-push-token", v.GetString(V_INIT_ARTIFACT_PUSH_TOKEN), lang.CmdInitFlagArtifactPushToken) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.Address, "artifact-url", v.GetString(viper.V_INIT_ARTIFACT_URL), lang.CmdInitFlagArtifactURL) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushUsername, "artifact-push-username", v.GetString(viper.V_INIT_ARTIFACT_PUSH_USER), lang.CmdInitFlagArtifactPushUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushToken, "artifact-push-token", v.GetString(viper.V_INIT_ARTIFACT_PUSH_TOKEN), lang.CmdInitFlagArtifactPushToken) updateCredsCmd.Flags().SortFlags = true diff --git a/src/cmd/viper.go b/src/cmd/viper/common.go similarity index 94% rename from src/cmd/viper.go rename to src/cmd/viper/common.go index b9ae36a7c6..223c0966e4 100644 --- a/src/cmd/viper.go +++ b/src/cmd/viper/common.go @@ -1,14 +1,13 @@ // SPDX-License-Identifier: Apache-2.0 // SPDX-FileCopyrightText: 2021-Present The Zarf Authors -// Package cmd contains the CLI commands for Zarf. -package cmd +// Package viper handles command config file interaction +package viper import ( "os" "strings" - "github.com/defenseunicorns/zarf/src/cmd/tools" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/message" "github.com/spf13/viper" @@ -80,19 +79,17 @@ const ( V_PKG_PULL_PUBLIC_KEY = "package.pull.public_key" ) -func initViper() { +// Viper instance used by commands +var v *viper.Viper + +func Init() *viper.Viper { // Already initialized by some other command if v != nil { - return + return v } v = viper.New() - // Skip for vendor-only commands - if tools.CheckVendorOnlyFromArgs() { - return - } - // Specify an alternate config file cfgFile := os.Getenv("ZARF_CONFIG") @@ -123,4 +120,10 @@ func initViper() { } else { message.Notef(lang.CmdViperInfoUsingConfigFile, v.ConfigFileUsed()) } + + return v +} + +func Get() *viper.Viper { + return v } diff --git a/src/config/lang/english.go b/src/config/lang/english.go index c2845e8c62..2d5f1f34a7 100644 --- a/src/config/lang/english.go +++ b/src/config/lang/english.go @@ -126,7 +126,7 @@ const ( # Initializing w/ an external artifact server: zarf init --artifact-push-password={PASSWORD} --artifact-push-username={USERNAME} --artifact-url={URL} - # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well + # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well. ` CmdInitErrFlags = "Invalid command flags were provided." @@ -464,19 +464,19 @@ const ( # Update all Zarf credentials w/external services at once: zarf tools update-creds \ - --registry-url={URL} --registry-push-username={USERNAME} --registry-push-password={PASSWORD} \ - --git-url={URL} --git-push-username={USERNAME} --git-push-password={PASSWORD} \ - --artifact-url={URL} --artifact-push-username={USERNAME} --artifact-push-token={PASSWORD} + --registry-push-username={USERNAME} --registry-push-password={PASSWORD} \ + --git-push-username={USERNAME} --git-push-password={PASSWORD} \ + --artifact-push-username={USERNAME} --artifact-push-token={PASSWORD} - # NOTE: Any credentials omitted from flags without a service key specified will be autogenerated - URLs will only change if specified - # config options can also be set with the 'init' section of a Zarf config file + # NOTE: Any credentials omitted from flags without a service key specified will be autogenerated - URLs will only change if specified. + # Config options can also be set with the 'init' section of a Zarf config file. # Update specific Zarf credentials w/external services: - zarf tools update-creds registry --registry-url={URL} --registry-push-username={USERNAME} --registry-push-password={PASSWORD} - zarf tools update-creds git --git-url={URL} --git-push-username={USERNAME} --git-push-password={PASSWORD} - zarf tools update-creds artifact --artifact-url={URL} --artifact-push-username={USERNAME} --artifact-push-token={PASSWORD} + zarf tools update-creds registry --registry-push-username={USERNAME} --registry-push-password={PASSWORD} + zarf tools update-creds git --git-push-username={USERNAME} --git-push-password={PASSWORD} + zarf tools update-creds artifact --artifact-push-username={USERNAME} --artifact-push-token={PASSWORD} - # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well + # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well. ` // zarf version From 2bda18a95453056ba070691a8e7f1df730463a06 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Thu, 13 Jul 2023 17:50:41 -0500 Subject: [PATCH 07/43] Fix viper for vendored commands and make docs --- src/cmd/common/vendor.go | 55 ++++++++++++ src/cmd/{viper/common.go => common/viper.go} | 13 ++- src/cmd/initialize.go | 50 +++++------ src/cmd/internal.go | 4 +- src/cmd/package.go | 92 ++++++++++---------- src/cmd/prepare.go | 14 +-- src/cmd/root.go | 40 ++++----- src/cmd/tools/common.go | 46 ---------- src/cmd/tools/crane.go | 2 +- src/cmd/tools/kubectl.go | 3 +- src/cmd/tools/zarf.go | 30 +++---- src/config/lang/english.go | 2 +- 12 files changed, 183 insertions(+), 168 deletions(-) create mode 100644 src/cmd/common/vendor.go rename src/cmd/{viper/common.go => common/viper.go} (94%) diff --git a/src/cmd/common/vendor.go b/src/cmd/common/vendor.go new file mode 100644 index 0000000000..7b208f5dc4 --- /dev/null +++ b/src/cmd/common/vendor.go @@ -0,0 +1,55 @@ +// SPDX-License-Identifier: Apache-2.0 +// SPDX-FileCopyrightText: 2021-Present The Zarf Authors + +// Package common handles command configuration across all commands +package common + +import ( + "os" + "strings" + + "github.com/defenseunicorns/zarf/src/pkg/utils/helpers" + "github.com/spf13/cobra" +) + +var vendorCmds = []string{ + "kubectl", + "k", + "syft", + "sbom", + "s", + "k9s", + "monitor", + "wait-for", + "wait", + "w", + "crane", + "registry", + "r", +} + +// CheckVendorOnlyFromArgs checks if the command being run is a vendor-only command +func CheckVendorOnlyFromArgs() bool { + // Check for "zarf tools|t " where is in the vendorCmd list + return IsVendorCmd(os.Args, vendorCmds) +} + +// CheckVendorOnlyFromPath checks if the cobra command is a vendor-only command +func CheckVendorOnlyFromPath(cmd *cobra.Command) bool { + args := strings.Split(cmd.CommandPath(), " ") + // Check for "zarf tools|t " where is in the vendorCmd list + return IsVendorCmd(args, vendorCmds) +} + +// isVendorCmd checks if the command is a vendor command. +func IsVendorCmd(args []string, vendoredCmds []string) bool { + if len(args) > 2 { + if args[1] == "tools" || args[1] == "t" { + if helpers.SliceContains(vendoredCmds, args[2]) { + return true + } + } + } + + return false +} diff --git a/src/cmd/viper/common.go b/src/cmd/common/viper.go similarity index 94% rename from src/cmd/viper/common.go rename to src/cmd/common/viper.go index 223c0966e4..2e4172cff4 100644 --- a/src/cmd/viper/common.go +++ b/src/cmd/common/viper.go @@ -1,8 +1,8 @@ // SPDX-License-Identifier: Apache-2.0 // SPDX-FileCopyrightText: 2021-Present The Zarf Authors -// Package viper handles command config file interaction -package viper +// Package common handles command configuration across all commands +package common import ( "os" @@ -82,7 +82,7 @@ const ( // Viper instance used by commands var v *viper.Viper -func Init() *viper.Viper { +func InitViper() *viper.Viper { // Already initialized by some other command if v != nil { return v @@ -90,6 +90,11 @@ func Init() *viper.Viper { v = viper.New() + // Skip for vendor-only commands + if CheckVendorOnlyFromArgs() { + return v + } + // Specify an alternate config file cfgFile := os.Getenv("ZARF_CONFIG") @@ -124,6 +129,6 @@ func Init() *viper.Viper { return v } -func Get() *viper.Viper { +func GetViper() *viper.Viper { return v } diff --git a/src/cmd/initialize.go b/src/cmd/initialize.go index b87d1bf6a0..07d564de30 100644 --- a/src/cmd/initialize.go +++ b/src/cmd/initialize.go @@ -13,7 +13,7 @@ import ( "strings" "github.com/AlecAivazis/survey/v2" - "github.com/defenseunicorns/zarf/src/cmd/viper" + "github.com/defenseunicorns/zarf/src/cmd/common" "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/message" @@ -52,8 +52,8 @@ var initCmd = &cobra.Command{ pkgConfig.PkgSourcePath = pkgConfig.DeployOpts.PackagePath // Ensure uppercase keys from viper - v := viper.Get() - viperConfig := helpers.TransformMapKeys(v.GetStringMapString(viper.V_PKG_DEPLOY_SET), strings.ToUpper) + v := common.GetViper() + viperConfig := helpers.TransformMapKeys(v.GetStringMapString(common.V_PKG_DEPLOY_SET), strings.ToUpper) pkgConfig.DeployOpts.SetVariables = helpers.MergeMap(viperConfig, pkgConfig.DeployOpts.SetVariables) // Configure the packager @@ -164,43 +164,43 @@ func validateInitFlags() error { } func init() { - v := viper.Init() + v := common.InitViper() rootCmd.AddCommand(initCmd) // Init package variable defaults that are non-zero values - v.SetDefault(viper.V_PKG_DEPLOY_SET, map[string]string{}) - v.SetDefault(viper.V_INIT_GIT_PUSH_USER, config.ZarfGitPushUser) - v.SetDefault(viper.V_INIT_REGISTRY_PUSH_USER, config.ZarfRegistryPushUser) + v.SetDefault(common.V_PKG_DEPLOY_SET, map[string]string{}) + v.SetDefault(common.V_INIT_GIT_PUSH_USER, config.ZarfGitPushUser) + v.SetDefault(common.V_INIT_REGISTRY_PUSH_USER, config.ZarfRegistryPushUser) // Init package set variable flags - initCmd.Flags().StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(viper.V_PKG_DEPLOY_SET), lang.CmdInitFlagSet) + initCmd.Flags().StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(common.V_PKG_DEPLOY_SET), lang.CmdInitFlagSet) // Continue to require --confirm flag for init command to avoid accidental deployments initCmd.Flags().BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdInitFlagConfirm) - initCmd.Flags().StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(viper.V_INIT_COMPONENTS), lang.CmdInitFlagComponents) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.StorageClass, "storage-class", v.GetString(viper.V_INIT_STORAGE_CLASS), lang.CmdInitFlagStorageClass) + initCmd.Flags().StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(common.V_INIT_COMPONENTS), lang.CmdInitFlagComponents) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.StorageClass, "storage-class", v.GetString(common.V_INIT_STORAGE_CLASS), lang.CmdInitFlagStorageClass) // Flags for using an external Git server - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.Address, "git-url", v.GetString(viper.V_INIT_GIT_URL), lang.CmdInitFlagGitURL) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PushUsername, "git-push-username", v.GetString(viper.V_INIT_GIT_PUSH_USER), lang.CmdInitFlagGitPushUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PushPassword, "git-push-password", v.GetString(viper.V_INIT_GIT_PUSH_PASS), lang.CmdInitFlagGitPushPass) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PullUsername, "git-pull-username", v.GetString(viper.V_INIT_GIT_PULL_USER), lang.CmdInitFlagGitPullUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PullPassword, "git-pull-password", v.GetString(viper.V_INIT_GIT_PULL_PASS), lang.CmdInitFlagGitPullPass) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.Address, "git-url", v.GetString(common.V_INIT_GIT_URL), lang.CmdInitFlagGitURL) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PushUsername, "git-push-username", v.GetString(common.V_INIT_GIT_PUSH_USER), lang.CmdInitFlagGitPushUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PushPassword, "git-push-password", v.GetString(common.V_INIT_GIT_PUSH_PASS), lang.CmdInitFlagGitPushPass) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PullUsername, "git-pull-username", v.GetString(common.V_INIT_GIT_PULL_USER), lang.CmdInitFlagGitPullUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PullPassword, "git-pull-password", v.GetString(common.V_INIT_GIT_PULL_PASS), lang.CmdInitFlagGitPullPass) // Flags for using an external registry - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.Address, "registry-url", v.GetString(viper.V_INIT_REGISTRY_URL), lang.CmdInitFlagRegURL) - initCmd.Flags().IntVar(&pkgConfig.InitOpts.RegistryInfo.NodePort, "nodeport", v.GetInt(viper.V_INIT_REGISTRY_NODEPORT), lang.CmdInitFlagRegNodePort) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PushUsername, "registry-push-username", v.GetString(viper.V_INIT_REGISTRY_PUSH_USER), lang.CmdInitFlagRegPushUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PushPassword, "registry-push-password", v.GetString(viper.V_INIT_REGISTRY_PUSH_PASS), lang.CmdInitFlagRegPushPass) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PullUsername, "registry-pull-username", v.GetString(viper.V_INIT_REGISTRY_PULL_USER), lang.CmdInitFlagRegPullUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PullPassword, "registry-pull-password", v.GetString(viper.V_INIT_REGISTRY_PULL_PASS), lang.CmdInitFlagRegPullPass) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.Secret, "registry-secret", v.GetString(viper.V_INIT_REGISTRY_SECRET), lang.CmdInitFlagRegSecret) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.Address, "registry-url", v.GetString(common.V_INIT_REGISTRY_URL), lang.CmdInitFlagRegURL) + initCmd.Flags().IntVar(&pkgConfig.InitOpts.RegistryInfo.NodePort, "nodeport", v.GetInt(common.V_INIT_REGISTRY_NODEPORT), lang.CmdInitFlagRegNodePort) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PushUsername, "registry-push-username", v.GetString(common.V_INIT_REGISTRY_PUSH_USER), lang.CmdInitFlagRegPushUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PushPassword, "registry-push-password", v.GetString(common.V_INIT_REGISTRY_PUSH_PASS), lang.CmdInitFlagRegPushPass) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PullUsername, "registry-pull-username", v.GetString(common.V_INIT_REGISTRY_PULL_USER), lang.CmdInitFlagRegPullUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PullPassword, "registry-pull-password", v.GetString(common.V_INIT_REGISTRY_PULL_PASS), lang.CmdInitFlagRegPullPass) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.Secret, "registry-secret", v.GetString(common.V_INIT_REGISTRY_SECRET), lang.CmdInitFlagRegSecret) // Flags for using an external artifact server - initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.Address, "artifact-url", v.GetString(viper.V_INIT_ARTIFACT_URL), lang.CmdInitFlagArtifactURL) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.PushUsername, "artifact-push-username", v.GetString(viper.V_INIT_ARTIFACT_PUSH_USER), lang.CmdInitFlagArtifactPushUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.PushToken, "artifact-push-token", v.GetString(viper.V_INIT_ARTIFACT_PUSH_TOKEN), lang.CmdInitFlagArtifactPushToken) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.Address, "artifact-url", v.GetString(common.V_INIT_ARTIFACT_URL), lang.CmdInitFlagArtifactURL) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.PushUsername, "artifact-push-username", v.GetString(common.V_INIT_ARTIFACT_PUSH_USER), lang.CmdInitFlagArtifactPushUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.PushToken, "artifact-push-token", v.GetString(common.V_INIT_ARTIFACT_PUSH_TOKEN), lang.CmdInitFlagArtifactPushToken) initCmd.Flags().SortFlags = true } diff --git a/src/cmd/internal.go b/src/cmd/internal.go index 2ad2605dfe..931b402cb5 100644 --- a/src/cmd/internal.go +++ b/src/cmd/internal.go @@ -10,7 +10,7 @@ import ( "os" "github.com/alecthomas/jsonschema" - "github.com/defenseunicorns/zarf/src/cmd/tools" + "github.com/defenseunicorns/zarf/src/cmd/common" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/internal/agent" "github.com/defenseunicorns/zarf/src/internal/api" @@ -60,7 +60,7 @@ var generateCLIDocs = &cobra.Command{ if cmd.Use == "tools" { for _, toolCmd := range cmd.Commands() { // If the command is a vendored command, add a dummy flag to hide root flags from the docs - if tools.CheckVendorOnlyFromPath(toolCmd) { + if common.CheckVendorOnlyFromPath(toolCmd) { addHiddenDummyFlag(toolCmd, "log-level") addHiddenDummyFlag(toolCmd, "architecture") addHiddenDummyFlag(toolCmd, "no-log-file") diff --git a/src/cmd/package.go b/src/cmd/package.go index 06f1663186..982f52ab11 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -10,7 +10,7 @@ import ( "regexp" "strings" - "github.com/defenseunicorns/zarf/src/cmd/viper" + "github.com/defenseunicorns/zarf/src/cmd/common" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/message" "github.com/defenseunicorns/zarf/src/pkg/utils/helpers" @@ -58,8 +58,8 @@ var packageCreateCmd = &cobra.Command{ } // Ensure uppercase keys from viper - v := viper.Get() - viperConfig := helpers.TransformMapKeys(v.GetStringMapString(viper.V_PKG_CREATE_SET), strings.ToUpper) + v := common.GetViper() + viperConfig := helpers.TransformMapKeys(v.GetStringMapString(common.V_PKG_CREATE_SET), strings.ToUpper) pkgConfig.CreateOpts.SetVariables = helpers.MergeMap(viperConfig, pkgConfig.CreateOpts.SetVariables) // Configure the packager @@ -83,8 +83,8 @@ var packageDeployCmd = &cobra.Command{ pkgConfig.DeployOpts.PackagePath = choosePackage(args) // Ensure uppercase keys from viper and CLI --set - v := viper.Get() - viperConfigSetVariables := helpers.TransformMapKeys(v.GetStringMapString(viper.V_PKG_DEPLOY_SET), strings.ToUpper) + v := common.GetViper() + viperConfigSetVariables := helpers.TransformMapKeys(v.GetStringMapString(common.V_PKG_DEPLOY_SET), strings.ToUpper) pkgConfig.DeployOpts.SetVariables = helpers.TransformMapKeys(pkgConfig.DeployOpts.SetVariables, strings.ToUpper) // Merge the viper config file variables and provided CLI flag variables (CLI takes precedence)) @@ -264,7 +264,7 @@ func choosePackage(args []string) string { } func init() { - v := viper.Init() + v := common.InitViper() rootCmd.AddCommand(packageCmd) packageCmd.AddCommand(packageCreateCmd) @@ -286,8 +286,8 @@ func init() { func bindPackageFlags(v *spf13viper.Viper) { packageFlags := packageCmd.PersistentFlags() - v.SetDefault(viper.V_PKG_OCI_CONCURRENCY, 3) - packageFlags.IntVar(&config.CommonOptions.OCIConcurrency, "oci-concurrency", v.GetInt(viper.V_PKG_OCI_CONCURRENCY), lang.CmdPackageFlagConcurrency) + v.SetDefault(common.V_PKG_OCI_CONCURRENCY, 3) + packageFlags.IntVar(&config.CommonOptions.OCIConcurrency, "oci-concurrency", v.GetInt(common.V_PKG_OCI_CONCURRENCY), lang.CmdPackageFlagConcurrency) } func bindCreateFlags(v *spf13viper.Viper) { @@ -296,31 +296,31 @@ func bindCreateFlags(v *spf13viper.Viper) { // Always require confirm flag (no viper) createFlags.BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdPackageCreateFlagConfirm) - v.SetDefault(viper.V_PKG_CREATE_SET, map[string]string{}) - v.SetDefault(viper.V_PKG_CREATE_OUTPUT, "") - v.SetDefault(viper.V_PKG_CREATE_SBOM, false) - v.SetDefault(viper.V_PKG_CREATE_SBOM_OUTPUT, "") - v.SetDefault(viper.V_PKG_CREATE_SKIP_SBOM, false) - v.SetDefault(viper.V_PKG_CREATE_MAX_PACKAGE_SIZE, 0) - v.SetDefault(viper.V_PKG_CREATE_SIGNING_KEY, "") + v.SetDefault(common.V_PKG_CREATE_SET, map[string]string{}) + v.SetDefault(common.V_PKG_CREATE_OUTPUT, "") + v.SetDefault(common.V_PKG_CREATE_SBOM, false) + v.SetDefault(common.V_PKG_CREATE_SBOM_OUTPUT, "") + v.SetDefault(common.V_PKG_CREATE_SKIP_SBOM, false) + v.SetDefault(common.V_PKG_CREATE_MAX_PACKAGE_SIZE, 0) + v.SetDefault(common.V_PKG_CREATE_SIGNING_KEY, "") outputDirectory := v.GetString("package.create.output_directory") - output := v.GetString(viper.V_PKG_CREATE_OUTPUT) + output := v.GetString(common.V_PKG_CREATE_OUTPUT) if outputDirectory != "" && output == "" { - v.Set(viper.V_PKG_CREATE_OUTPUT, outputDirectory) + v.Set(common.V_PKG_CREATE_OUTPUT, outputDirectory) } createFlags.StringVar(&pkgConfig.CreateOpts.Output, "output-directory", v.GetString("package.create.output_directory"), lang.CmdPackageCreateFlagOutput) - createFlags.StringVarP(&pkgConfig.CreateOpts.Output, "output", "o", v.GetString(viper.V_PKG_CREATE_OUTPUT), lang.CmdPackageCreateFlagOutput) - - createFlags.StringVar(&pkgConfig.CreateOpts.DifferentialData.DifferentialPackagePath, "differential", v.GetString(viper.V_PKG_CREATE_DIFFERENTIAL), lang.CmdPackageCreateFlagDifferential) - createFlags.StringToStringVar(&pkgConfig.CreateOpts.SetVariables, "set", v.GetStringMapString(viper.V_PKG_CREATE_SET), lang.CmdPackageCreateFlagSet) - createFlags.BoolVarP(&pkgConfig.CreateOpts.ViewSBOM, "sbom", "s", v.GetBool(viper.V_PKG_CREATE_SBOM), lang.CmdPackageCreateFlagSbom) - createFlags.StringVar(&pkgConfig.CreateOpts.SBOMOutputDir, "sbom-out", v.GetString(viper.V_PKG_CREATE_SBOM_OUTPUT), lang.CmdPackageCreateFlagSbomOut) - createFlags.BoolVar(&pkgConfig.CreateOpts.SkipSBOM, "skip-sbom", v.GetBool(viper.V_PKG_CREATE_SKIP_SBOM), lang.CmdPackageCreateFlagSkipSbom) - createFlags.IntVarP(&pkgConfig.CreateOpts.MaxPackageSizeMB, "max-package-size", "m", v.GetInt(viper.V_PKG_CREATE_MAX_PACKAGE_SIZE), lang.CmdPackageCreateFlagMaxPackageSize) - createFlags.StringVarP(&pkgConfig.CreateOpts.SigningKeyPath, "key", "k", v.GetString(viper.V_PKG_CREATE_SIGNING_KEY), lang.CmdPackageCreateFlagSigningKey) - createFlags.StringVar(&pkgConfig.CreateOpts.SigningKeyPassword, "key-pass", v.GetString(viper.V_PKG_CREATE_SIGNING_KEY_PASSWORD), lang.CmdPackageCreateFlagSigningKeyPassword) - createFlags.StringToStringVar(&pkgConfig.CreateOpts.RegistryOverrides, "registry-override", v.GetStringMapString(viper.V_PKG_CREATE_REGISTRY_OVERRIDE), lang.CmdPackageCreateFlagRegistryOverride) + createFlags.StringVarP(&pkgConfig.CreateOpts.Output, "output", "o", v.GetString(common.V_PKG_CREATE_OUTPUT), lang.CmdPackageCreateFlagOutput) + + createFlags.StringVar(&pkgConfig.CreateOpts.DifferentialData.DifferentialPackagePath, "differential", v.GetString(common.V_PKG_CREATE_DIFFERENTIAL), lang.CmdPackageCreateFlagDifferential) + createFlags.StringToStringVar(&pkgConfig.CreateOpts.SetVariables, "set", v.GetStringMapString(common.V_PKG_CREATE_SET), lang.CmdPackageCreateFlagSet) + createFlags.BoolVarP(&pkgConfig.CreateOpts.ViewSBOM, "sbom", "s", v.GetBool(common.V_PKG_CREATE_SBOM), lang.CmdPackageCreateFlagSbom) + createFlags.StringVar(&pkgConfig.CreateOpts.SBOMOutputDir, "sbom-out", v.GetString(common.V_PKG_CREATE_SBOM_OUTPUT), lang.CmdPackageCreateFlagSbomOut) + createFlags.BoolVar(&pkgConfig.CreateOpts.SkipSBOM, "skip-sbom", v.GetBool(common.V_PKG_CREATE_SKIP_SBOM), lang.CmdPackageCreateFlagSkipSbom) + createFlags.IntVarP(&pkgConfig.CreateOpts.MaxPackageSizeMB, "max-package-size", "m", v.GetInt(common.V_PKG_CREATE_MAX_PACKAGE_SIZE), lang.CmdPackageCreateFlagMaxPackageSize) + createFlags.StringVarP(&pkgConfig.CreateOpts.SigningKeyPath, "key", "k", v.GetString(common.V_PKG_CREATE_SIGNING_KEY), lang.CmdPackageCreateFlagSigningKey) + createFlags.StringVar(&pkgConfig.CreateOpts.SigningKeyPassword, "key-pass", v.GetString(common.V_PKG_CREATE_SIGNING_KEY_PASSWORD), lang.CmdPackageCreateFlagSigningKeyPassword) + createFlags.StringToStringVar(&pkgConfig.CreateOpts.RegistryOverrides, "registry-override", v.GetStringMapString(common.V_PKG_CREATE_REGISTRY_OVERRIDE), lang.CmdPackageCreateFlagRegistryOverride) createFlags.MarkHidden("output-directory") } @@ -334,42 +334,42 @@ func bindDeployFlags(v *spf13viper.Viper) { // Always require adopt-existing-resources flag (no viper) deployFlags.BoolVar(&pkgConfig.DeployOpts.AdoptExistingResources, "adopt-existing-resources", false, lang.CmdPackageDeployFlagAdoptExistingResources) - v.SetDefault(viper.V_PKG_DEPLOY_SET, map[string]string{}) - v.SetDefault(viper.V_PKG_DEPLOY_COMPONENTS, "") - v.SetDefault(viper.V_PKG_DEPLOY_SHASUM, "") - v.SetDefault(viper.V_PKG_DEPLOY_SGET, "") - v.SetDefault(viper.V_PKG_DEPLOY_PUBLIC_KEY, "") - - deployFlags.StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(viper.V_PKG_DEPLOY_SET), lang.CmdPackageDeployFlagSet) - deployFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(viper.V_PKG_DEPLOY_COMPONENTS), lang.CmdPackageDeployFlagComponents) - deployFlags.StringVar(&pkgConfig.DeployOpts.Shasum, "shasum", v.GetString(viper.V_PKG_DEPLOY_SHASUM), lang.CmdPackageDeployFlagShasum) - deployFlags.StringVar(&pkgConfig.DeployOpts.SGetKeyPath, "sget", v.GetString(viper.V_PKG_DEPLOY_SGET), lang.CmdPackageDeployFlagSget) - deployFlags.StringVarP(&pkgConfig.DeployOpts.PublicKeyPath, "key", "k", v.GetString(viper.V_PKG_DEPLOY_PUBLIC_KEY), lang.CmdPackageDeployFlagPublicKey) + v.SetDefault(common.V_PKG_DEPLOY_SET, map[string]string{}) + v.SetDefault(common.V_PKG_DEPLOY_COMPONENTS, "") + v.SetDefault(common.V_PKG_DEPLOY_SHASUM, "") + v.SetDefault(common.V_PKG_DEPLOY_SGET, "") + v.SetDefault(common.V_PKG_DEPLOY_PUBLIC_KEY, "") + + deployFlags.StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(common.V_PKG_DEPLOY_SET), lang.CmdPackageDeployFlagSet) + deployFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(common.V_PKG_DEPLOY_COMPONENTS), lang.CmdPackageDeployFlagComponents) + deployFlags.StringVar(&pkgConfig.DeployOpts.Shasum, "shasum", v.GetString(common.V_PKG_DEPLOY_SHASUM), lang.CmdPackageDeployFlagShasum) + deployFlags.StringVar(&pkgConfig.DeployOpts.SGetKeyPath, "sget", v.GetString(common.V_PKG_DEPLOY_SGET), lang.CmdPackageDeployFlagSget) + deployFlags.StringVarP(&pkgConfig.DeployOpts.PublicKeyPath, "key", "k", v.GetString(common.V_PKG_DEPLOY_PUBLIC_KEY), lang.CmdPackageDeployFlagPublicKey) } func bindInspectFlags(v *spf13viper.Viper) { inspectFlags := packageInspectCmd.Flags() inspectFlags.BoolVarP(&includeInspectSBOM, "sbom", "s", false, lang.CmdPackageInspectFlagSbom) inspectFlags.StringVar(&outputInspectSBOM, "sbom-out", "", lang.CmdPackageInspectFlagSbomOut) - inspectFlags.StringVarP(&inspectPublicKey, "key", "k", v.GetString(viper.V_PKG_DEPLOY_PUBLIC_KEY), lang.CmdPackageInspectFlagPublicKey) + inspectFlags.StringVarP(&inspectPublicKey, "key", "k", v.GetString(common.V_PKG_DEPLOY_PUBLIC_KEY), lang.CmdPackageInspectFlagPublicKey) } func bindRemoveFlags(v *spf13viper.Viper) { removeFlags := packageRemoveCmd.Flags() removeFlags.BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdPackageRemoveFlagConfirm) - removeFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(viper.V_PKG_DEPLOY_COMPONENTS), lang.CmdPackageRemoveFlagComponents) + removeFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(common.V_PKG_DEPLOY_COMPONENTS), lang.CmdPackageRemoveFlagComponents) _ = packageRemoveCmd.MarkFlagRequired("confirm") } func bindPublishFlags(v *spf13viper.Viper) { publishFlags := packagePublishCmd.Flags() - publishFlags.StringVarP(&pkgConfig.PublishOpts.SigningKeyPath, "key", "k", v.GetString(viper.V_PKG_PUBLISH_SIGNING_KEY), lang.CmdPackagePublishFlagSigningKey) - publishFlags.StringVar(&pkgConfig.PublishOpts.SigningKeyPassword, "key-pass", v.GetString(viper.V_PKG_PUBLISH_SIGNING_KEY_PASSWORD), lang.CmdPackagePublishFlagSigningKeyPassword) + publishFlags.StringVarP(&pkgConfig.PublishOpts.SigningKeyPath, "key", "k", v.GetString(common.V_PKG_PUBLISH_SIGNING_KEY), lang.CmdPackagePublishFlagSigningKey) + publishFlags.StringVar(&pkgConfig.PublishOpts.SigningKeyPassword, "key-pass", v.GetString(common.V_PKG_PUBLISH_SIGNING_KEY_PASSWORD), lang.CmdPackagePublishFlagSigningKeyPassword) } func bindPullFlags(v *spf13viper.Viper) { pullFlags := packagePullCmd.Flags() - v.SetDefault(viper.V_PKG_PULL_OUTPUT_DIR, "") - pullFlags.StringVarP(&pkgConfig.PullOpts.OutputDirectory, "output-directory", "o", v.GetString(viper.V_PKG_PULL_OUTPUT_DIR), lang.CmdPackagePullFlagOutputDirectory) - pullFlags.StringVarP(&pkgConfig.PullOpts.PublicKeyPath, "key", "k", v.GetString(viper.V_PKG_PULL_PUBLIC_KEY), lang.CmdPackagePullFlagPublicKey) + v.SetDefault(common.V_PKG_PULL_OUTPUT_DIR, "") + pullFlags.StringVarP(&pkgConfig.PullOpts.OutputDirectory, "output-directory", "o", v.GetString(common.V_PKG_PULL_OUTPUT_DIR), lang.CmdPackagePullFlagOutputDirectory) + pullFlags.StringVarP(&pkgConfig.PullOpts.PublicKeyPath, "key", "k", v.GetString(common.V_PKG_PULL_PUBLIC_KEY), lang.CmdPackagePullFlagPublicKey) } diff --git a/src/cmd/prepare.go b/src/cmd/prepare.go index f989e52d1f..d734a46962 100644 --- a/src/cmd/prepare.go +++ b/src/cmd/prepare.go @@ -11,7 +11,7 @@ import ( "strings" "github.com/AlecAivazis/survey/v2" - "github.com/defenseunicorns/zarf/src/cmd/viper" + "github.com/defenseunicorns/zarf/src/cmd/common" "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/message" @@ -103,8 +103,8 @@ var prepareFindImages = &cobra.Command{ } // Ensure uppercase keys from viper - v := viper.Get() - viperConfig := helpers.TransformMapKeys(v.GetStringMapString(viper.V_PKG_CREATE_SET), strings.ToUpper) + v := common.GetViper() + viperConfig := helpers.TransformMapKeys(v.GetStringMapString(common.V_PKG_CREATE_SET), strings.ToUpper) pkgConfig.CreateOpts.SetVariables = helpers.MergeMap(viperConfig, pkgConfig.CreateOpts.SetVariables) // Configure the packager @@ -132,7 +132,7 @@ var prepareGenerateConfigFile = &cobra.Command{ fileName = args[0] } - v := viper.Get() + v := common.GetViper() if err := v.SafeWriteConfigAs(fileName); err != nil { message.Fatalf(err, lang.CmdPrepareGenerateConfigErr, fileName) } @@ -140,7 +140,7 @@ var prepareGenerateConfigFile = &cobra.Command{ } func init() { - v := viper.Init() + v := common.InitViper() rootCmd.AddCommand(prepareCmd) prepareCmd.AddCommand(prepareTransformGitLinks) @@ -148,11 +148,11 @@ func init() { prepareCmd.AddCommand(prepareFindImages) prepareCmd.AddCommand(prepareGenerateConfigFile) - v.SetDefault(viper.V_PKG_CREATE_SET, map[string]string{}) + v.SetDefault(common.V_PKG_CREATE_SET, map[string]string{}) prepareFindImages.Flags().StringVarP(&repoHelmChartPath, "repo-chart-path", "p", "", lang.CmdPrepareFlagRepoChartPath) // use the package create config for this and reset it here to avoid overwriting the config.CreateOptions.SetVariables - prepareFindImages.Flags().StringToStringVar(&pkgConfig.CreateOpts.SetVariables, "set", v.GetStringMapString(viper.V_PKG_CREATE_SET), lang.CmdPrepareFlagSet) + prepareFindImages.Flags().StringToStringVar(&pkgConfig.CreateOpts.SetVariables, "set", v.GetStringMapString(common.V_PKG_CREATE_SET), lang.CmdPrepareFlagSet) // allow for the override of the default helm KubeVersion prepareFindImages.Flags().StringVar(&kubeVersionOverride, "kube-version", "", lang.CmdPrepareFlagKubeVersion) diff --git a/src/cmd/root.go b/src/cmd/root.go index da2b9959f9..589a24b24d 100644 --- a/src/cmd/root.go +++ b/src/cmd/root.go @@ -9,8 +9,8 @@ import ( "os" "strings" + "github.com/defenseunicorns/zarf/src/cmd/common" "github.com/defenseunicorns/zarf/src/cmd/tools" - "github.com/defenseunicorns/zarf/src/cmd/viper" "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/message" @@ -31,7 +31,7 @@ var rootCmd = &cobra.Command{ Use: "zarf COMMAND", PersistentPreRun: func(cmd *cobra.Command, args []string) { // Skip for vendor-only commands - if tools.CheckVendorOnlyFromPath(cmd) { + if common.CheckVendorOnlyFromPath(cmd) { return } @@ -72,27 +72,27 @@ func init() { tools.Include(rootCmd) // Skip for vendor-only commands - if tools.CheckVendorOnlyFromArgs() { + if common.CheckVendorOnlyFromArgs() { return } - v := viper.Init() - - v.SetDefault(viper.V_LOG_LEVEL, "info") - v.SetDefault(viper.V_ARCHITECTURE, "") - v.SetDefault(viper.V_NO_LOG_FILE, false) - v.SetDefault(viper.V_NO_PROGRESS, false) - v.SetDefault(viper.V_INSECURE, false) - v.SetDefault(viper.V_ZARF_CACHE, config.ZarfDefaultCachePath) - v.SetDefault(viper.V_TMP_DIR, "") - - rootCmd.PersistentFlags().StringVarP(&logLevel, "log-level", "l", v.GetString(viper.V_LOG_LEVEL), lang.RootCmdFlagLogLevel) - rootCmd.PersistentFlags().StringVarP(&config.CLIArch, "architecture", "a", v.GetString(viper.V_ARCHITECTURE), lang.RootCmdFlagArch) - rootCmd.PersistentFlags().BoolVar(&config.SkipLogFile, "no-log-file", v.GetBool(viper.V_NO_LOG_FILE), lang.RootCmdFlagSkipLogFile) - rootCmd.PersistentFlags().BoolVar(&message.NoProgress, "no-progress", v.GetBool(viper.V_NO_PROGRESS), lang.RootCmdFlagNoProgress) - rootCmd.PersistentFlags().StringVar(&config.CommonOptions.CachePath, "zarf-cache", v.GetString(viper.V_ZARF_CACHE), lang.RootCmdFlagCachePath) - rootCmd.PersistentFlags().StringVar(&config.CommonOptions.TempDirectory, "tmpdir", v.GetString(viper.V_TMP_DIR), lang.RootCmdFlagTempDir) - rootCmd.PersistentFlags().BoolVar(&config.CommonOptions.Insecure, "insecure", v.GetBool(viper.V_INSECURE), lang.RootCmdFlagInsecure) + v := common.InitViper() + + v.SetDefault(common.V_LOG_LEVEL, "info") + v.SetDefault(common.V_ARCHITECTURE, "") + v.SetDefault(common.V_NO_LOG_FILE, false) + v.SetDefault(common.V_NO_PROGRESS, false) + v.SetDefault(common.V_INSECURE, false) + v.SetDefault(common.V_ZARF_CACHE, config.ZarfDefaultCachePath) + v.SetDefault(common.V_TMP_DIR, "") + + rootCmd.PersistentFlags().StringVarP(&logLevel, "log-level", "l", v.GetString(common.V_LOG_LEVEL), lang.RootCmdFlagLogLevel) + rootCmd.PersistentFlags().StringVarP(&config.CLIArch, "architecture", "a", v.GetString(common.V_ARCHITECTURE), lang.RootCmdFlagArch) + rootCmd.PersistentFlags().BoolVar(&config.SkipLogFile, "no-log-file", v.GetBool(common.V_NO_LOG_FILE), lang.RootCmdFlagSkipLogFile) + rootCmd.PersistentFlags().BoolVar(&message.NoProgress, "no-progress", v.GetBool(common.V_NO_PROGRESS), lang.RootCmdFlagNoProgress) + rootCmd.PersistentFlags().StringVar(&config.CommonOptions.CachePath, "zarf-cache", v.GetString(common.V_ZARF_CACHE), lang.RootCmdFlagCachePath) + rootCmd.PersistentFlags().StringVar(&config.CommonOptions.TempDirectory, "tmpdir", v.GetString(common.V_TMP_DIR), lang.RootCmdFlagTempDir) + rootCmd.PersistentFlags().BoolVar(&config.CommonOptions.Insecure, "insecure", v.GetBool(common.V_INSECURE), lang.RootCmdFlagInsecure) } func cliSetup() { diff --git a/src/cmd/tools/common.go b/src/cmd/tools/common.go index 18f5da8c7c..411d100979 100644 --- a/src/cmd/tools/common.go +++ b/src/cmd/tools/common.go @@ -5,32 +5,12 @@ package tools import ( - "os" - "strings" - "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/utils/exec" - "github.com/defenseunicorns/zarf/src/pkg/utils/helpers" "github.com/spf13/cobra" ) -var vendorCmds = []string{ - "kubectl", - "k", - "syft", - "sbom", - "s", - "k9s", - "monitor", - "wait-for", - "wait", - "w", - "crane", - "registry", - "r", -} - var toolsCmd = &cobra.Command{ Use: "tools", Aliases: []string{"t"}, @@ -45,29 +25,3 @@ var toolsCmd = &cobra.Command{ func Include(rootCmd *cobra.Command) { rootCmd.AddCommand(toolsCmd) } - -// CheckVendorOnlyFromArgs checks if the command being run is a vendor-only command -func CheckVendorOnlyFromArgs() bool { - // Check for "zarf tools|t " where is in the vendorCmd list - return isVendorCmd(os.Args, vendorCmds) -} - -// CheckVendorOnlyFromPath checks if the cobra command is a vendor-only command -func CheckVendorOnlyFromPath(cmd *cobra.Command) bool { - args := strings.Split(cmd.CommandPath(), " ") - // Check for "zarf tools|t " where is in the vendorCmd list - return isVendorCmd(args, vendorCmds) -} - -// isVendorCmd checks if the command is a vendor command. -func isVendorCmd(args []string, vendoredCmds []string) bool { - if len(args) > 2 { - if args[1] == "tools" || args[1] == "t" { - if helpers.SliceContains(vendoredCmds, args[2]) { - return true - } - } - } - - return false -} diff --git a/src/cmd/tools/crane.go b/src/cmd/tools/crane.go index 8a9b82d445..767b39af79 100644 --- a/src/cmd/tools/crane.go +++ b/src/cmd/tools/crane.go @@ -56,7 +56,7 @@ func init() { if platform != "all" { v1Platform, err = v1.ParsePlatform(platform) if err != nil { - message.Fatalf(err, lang.CmdToolsRegistryInvalidPlatformErr, err.Error()) + message.Fatalf(err, lang.CmdToolsRegistryInvalidPlatformErr, platform, err.Error()) } } diff --git a/src/cmd/tools/kubectl.go b/src/cmd/tools/kubectl.go index 15783ac58e..ab9f16e920 100644 --- a/src/cmd/tools/kubectl.go +++ b/src/cmd/tools/kubectl.go @@ -7,6 +7,7 @@ package tools import ( "os" + "github.com/defenseunicorns/zarf/src/cmd/common" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/message" "github.com/spf13/cobra" @@ -25,7 +26,7 @@ func init() { } // Only load this command if it is being called directly. - if isVendorCmd(os.Args, []string{"kubectl", "k"}) { + if common.IsVendorCmd(os.Args, []string{"kubectl", "k"}) { // Add the kubectl command to the tools command. kubectlCmd = kubeCmd.NewDefaultKubectlCommand() diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 439517420f..d3e560fbd8 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -10,7 +10,7 @@ import ( "path/filepath" "github.com/AlecAivazis/survey/v2" - "github.com/defenseunicorns/zarf/src/cmd/viper" + "github.com/defenseunicorns/zarf/src/cmd/common" "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/internal/cluster" @@ -223,7 +223,7 @@ var generateKeyCmd = &cobra.Command{ } func init() { - v := viper.Init() + v := common.InitViper() toolsCmd.AddCommand(deprecatedGetGitCredsCmd) toolsCmd.AddCommand(getCredsCmd) @@ -231,23 +231,23 @@ func init() { toolsCmd.AddCommand(updateCredsCmd) // Flags for using an external Git server - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.Address, "git-url", v.GetString(viper.V_INIT_GIT_URL), lang.CmdInitFlagGitURL) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushUsername, "git-push-username", v.GetString(viper.V_INIT_GIT_PUSH_USER), lang.CmdInitFlagGitPushUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushPassword, "git-push-password", v.GetString(viper.V_INIT_GIT_PUSH_PASS), lang.CmdInitFlagGitPushPass) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullUsername, "git-pull-username", v.GetString(viper.V_INIT_GIT_PULL_USER), lang.CmdInitFlagGitPullUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullPassword, "git-pull-password", v.GetString(viper.V_INIT_GIT_PULL_PASS), lang.CmdInitFlagGitPullPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.Address, "git-url", v.GetString(common.V_INIT_GIT_URL), lang.CmdInitFlagGitURL) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushUsername, "git-push-username", v.GetString(common.V_INIT_GIT_PUSH_USER), lang.CmdInitFlagGitPushUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushPassword, "git-push-password", v.GetString(common.V_INIT_GIT_PUSH_PASS), lang.CmdInitFlagGitPushPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullUsername, "git-pull-username", v.GetString(common.V_INIT_GIT_PULL_USER), lang.CmdInitFlagGitPullUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullPassword, "git-pull-password", v.GetString(common.V_INIT_GIT_PULL_PASS), lang.CmdInitFlagGitPullPass) // Flags for using an external registry - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.Address, "registry-url", v.GetString(viper.V_INIT_REGISTRY_URL), lang.CmdInitFlagRegURL) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushUsername, "registry-push-username", v.GetString(viper.V_INIT_REGISTRY_PUSH_USER), lang.CmdInitFlagRegPushUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushPassword, "registry-push-password", v.GetString(viper.V_INIT_REGISTRY_PUSH_PASS), lang.CmdInitFlagRegPushPass) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullUsername, "registry-pull-username", v.GetString(viper.V_INIT_REGISTRY_PULL_USER), lang.CmdInitFlagRegPullUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullPassword, "registry-pull-password", v.GetString(viper.V_INIT_REGISTRY_PULL_PASS), lang.CmdInitFlagRegPullPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.Address, "registry-url", v.GetString(common.V_INIT_REGISTRY_URL), lang.CmdInitFlagRegURL) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushUsername, "registry-push-username", v.GetString(common.V_INIT_REGISTRY_PUSH_USER), lang.CmdInitFlagRegPushUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushPassword, "registry-push-password", v.GetString(common.V_INIT_REGISTRY_PUSH_PASS), lang.CmdInitFlagRegPushPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullUsername, "registry-pull-username", v.GetString(common.V_INIT_REGISTRY_PULL_USER), lang.CmdInitFlagRegPullUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullPassword, "registry-pull-password", v.GetString(common.V_INIT_REGISTRY_PULL_PASS), lang.CmdInitFlagRegPullPass) // Flags for using an external artifact server - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.Address, "artifact-url", v.GetString(viper.V_INIT_ARTIFACT_URL), lang.CmdInitFlagArtifactURL) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushUsername, "artifact-push-username", v.GetString(viper.V_INIT_ARTIFACT_PUSH_USER), lang.CmdInitFlagArtifactPushUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushToken, "artifact-push-token", v.GetString(viper.V_INIT_ARTIFACT_PUSH_TOKEN), lang.CmdInitFlagArtifactPushToken) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.Address, "artifact-url", v.GetString(common.V_INIT_ARTIFACT_URL), lang.CmdInitFlagArtifactURL) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushUsername, "artifact-push-username", v.GetString(common.V_INIT_ARTIFACT_PUSH_USER), lang.CmdInitFlagArtifactPushUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushToken, "artifact-push-token", v.GetString(common.V_INIT_ARTIFACT_PUSH_TOKEN), lang.CmdInitFlagArtifactPushToken) updateCredsCmd.Flags().SortFlags = true diff --git a/src/config/lang/english.go b/src/config/lang/english.go index 2d5f1f34a7..bf4cbec9e2 100644 --- a/src/config/lang/english.go +++ b/src/config/lang/english.go @@ -427,7 +427,7 @@ const ( zarf tools wait-for http google.com success # wait for any 2xx response from http://google.com ` CmdToolsWaitForFlagTimeout = "Specify the timeout duration for the wait command." - CmdToolsWaitForErrTimeoutString = "Invalid timeout duration. Please use a valid duration string (e.g. 1s, 2m, 3h)." + CmdToolsWaitForErrTimeoutString = "Invalid timeout duration (%s). Please use a valid duration string (e.g. 1s, 2m, 3h)." CmdToolsWaitForErrTimeout = "Wait timed out." CmdToolsWaitForErrConditionString = "Invalid HTTP status code. Please use a valid HTTP status code (e.g. 200, 404, 500)." CmdToolsWaitForErrZarfPath = "Could not locate the current Zarf binary path." From a1524f2aa1356e8ca599cdcd21344ed3f357555f Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Thu, 13 Jul 2023 17:53:58 -0500 Subject: [PATCH 08/43] Fix viper for vendored commands and make docs --- .../100-cli-commands/zarf_init.md | 5 ++ .../100-cli-commands/zarf_tools.md | 3 +- .../100-cli-commands/zarf_tools_get-creds.md | 21 ++++- .../zarf_tools_update-creds.md | 78 +++++++++++++++++++ .../100-cli-commands/zarf_tools_wait-for.md | 32 ++++---- 5 files changed, 120 insertions(+), 19 deletions(-) create mode 100644 docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md diff --git a/docs/2-the-zarf-cli/100-cli-commands/zarf_init.md b/docs/2-the-zarf-cli/100-cli-commands/zarf_init.md index 92b18a8114..cebead6c9a 100644 --- a/docs/2-the-zarf-cli/100-cli-commands/zarf_init.md +++ b/docs/2-the-zarf-cli/100-cli-commands/zarf_init.md @@ -40,6 +40,11 @@ zarf init [flags] # Initializing w/ an external git server: zarf init --git-push-password={PASSWORD} --git-push-username={USERNAME} --git-url={URL} + # Initializing w/ an external artifact server: + zarf init --artifact-push-password={PASSWORD} --artifact-push-username={USERNAME} --artifact-url={URL} + + # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well. + ``` ## Options diff --git a/docs/2-the-zarf-cli/100-cli-commands/zarf_tools.md b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools.md index 706cdd44e1..621395bc8b 100644 --- a/docs/2-the-zarf-cli/100-cli-commands/zarf_tools.md +++ b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools.md @@ -29,9 +29,10 @@ Collection of additional tools to make airgap easier * [zarf tools download-init](zarf_tools_download-init.md) - Downloads the init package for the current Zarf version into the specified directory * [zarf tools gen-key](zarf_tools_gen-key.md) - Generates a cosign public/private keypair that can be used to sign packages * [zarf tools gen-pki](zarf_tools_gen-pki.md) - Generates a Certificate Authority and PKI chain of trust for the given host -* [zarf tools get-creds](zarf_tools_get-creds.md) - Displays a Table of credentials for deployed components. Pass a component name to get a single credential +* [zarf tools get-creds](zarf_tools_get-creds.md) - Displays a table of credentials for deployed Zarf services. Pass a service key to get a single credential * [zarf tools kubectl](zarf_tools_kubectl.md) - Kubectl command. See https://kubernetes.io/docs/reference/kubectl/overview/ for more information. * [zarf tools monitor](zarf_tools_monitor.md) - Launches a terminal UI to monitor the connected cluster using K9s. * [zarf tools registry](zarf_tools_registry.md) - Tools for working with container registries using go-containertools * [zarf tools sbom](zarf_tools_sbom.md) - Generates a Software Bill of Materials (SBOM) for the given package +* [zarf tools update-creds](zarf_tools_update-creds.md) - Updates the credentials for deployed Zarf services. Pass a service key to update credentials for a single service * [zarf tools wait-for](zarf_tools_wait-for.md) - Waits for a given Kubernetes resource to be ready diff --git a/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_get-creds.md b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_get-creds.md index d308599ed2..b416341ec4 100644 --- a/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_get-creds.md +++ b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_get-creds.md @@ -1,16 +1,33 @@ # zarf tools get-creds -Displays a Table of credentials for deployed components. Pass a component name to get a single credential +Displays a table of credentials for deployed Zarf services. Pass a service key to get a single credential ## Synopsis -Display a Table of credentials for deployed components. Pass a component name to get a single credential. i.e. 'zarf tools get-creds registry' +Display a table of credentials for deployed Zarf services. Pass a service key to get a single credential. i.e. 'zarf tools get-creds registry' ``` zarf tools get-creds [flags] ``` +## Examples + +``` + + # Print all Zarf credentials: + zarf tools get-creds + + # Get specific Zarf credentials: + zarf tools get-creds registry + zarf tools get-creds registry-readonly + zarf tools get-creds git + zarf tools get-creds git-readonly + zarf tools get-creds artifact + zarf tools get-creds logging + +``` + ## Options ``` diff --git a/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md new file mode 100644 index 0000000000..7584af58c8 --- /dev/null +++ b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md @@ -0,0 +1,78 @@ +# zarf tools update-creds + + +Updates the credentials for deployed Zarf services. Pass a service key to update credentials for a single service + +## Synopsis + +Updates the credentials for deployed Zarf services. Pass a service key to update credentials for a single service. i.e. 'zarf tools update-creds registry' + +``` +zarf tools update-creds [flags] +``` + +## Examples + +``` + + # Autogenerate all Zarf credentials at once: + zarf tools update-creds + + # Autogenerate specific Zarf service credentials: + zarf tools update-creds registry + zarf tools update-creds git + zarf tools update-creds artifact + zarf tools update-creds logging + + # Update all Zarf credentials w/external services at once: + zarf tools update-creds \ + --registry-push-username={USERNAME} --registry-push-password={PASSWORD} \ + --git-push-username={USERNAME} --git-push-password={PASSWORD} \ + --artifact-push-username={USERNAME} --artifact-push-token={PASSWORD} + + # NOTE: Any credentials omitted from flags without a service key specified will be autogenerated - URLs will only change if specified. + # Config options can also be set with the 'init' section of a Zarf config file. + + # Update specific Zarf credentials w/external services: + zarf tools update-creds registry --registry-push-username={USERNAME} --registry-push-password={PASSWORD} + zarf tools update-creds git --git-push-username={USERNAME} --git-push-password={PASSWORD} + zarf tools update-creds artifact --artifact-push-username={USERNAME} --artifact-push-token={PASSWORD} + + # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well. + +``` + +## Options + +``` + --artifact-push-token string [alpha] API Token for the push-user to access the artifact registry + --artifact-push-username string [alpha] Username to access to the artifact registry Zarf is configured to use. User must be able to upload package artifacts. + --artifact-url string [alpha] External artifact registry url to use for this Zarf cluster + --git-pull-password string Password for the pull-only user to access the git server + --git-pull-username string Username for pull-only access to the git server + --git-push-password string Password for the push-user to access the git server + --git-push-username string Username to access to the git server Zarf is configured to use. User must be able to create repositories via 'git push' + --git-url string External git server url to use for this Zarf cluster + -h, --help help for update-creds + --registry-pull-password string Password for the pull-only user to access the registry + --registry-pull-username string Username for pull-only access to the registry + --registry-push-password string Password for the push-user to connect to the registry + --registry-push-username string Username to access to the registry Zarf is configured to use + --registry-url string External registry url address to use for this Zarf cluster +``` + +## Options inherited from parent commands + +``` + -a, --architecture string Architecture for OCI images and Zarf packages + --insecure Allow access to insecure registries and disable other recommended security enforcements such as package checksum and signature validation. This flag should only be used if you have a specific reason and accept the reduced security posture. + -l, --log-level string Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info") + --no-log-file Disable log file creation + --no-progress Disable fancy UI progress bars, spinners, logos, etc + --tmpdir string Specify the temporary directory to use for intermediate files + --zarf-cache string Specify the location of the Zarf cache directory (default "~/.zarf-cache") +``` + +## SEE ALSO + +* [zarf tools](zarf_tools.md) - Collection of additional tools to make airgap easier diff --git a/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_wait-for.md b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_wait-for.md index c84cfd44b2..27c56c0892 100644 --- a/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_wait-for.md +++ b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_wait-for.md @@ -19,22 +19,22 @@ zarf tools wait-for { KIND | PROTOCOL } { NAME | SELECTOR | URI } { CONDITION | ``` - Wait for Kubernetes resources: - zarf tools wait-for pod my-pod-name ready -n default # wait for pod my-pod-name in namespace default to be ready - zarf tools wait-for p cool-pod-name ready -n cool # wait for pod (using p alias) cool-pod-name in namespace cool to be ready - zarf tools wait-for deployment podinfo available -n podinfo # wait for deployment podinfo in namespace podinfo to be available - zarf tools wait-for pod app=podinfo ready -n podinfo # wait for pod with label app=podinfo in namespace podinfo to be ready - zarf tools wait-for svc zarf-docker-registry exists -n zarf # wait for service zarf-docker-registry in namespace zarf to exist - zarf tools wait-for svc zarf-docker-registry -n zarf # same as above, except exists is the default condition - zarf tools wait-for crd addons.k3s.cattle.io # wait for crd addons.k3s.cattle.io to exist - zarf tools wait-for sts test-sts '{.status.availableReplicas}'=23 # wait for statefulset test-sts to have 23 available replicas - - Wait for network endpoints: - zarf tools wait-for http localhost:8080 200 # wait for a 200 response from http://localhost:8080 - zarf tools wait-for tcp localhost:8080 # wait for a connection to be established on localhost:8080 - zarf tools wait-for https 1.1.1.1 200 # wait for a 200 response from https://1.1.1.1 - zarf tools wait-for http google.com # wait for any 2xx response from http://google.com - zarf tools wait-for http google.com success # wait for any 2xx response from http://google.com + # Wait for Kubernetes resources: + zarf tools wait-for pod my-pod-name ready -n default # wait for pod my-pod-name in namespace default to be ready + zarf tools wait-for p cool-pod-name ready -n cool # wait for pod (using p alias) cool-pod-name in namespace cool to be ready + zarf tools wait-for deployment podinfo available -n podinfo # wait for deployment podinfo in namespace podinfo to be available + zarf tools wait-for pod app=podinfo ready -n podinfo # wait for pod with label app=podinfo in namespace podinfo to be ready + zarf tools wait-for svc zarf-docker-registry exists -n zarf # wait for service zarf-docker-registry in namespace zarf to exist + zarf tools wait-for svc zarf-docker-registry -n zarf # same as above, except exists is the default condition + zarf tools wait-for crd addons.k3s.cattle.io # wait for crd addons.k3s.cattle.io to exist + zarf tools wait-for sts test-sts '{.status.availableReplicas}'=23 # wait for statefulset test-sts to have 23 available replicas + + # Wait for network endpoints: + zarf tools wait-for http localhost:8080 200 # wait for a 200 response from http://localhost:8080 + zarf tools wait-for tcp localhost:8080 # wait for a connection to be established on localhost:8080 + zarf tools wait-for https 1.1.1.1 200 # wait for a 200 response from https://1.1.1.1 + zarf tools wait-for http google.com # wait for any 2xx response from http://google.com + zarf tools wait-for http google.com success # wait for any 2xx response from http://google.com ``` From 3a53f1d89204bfa46d4cb9f27f1771801e7e77da Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Fri, 14 Jul 2023 14:30:47 -0500 Subject: [PATCH 09/43] Initial UX for the update-creds command --- src/cmd/initialize.go | 2 +- src/cmd/tools/zarf.go | 44 ++++++++++++------ src/config/lang/english.go | 2 +- src/pkg/utils/credentials.go | 88 +++++++++++++++++++++++++++++++++--- 4 files changed, 112 insertions(+), 24 deletions(-) diff --git a/src/cmd/initialize.go b/src/cmd/initialize.go index 07d564de30..ccc45d9e13 100644 --- a/src/cmd/initialize.go +++ b/src/cmd/initialize.go @@ -127,7 +127,7 @@ func downloadInitPackage(downloadCacheTarget string) error { Message: lang.CmdInitDownloadConfirm, } if err := survey.AskOne(prompt, &confirmDownload); err != nil { - return fmt.Errorf(lang.CmdInitDownloadErrCancel, err.Error()) + return fmt.Errorf(lang.ErrConfirmCancel, err.Error()) } } diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index d3e560fbd8..60b91aa7dd 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -76,30 +76,44 @@ var updateCredsCmd = &cobra.Command{ Aliases: []string{"uc"}, Args: cobra.MaximumNArgs(1), Run: func(cmd *cobra.Command, args []string) { - // TODO: Do some input validation on this command (like we do for init) c := cluster.NewClusterOrDie() - state, err := c.LoadZarfState() - if err != nil || state.Distro == "" { + oldState, err := c.LoadZarfState() + if err != nil || oldState.Distro == "" { // If no distro the zarf secret did not load properly message.Fatalf(nil, lang.ErrLoadState) } // TODO: Handle different components individually - // Print a confirmation for what we are about to do (and support --confirm) - updateCredsInitOpts.RegistryInfo.NodePort = state.RegistryInfo.NodePort - updateCredsInitOpts.RegistryInfo.Secret = state.RegistryInfo.Secret + newState := oldState + newState.RegistryInfo = updateCredsInitOpts.RegistryInfo + newState.GitServer = updateCredsInitOpts.GitServer + newState.ArtifactServer = updateCredsInitOpts.ArtifactServer + newState.LoggingSecret = "" - state.GitServer = c.FillInEmptyGitServerValues(updateCredsInitOpts.GitServer) - state.RegistryInfo = c.FillInEmptyContainerRegistryValues(updateCredsInitOpts.RegistryInfo) - state.ArtifactServer = c.FillInEmptyArtifactServerValues(updateCredsInitOpts.ArtifactServer) - state.LoggingSecret = utils.RandomString(config.ZarfGeneratedPasswordLen) + utils.PrintCredentialUpdates(oldState, newState, []string{}) - err = c.SaveZarfState(state) - if err != nil { - message.Fatalf(nil, lang.ErrSaveState) + confirm := false + prompt := &survey.Confirm{ + Message: "Continue with these changes?", + } + if err := survey.AskOne(prompt, &confirm); err != nil { + message.Fatalf(nil, lang.ErrConfirmCancel, err) + } + + if confirm { + newState.RegistryInfo.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) + newState.RegistryInfo.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) + newState.GitServer.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) + newState.GitServer.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) + newState.ArtifactServer.PushToken = utils.RandomString(config.ZarfGeneratedPasswordLen) + newState.LoggingSecret = utils.RandomString(config.ZarfGeneratedPasswordLen) + err = c.SaveZarfState(newState) + if err != nil { + message.Fatalf(nil, lang.ErrSaveState) + } + c.UpdateZarfManagedSecrets(newState) + // TODO: Apply the updates to the registry and git-server helm charts (if internal) } - c.UpdateZarfManagedSecrets(state) - // TODO: Apply the updates to the registry and git-server helm charts (if internal) }, } diff --git a/src/config/lang/english.go b/src/config/lang/english.go index bf4cbec9e2..d397b04cd1 100644 --- a/src/config/lang/english.go +++ b/src/config/lang/english.go @@ -28,6 +28,7 @@ const ( ErrCreatingDir = "failed to create directory %s: %s" ErrRemoveFile = "failed to remove file %s: %s" ErrUnarchive = "failed to unarchive %s: %s" + ErrConfirmCancel = "confirm selection canceled: %s" ) // Zarf CLI commands. @@ -139,7 +140,6 @@ const ( CmdInitDownloadAsk = "It seems the init package could not be found locally, but can be downloaded from %s" CmdInitDownloadNote = "Note: This will require an internet connection." CmdInitDownloadConfirm = "Do you want to download this init package?" - CmdInitDownloadErrCancel = "confirm selection canceled: %s" CmdInitDownloadErrManual = "download the init package manually and place it in the current working directory" CmdInitFlagSet = "Specify deployment variables to set on the command line (KEY=value)" diff --git a/src/pkg/utils/credentials.go b/src/pkg/utils/credentials.go index 2e93d55d8c..0a888c7cc2 100644 --- a/src/pkg/utils/credentials.go +++ b/src/pkg/utils/credentials.go @@ -16,6 +16,8 @@ import ( ) const ( + loggingUsername = "zarf-admin" + registryKey = "registry" registryReadKey = "registry-readonly" gitKey = "git" @@ -49,7 +51,7 @@ func PrintCredentialTable(state types.ZarfState, componentsToDeploy []types.Depl for _, component := range componentsToDeploy { // Show message if including logging stack if component.Name == "logging" { - loginTable = append(loginTable, pterm.TableData{{" Logging", "zarf-admin", state.LoggingSecret, "zarf connect logging", loggingKey}}...) + loginTable = append(loginTable, pterm.TableData{{" Logging", loggingUsername, state.LoggingSecret, "zarf connect logging", loggingKey}}...) } // Show message if including git-server if component.Name == "git-server" { @@ -76,24 +78,96 @@ func PrintCredentialTable(state types.ZarfState, componentsToDeploy []types.Depl func PrintComponentCredential(state types.ZarfState, componentName string) { switch strings.ToLower(componentName) { case loggingKey: - message.Note("Logging credentials (username: zarf-admin):") + message.Notef("Logging credentials (username: %s):", loggingUsername) fmt.Println(state.LoggingSecret) case gitKey: - message.Note("Git Server push password (username: " + state.GitServer.PushUsername + "):") + message.Notef("Git Server push password (username: %s):", state.GitServer.PushUsername) fmt.Println(state.GitServer.PushPassword) case gitReadKey: - message.Note("Git Server (read-only) password (username: " + state.GitServer.PullUsername + "):") + message.Notef("Git Server (read-only) password (username: %s):", state.GitServer.PullUsername) fmt.Println(state.GitServer.PullPassword) case artifactKey: - message.Note("Artifact Server token (username: " + state.ArtifactServer.PushUsername + "):") + message.Notef("Artifact Server token (username: %s):", state.ArtifactServer.PushUsername) fmt.Println(state.ArtifactServer.PushToken) case registryKey: - message.Note("Image Registry password (username: " + state.RegistryInfo.PushUsername + "):") + message.Notef("Image Registry password (username: %s):", state.RegistryInfo.PushUsername) fmt.Println(state.RegistryInfo.PushPassword) case registryReadKey: - message.Note("Image Registry (read-only) password (username: " + state.RegistryInfo.PullUsername + "):") + message.Notef("Image Registry (read-only) password (username: %s):", state.RegistryInfo.PullUsername) fmt.Println(state.RegistryInfo.PullPassword) default: message.Warn("Unknown component: " + componentName) } } + +// PrintCredentialUpdates displays credentials that will be updated +func PrintCredentialUpdates(oldState types.ZarfState, newState types.ZarfState, services []string) { + if len(services) == 0 { + services = []string{registryKey, gitKey, artifactKey, loggingKey} + } + + // Set output to os.Stderr to avoid creds being printed in logs + pterm.SetDefaultOutput(os.Stderr) + + for _, service := range services { + + message.HorizontalRule() + + switch service { + case registryKey: + oR := oldState.RegistryInfo + nR := newState.RegistryInfo + message.Title("Registry", "the information used to interact with Zarf's container image registry") + pterm.Println() + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("URL Address"), compareStrings(oR.Address, nR.Address, false)) + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Username"), compareStrings(oR.PushUsername, nR.PushUsername, false)) + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Password"), compareStrings(oR.PushPassword, nR.PushPassword, true)) + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Pull Username"), compareStrings(oR.PullUsername, nR.PullUsername, false)) + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Pull Password"), compareStrings(oR.PullPassword, nR.PullPassword, true)) + case gitKey: + oG := oldState.GitServer + nG := newState.GitServer + message.Title("Git Server", "the information used to interact with Zarf's GitOps Git Server") + pterm.Println() + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("URL Address"), compareStrings(oG.Address, nG.Address, false)) + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Username"), compareStrings(oG.PushUsername, nG.PushUsername, false)) + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Password"), compareStrings(oG.PushPassword, nG.PushPassword, true)) + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Pull Username"), compareStrings(oG.PullUsername, nG.PullUsername, false)) + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Pull Password"), compareStrings(oG.PullPassword, nG.PullPassword, true)) + case artifactKey: + oA := oldState.ArtifactServer + nA := newState.ArtifactServer + message.Title("Artifact Server", "the information used to interact with Zarf's Artifact Server") + pterm.Println() + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("URL Address"), compareStrings(oA.Address, nA.Address, false)) + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Username"), compareStrings(oA.PushUsername, nA.PushUsername, false)) + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Token"), compareStrings(oA.PushToken, nA.PushToken, true)) + case loggingKey: + oL := oldState.LoggingSecret + nL := newState.LoggingSecret + message.Title("Logging", "the information used to interact with Zarf's Logging Stack") + pterm.Println() + pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Logging Secret"), compareStrings(oL, nL, true)) + } + } + + pterm.Println() + + // Restore the log file if it was specified + if !config.SkipLogFile { + message.UseLogFile() + } +} + +func compareStrings(old string, new string, secret bool) string { + if new == "" { + if secret { + return fmt.Sprintf("%s -> %s", pterm.FgRed.Sprint("**existing (sanitized)**"), pterm.FgGreen.Sprint("**auto-generated**")) + } + return fmt.Sprintf("%s (unchanged)", old) + } + if secret { + return fmt.Sprintf("%s -> %s", pterm.FgRed.Sprint("**existing (sanitized)**"), pterm.FgGreen.Sprint("**provided (sanitized)**")) + } + return fmt.Sprintf("%s -> %s", pterm.FgRed.Sprint(old), pterm.FgGreen.Sprint(new)) +} From 4b02d3e9209d968f9bb5bd1a405332991b2d79c4 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Sat, 15 Jul 2023 20:48:13 -0500 Subject: [PATCH 10/43] Refactor credentials and add warnings when reiniting with different values --- src/cmd/tools/zarf.go | 73 ++++++++++++++++---- src/internal/cluster/state.go | 47 +++++++++++-- src/pkg/{utils => message}/credentials.go | 81 +++++++++++------------ src/pkg/packager/deploy.go | 2 +- src/pkg/utils/helpers/misc.go | 18 +++++ src/pkg/utils/network.go | 2 +- 6 files changed, 157 insertions(+), 66 deletions(-) rename src/pkg/{utils => message}/credentials.go (73%) diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 60b91aa7dd..d76393040a 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -14,10 +14,12 @@ import ( "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/internal/cluster" + "github.com/defenseunicorns/zarf/src/internal/packager/git" "github.com/defenseunicorns/zarf/src/pkg/message" "github.com/defenseunicorns/zarf/src/pkg/packager" "github.com/defenseunicorns/zarf/src/pkg/pki" "github.com/defenseunicorns/zarf/src/pkg/utils" + "github.com/defenseunicorns/zarf/src/pkg/utils/helpers" "github.com/defenseunicorns/zarf/src/types" "github.com/sigstore/cosign/pkg/cosign" "github.com/spf13/cobra" @@ -41,7 +43,7 @@ var deprecatedGetGitCredsCmd = &cobra.Command{ message.Note(lang.CmdToolsGetGitPasswdInfo) message.Warn(lang.CmdToolsGetGitPasswdDeprecation) - utils.PrintComponentCredential(state, "git") + message.PrintComponentCredential(state, "git") }, } @@ -61,9 +63,9 @@ var getCredsCmd = &cobra.Command{ if len(args) > 0 { // If a component name is provided, only show that component's credentials - utils.PrintComponentCredential(state, args[0]) + message.PrintComponentCredential(state, args[0]) } else { - utils.PrintCredentialTable(state, nil) + message.PrintCredentialTable(state, nil) } }, } @@ -76,6 +78,16 @@ var updateCredsCmd = &cobra.Command{ Aliases: []string{"uc"}, Args: cobra.MaximumNArgs(1), Run: func(cmd *cobra.Command, args []string) { + validKeys := []string{message.RegistryKey, message.GitKey, message.ArtifactKey, message.LoggingKey} + if len(args) == 0 { + args = validKeys + } else { + if !helpers.SliceContains(validKeys, args[0]) { + cmd.Help() + message.Fatalf(nil, "Invalid service key specified - valid keys are: %s, %s, %s, and %s", message.RegistryKey, message.GitKey, message.ArtifactKey, message.LoggingKey) + } + } + c := cluster.NewClusterOrDie() oldState, err := c.LoadZarfState() if err != nil || oldState.Distro == "" { @@ -85,12 +97,21 @@ var updateCredsCmd = &cobra.Command{ // TODO: Handle different components individually newState := oldState - newState.RegistryInfo = updateCredsInitOpts.RegistryInfo - newState.GitServer = updateCredsInitOpts.GitServer - newState.ArtifactServer = updateCredsInitOpts.ArtifactServer - newState.LoggingSecret = "" - utils.PrintCredentialUpdates(oldState, newState, []string{}) + if helpers.SliceContains(args, message.RegistryKey) { + newState.RegistryInfo = updateCredsInitOpts.RegistryInfo + } + if helpers.SliceContains(args, message.GitKey) { + newState.GitServer = updateCredsInitOpts.GitServer + } + if helpers.SliceContains(args, message.ArtifactKey) { + newState.ArtifactServer = updateCredsInitOpts.ArtifactServer + } + if helpers.SliceContains(args, message.LoggingKey) { + newState.LoggingSecret = "" + } + + message.PrintCredentialUpdates(oldState, newState, args) confirm := false prompt := &survey.Confirm{ @@ -101,12 +122,36 @@ var updateCredsCmd = &cobra.Command{ } if confirm { - newState.RegistryInfo.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) - newState.RegistryInfo.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) - newState.GitServer.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) - newState.GitServer.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) - newState.ArtifactServer.PushToken = utils.RandomString(config.ZarfGeneratedPasswordLen) - newState.LoggingSecret = utils.RandomString(config.ZarfGeneratedPasswordLen) + if helpers.SliceContains(args, message.RegistryKey) { + if newState.RegistryInfo.PushPassword == "" { + newState.RegistryInfo.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) + } + if newState.RegistryInfo.PullPassword == "" { + newState.RegistryInfo.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) + } + } + if helpers.SliceContains(args, message.GitKey) { + if newState.GitServer.PushPassword == "" { + newState.GitServer.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) + } + if newState.GitServer.PullPassword == "" { + newState.GitServer.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) + } + } + if helpers.SliceContains(args, message.ArtifactKey) { + if newState.ArtifactServer.PushToken == "" { + + g := git.New(newState.GitServer) + tokenResponse, err := g.CreatePackageRegistryToken() + if err != nil { + message.Fatalf(nil, "Unable to create the new Gitea artifact token") + } + newState.ArtifactServer.PushToken = tokenResponse.Sha1 + } + } + if helpers.SliceContains(args, message.LoggingKey) { + newState.LoggingSecret = utils.RandomString(config.ZarfGeneratedPasswordLen) + } err = c.SaveZarfState(newState) if err != nil { message.Fatalf(nil, lang.ErrSaveState) diff --git a/src/internal/cluster/state.go b/src/internal/cluster/state.go index 4f93d02093..8488e77d69 100644 --- a/src/internal/cluster/state.go +++ b/src/internal/cluster/state.go @@ -16,6 +16,7 @@ import ( "github.com/defenseunicorns/zarf/src/pkg/message" "github.com/defenseunicorns/zarf/src/pkg/pki" "github.com/defenseunicorns/zarf/src/pkg/utils" + "github.com/defenseunicorns/zarf/src/pkg/utils/helpers" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -111,6 +112,23 @@ func (c *Cluster) InitZarfState(initOptions types.ZarfInitOptions) error { if _, err := c.Kube.WaitForServiceAccount(ZarfNamespaceName, "default", 2*time.Minute); err != nil { return fmt.Errorf("unable get default Zarf service account: %w", err) } + + state.GitServer = c.fillInEmptyGitServerValues(initOptions.GitServer) + state.RegistryInfo = c.fillInEmptyContainerRegistryValues(initOptions.RegistryInfo) + state.ArtifactServer = c.fillInEmptyArtifactServerValues(initOptions.ArtifactServer) + } else { + if helpers.IsNotZeroAndNotEqual(initOptions.GitServer, state.GitServer) { + message.Warn("Detected a change in Git Server init options on a re-init. Ignoring... To update run:") + message.ZarfCommand("tools update-creds git") + } + if helpers.IsNotZeroAndNotEqual(initOptions.RegistryInfo, state.RegistryInfo) { + message.Warn("Detected a change in Image Registry init options on a re-init. Ignoring... To update run:") + message.ZarfCommand("tools update-creds registry") + } + if helpers.IsNotZeroAndNotEqual(initOptions.ArtifactServer, state.ArtifactServer) { + message.Warn("Detected a change in Artifact Server init options on a re-init. Ignoring... To update run:") + message.ZarfCommand("tools update-creds artifact") + } } if clusterArch != state.Architecture { @@ -132,10 +150,6 @@ func (c *Cluster) InitZarfState(initOptions types.ZarfInitOptions) error { state.StorageClass = initOptions.StorageClass } - state.GitServer = c.FillInEmptyGitServerValues(initOptions.GitServer) - state.RegistryInfo = c.FillInEmptyContainerRegistryValues(initOptions.RegistryInfo) - state.ArtifactServer = c.FillInEmptyArtifactServerValues(initOptions.ArtifactServer) - spinner.Success() // Save the state back to K8s @@ -232,7 +246,7 @@ func (c *Cluster) SaveZarfState(state types.ZarfState) error { return nil } -func (c *Cluster) FillInEmptyContainerRegistryValues(containerRegistry types.RegistryInfo) types.RegistryInfo { +func (c *Cluster) fillInEmptyContainerRegistryValues(containerRegistry types.RegistryInfo) types.RegistryInfo { // Set default NodePort if none was provided if containerRegistry.NodePort == 0 { containerRegistry.NodePort = config.ZarfInClusterContainerRegistryNodePort @@ -275,7 +289,7 @@ func (c *Cluster) FillInEmptyContainerRegistryValues(containerRegistry types.Reg } // Fill in empty GitServerInfo values with the defaults. -func (c *Cluster) FillInEmptyGitServerValues(gitServer types.GitServerInfo) types.GitServerInfo { +func (c *Cluster) fillInEmptyGitServerValues(gitServer types.GitServerInfo) types.GitServerInfo { // Set default svc url if an external repository was not provided if gitServer.Address == "" { gitServer.Address = config.ZarfInClusterGitServiceURL @@ -307,7 +321,7 @@ func (c *Cluster) FillInEmptyGitServerValues(gitServer types.GitServerInfo) type } // Fill in empty ArtifactServerInfo values with the defaults. -func (c *Cluster) FillInEmptyArtifactServerValues(artifactServer types.ArtifactServerInfo) types.ArtifactServerInfo { +func (c *Cluster) fillInEmptyArtifactServerValues(artifactServer types.ArtifactServerInfo) types.ArtifactServerInfo { // Set default svc url if an external registry was not provided if artifactServer.Address == "" { artifactServer.Address = config.ZarfInClusterArtifactServiceURL @@ -321,3 +335,22 @@ func (c *Cluster) FillInEmptyArtifactServerValues(artifactServer types.ArtifactS return artifactServer } + +// func (c *Cluster) isUpdatedContainerRegistryValues(initRegistryInfo types.RegistryInfo, stateRegistryInfo types.RegistryInfo) bool { +// if initRegistryInfo.NodePort != 0 && initRegistryInfo.NodePort != stateRegistryInfo.NodePort { +// return true +// } else if initRegistryInfo.Address != "" && initRegistryInfo.Address != stateRegistryInfo.Address { +// return true +// } else if initRegistryInfo.PushUsername != "" && initRegistryInfo.PushUsername != stateRegistryInfo.PushUsername { +// return true +// } else if initRegistryInfo.PushPassword != "" && initRegistryInfo.PushPassword != stateRegistryInfo.PushPassword { +// return true +// } else if initRegistryInfo.PullUsername != "" && initRegistryInfo.PullUsername != stateRegistryInfo.PullUsername { +// return true +// } else if initRegistryInfo.PullPassword != "" && initRegistryInfo.PullPassword != stateRegistryInfo.PullPassword { +// return true +// } else if initRegistryInfo.Secret != "" && initRegistryInfo.Secret != stateRegistryInfo.Secret { +// return true +// } +// return false +// } diff --git a/src/pkg/utils/credentials.go b/src/pkg/message/credentials.go similarity index 73% rename from src/pkg/utils/credentials.go rename to src/pkg/message/credentials.go index 0a888c7cc2..e895f76537 100644 --- a/src/pkg/utils/credentials.go +++ b/src/pkg/message/credentials.go @@ -1,8 +1,8 @@ // SPDX-License-Identifier: Apache-2.0 // SPDX-FileCopyrightText: 2021-Present The Zarf Authors -// Package utils provides generic utility functions. -package utils +// Package message provides a rich set of functions for displaying messages to the user. +package message import ( "fmt" @@ -10,7 +10,6 @@ import ( "strings" "github.com/defenseunicorns/zarf/src/config" - "github.com/defenseunicorns/zarf/src/pkg/message" "github.com/defenseunicorns/zarf/src/types" "github.com/pterm/pterm" ) @@ -18,12 +17,12 @@ import ( const ( loggingUsername = "zarf-admin" - registryKey = "registry" - registryReadKey = "registry-readonly" - gitKey = "git" - gitReadKey = "git-readonly" - artifactKey = "artifact" - loggingKey = "logging" + RegistryKey = "registry" + RegistryReadKey = "registry-readonly" + GitKey = "git" + GitReadKey = "git-readonly" + ArtifactKey = "artifact" + LoggingKey = "logging" ) // PrintCredentialTable displays credentials in a table @@ -43,22 +42,22 @@ func PrintCredentialTable(state types.ZarfState, componentsToDeploy []types.Depl loginTable := pterm.TableData{} if state.RegistryInfo.InternalRegistry { loginTable = append(loginTable, pterm.TableData{ - {" Registry", state.RegistryInfo.PushUsername, state.RegistryInfo.PushPassword, "zarf connect registry", registryKey}, - {" Registry (read-only)", state.RegistryInfo.PullUsername, state.RegistryInfo.PullPassword, "zarf connect registry", registryReadKey}, + {" Registry", state.RegistryInfo.PushUsername, state.RegistryInfo.PushPassword, "zarf connect registry", RegistryKey}, + {" Registry (read-only)", state.RegistryInfo.PullUsername, state.RegistryInfo.PullPassword, "zarf connect registry", RegistryReadKey}, }...) } for _, component := range componentsToDeploy { // Show message if including logging stack if component.Name == "logging" { - loginTable = append(loginTable, pterm.TableData{{" Logging", loggingUsername, state.LoggingSecret, "zarf connect logging", loggingKey}}...) + loginTable = append(loginTable, pterm.TableData{{" Logging", loggingUsername, state.LoggingSecret, "zarf connect logging", LoggingKey}}...) } // Show message if including git-server if component.Name == "git-server" { loginTable = append(loginTable, pterm.TableData{ - {" Git", state.GitServer.PushUsername, state.GitServer.PushPassword, "zarf connect git", gitKey}, - {" Git (read-only)", state.GitServer.PullUsername, state.GitServer.PullPassword, "zarf connect git", gitReadKey}, - {" Artifact Token", state.ArtifactServer.PushUsername, state.ArtifactServer.PushToken, "zarf connect git", artifactKey}, + {" Git", state.GitServer.PushUsername, state.GitServer.PushPassword, "zarf connect git", GitKey}, + {" Git (read-only)", state.GitServer.PullUsername, state.GitServer.PullPassword, "zarf connect git", GitReadKey}, + {" Artifact Token", state.ArtifactServer.PushUsername, state.ArtifactServer.PushToken, "zarf connect git", ArtifactKey}, }...) } } @@ -70,82 +69,78 @@ func PrintCredentialTable(state types.ZarfState, componentsToDeploy []types.Depl // Restore the log file if it was specified if !config.SkipLogFile { - message.UseLogFile() + UseLogFile() } } // PrintComponentCredential displays credentials for a single component func PrintComponentCredential(state types.ZarfState, componentName string) { switch strings.ToLower(componentName) { - case loggingKey: - message.Notef("Logging credentials (username: %s):", loggingUsername) + case LoggingKey: + Notef("Logging credentials (username: %s):", loggingUsername) fmt.Println(state.LoggingSecret) - case gitKey: - message.Notef("Git Server push password (username: %s):", state.GitServer.PushUsername) + case GitKey: + Notef("Git Server push password (username: %s):", state.GitServer.PushUsername) fmt.Println(state.GitServer.PushPassword) - case gitReadKey: - message.Notef("Git Server (read-only) password (username: %s):", state.GitServer.PullUsername) + case GitReadKey: + Notef("Git Server (read-only) password (username: %s):", state.GitServer.PullUsername) fmt.Println(state.GitServer.PullPassword) - case artifactKey: - message.Notef("Artifact Server token (username: %s):", state.ArtifactServer.PushUsername) + case ArtifactKey: + Notef("Artifact Server token (username: %s):", state.ArtifactServer.PushUsername) fmt.Println(state.ArtifactServer.PushToken) - case registryKey: - message.Notef("Image Registry password (username: %s):", state.RegistryInfo.PushUsername) + case RegistryKey: + Notef("Image Registry password (username: %s):", state.RegistryInfo.PushUsername) fmt.Println(state.RegistryInfo.PushPassword) - case registryReadKey: - message.Notef("Image Registry (read-only) password (username: %s):", state.RegistryInfo.PullUsername) + case RegistryReadKey: + Notef("Image Registry (read-only) password (username: %s):", state.RegistryInfo.PullUsername) fmt.Println(state.RegistryInfo.PullPassword) default: - message.Warn("Unknown component: " + componentName) + Warn("Unknown component: " + componentName) } } // PrintCredentialUpdates displays credentials that will be updated func PrintCredentialUpdates(oldState types.ZarfState, newState types.ZarfState, services []string) { - if len(services) == 0 { - services = []string{registryKey, gitKey, artifactKey, loggingKey} - } - // Set output to os.Stderr to avoid creds being printed in logs pterm.SetDefaultOutput(os.Stderr) for _, service := range services { - message.HorizontalRule() + HorizontalRule() switch service { - case registryKey: + case RegistryKey: oR := oldState.RegistryInfo nR := newState.RegistryInfo - message.Title("Registry", "the information used to interact with Zarf's container image registry") + Title("Registry", "the information used to interact with Zarf's container image registry") pterm.Println() pterm.Printfln(" %s: %s", pterm.Bold.Sprint("URL Address"), compareStrings(oR.Address, nR.Address, false)) pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Username"), compareStrings(oR.PushUsername, nR.PushUsername, false)) pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Password"), compareStrings(oR.PushPassword, nR.PushPassword, true)) pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Pull Username"), compareStrings(oR.PullUsername, nR.PullUsername, false)) pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Pull Password"), compareStrings(oR.PullPassword, nR.PullPassword, true)) - case gitKey: + case GitKey: oG := oldState.GitServer nG := newState.GitServer - message.Title("Git Server", "the information used to interact with Zarf's GitOps Git Server") + Title("Git Server", "the information used to interact with Zarf's GitOps Git Server") pterm.Println() pterm.Printfln(" %s: %s", pterm.Bold.Sprint("URL Address"), compareStrings(oG.Address, nG.Address, false)) pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Username"), compareStrings(oG.PushUsername, nG.PushUsername, false)) pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Password"), compareStrings(oG.PushPassword, nG.PushPassword, true)) pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Pull Username"), compareStrings(oG.PullUsername, nG.PullUsername, false)) pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Pull Password"), compareStrings(oG.PullPassword, nG.PullPassword, true)) - case artifactKey: + case ArtifactKey: oA := oldState.ArtifactServer nA := newState.ArtifactServer - message.Title("Artifact Server", "the information used to interact with Zarf's Artifact Server") + Title("Artifact Server", "the information used to interact with Zarf's Artifact Server") pterm.Println() pterm.Printfln(" %s: %s", pterm.Bold.Sprint("URL Address"), compareStrings(oA.Address, nA.Address, false)) pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Username"), compareStrings(oA.PushUsername, nA.PushUsername, false)) pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Token"), compareStrings(oA.PushToken, nA.PushToken, true)) - case loggingKey: + case LoggingKey: oL := oldState.LoggingSecret nL := newState.LoggingSecret - message.Title("Logging", "the information used to interact with Zarf's Logging Stack") + Title("Logging", "the information used to interact with Zarf's Logging Stack") pterm.Println() pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Logging Secret"), compareStrings(oL, nL, true)) } @@ -155,7 +150,7 @@ func PrintCredentialUpdates(oldState types.ZarfState, newState types.ZarfState, // Restore the log file if it was specified if !config.SkipLogFile { - message.UseLogFile() + UseLogFile() } } diff --git a/src/pkg/packager/deploy.go b/src/pkg/packager/deploy.go index 798ffffdbc..c3129f4d66 100644 --- a/src/pkg/packager/deploy.go +++ b/src/pkg/packager/deploy.go @@ -595,6 +595,6 @@ func (p *Packager) printTablesForDeployment(componentsToDeploy []types.DeployedC message.PrintConnectStringTable(connectStrings) } else { // otherwise, print the init config connection and passwords - utils.PrintCredentialTable(p.cfg.State, componentsToDeploy) + message.PrintCredentialTable(p.cfg.State, componentsToDeploy) } } diff --git a/src/pkg/utils/helpers/misc.go b/src/pkg/utils/helpers/misc.go index f3c328630a..7592b4c556 100644 --- a/src/pkg/utils/helpers/misc.go +++ b/src/pkg/utils/helpers/misc.go @@ -6,6 +6,7 @@ package helpers import ( "fmt" + "reflect" "regexp" "time" ) @@ -159,3 +160,20 @@ func MatchRegex(regex *regexp.Regexp, str string) (func(string) string, error) { return get, nil } + +// IsNotZeroAndNotEqual is used to test if a struct has zero values or is equal values with another struct +func IsNotZeroAndNotEqual(given any, equal any) bool { + givenValue := reflect.ValueOf(given) + equalValue := reflect.ValueOf(equal) + + if givenValue.NumField() != equalValue.NumField() { + return true + } + + for i := 0; i < givenValue.NumField(); i++ { + if !givenValue.Field(i).IsZero() && givenValue.Field(i).Interface() != equalValue.Field(i).Interface() { + return true + } + } + return false +} diff --git a/src/pkg/utils/network.go b/src/pkg/utils/network.go index eb96967375..ac9592885e 100644 --- a/src/pkg/utils/network.go +++ b/src/pkg/utils/network.go @@ -124,7 +124,7 @@ func DownloadToFile(src string, dst string, cosignKeyPath string) (err error) { if parsed.Scheme == SGETURLScheme { err = Sget(context.TODO(), src, cosignKeyPath, file) if err != nil { - return fmt.Errorf("unable to download file with sget: %s", src) + return fmt.Errorf("unable to download file with sget: %s: %s", src, err.Error()) } if err != nil { return err From 03ba2fd938f93488373048310ccd19f115796b0a Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Sat, 15 Jul 2023 21:24:09 -0500 Subject: [PATCH 11/43] More progress - fix upgrade test --- .github/workflows/test-upgrade.yml | 2 +- src/cmd/tools/zarf.go | 36 ++++++++++++++++++++++++++---- 2 files changed, 33 insertions(+), 5 deletions(-) diff --git a/.github/workflows/test-upgrade.yml b/.github/workflows/test-upgrade.yml index bf919c7e39..bde9737b12 100644 --- a/.github/workflows/test-upgrade.yml +++ b/.github/workflows/test-upgrade.yml @@ -74,7 +74,7 @@ jobs: # in a previous step. This test run will the current release to create a K3s cluster. # chown the logs since they were originally created as root run: | - sudo env "PATH=$PATH" CI=true zarf init --components k3s,git-server,logging --confirm + sudo env "PATH=$PATH" CI=true zarf init --components k3s,git-server,logging --nodeport 31337 --confirm sudo chown $USER /tmp/zarf-*.log # Before we run the regular tests we need to aggressively cleanup files to reduce disk pressure diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index d76393040a..62c6f82b5e 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -94,8 +94,27 @@ var updateCredsCmd = &cobra.Command{ // If no distro the zarf secret did not load properly message.Fatalf(nil, lang.ErrLoadState) } + initPackage, err := c.GetDeployedPackage("init") + if err != nil || oldState.Distro == "" { + // If no distro the zarf secret did not load properly + message.Fatalf(nil, "Unable to load init package information from the cluster") + } + + hasRegistry := false + hasGitServer := false + hasLogging := false + for _, dc := range initPackage.DeployedComponents { + if dc.Name == "zarf-registry" { + hasRegistry = true + } + if dc.Name == "git-server" { + hasGitServer = true + } + if dc.Name == "logging" { + hasGitServer = true + } + } - // TODO: Handle different components individually newState := oldState if helpers.SliceContains(args, message.RegistryKey) { @@ -139,8 +158,7 @@ var updateCredsCmd = &cobra.Command{ } } if helpers.SliceContains(args, message.ArtifactKey) { - if newState.ArtifactServer.PushToken == "" { - + if newState.ArtifactServer.PushToken == "" && hasGitServer { g := git.New(newState.GitServer) tokenResponse, err := g.CreatePackageRegistryToken() if err != nil { @@ -152,12 +170,22 @@ var updateCredsCmd = &cobra.Command{ if helpers.SliceContains(args, message.LoggingKey) { newState.LoggingSecret = utils.RandomString(config.ZarfGeneratedPasswordLen) } + err = c.SaveZarfState(newState) if err != nil { message.Fatalf(nil, lang.ErrSaveState) } + c.UpdateZarfManagedSecrets(newState) - // TODO: Apply the updates to the registry and git-server helm charts (if internal) + if helpers.SliceContains(args, message.RegistryKey) && hasRegistry { + // TODO: Apply the updates to the registry helm chart + } + if helpers.SliceContains(args, message.GitKey) && hasGitServer { + // TODO: Apply the updates to the gitea helm chart + } + if helpers.SliceContains(args, message.LoggingKey) && hasLogging { + // TODO: Apply the updates to the logging helm chart + } } }, } From 91168b66b9417e05845129bc183c04aee3c117ae Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Sat, 15 Jul 2023 21:30:51 -0500 Subject: [PATCH 12/43] Check both the namespace and secret labels --- src/internal/cluster/secrets.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/internal/cluster/secrets.go b/src/internal/cluster/secrets.go index 448829d1e0..299321131d 100644 --- a/src/internal/cluster/secrets.go +++ b/src/internal/cluster/secrets.go @@ -89,7 +89,9 @@ func (c *Cluster) UpdateZarfManagedSecrets(state types.ZarfState) { continue } - if currentRegistrySecret.Labels[config.ZarfManagedByLabel] == "zarf" { + // Check if this is a Zarf managed secret or is in a namespace the Zarf agent will take action in + if currentRegistrySecret.Labels[config.ZarfManagedByLabel] == "zarf" || + (namespace.Labels[agentLabel] != "skip" && namespace.Labels[agentLabel] != "ignore") { // Create the secret newRegistrySecret := c.GenerateRegistryPullCreds(namespace.Name, config.ZarfImagePullSecretName, state.RegistryInfo) if !reflect.DeepEqual(currentRegistrySecret.Data, newRegistrySecret.Data) { @@ -108,7 +110,9 @@ func (c *Cluster) UpdateZarfManagedSecrets(state types.ZarfState) { continue } - if currentGitSecret.Labels[config.ZarfManagedByLabel] == "zarf" { + // Check if this is a Zarf managed secret or is in a namespace the Zarf agent will take action in + if currentGitSecret.Labels[config.ZarfManagedByLabel] == "zarf" || + (namespace.Labels[agentLabel] != "skip" && namespace.Labels[agentLabel] != "ignore") { // Create the secret newGitSecret := c.GenerateGitPullCreds(namespace.Name, config.ZarfGitServerSecretName, state.GitServer) if !reflect.DeepEqual(currentGitSecret.StringData, newGitSecret.StringData) { From 54ef8b9efba6ddaa4c161fb02ddf41ed9b688ff7 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Sat, 15 Jul 2023 21:39:57 -0500 Subject: [PATCH 13/43] Cleanup and lint --- src/cmd/common/vendor.go | 2 +- src/internal/cluster/state.go | 19 ------------------- src/pkg/message/credentials.go | 1 + 3 files changed, 2 insertions(+), 20 deletions(-) diff --git a/src/cmd/common/vendor.go b/src/cmd/common/vendor.go index 7b208f5dc4..53cb1cca5c 100644 --- a/src/cmd/common/vendor.go +++ b/src/cmd/common/vendor.go @@ -41,7 +41,7 @@ func CheckVendorOnlyFromPath(cmd *cobra.Command) bool { return IsVendorCmd(args, vendorCmds) } -// isVendorCmd checks if the command is a vendor command. +// IsVendorCmd checks if the command is a vendor command. func IsVendorCmd(args []string, vendoredCmds []string) bool { if len(args) > 2 { if args[1] == "tools" || args[1] == "t" { diff --git a/src/internal/cluster/state.go b/src/internal/cluster/state.go index 8488e77d69..a628646ca1 100644 --- a/src/internal/cluster/state.go +++ b/src/internal/cluster/state.go @@ -335,22 +335,3 @@ func (c *Cluster) fillInEmptyArtifactServerValues(artifactServer types.ArtifactS return artifactServer } - -// func (c *Cluster) isUpdatedContainerRegistryValues(initRegistryInfo types.RegistryInfo, stateRegistryInfo types.RegistryInfo) bool { -// if initRegistryInfo.NodePort != 0 && initRegistryInfo.NodePort != stateRegistryInfo.NodePort { -// return true -// } else if initRegistryInfo.Address != "" && initRegistryInfo.Address != stateRegistryInfo.Address { -// return true -// } else if initRegistryInfo.PushUsername != "" && initRegistryInfo.PushUsername != stateRegistryInfo.PushUsername { -// return true -// } else if initRegistryInfo.PushPassword != "" && initRegistryInfo.PushPassword != stateRegistryInfo.PushPassword { -// return true -// } else if initRegistryInfo.PullUsername != "" && initRegistryInfo.PullUsername != stateRegistryInfo.PullUsername { -// return true -// } else if initRegistryInfo.PullPassword != "" && initRegistryInfo.PullPassword != stateRegistryInfo.PullPassword { -// return true -// } else if initRegistryInfo.Secret != "" && initRegistryInfo.Secret != stateRegistryInfo.Secret { -// return true -// } -// return false -// } diff --git a/src/pkg/message/credentials.go b/src/pkg/message/credentials.go index e895f76537..e47a1c7826 100644 --- a/src/pkg/message/credentials.go +++ b/src/pkg/message/credentials.go @@ -14,6 +14,7 @@ import ( "github.com/pterm/pterm" ) +// Common constants for printing credentials const ( loggingUsername = "zarf-admin" From 1c452e0c8a69719b0823438b56bf96902a714518 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 17 Jul 2023 18:08:38 -0500 Subject: [PATCH 14/43] End to end worky for registry --- src/cmd/tools/zarf.go | 50 +++++++++++++++++++++++------ src/internal/cluster/secrets.go | 16 +++++++-- src/internal/packager/helm/chart.go | 45 ++++++++++++++++++++++++++ src/pkg/message/credentials.go | 2 +- src/pkg/utils/helpers/misc.go | 15 ++++++++- 5 files changed, 113 insertions(+), 15 deletions(-) diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 62c6f82b5e..6354a929d8 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -15,6 +15,7 @@ import ( "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/internal/cluster" "github.com/defenseunicorns/zarf/src/internal/packager/git" + "github.com/defenseunicorns/zarf/src/internal/packager/helm" "github.com/defenseunicorns/zarf/src/pkg/message" "github.com/defenseunicorns/zarf/src/pkg/packager" "github.com/defenseunicorns/zarf/src/pkg/pki" @@ -118,13 +119,13 @@ var updateCredsCmd = &cobra.Command{ newState := oldState if helpers.SliceContains(args, message.RegistryKey) { - newState.RegistryInfo = updateCredsInitOpts.RegistryInfo + newState.RegistryInfo = helpers.MergeNonZero(newState.RegistryInfo, updateCredsInitOpts.RegistryInfo) } if helpers.SliceContains(args, message.GitKey) { - newState.GitServer = updateCredsInitOpts.GitServer + newState.GitServer = helpers.MergeNonZero(newState.GitServer, updateCredsInitOpts.GitServer) } if helpers.SliceContains(args, message.ArtifactKey) { - newState.ArtifactServer = updateCredsInitOpts.ArtifactServer + newState.ArtifactServer = helpers.MergeNonZero(newState.ArtifactServer, updateCredsInitOpts.ArtifactServer) } if helpers.SliceContains(args, message.LoggingKey) { newState.LoggingSecret = "" @@ -142,23 +143,25 @@ var updateCredsCmd = &cobra.Command{ if confirm { if helpers.SliceContains(args, message.RegistryKey) { - if newState.RegistryInfo.PushPassword == "" { + if newState.RegistryInfo.PushPassword == oldState.RegistryInfo.PushPassword && hasRegistry { newState.RegistryInfo.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) } - if newState.RegistryInfo.PullPassword == "" { + if newState.RegistryInfo.PullPassword == oldState.RegistryInfo.PullPassword && hasRegistry { newState.RegistryInfo.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) } + c.UpdateZarfManagedImageSecrets(newState) } if helpers.SliceContains(args, message.GitKey) { - if newState.GitServer.PushPassword == "" { + if newState.GitServer.PushPassword == oldState.GitServer.PushPassword && hasGitServer { newState.GitServer.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) } - if newState.GitServer.PullPassword == "" { + if newState.GitServer.PullPassword == oldState.GitServer.PullPassword && hasGitServer { newState.GitServer.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) } + c.UpdateZarfManagedGitSecrets(newState) } if helpers.SliceContains(args, message.ArtifactKey) { - if newState.ArtifactServer.PushToken == "" && hasGitServer { + if newState.ArtifactServer.PushToken == oldState.ArtifactServer.PushToken && hasGitServer { g := git.New(newState.GitServer) tokenResponse, err := g.CreatePackageRegistryToken() if err != nil { @@ -176,9 +179,36 @@ var updateCredsCmd = &cobra.Command{ message.Fatalf(nil, lang.ErrSaveState) } - c.UpdateZarfManagedSecrets(newState) if helpers.SliceContains(args, message.RegistryKey) && hasRegistry { - // TODO: Apply the updates to the registry helm chart + pushUser, err := utils.GetHtpasswdString(newState.RegistryInfo.PushUsername, newState.RegistryInfo.PushPassword) + if err != nil { + message.Fatalf(nil, "error generating htpasswd string: %s", err.Error()) + } + + pullUser, err := utils.GetHtpasswdString(newState.RegistryInfo.PullUsername, newState.RegistryInfo.PullPassword) + if err != nil { + message.Fatalf(nil, "error generating htpasswd string: %s", err.Error()) + } + + registryValues := map[string]interface{}{} + registrySecrets := map[string]interface{}{} + registrySecrets["htpasswd"] = fmt.Sprintf("%s\n%s", pushUser, pullUser) + registryValues["secrets"] = registrySecrets + + h := helm.Helm{ + Chart: types.ZarfChart{ + Namespace: "zarf", + }, + Cluster: c, + ReleaseName: "zarf-docker-registry", + Cfg: &types.PackagerConfig{ + State: newState, + }, + } + _, err = h.UpdateReleaseValues(registryValues) + if err != nil { + message.Fatalf(nil, "error updating the release values: %s", err.Error()) + } } if helpers.SliceContains(args, message.GitKey) && hasGitServer { // TODO: Apply the updates to the gitea helm chart diff --git a/src/internal/cluster/secrets.go b/src/internal/cluster/secrets.go index 299321131d..e3cb9bfb4a 100644 --- a/src/internal/cluster/secrets.go +++ b/src/internal/cluster/secrets.go @@ -74,9 +74,9 @@ func (c *Cluster) GenerateGitPullCreds(namespace, name string, gitServerInfo typ return gitServerSecret } -// UpdateZarfManagedSecrets updates all Zarf-managed secrets in all namespaces based on state -func (c *Cluster) UpdateZarfManagedSecrets(state types.ZarfState) { - spinner := message.NewProgressSpinner("Updating existing Zarf-manged secrets") +// UpdateZarfManagedImageSecrets updates all Zarf-managed image secrets in all namespaces based on state +func (c *Cluster) UpdateZarfManagedImageSecrets(state types.ZarfState) { + spinner := message.NewProgressSpinner("Updating existing Zarf-manged image secrets") defer spinner.Stop() if namespaces, err := c.Kube.GetNamespaces(); err != nil { @@ -102,7 +102,17 @@ func (c *Cluster) UpdateZarfManagedSecrets(state types.ZarfState) { } } } + } +} + +// UpdateZarfManagedGitSecrets updates all Zarf-managed git secrets in all namespaces based on state +func (c *Cluster) UpdateZarfManagedGitSecrets(state types.ZarfState) { + spinner := message.NewProgressSpinner("Updating existing Zarf-manged git secrets") + defer spinner.Stop() + if namespaces, err := c.Kube.GetNamespaces(); err != nil { + spinner.Errorf(err, "Unable to get k8s namespaces") + } else { // Update all git pull secrets for _, namespace := range namespaces.Items { currentGitSecret, err := c.Kube.GetSecret(namespace.Name, config.ZarfGitServerSecretName) diff --git a/src/internal/packager/helm/chart.go b/src/internal/packager/helm/chart.go index 97a589bb1f..b0ffbfc521 100644 --- a/src/internal/packager/helm/chart.go +++ b/src/internal/packager/helm/chart.go @@ -271,6 +271,51 @@ func (h *Helm) RemoveChart(namespace string, name string, spinner *message.Spinn return err } +// UpdateChartValues updates values for a given chart release +func (h *Helm) UpdateReleaseValues(updatedValues map[string]interface{}) (*release.Release, error) { + spinner := message.NewProgressSpinner("Updating values for helm release %s", h.ReleaseName) + defer spinner.Stop() + + err := h.createActionConfig(h.Chart.Namespace, spinner) + if err != nil { + return nil, fmt.Errorf("unable to initialize the K8s client: %w", err) + } + + postRender, err := h.newRenderer() + if err != nil { + return nil, fmt.Errorf("unable to create helm renderer: %w", err) + } + + histClient := action.NewHistory(h.actionConfig) + histClient.Max = 1 + releases, histErr := histClient.Run(h.ReleaseName) + if histErr == nil && len(releases) > 0 { + lastRelease := releases[len(releases)-1] + + // Setup a new upgrade action + client := action.NewUpgrade(h.actionConfig) + + // Let each chart run for the default timeout. + client.Timeout = defaultClientTimeout + + client.SkipCRDs = true + + // Namespace must be specified. + client.Namespace = h.Chart.Namespace + + // Post-processing our manifests for reasons.... + client.PostRenderer = postRender + + // Set reuse values to only override the values we are explicitly given + client.ReuseValues = true + + // Perform the loadedChart upgrade. + return client.Run(h.ReleaseName, lastRelease.Chart, updatedValues) + } + + return nil, fmt.Errorf("unable to find the %s helm release", h.ReleaseName) +} + func (h *Helm) installChart(postRender *renderer) (*release.Release, error) { message.Debugf("helm.installChart(%#v)", postRender) // Bind the helm action. diff --git a/src/pkg/message/credentials.go b/src/pkg/message/credentials.go index e47a1c7826..050d06b06e 100644 --- a/src/pkg/message/credentials.go +++ b/src/pkg/message/credentials.go @@ -156,7 +156,7 @@ func PrintCredentialUpdates(oldState types.ZarfState, newState types.ZarfState, } func compareStrings(old string, new string, secret bool) string { - if new == "" { + if new == old { if secret { return fmt.Sprintf("%s -> %s", pterm.FgRed.Sprint("**existing (sanitized)**"), pterm.FgGreen.Sprint("**auto-generated**")) } diff --git a/src/pkg/utils/helpers/misc.go b/src/pkg/utils/helpers/misc.go index 7592b4c556..bedba7011d 100644 --- a/src/pkg/utils/helpers/misc.go +++ b/src/pkg/utils/helpers/misc.go @@ -162,7 +162,7 @@ func MatchRegex(regex *regexp.Regexp, str string) (func(string) string, error) { } // IsNotZeroAndNotEqual is used to test if a struct has zero values or is equal values with another struct -func IsNotZeroAndNotEqual(given any, equal any) bool { +func IsNotZeroAndNotEqual[T any](given T, equal T) bool { givenValue := reflect.ValueOf(given) equalValue := reflect.ValueOf(equal) @@ -177,3 +177,16 @@ func IsNotZeroAndNotEqual(given any, equal any) bool { } return false } + +// MergeNonZero is used to merge non-zero overrides from one struct into another of the same type +func MergeNonZero[T any](original T, overrides T) T { + originalValue := reflect.ValueOf(original) + overridesValue := reflect.ValueOf(overrides) + + for i := 0; i < originalValue.NumField(); i++ { + if !overridesValue.Field(i).IsZero() { + originalValue.Field(i).Set(overridesValue.Field(i)) + } + } + return originalValue.Interface().(T) +} From b8b1af03ada2c6387a5d900c9f344183ea9d51f8 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Wed, 19 Jul 2023 13:10:18 -0500 Subject: [PATCH 15/43] Functional update-creds command --- src/cmd/tools/zarf.go | 57 ++++++++++++++++++++++++++--- src/internal/cluster/secrets.go | 2 + src/internal/packager/helm/chart.go | 17 ++++++--- src/types/component.go | 4 +- 4 files changed, 67 insertions(+), 13 deletions(-) diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 6354a929d8..9584b3d491 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -112,7 +112,7 @@ var updateCredsCmd = &cobra.Command{ hasGitServer = true } if dc.Name == "logging" { - hasGitServer = true + hasLogging = true } } @@ -162,10 +162,10 @@ var updateCredsCmd = &cobra.Command{ } if helpers.SliceContains(args, message.ArtifactKey) { if newState.ArtifactServer.PushToken == oldState.ArtifactServer.PushToken && hasGitServer { - g := git.New(newState.GitServer) + g := git.New(oldState.GitServer) tokenResponse, err := g.CreatePackageRegistryToken() if err != nil { - message.Fatalf(nil, "Unable to create the new Gitea artifact token") + message.Fatalf(nil, "Unable to create the new Gitea artifact token: %s", err.Error()) } newState.ArtifactServer.PushToken = tokenResponse.Sha1 } @@ -205,16 +205,61 @@ var updateCredsCmd = &cobra.Command{ State: newState, }, } - _, err = h.UpdateReleaseValues(registryValues) + err = h.UpdateReleaseValues(registryValues) if err != nil { message.Fatalf(nil, "error updating the release values: %s", err.Error()) } } if helpers.SliceContains(args, message.GitKey) && hasGitServer { - // TODO: Apply the updates to the gitea helm chart + giteaValues := map[string]interface{}{} + giteaGiteaValues := map[string]interface{}{} + giteaAdminValues := map[string]interface{}{} + giteaAdminValues["username"] = newState.GitServer.PushUsername + giteaAdminValues["password"] = newState.GitServer.PushPassword + giteaGiteaValues["admin"] = giteaAdminValues + giteaValues["gitea"] = giteaGiteaValues + + h := helm.Helm{ + Chart: types.ZarfChart{ + Namespace: "zarf", + }, + Cluster: c, + ReleaseName: "zarf-gitea", + Cfg: &types.PackagerConfig{ + State: newState, + }, + } + err = h.UpdateReleaseValues(giteaValues) + if err != nil { + message.Fatalf(nil, "error updating the release values: %s", err.Error()) + } + + g := git.New(newState.GitServer) + err := g.CreateReadOnlyUser() + if err != nil { + message.Fatalf(nil, "Unable to create the new Gitea read only user") + } } if helpers.SliceContains(args, message.LoggingKey) && hasLogging { - // TODO: Apply the updates to the logging helm chart + loggingValues := map[string]interface{}{} + loggingGrafanaValues := map[string]interface{}{} + loggingGrafanaValues["adminPassword"] = newState.LoggingSecret + loggingValues["grafana"] = loggingGrafanaValues + + h := helm.Helm{ + Chart: types.ZarfChart{ + Namespace: "zarf", + }, + Cluster: c, + ReleaseName: "zarf-loki-stack", + Cfg: &types.PackagerConfig{ + State: newState, + }, + } + err = h.UpdateReleaseValues(loggingValues) + if err != nil { + message.Fatalf(nil, "error updating the release values: %s", err.Error()) + } } } }, diff --git a/src/internal/cluster/secrets.go b/src/internal/cluster/secrets.go index e3cb9bfb4a..6c3b0ff8e9 100644 --- a/src/internal/cluster/secrets.go +++ b/src/internal/cluster/secrets.go @@ -102,6 +102,7 @@ func (c *Cluster) UpdateZarfManagedImageSecrets(state types.ZarfState) { } } } + spinner.Success() } } @@ -133,5 +134,6 @@ func (c *Cluster) UpdateZarfManagedGitSecrets(state types.ZarfState) { } } } + spinner.Success() } } diff --git a/src/internal/packager/helm/chart.go b/src/internal/packager/helm/chart.go index b0ffbfc521..07a0caa3c1 100644 --- a/src/internal/packager/helm/chart.go +++ b/src/internal/packager/helm/chart.go @@ -272,18 +272,18 @@ func (h *Helm) RemoveChart(namespace string, name string, spinner *message.Spinn } // UpdateChartValues updates values for a given chart release -func (h *Helm) UpdateReleaseValues(updatedValues map[string]interface{}) (*release.Release, error) { +func (h *Helm) UpdateReleaseValues(updatedValues map[string]interface{}) error { spinner := message.NewProgressSpinner("Updating values for helm release %s", h.ReleaseName) defer spinner.Stop() err := h.createActionConfig(h.Chart.Namespace, spinner) if err != nil { - return nil, fmt.Errorf("unable to initialize the K8s client: %w", err) + return fmt.Errorf("unable to initialize the K8s client: %w", err) } postRender, err := h.newRenderer() if err != nil { - return nil, fmt.Errorf("unable to create helm renderer: %w", err) + return fmt.Errorf("unable to create helm renderer: %w", err) } histClient := action.NewHistory(h.actionConfig) @@ -310,10 +310,17 @@ func (h *Helm) UpdateReleaseValues(updatedValues map[string]interface{}) (*relea client.ReuseValues = true // Perform the loadedChart upgrade. - return client.Run(h.ReleaseName, lastRelease.Chart, updatedValues) + _, err = client.Run(h.ReleaseName, lastRelease.Chart, updatedValues) + if err != nil { + return err + } + + spinner.Success() + + return nil } - return nil, fmt.Errorf("unable to find the %s helm release", h.ReleaseName) + return fmt.Errorf("unable to find the %s helm release", h.ReleaseName) } func (h *Helm) installChart(postRender *renderer) (*release.Release, error) { diff --git a/src/types/component.go b/src/types/component.go index 77e4be0b8c..e26ec38743 100644 --- a/src/types/component.go +++ b/src/types/component.go @@ -31,7 +31,7 @@ type ZarfComponent struct { // Note: ignores default and required flags Group string `json:"group,omitempty" jsonschema:"description=Create a user selector field based on all components in the same group"` - //Path to cosign publickey for signed online resources + // Path to cosign public key for signed online resources CosignKeyPath string `json:"cosignKeyPath,omitempty" jsonschema:"description=Specify a path to a public key to validate signed online resources"` // Import refers to another zarf.yaml package component. @@ -119,7 +119,7 @@ type DeprecatedZarfComponentScripts struct { After []string `json:"after,omitempty" jsonschema:"description=Scripts to run after the component successfully deploys"` } -// ZarfComponentActions are actionsets that map to different zarf package operations +// ZarfComponentActions are ActionSets that map to different zarf package operations type ZarfComponentActions struct { OnCreate ZarfComponentActionSet `json:"onCreate,omitempty" jsonschema:"description=Actions to run during package creation"` OnDeploy ZarfComponentActionSet `json:"onDeploy,omitempty" jsonschema:"description=Actions to run during package deployment"` From ac8007798de0a5c1c06ae1de29d4a3f20a32fa7a Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Wed, 19 Jul 2023 16:50:15 -0500 Subject: [PATCH 16/43] Update the state befroe printing creds to capture things like the artifact token --- src/pkg/packager/deploy.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/pkg/packager/deploy.go b/src/pkg/packager/deploy.go index c3129f4d66..7ddce97d2f 100644 --- a/src/pkg/packager/deploy.go +++ b/src/pkg/packager/deploy.go @@ -594,7 +594,12 @@ func (p *Packager) printTablesForDeployment(componentsToDeploy []types.DeployedC if !p.cfg.IsInitConfig { message.PrintConnectStringTable(connectStrings) } else { + // Grab a fresh copy of the state (if we are able) to print the most up-to-date version of the creds + freshState, err := p.cluster.LoadZarfState() + if err != nil { + freshState = p.cfg.State + } // otherwise, print the init config connection and passwords - message.PrintCredentialTable(p.cfg.State, componentsToDeploy) + message.PrintCredentialTable(freshState, componentsToDeploy) } } From 6e502387924abefbd6947cbfda292b344273f8ac Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 24 Jul 2023 19:40:30 -0500 Subject: [PATCH 17/43] Address linting issues with viper --- src/cmd/common/viper.go | 88 ++++++++++++++++++++--------------------- src/cmd/initialize.go | 43 ++++++++++---------- src/cmd/package.go | 71 +++++++++++++-------------------- src/cmd/prepare.go | 6 +-- src/cmd/root.go | 30 +++++++------- src/cmd/tools/zarf.go | 26 ++++++------ 6 files changed, 124 insertions(+), 140 deletions(-) diff --git a/src/cmd/common/viper.go b/src/cmd/common/viper.go index 2e4172cff4..a2f342ad0b 100644 --- a/src/cmd/common/viper.go +++ b/src/cmd/common/viper.go @@ -15,68 +15,68 @@ import ( const ( // Root config keys - V_LOG_LEVEL = "log_level" - V_ARCHITECTURE = "architecture" - V_NO_LOG_FILE = "no_log_file" - V_NO_PROGRESS = "no_progress" - V_ZARF_CACHE = "zarf_cache" - V_TMP_DIR = "tmp_dir" - V_INSECURE = "insecure" + VLogLevel = "log_level" + VArchitecture = "architecture" + VNoLogFile = "no_log_file" + VNoProgress = "no_progress" + VZarfCache = "zarf_cache" + VTmpDir = "tmp_dir" + VInsecure = "insecure" // Init config keys - V_INIT_COMPONENTS = "init.components" - V_INIT_STORAGE_CLASS = "init.storage_class" + VInitComponents = "init.components" + VInitStorageClass = "init.storage_class" // Init Git config keys - V_INIT_GIT_URL = "init.git.url" - V_INIT_GIT_PUSH_USER = "init.git.push_username" - V_INIT_GIT_PUSH_PASS = "init.git.push_password" - V_INIT_GIT_PULL_USER = "init.git.pull_username" - V_INIT_GIT_PULL_PASS = "init.git.pull_password" + VInitGitURL = "init.git.url" + VInitGitPushUser = "init.git.push_username" + VInitGitPushPass = "init.git.push_password" + VInitGitPullUser = "init.git.pull_username" + VInitGitPullPass = "init.git.pull_password" // Init Registry config keys - V_INIT_REGISTRY_URL = "init.registry.url" - V_INIT_REGISTRY_NODEPORT = "init.registry.nodeport" - V_INIT_REGISTRY_SECRET = "init.registry.secret" - V_INIT_REGISTRY_PUSH_USER = "init.registry.push_username" - V_INIT_REGISTRY_PUSH_PASS = "init.registry.push_password" - V_INIT_REGISTRY_PULL_USER = "init.registry.pull_username" - V_INIT_REGISTRY_PULL_PASS = "init.registry.pull_password" + VInitRegistryURL = "init.registry.url" + VInitRegistryNodeport = "init.registry.nodeport" + VInitRegistrySecret = "init.registry.secret" + VInitRegistryPushUser = "init.registry.push_username" + VInitRegistryPushPass = "init.registry.push_password" + VInitRegistryPullUser = "init.registry.pull_username" + VInitRegistryPullPass = "init.registry.pull_password" // Init Package config keys - V_INIT_ARTIFACT_URL = "init.artifact.url" - V_INIT_ARTIFACT_PUSH_USER = "init.artifact.push_username" - V_INIT_ARTIFACT_PUSH_TOKEN = "init.artifact.push_token" + VInitArtifactURL = "init.artifact.url" + VInitArtifactPushUser = "init.artifact.push_username" + VInitArtifactPushToken = "init.artifact.push_token" // Package config keys - V_PKG_OCI_CONCURRENCY = "package.oci_concurrency" + VPkgOCIConcurrency = "package.oci_concurrency" // Package create config keys - V_PKG_CREATE_SET = "package.create.set" - V_PKG_CREATE_OUTPUT = "package.create.output" - V_PKG_CREATE_SBOM = "package.create.sbom" - V_PKG_CREATE_SBOM_OUTPUT = "package.create.sbom_output" - V_PKG_CREATE_SKIP_SBOM = "package.create.skip_sbom" - V_PKG_CREATE_MAX_PACKAGE_SIZE = "package.create.max_package_size" - V_PKG_CREATE_SIGNING_KEY = "package.create.signing_key" - V_PKG_CREATE_SIGNING_KEY_PASSWORD = "package.create.signing_key_password" - V_PKG_CREATE_DIFFERENTIAL = "package.create.differential" - V_PKG_CREATE_REGISTRY_OVERRIDE = "package.create.registry_override" + VPkgCreateSet = "package.create.set" + VPkgCreateOutput = "package.create.output" + VPkgCreateSbom = "package.create.sbom" + VPkgCreateSbomOutput = "package.create.sbom_output" + VPkgCreateSkipSbom = "package.create.skip_sbom" + VPkgCreateMaxPackageSize = "package.create.max_package_size" + VPkgCreateSigningKey = "package.create.signing_key" + VPkgCreateSigningKeyPassword = "package.create.signing_key_password" + VPkgCreateDifferential = "package.create.differential" + VPkgCreateRegistryOverride = "package.create.registry_override" // Package deploy config keys - V_PKG_DEPLOY_SET = "package.deploy.set" - V_PKG_DEPLOY_COMPONENTS = "package.deploy.components" - V_PKG_DEPLOY_SHASUM = "package.deploy.shasum" - V_PKG_DEPLOY_SGET = "package.deploy.sget" - V_PKG_DEPLOY_PUBLIC_KEY = "package.deploy.public_key" + VPkgDeploySet = "package.deploy.set" + VPkgDeployComponents = "package.deploy.components" + VPkgDeployShasum = "package.deploy.shasum" + VPkgDeploySget = "package.deploy.sget" + VPkgDeployPublicKey = "package.deploy.public_key" // Package publish config keys - V_PKG_PUBLISH_SIGNING_KEY = "package.publish.signing_key" - V_PKG_PUBLISH_SIGNING_KEY_PASSWORD = "package.publish.signing_key_password" + VPkgPublishSigningKey = "package.publish.signing_key" + VPkgPublishSigningKeyPassword = "package.publish.signing_key_password" // Package pull config keys - V_PKG_PULL_OUTPUT_DIR = "package.pull.output_directory" - V_PKG_PULL_PUBLIC_KEY = "package.pull.public_key" + VPkgPullOutputDir = "package.pull.output_directory" + VPkgPullPublicKey = "package.pull.public_key" ) // Viper instance used by commands diff --git a/src/cmd/initialize.go b/src/cmd/initialize.go index ccc45d9e13..dcabe355af 100644 --- a/src/cmd/initialize.go +++ b/src/cmd/initialize.go @@ -53,7 +53,7 @@ var initCmd = &cobra.Command{ // Ensure uppercase keys from viper v := common.GetViper() - viperConfig := helpers.TransformMapKeys(v.GetStringMapString(common.V_PKG_DEPLOY_SET), strings.ToUpper) + viperConfig := helpers.TransformMapKeys(v.GetStringMapString(common.VPkgDeploySet), strings.ToUpper) pkgConfig.DeployOpts.SetVariables = helpers.MergeMap(viperConfig, pkgConfig.DeployOpts.SetVariables) // Configure the packager @@ -169,38 +169,37 @@ func init() { rootCmd.AddCommand(initCmd) // Init package variable defaults that are non-zero values - v.SetDefault(common.V_PKG_DEPLOY_SET, map[string]string{}) - v.SetDefault(common.V_INIT_GIT_PUSH_USER, config.ZarfGitPushUser) - v.SetDefault(common.V_INIT_REGISTRY_PUSH_USER, config.ZarfRegistryPushUser) + v.SetDefault(common.VInitGitPushUser, config.ZarfGitPushUser) + v.SetDefault(common.VInitRegistryPushUser, config.ZarfRegistryPushUser) // Init package set variable flags - initCmd.Flags().StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(common.V_PKG_DEPLOY_SET), lang.CmdInitFlagSet) + initCmd.Flags().StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(common.VPkgDeploySet), lang.CmdInitFlagSet) // Continue to require --confirm flag for init command to avoid accidental deployments initCmd.Flags().BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdInitFlagConfirm) - initCmd.Flags().StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(common.V_INIT_COMPONENTS), lang.CmdInitFlagComponents) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.StorageClass, "storage-class", v.GetString(common.V_INIT_STORAGE_CLASS), lang.CmdInitFlagStorageClass) + initCmd.Flags().StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(common.VInitComponents), lang.CmdInitFlagComponents) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.StorageClass, "storage-class", v.GetString(common.VInitStorageClass), lang.CmdInitFlagStorageClass) // Flags for using an external Git server - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.Address, "git-url", v.GetString(common.V_INIT_GIT_URL), lang.CmdInitFlagGitURL) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PushUsername, "git-push-username", v.GetString(common.V_INIT_GIT_PUSH_USER), lang.CmdInitFlagGitPushUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PushPassword, "git-push-password", v.GetString(common.V_INIT_GIT_PUSH_PASS), lang.CmdInitFlagGitPushPass) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PullUsername, "git-pull-username", v.GetString(common.V_INIT_GIT_PULL_USER), lang.CmdInitFlagGitPullUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PullPassword, "git-pull-password", v.GetString(common.V_INIT_GIT_PULL_PASS), lang.CmdInitFlagGitPullPass) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.Address, "git-url", v.GetString(common.VInitGitURL), lang.CmdInitFlagGitURL) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PushUsername, "git-push-username", v.GetString(common.VInitGitPushUser), lang.CmdInitFlagGitPushUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PushPassword, "git-push-password", v.GetString(common.VInitGitPushPass), lang.CmdInitFlagGitPushPass) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PullUsername, "git-pull-username", v.GetString(common.VInitGitPullUser), lang.CmdInitFlagGitPullUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.GitServer.PullPassword, "git-pull-password", v.GetString(common.VInitGitPullPass), lang.CmdInitFlagGitPullPass) // Flags for using an external registry - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.Address, "registry-url", v.GetString(common.V_INIT_REGISTRY_URL), lang.CmdInitFlagRegURL) - initCmd.Flags().IntVar(&pkgConfig.InitOpts.RegistryInfo.NodePort, "nodeport", v.GetInt(common.V_INIT_REGISTRY_NODEPORT), lang.CmdInitFlagRegNodePort) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PushUsername, "registry-push-username", v.GetString(common.V_INIT_REGISTRY_PUSH_USER), lang.CmdInitFlagRegPushUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PushPassword, "registry-push-password", v.GetString(common.V_INIT_REGISTRY_PUSH_PASS), lang.CmdInitFlagRegPushPass) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PullUsername, "registry-pull-username", v.GetString(common.V_INIT_REGISTRY_PULL_USER), lang.CmdInitFlagRegPullUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PullPassword, "registry-pull-password", v.GetString(common.V_INIT_REGISTRY_PULL_PASS), lang.CmdInitFlagRegPullPass) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.Secret, "registry-secret", v.GetString(common.V_INIT_REGISTRY_SECRET), lang.CmdInitFlagRegSecret) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.Address, "registry-url", v.GetString(common.VInitRegistryURL), lang.CmdInitFlagRegURL) + initCmd.Flags().IntVar(&pkgConfig.InitOpts.RegistryInfo.NodePort, "nodeport", v.GetInt(common.VInitRegistryNodeport), lang.CmdInitFlagRegNodePort) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PushUsername, "registry-push-username", v.GetString(common.VInitRegistryPushUser), lang.CmdInitFlagRegPushUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PushPassword, "registry-push-password", v.GetString(common.VInitRegistryPushPass), lang.CmdInitFlagRegPushPass) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PullUsername, "registry-pull-username", v.GetString(common.VInitRegistryPullUser), lang.CmdInitFlagRegPullUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.PullPassword, "registry-pull-password", v.GetString(common.VInitRegistryPullPass), lang.CmdInitFlagRegPullPass) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.RegistryInfo.Secret, "registry-secret", v.GetString(common.VInitRegistrySecret), lang.CmdInitFlagRegSecret) // Flags for using an external artifact server - initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.Address, "artifact-url", v.GetString(common.V_INIT_ARTIFACT_URL), lang.CmdInitFlagArtifactURL) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.PushUsername, "artifact-push-username", v.GetString(common.V_INIT_ARTIFACT_PUSH_USER), lang.CmdInitFlagArtifactPushUser) - initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.PushToken, "artifact-push-token", v.GetString(common.V_INIT_ARTIFACT_PUSH_TOKEN), lang.CmdInitFlagArtifactPushToken) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.Address, "artifact-url", v.GetString(common.VInitArtifactURL), lang.CmdInitFlagArtifactURL) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.PushUsername, "artifact-push-username", v.GetString(common.VInitArtifactPushUser), lang.CmdInitFlagArtifactPushUser) + initCmd.Flags().StringVar(&pkgConfig.InitOpts.ArtifactServer.PushToken, "artifact-push-token", v.GetString(common.VInitArtifactPushToken), lang.CmdInitFlagArtifactPushToken) initCmd.Flags().SortFlags = true } diff --git a/src/cmd/package.go b/src/cmd/package.go index 982f52ab11..7cfa202271 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -59,7 +59,7 @@ var packageCreateCmd = &cobra.Command{ // Ensure uppercase keys from viper v := common.GetViper() - viperConfig := helpers.TransformMapKeys(v.GetStringMapString(common.V_PKG_CREATE_SET), strings.ToUpper) + viperConfig := helpers.TransformMapKeys(v.GetStringMapString(common.VPkgCreateSet), strings.ToUpper) pkgConfig.CreateOpts.SetVariables = helpers.MergeMap(viperConfig, pkgConfig.CreateOpts.SetVariables) // Configure the packager @@ -84,7 +84,7 @@ var packageDeployCmd = &cobra.Command{ // Ensure uppercase keys from viper and CLI --set v := common.GetViper() - viperConfigSetVariables := helpers.TransformMapKeys(v.GetStringMapString(common.V_PKG_DEPLOY_SET), strings.ToUpper) + viperConfigSetVariables := helpers.TransformMapKeys(v.GetStringMapString(common.VPkgDeploySet), strings.ToUpper) pkgConfig.DeployOpts.SetVariables = helpers.TransformMapKeys(pkgConfig.DeployOpts.SetVariables, strings.ToUpper) // Merge the viper config file variables and provided CLI flag variables (CLI takes precedence)) @@ -286,8 +286,8 @@ func init() { func bindPackageFlags(v *spf13viper.Viper) { packageFlags := packageCmd.PersistentFlags() - v.SetDefault(common.V_PKG_OCI_CONCURRENCY, 3) - packageFlags.IntVar(&config.CommonOptions.OCIConcurrency, "oci-concurrency", v.GetInt(common.V_PKG_OCI_CONCURRENCY), lang.CmdPackageFlagConcurrency) + v.SetDefault(common.VPkgOCIConcurrency, 3) + packageFlags.IntVar(&config.CommonOptions.OCIConcurrency, "oci-concurrency", v.GetInt(common.VPkgOCIConcurrency), lang.CmdPackageFlagConcurrency) } func bindCreateFlags(v *spf13viper.Viper) { @@ -296,31 +296,23 @@ func bindCreateFlags(v *spf13viper.Viper) { // Always require confirm flag (no viper) createFlags.BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdPackageCreateFlagConfirm) - v.SetDefault(common.V_PKG_CREATE_SET, map[string]string{}) - v.SetDefault(common.V_PKG_CREATE_OUTPUT, "") - v.SetDefault(common.V_PKG_CREATE_SBOM, false) - v.SetDefault(common.V_PKG_CREATE_SBOM_OUTPUT, "") - v.SetDefault(common.V_PKG_CREATE_SKIP_SBOM, false) - v.SetDefault(common.V_PKG_CREATE_MAX_PACKAGE_SIZE, 0) - v.SetDefault(common.V_PKG_CREATE_SIGNING_KEY, "") - outputDirectory := v.GetString("package.create.output_directory") - output := v.GetString(common.V_PKG_CREATE_OUTPUT) + output := v.GetString(common.VPkgCreateOutput) if outputDirectory != "" && output == "" { - v.Set(common.V_PKG_CREATE_OUTPUT, outputDirectory) + v.Set(common.VPkgCreateOutput, outputDirectory) } createFlags.StringVar(&pkgConfig.CreateOpts.Output, "output-directory", v.GetString("package.create.output_directory"), lang.CmdPackageCreateFlagOutput) - createFlags.StringVarP(&pkgConfig.CreateOpts.Output, "output", "o", v.GetString(common.V_PKG_CREATE_OUTPUT), lang.CmdPackageCreateFlagOutput) - - createFlags.StringVar(&pkgConfig.CreateOpts.DifferentialData.DifferentialPackagePath, "differential", v.GetString(common.V_PKG_CREATE_DIFFERENTIAL), lang.CmdPackageCreateFlagDifferential) - createFlags.StringToStringVar(&pkgConfig.CreateOpts.SetVariables, "set", v.GetStringMapString(common.V_PKG_CREATE_SET), lang.CmdPackageCreateFlagSet) - createFlags.BoolVarP(&pkgConfig.CreateOpts.ViewSBOM, "sbom", "s", v.GetBool(common.V_PKG_CREATE_SBOM), lang.CmdPackageCreateFlagSbom) - createFlags.StringVar(&pkgConfig.CreateOpts.SBOMOutputDir, "sbom-out", v.GetString(common.V_PKG_CREATE_SBOM_OUTPUT), lang.CmdPackageCreateFlagSbomOut) - createFlags.BoolVar(&pkgConfig.CreateOpts.SkipSBOM, "skip-sbom", v.GetBool(common.V_PKG_CREATE_SKIP_SBOM), lang.CmdPackageCreateFlagSkipSbom) - createFlags.IntVarP(&pkgConfig.CreateOpts.MaxPackageSizeMB, "max-package-size", "m", v.GetInt(common.V_PKG_CREATE_MAX_PACKAGE_SIZE), lang.CmdPackageCreateFlagMaxPackageSize) - createFlags.StringVarP(&pkgConfig.CreateOpts.SigningKeyPath, "key", "k", v.GetString(common.V_PKG_CREATE_SIGNING_KEY), lang.CmdPackageCreateFlagSigningKey) - createFlags.StringVar(&pkgConfig.CreateOpts.SigningKeyPassword, "key-pass", v.GetString(common.V_PKG_CREATE_SIGNING_KEY_PASSWORD), lang.CmdPackageCreateFlagSigningKeyPassword) - createFlags.StringToStringVar(&pkgConfig.CreateOpts.RegistryOverrides, "registry-override", v.GetStringMapString(common.V_PKG_CREATE_REGISTRY_OVERRIDE), lang.CmdPackageCreateFlagRegistryOverride) + createFlags.StringVarP(&pkgConfig.CreateOpts.Output, "output", "o", v.GetString(common.VPkgCreateOutput), lang.CmdPackageCreateFlagOutput) + + createFlags.StringVar(&pkgConfig.CreateOpts.DifferentialData.DifferentialPackagePath, "differential", v.GetString(common.VPkgCreateDifferential), lang.CmdPackageCreateFlagDifferential) + createFlags.StringToStringVar(&pkgConfig.CreateOpts.SetVariables, "set", v.GetStringMapString(common.VPkgCreateSet), lang.CmdPackageCreateFlagSet) + createFlags.BoolVarP(&pkgConfig.CreateOpts.ViewSBOM, "sbom", "s", v.GetBool(common.VPkgCreateSbom), lang.CmdPackageCreateFlagSbom) + createFlags.StringVar(&pkgConfig.CreateOpts.SBOMOutputDir, "sbom-out", v.GetString(common.VPkgCreateSbomOutput), lang.CmdPackageCreateFlagSbomOut) + createFlags.BoolVar(&pkgConfig.CreateOpts.SkipSBOM, "skip-sbom", v.GetBool(common.VPkgCreateSkipSbom), lang.CmdPackageCreateFlagSkipSbom) + createFlags.IntVarP(&pkgConfig.CreateOpts.MaxPackageSizeMB, "max-package-size", "m", v.GetInt(common.VPkgCreateMaxPackageSize), lang.CmdPackageCreateFlagMaxPackageSize) + createFlags.StringVarP(&pkgConfig.CreateOpts.SigningKeyPath, "key", "k", v.GetString(common.VPkgCreateSigningKey), lang.CmdPackageCreateFlagSigningKey) + createFlags.StringVar(&pkgConfig.CreateOpts.SigningKeyPassword, "key-pass", v.GetString(common.VPkgCreateSigningKeyPassword), lang.CmdPackageCreateFlagSigningKeyPassword) + createFlags.StringToStringVar(&pkgConfig.CreateOpts.RegistryOverrides, "registry-override", v.GetStringMapString(common.VPkgCreateRegistryOverride), lang.CmdPackageCreateFlagRegistryOverride) createFlags.MarkHidden("output-directory") } @@ -334,42 +326,35 @@ func bindDeployFlags(v *spf13viper.Viper) { // Always require adopt-existing-resources flag (no viper) deployFlags.BoolVar(&pkgConfig.DeployOpts.AdoptExistingResources, "adopt-existing-resources", false, lang.CmdPackageDeployFlagAdoptExistingResources) - v.SetDefault(common.V_PKG_DEPLOY_SET, map[string]string{}) - v.SetDefault(common.V_PKG_DEPLOY_COMPONENTS, "") - v.SetDefault(common.V_PKG_DEPLOY_SHASUM, "") - v.SetDefault(common.V_PKG_DEPLOY_SGET, "") - v.SetDefault(common.V_PKG_DEPLOY_PUBLIC_KEY, "") - - deployFlags.StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(common.V_PKG_DEPLOY_SET), lang.CmdPackageDeployFlagSet) - deployFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(common.V_PKG_DEPLOY_COMPONENTS), lang.CmdPackageDeployFlagComponents) - deployFlags.StringVar(&pkgConfig.DeployOpts.Shasum, "shasum", v.GetString(common.V_PKG_DEPLOY_SHASUM), lang.CmdPackageDeployFlagShasum) - deployFlags.StringVar(&pkgConfig.DeployOpts.SGetKeyPath, "sget", v.GetString(common.V_PKG_DEPLOY_SGET), lang.CmdPackageDeployFlagSget) - deployFlags.StringVarP(&pkgConfig.DeployOpts.PublicKeyPath, "key", "k", v.GetString(common.V_PKG_DEPLOY_PUBLIC_KEY), lang.CmdPackageDeployFlagPublicKey) + deployFlags.StringToStringVar(&pkgConfig.DeployOpts.SetVariables, "set", v.GetStringMapString(common.VPkgDeploySet), lang.CmdPackageDeployFlagSet) + deployFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(common.VPkgDeployComponents), lang.CmdPackageDeployFlagComponents) + deployFlags.StringVar(&pkgConfig.DeployOpts.Shasum, "shasum", v.GetString(common.VPkgDeployShasum), lang.CmdPackageDeployFlagShasum) + deployFlags.StringVar(&pkgConfig.DeployOpts.SGetKeyPath, "sget", v.GetString(common.VPkgDeploySget), lang.CmdPackageDeployFlagSget) + deployFlags.StringVarP(&pkgConfig.DeployOpts.PublicKeyPath, "key", "k", v.GetString(common.VPkgDeployPublicKey), lang.CmdPackageDeployFlagPublicKey) } func bindInspectFlags(v *spf13viper.Viper) { inspectFlags := packageInspectCmd.Flags() inspectFlags.BoolVarP(&includeInspectSBOM, "sbom", "s", false, lang.CmdPackageInspectFlagSbom) inspectFlags.StringVar(&outputInspectSBOM, "sbom-out", "", lang.CmdPackageInspectFlagSbomOut) - inspectFlags.StringVarP(&inspectPublicKey, "key", "k", v.GetString(common.V_PKG_DEPLOY_PUBLIC_KEY), lang.CmdPackageInspectFlagPublicKey) + inspectFlags.StringVarP(&inspectPublicKey, "key", "k", v.GetString(common.VPkgDeployPublicKey), lang.CmdPackageInspectFlagPublicKey) } func bindRemoveFlags(v *spf13viper.Viper) { removeFlags := packageRemoveCmd.Flags() removeFlags.BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdPackageRemoveFlagConfirm) - removeFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(common.V_PKG_DEPLOY_COMPONENTS), lang.CmdPackageRemoveFlagComponents) + removeFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(common.VPkgDeployComponents), lang.CmdPackageRemoveFlagComponents) _ = packageRemoveCmd.MarkFlagRequired("confirm") } func bindPublishFlags(v *spf13viper.Viper) { publishFlags := packagePublishCmd.Flags() - publishFlags.StringVarP(&pkgConfig.PublishOpts.SigningKeyPath, "key", "k", v.GetString(common.V_PKG_PUBLISH_SIGNING_KEY), lang.CmdPackagePublishFlagSigningKey) - publishFlags.StringVar(&pkgConfig.PublishOpts.SigningKeyPassword, "key-pass", v.GetString(common.V_PKG_PUBLISH_SIGNING_KEY_PASSWORD), lang.CmdPackagePublishFlagSigningKeyPassword) + publishFlags.StringVarP(&pkgConfig.PublishOpts.SigningKeyPath, "key", "k", v.GetString(common.VPkgPublishSigningKey), lang.CmdPackagePublishFlagSigningKey) + publishFlags.StringVar(&pkgConfig.PublishOpts.SigningKeyPassword, "key-pass", v.GetString(common.VPkgPublishSigningKeyPassword), lang.CmdPackagePublishFlagSigningKeyPassword) } func bindPullFlags(v *spf13viper.Viper) { pullFlags := packagePullCmd.Flags() - v.SetDefault(common.V_PKG_PULL_OUTPUT_DIR, "") - pullFlags.StringVarP(&pkgConfig.PullOpts.OutputDirectory, "output-directory", "o", v.GetString(common.V_PKG_PULL_OUTPUT_DIR), lang.CmdPackagePullFlagOutputDirectory) - pullFlags.StringVarP(&pkgConfig.PullOpts.PublicKeyPath, "key", "k", v.GetString(common.V_PKG_PULL_PUBLIC_KEY), lang.CmdPackagePullFlagPublicKey) + pullFlags.StringVarP(&pkgConfig.PullOpts.OutputDirectory, "output-directory", "o", v.GetString(common.VPkgPullOutputDir), lang.CmdPackagePullFlagOutputDirectory) + pullFlags.StringVarP(&pkgConfig.PullOpts.PublicKeyPath, "key", "k", v.GetString(common.VPkgPullPublicKey), lang.CmdPackagePullFlagPublicKey) } diff --git a/src/cmd/prepare.go b/src/cmd/prepare.go index d734a46962..b888c78d1a 100644 --- a/src/cmd/prepare.go +++ b/src/cmd/prepare.go @@ -104,7 +104,7 @@ var prepareFindImages = &cobra.Command{ // Ensure uppercase keys from viper v := common.GetViper() - viperConfig := helpers.TransformMapKeys(v.GetStringMapString(common.V_PKG_CREATE_SET), strings.ToUpper) + viperConfig := helpers.TransformMapKeys(v.GetStringMapString(common.VPkgCreateSet), strings.ToUpper) pkgConfig.CreateOpts.SetVariables = helpers.MergeMap(viperConfig, pkgConfig.CreateOpts.SetVariables) // Configure the packager @@ -148,11 +148,11 @@ func init() { prepareCmd.AddCommand(prepareFindImages) prepareCmd.AddCommand(prepareGenerateConfigFile) - v.SetDefault(common.V_PKG_CREATE_SET, map[string]string{}) + v.SetDefault(common.VPkgCreateSet, map[string]string{}) prepareFindImages.Flags().StringVarP(&repoHelmChartPath, "repo-chart-path", "p", "", lang.CmdPrepareFlagRepoChartPath) // use the package create config for this and reset it here to avoid overwriting the config.CreateOptions.SetVariables - prepareFindImages.Flags().StringToStringVar(&pkgConfig.CreateOpts.SetVariables, "set", v.GetStringMapString(common.V_PKG_CREATE_SET), lang.CmdPrepareFlagSet) + prepareFindImages.Flags().StringToStringVar(&pkgConfig.CreateOpts.SetVariables, "set", v.GetStringMapString(common.VPkgCreateSet), lang.CmdPrepareFlagSet) // allow for the override of the default helm KubeVersion prepareFindImages.Flags().StringVar(&kubeVersionOverride, "kube-version", "", lang.CmdPrepareFlagKubeVersion) diff --git a/src/cmd/root.go b/src/cmd/root.go index 589a24b24d..7a8315682e 100644 --- a/src/cmd/root.go +++ b/src/cmd/root.go @@ -78,21 +78,21 @@ func init() { v := common.InitViper() - v.SetDefault(common.V_LOG_LEVEL, "info") - v.SetDefault(common.V_ARCHITECTURE, "") - v.SetDefault(common.V_NO_LOG_FILE, false) - v.SetDefault(common.V_NO_PROGRESS, false) - v.SetDefault(common.V_INSECURE, false) - v.SetDefault(common.V_ZARF_CACHE, config.ZarfDefaultCachePath) - v.SetDefault(common.V_TMP_DIR, "") - - rootCmd.PersistentFlags().StringVarP(&logLevel, "log-level", "l", v.GetString(common.V_LOG_LEVEL), lang.RootCmdFlagLogLevel) - rootCmd.PersistentFlags().StringVarP(&config.CLIArch, "architecture", "a", v.GetString(common.V_ARCHITECTURE), lang.RootCmdFlagArch) - rootCmd.PersistentFlags().BoolVar(&config.SkipLogFile, "no-log-file", v.GetBool(common.V_NO_LOG_FILE), lang.RootCmdFlagSkipLogFile) - rootCmd.PersistentFlags().BoolVar(&message.NoProgress, "no-progress", v.GetBool(common.V_NO_PROGRESS), lang.RootCmdFlagNoProgress) - rootCmd.PersistentFlags().StringVar(&config.CommonOptions.CachePath, "zarf-cache", v.GetString(common.V_ZARF_CACHE), lang.RootCmdFlagCachePath) - rootCmd.PersistentFlags().StringVar(&config.CommonOptions.TempDirectory, "tmpdir", v.GetString(common.V_TMP_DIR), lang.RootCmdFlagTempDir) - rootCmd.PersistentFlags().BoolVar(&config.CommonOptions.Insecure, "insecure", v.GetBool(common.V_INSECURE), lang.RootCmdFlagInsecure) + v.SetDefault(common.VLogLevel, "info") + v.SetDefault(common.VArchitecture, "") + v.SetDefault(common.VNoLogFile, false) + v.SetDefault(common.VNoProgress, false) + v.SetDefault(common.VInsecure, false) + v.SetDefault(common.VZarfCache, config.ZarfDefaultCachePath) + v.SetDefault(common.VTmpDir, "") + + rootCmd.PersistentFlags().StringVarP(&logLevel, "log-level", "l", v.GetString(common.VLogLevel), lang.RootCmdFlagLogLevel) + rootCmd.PersistentFlags().StringVarP(&config.CLIArch, "architecture", "a", v.GetString(common.VArchitecture), lang.RootCmdFlagArch) + rootCmd.PersistentFlags().BoolVar(&config.SkipLogFile, "no-log-file", v.GetBool(common.VNoLogFile), lang.RootCmdFlagSkipLogFile) + rootCmd.PersistentFlags().BoolVar(&message.NoProgress, "no-progress", v.GetBool(common.VNoProgress), lang.RootCmdFlagNoProgress) + rootCmd.PersistentFlags().StringVar(&config.CommonOptions.CachePath, "zarf-cache", v.GetString(common.VZarfCache), lang.RootCmdFlagCachePath) + rootCmd.PersistentFlags().StringVar(&config.CommonOptions.TempDirectory, "tmpdir", v.GetString(common.VTmpDir), lang.RootCmdFlagTempDir) + rootCmd.PersistentFlags().BoolVar(&config.CommonOptions.Insecure, "insecure", v.GetBool(common.VInsecure), lang.RootCmdFlagInsecure) } func cliSetup() { diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 9584b3d491..1c303ab506 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -393,23 +393,23 @@ func init() { toolsCmd.AddCommand(updateCredsCmd) // Flags for using an external Git server - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.Address, "git-url", v.GetString(common.V_INIT_GIT_URL), lang.CmdInitFlagGitURL) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushUsername, "git-push-username", v.GetString(common.V_INIT_GIT_PUSH_USER), lang.CmdInitFlagGitPushUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushPassword, "git-push-password", v.GetString(common.V_INIT_GIT_PUSH_PASS), lang.CmdInitFlagGitPushPass) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullUsername, "git-pull-username", v.GetString(common.V_INIT_GIT_PULL_USER), lang.CmdInitFlagGitPullUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullPassword, "git-pull-password", v.GetString(common.V_INIT_GIT_PULL_PASS), lang.CmdInitFlagGitPullPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.Address, "git-url", v.GetString(common.VInitGitURL), lang.CmdInitFlagGitURL) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushUsername, "git-push-username", v.GetString(common.VInitGitPushUser), lang.CmdInitFlagGitPushUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushPassword, "git-push-password", v.GetString(common.VInitGitPushPass), lang.CmdInitFlagGitPushPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullUsername, "git-pull-username", v.GetString(common.VInitGitPullUser), lang.CmdInitFlagGitPullUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PullPassword, "git-pull-password", v.GetString(common.VInitGitPullPass), lang.CmdInitFlagGitPullPass) // Flags for using an external registry - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.Address, "registry-url", v.GetString(common.V_INIT_REGISTRY_URL), lang.CmdInitFlagRegURL) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushUsername, "registry-push-username", v.GetString(common.V_INIT_REGISTRY_PUSH_USER), lang.CmdInitFlagRegPushUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushPassword, "registry-push-password", v.GetString(common.V_INIT_REGISTRY_PUSH_PASS), lang.CmdInitFlagRegPushPass) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullUsername, "registry-pull-username", v.GetString(common.V_INIT_REGISTRY_PULL_USER), lang.CmdInitFlagRegPullUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullPassword, "registry-pull-password", v.GetString(common.V_INIT_REGISTRY_PULL_PASS), lang.CmdInitFlagRegPullPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.Address, "registry-url", v.GetString(common.VInitRegistryURL), lang.CmdInitFlagRegURL) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushUsername, "registry-push-username", v.GetString(common.VInitRegistryPushUser), lang.CmdInitFlagRegPushUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PushPassword, "registry-push-password", v.GetString(common.VInitRegistryPushPass), lang.CmdInitFlagRegPushPass) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullUsername, "registry-pull-username", v.GetString(common.VInitRegistryPullUser), lang.CmdInitFlagRegPullUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.RegistryInfo.PullPassword, "registry-pull-password", v.GetString(common.VInitRegistryPullPass), lang.CmdInitFlagRegPullPass) // Flags for using an external artifact server - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.Address, "artifact-url", v.GetString(common.V_INIT_ARTIFACT_URL), lang.CmdInitFlagArtifactURL) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushUsername, "artifact-push-username", v.GetString(common.V_INIT_ARTIFACT_PUSH_USER), lang.CmdInitFlagArtifactPushUser) - updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushToken, "artifact-push-token", v.GetString(common.V_INIT_ARTIFACT_PUSH_TOKEN), lang.CmdInitFlagArtifactPushToken) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.Address, "artifact-url", v.GetString(common.VInitArtifactURL), lang.CmdInitFlagArtifactURL) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushUsername, "artifact-push-username", v.GetString(common.VInitArtifactPushUser), lang.CmdInitFlagArtifactPushUser) + updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.ArtifactServer.PushToken, "artifact-push-token", v.GetString(common.VInitArtifactPushToken), lang.CmdInitFlagArtifactPushToken) updateCredsCmd.Flags().SortFlags = true From eee986458d068a4d406a86c7ff8beac68709c3fa Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Wed, 2 Aug 2023 19:43:37 -0500 Subject: [PATCH 18/43] Lint --- src/cmd/common/viper.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/cmd/common/viper.go b/src/cmd/common/viper.go index d2f41b6be2..5e92c8a2b6 100644 --- a/src/cmd/common/viper.go +++ b/src/cmd/common/viper.go @@ -13,8 +13,11 @@ import ( "github.com/spf13/viper" ) +// Constants for use when loading configurations from viper config files const ( + // Root config keys + VLogLevel = "log_level" VArchitecture = "architecture" VNoLogFile = "no_log_file" @@ -24,10 +27,12 @@ const ( VInsecure = "insecure" // Init config keys + VInitComponents = "init.components" VInitStorageClass = "init.storage_class" // Init Git config keys + VInitGitURL = "init.git.url" VInitGitPushUser = "init.git.push_username" VInitGitPushPass = "init.git.push_password" @@ -35,6 +40,7 @@ const ( VInitGitPullPass = "init.git.pull_password" // Init Registry config keys + VInitRegistryURL = "init.registry.url" VInitRegistryNodeport = "init.registry.nodeport" VInitRegistrySecret = "init.registry.secret" @@ -44,14 +50,17 @@ const ( VInitRegistryPullPass = "init.registry.pull_password" // Init Package config keys + VInitArtifactURL = "init.artifact.url" VInitArtifactPushUser = "init.artifact.push_username" VInitArtifactPushToken = "init.artifact.push_token" // Package config keys + VPkgOCIConcurrency = "package.oci_concurrency" // Package create config keys + VPkgCreateSet = "package.create.set" VPkgCreateOutput = "package.create.output" VPkgCreateSbom = "package.create.sbom" @@ -64,6 +73,7 @@ const ( VPkgCreateRegistryOverride = "package.create.registry_override" // Package deploy config keys + VPkgDeploySet = "package.deploy.set" VPkgDeployComponents = "package.deploy.components" VPkgDeployShasum = "package.deploy.shasum" @@ -71,10 +81,12 @@ const ( VPkgDeployPublicKey = "package.deploy.public_key" // Package publish config keys + VPkgPublishSigningKey = "package.publish.signing_key" VPkgPublishSigningKeyPassword = "package.publish.signing_key_password" // Package pull config keys + VPkgPullOutputDir = "package.pull.output_directory" VPkgPullPublicKey = "package.pull.public_key" ) From 4bc6ff68c497fe72864539c1a783074c5683143e Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Wed, 2 Aug 2023 19:48:42 -0500 Subject: [PATCH 19/43] Lint #2 --- src/cmd/common/viper.go | 2 ++ src/internal/packager/helm/chart.go | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/cmd/common/viper.go b/src/cmd/common/viper.go index 5e92c8a2b6..820e879468 100644 --- a/src/cmd/common/viper.go +++ b/src/cmd/common/viper.go @@ -94,6 +94,7 @@ const ( // Viper instance used by commands var v *viper.Viper +// InitViper initializes the viper singleton for the CLI func InitViper() *viper.Viper { // Already initialized by some other command if v != nil { @@ -146,6 +147,7 @@ func InitViper() *viper.Viper { return v } +// GetViper returns the viper singleton func GetViper() *viper.Viper { return v } diff --git a/src/internal/packager/helm/chart.go b/src/internal/packager/helm/chart.go index 07a0caa3c1..bd59326d4d 100644 --- a/src/internal/packager/helm/chart.go +++ b/src/internal/packager/helm/chart.go @@ -271,7 +271,7 @@ func (h *Helm) RemoveChart(namespace string, name string, spinner *message.Spinn return err } -// UpdateChartValues updates values for a given chart release +// UpdateReleaseValues updates values for a given chart release func (h *Helm) UpdateReleaseValues(updatedValues map[string]interface{}) error { spinner := message.NewProgressSpinner("Updating values for helm release %s", h.ReleaseName) defer spinner.Stop() From c981173a338d170ed10205927648cfccc667bb7c Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 7 Aug 2023 11:03:10 -0500 Subject: [PATCH 20/43] Initial test structure --- src/cmd/tools/zarf.go | 20 +++-- src/config/lang/english.go | 1 + ...nnect_test.go => 21_connect_creds_test.go} | 76 ++++++++++--------- src/test/upgrade/previously_built_test.go | 13 ++-- 4 files changed, 64 insertions(+), 46 deletions(-) rename src/test/e2e/{21_connect_test.go => 21_connect_creds_test.go} (90%) diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 1c303ab506..3eafdc81f3 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -133,12 +133,17 @@ var updateCredsCmd = &cobra.Command{ message.PrintCredentialUpdates(oldState, newState, args) - confirm := false - prompt := &survey.Confirm{ - Message: "Continue with these changes?", - } - if err := survey.AskOne(prompt, &confirm); err != nil { - message.Fatalf(nil, lang.ErrConfirmCancel, err) + confirm := config.CommonOptions.Confirm + + if confirm { + message.Note("Confirm flag specified, continuing without prompting.") + } else { + prompt := &survey.Confirm{ + Message: "Continue with these changes?", + } + if err := survey.AskOne(prompt, &confirm); err != nil { + message.Fatalf(nil, lang.ErrConfirmCancel, err) + } } if confirm { @@ -392,6 +397,9 @@ func init() { toolsCmd.AddCommand(updateCredsCmd) + // Always require confirm flag (no viper) + updateCredsCmd.Flags().BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdToolsUpdateCredsConfirm) + // Flags for using an external Git server updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.Address, "git-url", v.GetString(common.VInitGitURL), lang.CmdInitFlagGitURL) updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.PushUsername, "git-push-username", v.GetString(common.VInitGitPushUser), lang.CmdInitFlagGitPushUser) diff --git a/src/config/lang/english.go b/src/config/lang/english.go index a776e35aa1..a932157775 100644 --- a/src/config/lang/english.go +++ b/src/config/lang/english.go @@ -480,6 +480,7 @@ const ( # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well. ` + CmdToolsUpdateCredsConfirm = "Confirm updating credentials without prompting" // zarf version CmdVersionShort = "Shows the version of the running Zarf binary" diff --git a/src/test/e2e/21_connect_test.go b/src/test/e2e/21_connect_creds_test.go similarity index 90% rename from src/test/e2e/21_connect_test.go rename to src/test/e2e/21_connect_creds_test.go index 320c687afc..a59b8bbfad 100644 --- a/src/test/e2e/21_connect_test.go +++ b/src/test/e2e/21_connect_creds_test.go @@ -6,7 +6,7 @@ package test import ( "crypto/tls" - "io/ioutil" + "io" "net/http" "strings" "testing" @@ -19,43 +19,16 @@ type RegistryResponse struct { Repositories []string `json:"repositories"` } -func TestConnect(t *testing.T) { +func TestConnectAndCreds(t *testing.T) { t.Log("E2E: Connect") e2e.SetupWithCluster(t) - // Make the Registry contains the images we expect - stdOut, stdErr, err := e2e.Zarf("tools", "registry", "catalog") - require.NoError(t, err, stdOut, stdErr) - registryList := strings.Split(strings.Trim(stdOut, "\n "), "\n") - - // We assert greater than or equal to since the base init has 12 images - // HOWEVER during an upgrade we could have mismatched versions/names resulting in more images - require.GreaterOrEqual(t, len(registryList), 7) - require.Contains(t, stdOut, "gitea/gitea") + connectToZarfServices(t) - // Connect to Gitea - tunnelGit, err := cluster.NewZarfTunnel() - require.NoError(t, err) - err = tunnelGit.Connect(cluster.ZarfGit, false) - require.NoError(t, err) - defer tunnelGit.Close() - - // Make sure Gitea comes up cleanly - respGit, err := http.Get(tunnelGit.HTTPEndpoint()) - require.NoError(t, err) - require.Equal(t, 200, respGit.StatusCode) - - // Connect to the Logging Stack - tunnelLog, err := cluster.NewZarfTunnel() - require.NoError(t, err) - err = tunnelLog.Connect(cluster.ZarfLogging, false) - require.NoError(t, err) - defer tunnelLog.Close() + stdOut, stdErr, err := e2e.Zarf("tools", "update-creds", "--confirm") + require.NoError(t, err, stdOut, stdErr) - // Make sure Grafana comes up cleanly - respLog, err := http.Get(tunnelLog.HTTPEndpoint()) - require.NoError(t, err) - require.Equal(t, 200, respLog.StatusCode) + connectToZarfServices(t) stdOut, stdErr, err = e2e.Zarf("package", "remove", "init", "--components=logging", "--confirm") require.NoError(t, err, stdOut, stdErr) @@ -87,7 +60,7 @@ func TestMetrics(t *testing.T) { defer resp.Body.Close() // Read the response body - body, err := ioutil.ReadAll(resp.Body) + body, err := io.ReadAll(resp.Body) if err != nil { t.Fatal(err) } @@ -96,5 +69,40 @@ func TestMetrics(t *testing.T) { require.Equal(t, true, strings.Contains(string(body), desiredString)) require.NoError(t, err, resp) require.Equal(t, 200, resp.StatusCode) +} +func connectToZarfServices(t *testing.T) { + // Make the Registry contains the images we expect + stdOut, stdErr, err := e2e.Zarf("tools", "registry", "catalog") + require.NoError(t, err, stdOut, stdErr) + registryList := strings.Split(strings.Trim(stdOut, "\n "), "\n") + + // We assert greater than or equal to since the base init has 12 images + // HOWEVER during an upgrade we could have mismatched versions/names resulting in more images + require.GreaterOrEqual(t, len(registryList), 7) + require.Contains(t, stdOut, "gitea/gitea") + + // Connect to Gitea + tunnelGit, err := cluster.NewZarfTunnel() + require.NoError(t, err) + err = tunnelGit.Connect(cluster.ZarfGit, false) + require.NoError(t, err) + defer tunnelGit.Close() + + // Make sure Gitea comes up cleanly + respGit, err := http.Get(tunnelGit.HTTPEndpoint()) + require.NoError(t, err) + require.Equal(t, 200, respGit.StatusCode) + + // Connect to the Logging Stack + tunnelLog, err := cluster.NewZarfTunnel() + require.NoError(t, err) + err = tunnelLog.Connect(cluster.ZarfLogging, false) + require.NoError(t, err) + defer tunnelLog.Close() + + // Make sure Grafana comes up cleanly + respLog, err := http.Get(tunnelLog.HTTPEndpoint()) + require.NoError(t, err) + require.Equal(t, 200, respLog.StatusCode) } diff --git a/src/test/upgrade/previously_built_test.go b/src/test/upgrade/previously_built_test.go index b8dcb80c70..86b2141a0d 100644 --- a/src/test/upgrade/previously_built_test.go +++ b/src/test/upgrade/previously_built_test.go @@ -36,12 +36,13 @@ func TestPreviouslyBuiltZarfPackage(t *testing.T) { require.Contains(t, kubectlOut, "6.3.3") // Verify that the private-registry secret and private-git-server secret in the podinfo-upgrade namespace are the same after re-init - zarfRegistrySecret, _, _ := kubectl("-n=zarf", "get", "secret", "private-registry", "-o", "jsonpath={.data}") - podinfoRegistrySecret, _, _ := kubectl("-n=podinfo-upgrade", "get", "secret", "private-registry", "-o", "jsonpath={.data}") - require.Equal(t, zarfRegistrySecret, podinfoRegistrySecret, "the zarf registry secret and podinfo-upgrade registry secret did not match") - zarfGitServerSecret, _, _ := kubectl("-n=zarf", "get", "secret", "private-git-server", "-o", "jsonpath={.data}") - podinfoGitServerSecret, _, _ := kubectl("-n=podinfo-upgrade", "get", "secret", "private-git-server", "-o", "jsonpath={.data}") - require.Equal(t, zarfGitServerSecret, podinfoGitServerSecret, "the zarf git server secret and podinfo-upgrade git server secret did not match") + // This tests that `zarf tools update-creds` successfully updated the other namespace + // zarfRegistrySecret, _, _ := kubectl("-n=zarf", "get", "secret", "private-registry", "-o", "jsonpath={.data}") + // podinfoRegistrySecret, _, _ := kubectl("-n=podinfo-upgrade", "get", "secret", "private-registry", "-o", "jsonpath={.data}") + // require.Equal(t, zarfRegistrySecret, podinfoRegistrySecret, "the zarf registry secret and podinfo-upgrade registry secret did not match") + // zarfGitServerSecret, _, _ := kubectl("-n=zarf", "get", "secret", "private-git-server", "-o", "jsonpath={.data}") + // podinfoGitServerSecret, _, _ := kubectl("-n=podinfo-upgrade", "get", "secret", "private-git-server", "-o", "jsonpath={.data}") + // require.Equal(t, zarfGitServerSecret, podinfoGitServerSecret, "the zarf git server secret and podinfo-upgrade git server secret did not match") // We also expect a 6.3.4 package to have been previously built previouslyBuiltPackage := "../../../zarf-package-test-upgrade-package-amd64-6.3.4.tar.zst" From ad49fe073318f0b1de18d7e8505c5b19d21a6b23 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 7 Aug 2023 12:36:19 -0500 Subject: [PATCH 21/43] Remove the ability to update the logging chart --- src/cmd/tools/zarf.go | 35 ++--------------------------- src/internal/packager/helm/chart.go | 6 ++++- src/pkg/message/credentials.go | 6 ----- 3 files changed, 7 insertions(+), 40 deletions(-) diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 3eafdc81f3..fffd9199e1 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -79,13 +79,13 @@ var updateCredsCmd = &cobra.Command{ Aliases: []string{"uc"}, Args: cobra.MaximumNArgs(1), Run: func(cmd *cobra.Command, args []string) { - validKeys := []string{message.RegistryKey, message.GitKey, message.ArtifactKey, message.LoggingKey} + validKeys := []string{message.RegistryKey, message.GitKey, message.ArtifactKey} if len(args) == 0 { args = validKeys } else { if !helpers.SliceContains(validKeys, args[0]) { cmd.Help() - message.Fatalf(nil, "Invalid service key specified - valid keys are: %s, %s, %s, and %s", message.RegistryKey, message.GitKey, message.ArtifactKey, message.LoggingKey) + message.Fatalf(nil, "Invalid service key specified - valid keys are: %s, %s, and %s", message.RegistryKey, message.GitKey, message.ArtifactKey) } } @@ -103,7 +103,6 @@ var updateCredsCmd = &cobra.Command{ hasRegistry := false hasGitServer := false - hasLogging := false for _, dc := range initPackage.DeployedComponents { if dc.Name == "zarf-registry" { hasRegistry = true @@ -111,9 +110,6 @@ var updateCredsCmd = &cobra.Command{ if dc.Name == "git-server" { hasGitServer = true } - if dc.Name == "logging" { - hasLogging = true - } } newState := oldState @@ -127,9 +123,6 @@ var updateCredsCmd = &cobra.Command{ if helpers.SliceContains(args, message.ArtifactKey) { newState.ArtifactServer = helpers.MergeNonZero(newState.ArtifactServer, updateCredsInitOpts.ArtifactServer) } - if helpers.SliceContains(args, message.LoggingKey) { - newState.LoggingSecret = "" - } message.PrintCredentialUpdates(oldState, newState, args) @@ -175,9 +168,6 @@ var updateCredsCmd = &cobra.Command{ newState.ArtifactServer.PushToken = tokenResponse.Sha1 } } - if helpers.SliceContains(args, message.LoggingKey) { - newState.LoggingSecret = utils.RandomString(config.ZarfGeneratedPasswordLen) - } err = c.SaveZarfState(newState) if err != nil { @@ -245,27 +235,6 @@ var updateCredsCmd = &cobra.Command{ message.Fatalf(nil, "Unable to create the new Gitea read only user") } } - if helpers.SliceContains(args, message.LoggingKey) && hasLogging { - loggingValues := map[string]interface{}{} - loggingGrafanaValues := map[string]interface{}{} - loggingGrafanaValues["adminPassword"] = newState.LoggingSecret - loggingValues["grafana"] = loggingGrafanaValues - - h := helm.Helm{ - Chart: types.ZarfChart{ - Namespace: "zarf", - }, - Cluster: c, - ReleaseName: "zarf-loki-stack", - Cfg: &types.PackagerConfig{ - State: newState, - }, - } - err = h.UpdateReleaseValues(loggingValues) - if err != nil { - message.Fatalf(nil, "error updating the release values: %s", err.Error()) - } - } } }, } diff --git a/src/internal/packager/helm/chart.go b/src/internal/packager/helm/chart.go index bd59326d4d..1bb7042565 100644 --- a/src/internal/packager/helm/chart.go +++ b/src/internal/packager/helm/chart.go @@ -272,6 +272,7 @@ func (h *Helm) RemoveChart(namespace string, name string, spinner *message.Spinn } // UpdateReleaseValues updates values for a given chart release +// (note: this only works on single-deep charts, charts with dependencies (like loki-stack) will not work) func (h *Helm) UpdateReleaseValues(updatedValues map[string]interface{}) error { spinner := message.NewProgressSpinner("Updating values for helm release %s", h.ReleaseName) defer spinner.Stop() @@ -309,6 +310,9 @@ func (h *Helm) UpdateReleaseValues(updatedValues map[string]interface{}) error { // Set reuse values to only override the values we are explicitly given client.ReuseValues = true + // Wait for the update operation to successfully complete + client.Wait = true + // Perform the loadedChart upgrade. _, err = client.Run(h.ReleaseName, lastRelease.Chart, updatedValues) if err != nil { @@ -469,7 +473,7 @@ func (h *Helm) migrateDeprecatedAPIs(latestRelease *release.Release) error { return fmt.Errorf("failed to unmarshal manifest: %#v", err) } - rawData, manifestModified, err := h.Cluster.Kube.HandleDeprecations(rawData, *kubeGitVersion) + rawData, manifestModified, _ := h.Cluster.Kube.HandleDeprecations(rawData, *kubeGitVersion) manifestContent, err := yaml.Marshal(rawData) if err != nil { return fmt.Errorf("failed to marshal raw manifest after deprecation check: %#v", err) diff --git a/src/pkg/message/credentials.go b/src/pkg/message/credentials.go index 050d06b06e..b76cea1dcd 100644 --- a/src/pkg/message/credentials.go +++ b/src/pkg/message/credentials.go @@ -138,12 +138,6 @@ func PrintCredentialUpdates(oldState types.ZarfState, newState types.ZarfState, pterm.Printfln(" %s: %s", pterm.Bold.Sprint("URL Address"), compareStrings(oA.Address, nA.Address, false)) pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Username"), compareStrings(oA.PushUsername, nA.PushUsername, false)) pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Push Token"), compareStrings(oA.PushToken, nA.PushToken, true)) - case LoggingKey: - oL := oldState.LoggingSecret - nL := newState.LoggingSecret - Title("Logging", "the information used to interact with Zarf's Logging Stack") - pterm.Println() - pterm.Printfln(" %s: %s", pterm.Bold.Sprint("Logging Secret"), compareStrings(oL, nL, true)) } } From e726efa1baba55e15a8ee34616de1d8e4a7a1186 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 7 Aug 2023 13:01:23 -0500 Subject: [PATCH 22/43] Test that the credentials allow authentication to git --- src/test/e2e/21_connect_creds_test.go | 29 ++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/src/test/e2e/21_connect_creds_test.go b/src/test/e2e/21_connect_creds_test.go index a59b8bbfad..572d2717b6 100644 --- a/src/test/e2e/21_connect_creds_test.go +++ b/src/test/e2e/21_connect_creds_test.go @@ -6,6 +6,7 @@ package test import ( "crypto/tls" + "fmt" "io" "net/http" "strings" @@ -80,7 +81,24 @@ func connectToZarfServices(t *testing.T) { // We assert greater than or equal to since the base init has 12 images // HOWEVER during an upgrade we could have mismatched versions/names resulting in more images require.GreaterOrEqual(t, len(registryList), 7) + require.Contains(t, stdOut, "defenseunicorns/zarf/agent") require.Contains(t, stdOut, "gitea/gitea") + require.Contains(t, stdOut, "grafana/grafana") + require.Contains(t, stdOut, "grafana/loki") + require.Contains(t, stdOut, "grafana/promtail") + require.Contains(t, stdOut, "kiwigrid/k8s-sidecar") + require.Contains(t, stdOut, "library/registry") + + // Get the git credentials + stdOut, stdErr, err = e2e.Zarf("tools", "get-creds", "git") + require.NoError(t, err, stdOut, stdErr) + gitPushPassword := strings.TrimSpace(stdOut) + stdOut, stdErr, err = e2e.Zarf("tools", "get-creds", "git-readonly") + require.NoError(t, err, stdOut, stdErr) + gitPullPassword := strings.TrimSpace(stdOut) + stdOut, stdErr, err = e2e.Zarf("tools", "get-creds", "artifact") + require.NoError(t, err, stdOut, stdErr) + gitArtifactToken := strings.TrimSpace(stdOut) // Connect to Gitea tunnelGit, err := cluster.NewZarfTunnel() @@ -90,7 +108,16 @@ func connectToZarfServices(t *testing.T) { defer tunnelGit.Close() // Make sure Gitea comes up cleanly - respGit, err := http.Get(tunnelGit.HTTPEndpoint()) + gitPushUrl := fmt.Sprintf("http://zarf-git-user:%s@%s/api/v1/user", gitPushPassword, tunnelGit.Endpoint()) + respGit, err := http.Get(gitPushUrl) + require.NoError(t, err) + require.Equal(t, 200, respGit.StatusCode) + gitPullUrl := fmt.Sprintf("http://zarf-git-read-user:%s@%s/api/v1/user", gitPullPassword, tunnelGit.Endpoint()) + respGit, err = http.Get(gitPullUrl) + require.NoError(t, err) + require.Equal(t, 200, respGit.StatusCode) + gitArtifactUrl := fmt.Sprintf("http://zarf-git-user:%s@%s/api/v1/user", gitArtifactToken, tunnelGit.Endpoint()) + respGit, err = http.Get(gitArtifactUrl) require.NoError(t, err) require.Equal(t, 200, respGit.StatusCode) From 3355338cffb88dc21aca411c5b65358433b90939 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 7 Aug 2023 13:28:52 -0500 Subject: [PATCH 23/43] Fix upgrade test and docs --- .github/workflows/test-upgrade.yml | 2 +- .../2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md | 3 ++- src/test/e2e/20_zarf_init_test.go | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test-upgrade.yml b/.github/workflows/test-upgrade.yml index 76d07f160f..043045a4d0 100644 --- a/.github/workflows/test-upgrade.yml +++ b/.github/workflows/test-upgrade.yml @@ -76,7 +76,7 @@ jobs: # NOTE: "PATH=$PATH" preserves the default user $PATH. This is needed to maintain the version of zarf installed # in a previous step. This test run will the current release to create a K3s cluster. run: | - sudo env "PATH=$PATH" CI=true zarf init --components k3s,git-server,logging --confirm + sudo env "PATH=$PATH" CI=true zarf init --components k3s,git-server,logging --nodeport 31337 --confirm # Before we run the regular tests we need to aggressively cleanup files to reduce disk pressure - name: Cleanup files diff --git a/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md index 7584af58c8..175749b4eb 100644 --- a/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md +++ b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md @@ -1,5 +1,5 @@ # zarf tools update-creds - + Updates the credentials for deployed Zarf services. Pass a service key to update credentials for a single service @@ -48,6 +48,7 @@ zarf tools update-creds [flags] --artifact-push-token string [alpha] API Token for the push-user to access the artifact registry --artifact-push-username string [alpha] Username to access to the artifact registry Zarf is configured to use. User must be able to upload package artifacts. --artifact-url string [alpha] External artifact registry url to use for this Zarf cluster + --confirm Confirm updating credentials without prompting --git-pull-password string Password for the pull-only user to access the git server --git-pull-username string Username for pull-only access to the git server --git-push-password string Password for the push-user to access the git server diff --git a/src/test/e2e/20_zarf_init_test.go b/src/test/e2e/20_zarf_init_test.go index a37884ed26..ffae0c2956 100644 --- a/src/test/e2e/20_zarf_init_test.go +++ b/src/test/e2e/20_zarf_init_test.go @@ -63,7 +63,7 @@ func TestZarfInit(t *testing.T) { if err == nil { oldStateJSON, err := base64.StdEncoding.DecodeString(base64State) require.NoError(t, err) - err = json.Unmarshal(oldStateJSON, &oldState) + _ = json.Unmarshal(oldStateJSON, &oldState) } // run `zarf init` From 1a6364482ee8e955f1ed6701b722dcdeefd85c52 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 7 Aug 2023 13:30:15 -0500 Subject: [PATCH 24/43] Ensure that the secret updates are tracked --- src/cmd/tools/zarf.go | 4 ++-- src/test/upgrade/previously_built_test.go | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index fffd9199e1..7d77a1d314 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -147,7 +147,7 @@ var updateCredsCmd = &cobra.Command{ if newState.RegistryInfo.PullPassword == oldState.RegistryInfo.PullPassword && hasRegistry { newState.RegistryInfo.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) } - c.UpdateZarfManagedImageSecrets(newState) + // c.UpdateZarfManagedImageSecrets(newState) } if helpers.SliceContains(args, message.GitKey) { if newState.GitServer.PushPassword == oldState.GitServer.PushPassword && hasGitServer { @@ -156,7 +156,7 @@ var updateCredsCmd = &cobra.Command{ if newState.GitServer.PullPassword == oldState.GitServer.PullPassword && hasGitServer { newState.GitServer.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) } - c.UpdateZarfManagedGitSecrets(newState) + // c.UpdateZarfManagedGitSecrets(newState) } if helpers.SliceContains(args, message.ArtifactKey) { if newState.ArtifactServer.PushToken == oldState.ArtifactServer.PushToken && hasGitServer { diff --git a/src/test/upgrade/previously_built_test.go b/src/test/upgrade/previously_built_test.go index 86b2141a0d..179bad0432 100644 --- a/src/test/upgrade/previously_built_test.go +++ b/src/test/upgrade/previously_built_test.go @@ -37,12 +37,12 @@ func TestPreviouslyBuiltZarfPackage(t *testing.T) { // Verify that the private-registry secret and private-git-server secret in the podinfo-upgrade namespace are the same after re-init // This tests that `zarf tools update-creds` successfully updated the other namespace - // zarfRegistrySecret, _, _ := kubectl("-n=zarf", "get", "secret", "private-registry", "-o", "jsonpath={.data}") - // podinfoRegistrySecret, _, _ := kubectl("-n=podinfo-upgrade", "get", "secret", "private-registry", "-o", "jsonpath={.data}") - // require.Equal(t, zarfRegistrySecret, podinfoRegistrySecret, "the zarf registry secret and podinfo-upgrade registry secret did not match") - // zarfGitServerSecret, _, _ := kubectl("-n=zarf", "get", "secret", "private-git-server", "-o", "jsonpath={.data}") - // podinfoGitServerSecret, _, _ := kubectl("-n=podinfo-upgrade", "get", "secret", "private-git-server", "-o", "jsonpath={.data}") - // require.Equal(t, zarfGitServerSecret, podinfoGitServerSecret, "the zarf git server secret and podinfo-upgrade git server secret did not match") + zarfRegistrySecret, _, _ := kubectl("-n=zarf", "get", "secret", "private-registry", "-o", "jsonpath={.data}") + podinfoRegistrySecret, _, _ := kubectl("-n=podinfo-upgrade", "get", "secret", "private-registry", "-o", "jsonpath={.data}") + require.Equal(t, zarfRegistrySecret, podinfoRegistrySecret, "the zarf registry secret and podinfo-upgrade registry secret did not match") + zarfGitServerSecret, _, _ := kubectl("-n=zarf", "get", "secret", "private-git-server", "-o", "jsonpath={.data}") + podinfoGitServerSecret, _, _ := kubectl("-n=podinfo-upgrade", "get", "secret", "private-git-server", "-o", "jsonpath={.data}") + require.Equal(t, zarfGitServerSecret, podinfoGitServerSecret, "the zarf git server secret and podinfo-upgrade git server secret did not match") // We also expect a 6.3.4 package to have been previously built previouslyBuiltPackage := "../../../zarf-package-test-upgrade-package-amd64-6.3.4.tar.zst" From 439be873400e64c0df8ce5ec3d73cfb247662465 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 7 Aug 2023 15:49:10 -0500 Subject: [PATCH 25/43] Refactor logic out of the zarf tools command --- src/cmd/tools/zarf.go | 137 +++++++---------------------- src/internal/cluster/state.go | 80 +++++++++++------ src/internal/packager/helm/zarf.go | 72 +++++++++++++++ src/pkg/message/credentials.go | 5 +- 4 files changed, 158 insertions(+), 136 deletions(-) create mode 100644 src/internal/packager/helm/zarf.go diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 7d77a1d314..efee0ffc94 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -95,34 +95,8 @@ var updateCredsCmd = &cobra.Command{ // If no distro the zarf secret did not load properly message.Fatalf(nil, lang.ErrLoadState) } - initPackage, err := c.GetDeployedPackage("init") - if err != nil || oldState.Distro == "" { - // If no distro the zarf secret did not load properly - message.Fatalf(nil, "Unable to load init package information from the cluster") - } - hasRegistry := false - hasGitServer := false - for _, dc := range initPackage.DeployedComponents { - if dc.Name == "zarf-registry" { - hasRegistry = true - } - if dc.Name == "git-server" { - hasGitServer = true - } - } - - newState := oldState - - if helpers.SliceContains(args, message.RegistryKey) { - newState.RegistryInfo = helpers.MergeNonZero(newState.RegistryInfo, updateCredsInitOpts.RegistryInfo) - } - if helpers.SliceContains(args, message.GitKey) { - newState.GitServer = helpers.MergeNonZero(newState.GitServer, updateCredsInitOpts.GitServer) - } - if helpers.SliceContains(args, message.ArtifactKey) { - newState.ArtifactServer = helpers.MergeNonZero(newState.ArtifactServer, updateCredsInitOpts.ArtifactServer) - } + newState := c.MergeZarfState(oldState, updateCredsInitOpts, args) message.PrintCredentialUpdates(oldState, newState, args) @@ -140,99 +114,50 @@ var updateCredsCmd = &cobra.Command{ } if confirm { + // Save Zarf State + err = c.SaveZarfState(newState) + if err != nil { + message.Fatalf(err, lang.ErrSaveState) + } + + // Update registry and git pull secrets if helpers.SliceContains(args, message.RegistryKey) { - if newState.RegistryInfo.PushPassword == oldState.RegistryInfo.PushPassword && hasRegistry { - newState.RegistryInfo.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) - } - if newState.RegistryInfo.PullPassword == oldState.RegistryInfo.PullPassword && hasRegistry { - newState.RegistryInfo.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) - } - // c.UpdateZarfManagedImageSecrets(newState) + c.UpdateZarfManagedImageSecrets(newState) } if helpers.SliceContains(args, message.GitKey) { - if newState.GitServer.PushPassword == oldState.GitServer.PushPassword && hasGitServer { - newState.GitServer.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) - } - if newState.GitServer.PullPassword == oldState.GitServer.PullPassword && hasGitServer { - newState.GitServer.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) - } - // c.UpdateZarfManagedGitSecrets(newState) - } - if helpers.SliceContains(args, message.ArtifactKey) { - if newState.ArtifactServer.PushToken == oldState.ArtifactServer.PushToken && hasGitServer { - g := git.New(oldState.GitServer) - tokenResponse, err := g.CreatePackageRegistryToken() - if err != nil { - message.Fatalf(nil, "Unable to create the new Gitea artifact token: %s", err.Error()) - } - newState.ArtifactServer.PushToken = tokenResponse.Sha1 - } + c.UpdateZarfManagedGitSecrets(newState) } - err = c.SaveZarfState(newState) - if err != nil { - message.Fatalf(nil, lang.ErrSaveState) - } + // Update artifact token (if internal) + if helpers.SliceContains(args, message.ArtifactKey) && + newState.ArtifactServer.PushToken == oldState.ArtifactServer.PushToken && newState.GitServer.InternalServer { - if helpers.SliceContains(args, message.RegistryKey) && hasRegistry { - pushUser, err := utils.GetHtpasswdString(newState.RegistryInfo.PushUsername, newState.RegistryInfo.PushPassword) + g := git.New(oldState.GitServer) + tokenResponse, err := g.CreatePackageRegistryToken() if err != nil { - message.Fatalf(nil, "error generating htpasswd string: %s", err.Error()) + message.Fatalf(nil, "Unable to create the new Gitea artifact token: %s", err.Error()) } + newState.ArtifactServer.PushToken = tokenResponse.Sha1 + } - pullUser, err := utils.GetHtpasswdString(newState.RegistryInfo.PullUsername, newState.RegistryInfo.PullPassword) - if err != nil { - message.Fatalf(nil, "error generating htpasswd string: %s", err.Error()) - } + // Update Zarf 'init' component Helm releases if present + h := helm.Helm{ + Cluster: c, + Cfg: &types.PackagerConfig{ + State: newState, + }, + } - registryValues := map[string]interface{}{} - registrySecrets := map[string]interface{}{} - registrySecrets["htpasswd"] = fmt.Sprintf("%s\n%s", pushUser, pullUser) - registryValues["secrets"] = registrySecrets - - h := helm.Helm{ - Chart: types.ZarfChart{ - Namespace: "zarf", - }, - Cluster: c, - ReleaseName: "zarf-docker-registry", - Cfg: &types.PackagerConfig{ - State: newState, - }, - } - err = h.UpdateReleaseValues(registryValues) + if helpers.SliceContains(args, message.RegistryKey) && newState.RegistryInfo.InternalRegistry { + err = h.UpdateZarfRegistryValues() if err != nil { - message.Fatalf(nil, "error updating the release values: %s", err.Error()) + message.Fatalf(err, "Unable to update Zarf registry: %s", err.Error()) } } - if helpers.SliceContains(args, message.GitKey) && hasGitServer { - giteaValues := map[string]interface{}{} - giteaGiteaValues := map[string]interface{}{} - giteaAdminValues := map[string]interface{}{} - giteaAdminValues["username"] = newState.GitServer.PushUsername - giteaAdminValues["password"] = newState.GitServer.PushPassword - giteaGiteaValues["admin"] = giteaAdminValues - giteaValues["gitea"] = giteaGiteaValues - - h := helm.Helm{ - Chart: types.ZarfChart{ - Namespace: "zarf", - }, - Cluster: c, - ReleaseName: "zarf-gitea", - Cfg: &types.PackagerConfig{ - State: newState, - }, - } - err = h.UpdateReleaseValues(giteaValues) - if err != nil { - message.Fatalf(nil, "error updating the release values: %s", err.Error()) - } - - g := git.New(newState.GitServer) - err := g.CreateReadOnlyUser() + if helpers.SliceContains(args, message.GitKey) && newState.GitServer.InternalServer { + err = h.UpdateZarfGiteaValues() if err != nil { - message.Fatalf(nil, "Unable to create the new Gitea read only user") + message.Fatalf(err, "Unable to update Zarf git server: %s", err.Error()) } } } diff --git a/src/internal/cluster/state.go b/src/internal/cluster/state.go index a628646ca1..89825571a7 100644 --- a/src/internal/cluster/state.go +++ b/src/internal/cluster/state.go @@ -180,32 +180,6 @@ func (c *Cluster) LoadZarfState() (types.ZarfState, error) { return state, nil } -func (c *Cluster) sanitizeZarfState(state types.ZarfState) types.ZarfState { - sanitizedState := state - - // Overwrite the AgentTLS information - sanitizedState.AgentTLS.CA = []byte("**sanitized**") - sanitizedState.AgentTLS.Cert = []byte("**sanitized**") - sanitizedState.AgentTLS.Key = []byte("**sanitized**") - - // Overwrite the GitServer passwords - sanitizedState.GitServer.PushPassword = "**sanitized**" - sanitizedState.GitServer.PullPassword = "**sanitized**" - - // Overwrite the RegistryInfo passwords - sanitizedState.RegistryInfo.PushPassword = "**sanitized**" - sanitizedState.RegistryInfo.PullPassword = "**sanitized**" - sanitizedState.RegistryInfo.Secret = "**sanitized**" - - // Overwrite the ArtifactServer secret - sanitizedState.ArtifactServer.PushToken = "**sanitized**" - - // Overwrite the Logging secret - sanitizedState.LoggingSecret = "**sanitized**" - - return sanitizedState -} - // SaveZarfState takes a given state and persists it to the Zarf/zarf-state secret. func (c *Cluster) SaveZarfState(state types.ZarfState) error { message.Debugf("k8s.SaveZarfState()") @@ -246,6 +220,60 @@ func (c *Cluster) SaveZarfState(state types.ZarfState) error { return nil } +func (c *Cluster) MergeZarfState(oldState types.ZarfState, initOptions types.ZarfInitOptions, services []string) types.ZarfState { + newState := oldState + + if helpers.SliceContains(services, message.RegistryKey) { + newState.RegistryInfo = helpers.MergeNonZero(newState.RegistryInfo, initOptions.RegistryInfo) + if newState.RegistryInfo.PushPassword == oldState.RegistryInfo.PushPassword && oldState.RegistryInfo.InternalRegistry { + newState.RegistryInfo.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) + } + if newState.RegistryInfo.PullPassword == oldState.RegistryInfo.PullPassword && oldState.RegistryInfo.InternalRegistry { + newState.RegistryInfo.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) + } + } + if helpers.SliceContains(services, message.GitKey) { + newState.GitServer = helpers.MergeNonZero(newState.GitServer, initOptions.GitServer) + if newState.GitServer.PushPassword == oldState.GitServer.PushPassword && oldState.GitServer.InternalServer { + newState.GitServer.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) + } + if newState.GitServer.PullPassword == oldState.GitServer.PullPassword && oldState.GitServer.InternalServer { + newState.GitServer.PullPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) + } + } + if helpers.SliceContains(services, message.ArtifactKey) { + newState.ArtifactServer = helpers.MergeNonZero(newState.ArtifactServer, initOptions.ArtifactServer) + } + + return newState +} + +func (c *Cluster) sanitizeZarfState(state types.ZarfState) types.ZarfState { + sanitizedState := state + + // Overwrite the AgentTLS information + sanitizedState.AgentTLS.CA = []byte("**sanitized**") + sanitizedState.AgentTLS.Cert = []byte("**sanitized**") + sanitizedState.AgentTLS.Key = []byte("**sanitized**") + + // Overwrite the GitServer passwords + sanitizedState.GitServer.PushPassword = "**sanitized**" + sanitizedState.GitServer.PullPassword = "**sanitized**" + + // Overwrite the RegistryInfo passwords + sanitizedState.RegistryInfo.PushPassword = "**sanitized**" + sanitizedState.RegistryInfo.PullPassword = "**sanitized**" + sanitizedState.RegistryInfo.Secret = "**sanitized**" + + // Overwrite the ArtifactServer secret + sanitizedState.ArtifactServer.PushToken = "**sanitized**" + + // Overwrite the Logging secret + sanitizedState.LoggingSecret = "**sanitized**" + + return sanitizedState +} + func (c *Cluster) fillInEmptyContainerRegistryValues(containerRegistry types.RegistryInfo) types.RegistryInfo { // Set default NodePort if none was provided if containerRegistry.NodePort == 0 { diff --git a/src/internal/packager/helm/zarf.go b/src/internal/packager/helm/zarf.go new file mode 100644 index 0000000000..88931b4484 --- /dev/null +++ b/src/internal/packager/helm/zarf.go @@ -0,0 +1,72 @@ +// SPDX-License-Identifier: Apache-2.0 +// SPDX-FileCopyrightText: 2021-Present The Zarf Authors + +// Package helm contains operations for working with helm charts. +package helm + +import ( + "fmt" + + "github.com/defenseunicorns/zarf/src/internal/packager/git" + "github.com/defenseunicorns/zarf/src/pkg/utils" + "github.com/defenseunicorns/zarf/src/types" +) + +func (h *Helm) UpdateZarfRegistryValues() error { + pushUser, err := utils.GetHtpasswdString(h.Cfg.State.RegistryInfo.PushUsername, h.Cfg.State.RegistryInfo.PushPassword) + if err != nil { + return fmt.Errorf("error generating htpasswd string: %w", err) + } + + pullUser, err := utils.GetHtpasswdString(h.Cfg.State.RegistryInfo.PullUsername, h.Cfg.State.RegistryInfo.PullPassword) + if err != nil { + return fmt.Errorf("error generating htpasswd string: %w", err) + } + + registryValues := map[string]interface{}{ + "secrets": map[string]interface{}{ + "htpasswd": fmt.Sprintf("%s\n%s", pushUser, pullUser), + }, + } + + h.Chart = types.ZarfChart{ + Namespace: "zarf", + } + h.ReleaseName = "zarf-docker-registry" + + err = h.UpdateReleaseValues(registryValues) + if err != nil { + return fmt.Errorf("error updating the release values: %w", err) + } + + return nil +} + +func (h *Helm) UpdateZarfGiteaValues() error { + giteaValues := map[string]interface{}{ + "gitea": map[string]interface{}{ + "admin": map[string]interface{}{ + "username": h.Cfg.State.GitServer.PushUsername, + "password": h.Cfg.State.GitServer.PushPassword, + }, + }, + } + + h.Chart = types.ZarfChart{ + Namespace: "zarf", + } + h.ReleaseName = "zarf-gitea" + + err := h.UpdateReleaseValues(giteaValues) + if err != nil { + return fmt.Errorf("error updating the release values: %w", err) + } + + g := git.New(h.Cfg.State.GitServer) + err = g.CreateReadOnlyUser() + if err != nil { + return fmt.Errorf("unable to create the new Gitea read only user: %w", err) + } + + return nil +} diff --git a/src/pkg/message/credentials.go b/src/pkg/message/credentials.go index b76cea1dcd..6003b2a314 100644 --- a/src/pkg/message/credentials.go +++ b/src/pkg/message/credentials.go @@ -151,13 +151,10 @@ func PrintCredentialUpdates(oldState types.ZarfState, newState types.ZarfState, func compareStrings(old string, new string, secret bool) string { if new == old { - if secret { - return fmt.Sprintf("%s -> %s", pterm.FgRed.Sprint("**existing (sanitized)**"), pterm.FgGreen.Sprint("**auto-generated**")) - } return fmt.Sprintf("%s (unchanged)", old) } if secret { - return fmt.Sprintf("%s -> %s", pterm.FgRed.Sprint("**existing (sanitized)**"), pterm.FgGreen.Sprint("**provided (sanitized)**")) + return fmt.Sprintf("%s -> %s", pterm.FgRed.Sprint("**existing (sanitized)**"), pterm.FgGreen.Sprint("**replacement (sanitized)**")) } return fmt.Sprintf("%s -> %s", pterm.FgRed.Sprint(old), pterm.FgGreen.Sprint(new)) } From 76525738b57f5b5e798b41029e1743a86fbf7a6c Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 7 Aug 2023 16:12:45 -0500 Subject: [PATCH 26/43] Add detection of internal vs external --- src/cmd/tools/zarf.go | 2 +- src/internal/cluster/state.go | 24 ++++++++++++++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index efee0ffc94..4da775d519 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -130,7 +130,7 @@ var updateCredsCmd = &cobra.Command{ // Update artifact token (if internal) if helpers.SliceContains(args, message.ArtifactKey) && - newState.ArtifactServer.PushToken == oldState.ArtifactServer.PushToken && newState.GitServer.InternalServer { + newState.ArtifactServer.PushToken == oldState.ArtifactServer.PushToken && newState.ArtifactServer.InternalServer { g := git.New(oldState.GitServer) tokenResponse, err := g.CreatePackageRegistryToken() diff --git a/src/internal/cluster/state.go b/src/internal/cluster/state.go index 89825571a7..ca15bc86ba 100644 --- a/src/internal/cluster/state.go +++ b/src/internal/cluster/state.go @@ -225,6 +225,14 @@ func (c *Cluster) MergeZarfState(oldState types.ZarfState, initOptions types.Zar if helpers.SliceContains(services, message.RegistryKey) { newState.RegistryInfo = helpers.MergeNonZero(newState.RegistryInfo, initOptions.RegistryInfo) + // Set the state of the internal registry if it has changed + if newState.RegistryInfo.Address == fmt.Sprintf("%s:%d", config.IPV4Localhost, newState.RegistryInfo.NodePort) { + newState.RegistryInfo.InternalRegistry = true + } else { + newState.RegistryInfo.InternalRegistry = false + } + + // Set the new passwords if they should be autogenerated if newState.RegistryInfo.PushPassword == oldState.RegistryInfo.PushPassword && oldState.RegistryInfo.InternalRegistry { newState.RegistryInfo.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) } @@ -234,6 +242,15 @@ func (c *Cluster) MergeZarfState(oldState types.ZarfState, initOptions types.Zar } if helpers.SliceContains(services, message.GitKey) { newState.GitServer = helpers.MergeNonZero(newState.GitServer, initOptions.GitServer) + + // Set the state of the internal git server if it has changed + if newState.GitServer.Address == config.ZarfInClusterGitServiceURL { + newState.GitServer.InternalServer = true + } else { + newState.GitServer.InternalServer = false + } + + // Set the new passwords if they should be autogenerated if newState.GitServer.PushPassword == oldState.GitServer.PushPassword && oldState.GitServer.InternalServer { newState.GitServer.PushPassword = utils.RandomString(config.ZarfGeneratedPasswordLen) } @@ -243,6 +260,13 @@ func (c *Cluster) MergeZarfState(oldState types.ZarfState, initOptions types.Zar } if helpers.SliceContains(services, message.ArtifactKey) { newState.ArtifactServer = helpers.MergeNonZero(newState.ArtifactServer, initOptions.ArtifactServer) + + // Set the state of the internal artifact server if it has changed + if newState.ArtifactServer.Address == config.ZarfInClusterArtifactServiceURL { + newState.ArtifactServer.InternalServer = true + } else { + newState.ArtifactServer.InternalServer = false + } } return newState From 0c439182419342d901a42109e4c3ab85e0b3c3fb Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 7 Aug 2023 16:22:34 -0500 Subject: [PATCH 27/43] Fix bugs --- src/cmd/tools/zarf.go | 16 +++++++--------- src/internal/cluster/state.go | 5 +++++ src/pkg/message/credentials.go | 3 +++ 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 4da775d519..28bd0334e5 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -114,12 +114,6 @@ var updateCredsCmd = &cobra.Command{ } if confirm { - // Save Zarf State - err = c.SaveZarfState(newState) - if err != nil { - message.Fatalf(err, lang.ErrSaveState) - } - // Update registry and git pull secrets if helpers.SliceContains(args, message.RegistryKey) { c.UpdateZarfManagedImageSecrets(newState) @@ -129,9 +123,7 @@ var updateCredsCmd = &cobra.Command{ } // Update artifact token (if internal) - if helpers.SliceContains(args, message.ArtifactKey) && - newState.ArtifactServer.PushToken == oldState.ArtifactServer.PushToken && newState.ArtifactServer.InternalServer { - + if helpers.SliceContains(args, message.ArtifactKey) && newState.ArtifactServer.PushToken == "" && newState.ArtifactServer.InternalServer { g := git.New(oldState.GitServer) tokenResponse, err := g.CreatePackageRegistryToken() if err != nil { @@ -140,6 +132,12 @@ var updateCredsCmd = &cobra.Command{ newState.ArtifactServer.PushToken = tokenResponse.Sha1 } + // Save the final Zarf State + err = c.SaveZarfState(newState) + if err != nil { + message.Fatalf(err, lang.ErrSaveState) + } + // Update Zarf 'init' component Helm releases if present h := helm.Helm{ Cluster: c, diff --git a/src/internal/cluster/state.go b/src/internal/cluster/state.go index ca15bc86ba..f73bb5f04f 100644 --- a/src/internal/cluster/state.go +++ b/src/internal/cluster/state.go @@ -267,6 +267,11 @@ func (c *Cluster) MergeZarfState(oldState types.ZarfState, initOptions types.Zar } else { newState.ArtifactServer.InternalServer = false } + + // Set an empty token if it should be autogenerated + if newState.ArtifactServer.PushToken == oldState.ArtifactServer.PushToken && oldState.ArtifactServer.InternalServer { + newState.ArtifactServer.PushToken = "" + } } return newState diff --git a/src/pkg/message/credentials.go b/src/pkg/message/credentials.go index 6003b2a314..429e7e551c 100644 --- a/src/pkg/message/credentials.go +++ b/src/pkg/message/credentials.go @@ -151,6 +151,9 @@ func PrintCredentialUpdates(oldState types.ZarfState, newState types.ZarfState, func compareStrings(old string, new string, secret bool) string { if new == old { + if secret { + return "**sanitized** (unchanged)" + } return fmt.Sprintf("%s (unchanged)", old) } if secret { From 51d631894643907023722db7ce21eb8e2c8ea037 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 7 Aug 2023 16:38:43 -0500 Subject: [PATCH 28/43] Reduce race condition chances in common test --- src/cmd/tools/zarf.go | 14 +++++++------- src/config/lang/english.go | 8 +++++++- src/pkg/packager/common_test.go | 4 ---- 3 files changed, 14 insertions(+), 12 deletions(-) diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index 28bd0334e5..f6fe16de9b 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -85,7 +85,7 @@ var updateCredsCmd = &cobra.Command{ } else { if !helpers.SliceContains(validKeys, args[0]) { cmd.Help() - message.Fatalf(nil, "Invalid service key specified - valid keys are: %s, %s, and %s", message.RegistryKey, message.GitKey, message.ArtifactKey) + message.Fatalf(nil, lang.CmdToolsUpdateCredsInvalidServiceErr, message.RegistryKey, message.GitKey, message.ArtifactKey) } } @@ -103,10 +103,10 @@ var updateCredsCmd = &cobra.Command{ confirm := config.CommonOptions.Confirm if confirm { - message.Note("Confirm flag specified, continuing without prompting.") + message.Note(lang.CmdToolsUpdateCredsConfirmProvided) } else { prompt := &survey.Confirm{ - Message: "Continue with these changes?", + Message: lang.CmdToolsUpdateCredsConfirmContinue, } if err := survey.AskOne(prompt, &confirm); err != nil { message.Fatalf(nil, lang.ErrConfirmCancel, err) @@ -127,7 +127,7 @@ var updateCredsCmd = &cobra.Command{ g := git.New(oldState.GitServer) tokenResponse, err := g.CreatePackageRegistryToken() if err != nil { - message.Fatalf(nil, "Unable to create the new Gitea artifact token: %s", err.Error()) + message.Fatalf(nil, lang.CmdToolsUpdateCredsUnableCreateToken, err.Error()) } newState.ArtifactServer.PushToken = tokenResponse.Sha1 } @@ -149,13 +149,13 @@ var updateCredsCmd = &cobra.Command{ if helpers.SliceContains(args, message.RegistryKey) && newState.RegistryInfo.InternalRegistry { err = h.UpdateZarfRegistryValues() if err != nil { - message.Fatalf(err, "Unable to update Zarf registry: %s", err.Error()) + message.Fatalf(err, lang.CmdToolsUpdateCredsUnableUpdateRegistry, err.Error()) } } if helpers.SliceContains(args, message.GitKey) && newState.GitServer.InternalServer { err = h.UpdateZarfGiteaValues() if err != nil { - message.Fatalf(err, "Unable to update Zarf git server: %s", err.Error()) + message.Fatalf(err, lang.CmdToolsUpdateCredsUnableUpdateGit, err.Error()) } } } @@ -290,7 +290,7 @@ func init() { toolsCmd.AddCommand(updateCredsCmd) // Always require confirm flag (no viper) - updateCredsCmd.Flags().BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdToolsUpdateCredsConfirm) + updateCredsCmd.Flags().BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdToolsUpdateCredsConfirmFlag) // Flags for using an external Git server updateCredsCmd.Flags().StringVar(&updateCredsInitOpts.GitServer.Address, "git-url", v.GetString(common.VInitGitURL), lang.CmdInitFlagGitURL) diff --git a/src/config/lang/english.go b/src/config/lang/english.go index a932157775..54d0bcfa84 100644 --- a/src/config/lang/english.go +++ b/src/config/lang/english.go @@ -480,7 +480,13 @@ const ( # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well. ` - CmdToolsUpdateCredsConfirm = "Confirm updating credentials without prompting" + CmdToolsUpdateCredsConfirmFlag = "Confirm updating credentials without prompting" + CmdToolsUpdateCredsConfirmProvided = "Confirm flag specified, continuing without prompting." + CmdToolsUpdateCredsConfirmContinue = "Continue with these changes?" + CmdToolsUpdateCredsInvalidServiceErr = "Invalid service key specified - valid keys are: %s, %s, and %s" + CmdToolsUpdateCredsUnableCreateToken = "Unable to create the new Gitea artifact token: %s" + CmdToolsUpdateCredsUnableUpdateRegistry = "Unable to update Zarf registry: %s" + CmdToolsUpdateCredsUnableUpdateGit = "Unable to update Zarf git server: %s" // zarf version CmdVersionShort = "Shows the version of the running Zarf binary" diff --git a/src/pkg/packager/common_test.go b/src/pkg/packager/common_test.go index 66decdde60..538781fa6c 100644 --- a/src/pkg/packager/common_test.go +++ b/src/pkg/packager/common_test.go @@ -85,11 +85,7 @@ func TestValidateLastNonBreakingVersion(t *testing.T) { } for _, testCase := range testCases { - testCase := testCase - t.Run(testCase.name, func(t *testing.T) { - t.Parallel() - config.CLIVersion = testCase.cliVersion p := &Packager{ From f45a3f324f6c436e49970bc1230e1e2d5525e779 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 7 Aug 2023 17:08:55 -0500 Subject: [PATCH 29/43] Address linting --- src/internal/cluster/state.go | 1 + src/internal/packager/helm/zarf.go | 2 ++ src/pkg/utils/network.go | 2 +- src/test/e2e/21_connect_creds_test.go | 12 ++++++------ 4 files changed, 10 insertions(+), 7 deletions(-) diff --git a/src/internal/cluster/state.go b/src/internal/cluster/state.go index f73bb5f04f..0d97e603fd 100644 --- a/src/internal/cluster/state.go +++ b/src/internal/cluster/state.go @@ -220,6 +220,7 @@ func (c *Cluster) SaveZarfState(state types.ZarfState) error { return nil } +// MergeZarfState merges init options for provided services into the provided state to create a new state struct func (c *Cluster) MergeZarfState(oldState types.ZarfState, initOptions types.ZarfInitOptions, services []string) types.ZarfState { newState := oldState diff --git a/src/internal/packager/helm/zarf.go b/src/internal/packager/helm/zarf.go index 88931b4484..8722b39f47 100644 --- a/src/internal/packager/helm/zarf.go +++ b/src/internal/packager/helm/zarf.go @@ -12,6 +12,7 @@ import ( "github.com/defenseunicorns/zarf/src/types" ) +// UpdateZarfRegistryValues updates the Zarf registry deployment with the new state values func (h *Helm) UpdateZarfRegistryValues() error { pushUser, err := utils.GetHtpasswdString(h.Cfg.State.RegistryInfo.PushUsername, h.Cfg.State.RegistryInfo.PushPassword) if err != nil { @@ -42,6 +43,7 @@ func (h *Helm) UpdateZarfRegistryValues() error { return nil } +// UpdateZarfGiteaValues updates the Zarf git server deployment with the new state values func (h *Helm) UpdateZarfGiteaValues() error { giteaValues := map[string]interface{}{ "gitea": map[string]interface{}{ diff --git a/src/pkg/utils/network.go b/src/pkg/utils/network.go index ac9592885e..b7ce36f5e3 100644 --- a/src/pkg/utils/network.go +++ b/src/pkg/utils/network.go @@ -124,7 +124,7 @@ func DownloadToFile(src string, dst string, cosignKeyPath string) (err error) { if parsed.Scheme == SGETURLScheme { err = Sget(context.TODO(), src, cosignKeyPath, file) if err != nil { - return fmt.Errorf("unable to download file with sget: %s: %s", src, err.Error()) + return fmt.Errorf("unable to download file with sget: %s: %w", src, err) } if err != nil { return err diff --git a/src/test/e2e/21_connect_creds_test.go b/src/test/e2e/21_connect_creds_test.go index 572d2717b6..ebd4466ce4 100644 --- a/src/test/e2e/21_connect_creds_test.go +++ b/src/test/e2e/21_connect_creds_test.go @@ -108,16 +108,16 @@ func connectToZarfServices(t *testing.T) { defer tunnelGit.Close() // Make sure Gitea comes up cleanly - gitPushUrl := fmt.Sprintf("http://zarf-git-user:%s@%s/api/v1/user", gitPushPassword, tunnelGit.Endpoint()) - respGit, err := http.Get(gitPushUrl) + gitPushURL := fmt.Sprintf("http://zarf-git-user:%s@%s/api/v1/user", gitPushPassword, tunnelGit.Endpoint()) + respGit, err := http.Get(gitPushURL) require.NoError(t, err) require.Equal(t, 200, respGit.StatusCode) - gitPullUrl := fmt.Sprintf("http://zarf-git-read-user:%s@%s/api/v1/user", gitPullPassword, tunnelGit.Endpoint()) - respGit, err = http.Get(gitPullUrl) + gitPullURL := fmt.Sprintf("http://zarf-git-read-user:%s@%s/api/v1/user", gitPullPassword, tunnelGit.Endpoint()) + respGit, err = http.Get(gitPullURL) require.NoError(t, err) require.Equal(t, 200, respGit.StatusCode) - gitArtifactUrl := fmt.Sprintf("http://zarf-git-user:%s@%s/api/v1/user", gitArtifactToken, tunnelGit.Endpoint()) - respGit, err = http.Get(gitArtifactUrl) + gitArtifactURL := fmt.Sprintf("http://zarf-git-user:%s@%s/api/v1/user", gitArtifactToken, tunnelGit.Endpoint()) + respGit, err = http.Get(gitArtifactURL) require.NoError(t, err) require.Equal(t, 200, respGit.StatusCode) From c134640490fb0b7b162f8db4ae3bd83d30ffe5a9 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Tue, 8 Aug 2023 13:14:12 -0500 Subject: [PATCH 30/43] Add pod anti affinity to make them go onto different nodes if RWX --- packages/zarf-registry/chart/templates/deployment.yaml | 4 ++++ src/test/e2e/20_zarf_init_test.go | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/packages/zarf-registry/chart/templates/deployment.yaml b/packages/zarf-registry/chart/templates/deployment.yaml index 33fa922e51..d91faeeeaf 100644 --- a/packages/zarf-registry/chart/templates/deployment.yaml +++ b/packages/zarf-registry/chart/templates/deployment.yaml @@ -73,7 +73,11 @@ spec: - name: config mountPath: "/etc/docker/registry" affinity: +{{- if (eq "ReadWriteMany" .Values.persistence.accessMode) }} + podAntiAffinity: +{{- else }} podAffinity: +{{- end }} preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: diff --git a/src/test/e2e/20_zarf_init_test.go b/src/test/e2e/20_zarf_init_test.go index ffae0c2956..48df836a9c 100644 --- a/src/test/e2e/20_zarf_init_test.go +++ b/src/test/e2e/20_zarf_init_test.go @@ -63,7 +63,7 @@ func TestZarfInit(t *testing.T) { if err == nil { oldStateJSON, err := base64.StdEncoding.DecodeString(base64State) require.NoError(t, err) - _ = json.Unmarshal(oldStateJSON, &oldState) + json.Unmarshal(oldStateJSON, &oldState) } // run `zarf init` From 4b92034318d5df31db8bcedd46cfc0993d7145ea Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Tue, 8 Aug 2023 14:58:35 -0500 Subject: [PATCH 31/43] Move setup to common and standardive tools vs root behavior --- src/cmd/common/setup.go | 48 ++++++++++++++++++++++++++++++++++++++ src/cmd/package.go | 2 +- src/cmd/root.go | 39 +++---------------------------- src/cmd/tools/common.go | 4 ++-- src/pkg/message/message.go | 4 +++- 5 files changed, 57 insertions(+), 40 deletions(-) create mode 100644 src/cmd/common/setup.go diff --git a/src/cmd/common/setup.go b/src/cmd/common/setup.go new file mode 100644 index 0000000000..711cdaea39 --- /dev/null +++ b/src/cmd/common/setup.go @@ -0,0 +1,48 @@ +// SPDX-License-Identifier: Apache-2.0 +// SPDX-FileCopyrightText: 2021-Present The Zarf Authors + +// Package common handles command configuration across all commands +package common + +import ( + "os" + + "github.com/defenseunicorns/zarf/src/config" + "github.com/defenseunicorns/zarf/src/config/lang" + "github.com/defenseunicorns/zarf/src/pkg/message" + "github.com/defenseunicorns/zarf/src/pkg/utils/exec" +) + +// LogLevelCLI holds the log level as input from a command +var LogLevelCLI string + +func SetupCLI() { + exec.ExitOnInterrupt() + + match := map[string]message.LogLevel{ + "warn": message.WarnLevel, + "info": message.InfoLevel, + "debug": message.DebugLevel, + "trace": message.TraceLevel, + } + + // No log level set, so use the default + if LogLevelCLI != "" { + if lvl, ok := match[LogLevelCLI]; ok { + message.SetLogLevel(lvl) + message.Debug("Log level set to " + LogLevelCLI) + } else { + message.Warn(lang.RootCmdErrInvalidLogLevel) + } + } + + // Disable progress bars for CI envs + if os.Getenv("CI") == "true" { + message.Debug("CI environment detected, disabling progress bars") + message.NoProgress = true + } + + if !config.SkipLogFile { + message.UseLogFile() + } +} diff --git a/src/cmd/package.go b/src/cmd/package.go index 7cfa202271..2467e04df7 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -148,7 +148,7 @@ var packageListCmd = &cobra.Command{ packageTable = append(packageTable, pterm.TableData{{ fmt.Sprintf(" %s", pkg.Name), - fmt.Sprintf("%s", pkg.Data.Metadata.Version), + pkg.Data.Metadata.Version, fmt.Sprintf("%v", components), }}...) } diff --git a/src/cmd/root.go b/src/cmd/root.go index 7d1bea9fe9..0b5144a52b 100644 --- a/src/cmd/root.go +++ b/src/cmd/root.go @@ -14,15 +14,12 @@ import ( "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/message" - "github.com/defenseunicorns/zarf/src/pkg/utils/exec" "github.com/defenseunicorns/zarf/src/types" "github.com/pterm/pterm" "github.com/spf13/cobra" ) var ( - logLevel string - // Default global config for the CLI pkgConfig = types.PackagerConfig{} ) @@ -35,13 +32,12 @@ var rootCmd = &cobra.Command{ return } - exec.ExitOnInterrupt() - // Don't log the help command if cmd.Parent() == nil { config.SkipLogFile = true } - cliSetup() + + common.SetupCLI() }, Short: lang.RootCmdShort, Long: lang.RootCmdLong, @@ -86,7 +82,7 @@ func init() { v.SetDefault(common.VZarfCache, config.ZarfDefaultCachePath) v.SetDefault(common.VTmpDir, "") - rootCmd.PersistentFlags().StringVarP(&logLevel, "log-level", "l", v.GetString(common.VLogLevel), lang.RootCmdFlagLogLevel) + rootCmd.PersistentFlags().StringVarP(&common.LogLevelCLI, "log-level", "l", v.GetString(common.VLogLevel), lang.RootCmdFlagLogLevel) rootCmd.PersistentFlags().StringVarP(&config.CLIArch, "architecture", "a", v.GetString(common.VArchitecture), lang.RootCmdFlagArch) rootCmd.PersistentFlags().BoolVar(&config.SkipLogFile, "no-log-file", v.GetBool(common.VNoLogFile), lang.RootCmdFlagSkipLogFile) rootCmd.PersistentFlags().BoolVar(&message.NoProgress, "no-progress", v.GetBool(common.VNoProgress), lang.RootCmdFlagNoProgress) @@ -94,32 +90,3 @@ func init() { rootCmd.PersistentFlags().StringVar(&config.CommonOptions.TempDirectory, "tmpdir", v.GetString(common.VTmpDir), lang.RootCmdFlagTempDir) rootCmd.PersistentFlags().BoolVar(&config.CommonOptions.Insecure, "insecure", v.GetBool(common.VInsecure), lang.RootCmdFlagInsecure) } - -func cliSetup() { - match := map[string]message.LogLevel{ - "warn": message.WarnLevel, - "info": message.InfoLevel, - "debug": message.DebugLevel, - "trace": message.TraceLevel, - } - - // No log level set, so use the default - if logLevel != "" { - if lvl, ok := match[logLevel]; ok { - message.SetLogLevel(lvl) - message.Debug("Log level set to " + logLevel) - } else { - message.Warn(lang.RootCmdErrInvalidLogLevel) - } - } - - // Disable progress bars for CI envs - if os.Getenv("CI") == "true" { - message.Debug("CI environment detected, disabling progress bars") - message.NoProgress = true - } - - if !config.SkipLogFile { - message.UseLogFile() - } -} diff --git a/src/cmd/tools/common.go b/src/cmd/tools/common.go index 411d100979..da1f6725c1 100644 --- a/src/cmd/tools/common.go +++ b/src/cmd/tools/common.go @@ -5,9 +5,9 @@ package tools import ( + "github.com/defenseunicorns/zarf/src/cmd/common" "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/config/lang" - "github.com/defenseunicorns/zarf/src/pkg/utils/exec" "github.com/spf13/cobra" ) @@ -16,7 +16,7 @@ var toolsCmd = &cobra.Command{ Aliases: []string{"t"}, PersistentPreRun: func(cmd *cobra.Command, args []string) { config.SkipLogFile = true - exec.ExitOnInterrupt() + common.SetupCLI() }, Short: lang.CmdToolsShort, } diff --git a/src/pkg/message/message.go b/src/pkg/message/message.go index 590de7d318..57b7f5c992 100644 --- a/src/pkg/message/message.go +++ b/src/pkg/message/message.go @@ -45,11 +45,13 @@ var RuleLine = strings.Repeat("━", TermWidth) // LogWriter is the stream to write logs to. var LogWriter io.Writer = os.Stderr +// logLevel holds the pterm compatible log level integer var logLevel = InfoLevel -// Write logs to stderr and a buffer for logFile generation. +// logFile acts as a buffer for logFile generation var logFile *os.File +// useLogFile controls whether to use the log file or not var useLogFile bool // DebugWriter represents a writer interface that writes to message.Debug From 696041930b272429135c22399878d19327bea709 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Tue, 8 Aug 2023 15:27:23 -0500 Subject: [PATCH 32/43] Fix linting --- src/cmd/common/setup.go | 1 + 1 file changed, 1 insertion(+) diff --git a/src/cmd/common/setup.go b/src/cmd/common/setup.go index 711cdaea39..80c5ec775a 100644 --- a/src/cmd/common/setup.go +++ b/src/cmd/common/setup.go @@ -16,6 +16,7 @@ import ( // LogLevelCLI holds the log level as input from a command var LogLevelCLI string +// SetupCLI sets up the CLI logging, interrupt functions, and more func SetupCLI() { exec.ExitOnInterrupt() From d917d6c85df29b8bf8150d945a2000bfb3c8c89b Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Wed, 9 Aug 2023 12:08:48 -0500 Subject: [PATCH 33/43] Feedback from Rex --- src/internal/cluster/secrets.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/internal/cluster/secrets.go b/src/internal/cluster/secrets.go index 6c3b0ff8e9..9b99e15742 100644 --- a/src/internal/cluster/secrets.go +++ b/src/internal/cluster/secrets.go @@ -76,7 +76,7 @@ func (c *Cluster) GenerateGitPullCreds(namespace, name string, gitServerInfo typ // UpdateZarfManagedImageSecrets updates all Zarf-managed image secrets in all namespaces based on state func (c *Cluster) UpdateZarfManagedImageSecrets(state types.ZarfState) { - spinner := message.NewProgressSpinner("Updating existing Zarf-manged image secrets") + spinner := message.NewProgressSpinner("Updating existing Zarf-managed image secrets") defer spinner.Stop() if namespaces, err := c.Kube.GetNamespaces(); err != nil { @@ -92,6 +92,8 @@ func (c *Cluster) UpdateZarfManagedImageSecrets(state types.ZarfState) { // Check if this is a Zarf managed secret or is in a namespace the Zarf agent will take action in if currentRegistrySecret.Labels[config.ZarfManagedByLabel] == "zarf" || (namespace.Labels[agentLabel] != "skip" && namespace.Labels[agentLabel] != "ignore") { + spinner.Updatef("Updating existing Zarf-managed image secret for namespace: '%s'", namespace.Name) + // Create the secret newRegistrySecret := c.GenerateRegistryPullCreds(namespace.Name, config.ZarfImagePullSecretName, state.RegistryInfo) if !reflect.DeepEqual(currentRegistrySecret.Data, newRegistrySecret.Data) { @@ -108,7 +110,7 @@ func (c *Cluster) UpdateZarfManagedImageSecrets(state types.ZarfState) { // UpdateZarfManagedGitSecrets updates all Zarf-managed git secrets in all namespaces based on state func (c *Cluster) UpdateZarfManagedGitSecrets(state types.ZarfState) { - spinner := message.NewProgressSpinner("Updating existing Zarf-manged git secrets") + spinner := message.NewProgressSpinner("Updating existing Zarf-managed git secrets") defer spinner.Stop() if namespaces, err := c.Kube.GetNamespaces(); err != nil { @@ -124,6 +126,8 @@ func (c *Cluster) UpdateZarfManagedGitSecrets(state types.ZarfState) { // Check if this is a Zarf managed secret or is in a namespace the Zarf agent will take action in if currentGitSecret.Labels[config.ZarfManagedByLabel] == "zarf" || (namespace.Labels[agentLabel] != "skip" && namespace.Labels[agentLabel] != "ignore") { + spinner.Updatef("Updating existing Zarf-managed git secret for namespace: '%s'", namespace.Name) + // Create the secret newGitSecret := c.GenerateGitPullCreds(namespace.Name, config.ZarfGitServerSecretName, state.GitServer) if !reflect.DeepEqual(currentGitSecret.StringData, newGitSecret.StringData) { From e42b4c442c7f0512dadb20619da4456b4c983ae4 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Wed, 9 Aug 2023 12:52:43 -0500 Subject: [PATCH 34/43] Switch to the new Defense Unicorns Azure DevOps account --- examples/git-data/zarf.yaml | 8 ++++---- src/test/packages/22-git-and-flux/zarf.yaml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/examples/git-data/zarf.yaml b/examples/git-data/zarf.yaml index 939a8aee25..ca61b0d252 100644 --- a/examples/git-data/zarf.yaml +++ b/examples/git-data/zarf.yaml @@ -11,7 +11,7 @@ components: # The following performs a full Git Repo Mirror with `go-git` (internal to Zarf) - https://github.com/defenseunicorns/zarf-public-test.git # The following performs a full Git Repo Mirror forcing a fallback to host `git` - - https://racer159.visualstudio.com/zarf-public-test/_git/zarf-public-test + - https://dev.azure.com/defenseunicorns/zarf-public-test/_git/zarf-public-test - name: specific-tag required: true @@ -21,7 +21,7 @@ components: # The following performs a refspec tag Git Repo Mirror with `go-git` - https://github.com/defenseunicorns/zarf-public-test.git@refs/tags/v0.0.1 # The following performs a tag Git Repo Mirror forcing a fallback to host `git` - - https://racer159.visualstudio.com/zarf-public-test/_git/zarf-public-test@v0.0.1 + - https://dev.azure.com/defenseunicorns/zarf-public-test/_git/zarf-public-test@v0.0.1 - name: specific-branch required: true @@ -29,7 +29,7 @@ components: # The following performs a branch Git Repo Mirror with `go-git` (internal to Zarf) - https://github.com/defenseunicorns/zarf-public-test.git@refs/heads/dragons # The following performs a branch Git Repo Mirror forcing a fallback to host `git` - - https://racer159.visualstudio.com/zarf-public-test/_git/zarf-public-test@refs/heads/dragons + - https://dev.azure.com/defenseunicorns/zarf-public-test/_git/zarf-public-test@refs/heads/dragons - name: specific-hash required: true @@ -37,5 +37,5 @@ components: # The following performs a SHA Git Repo Mirror with `go-git` (internal to Zarf) - https://github.com/defenseunicorns/zarf-public-test.git@01a23218923f24194133b5eb11268cf8d73ff1bb # The following performs a SHA Git Repo Mirror forcing a fallback to host `git` - - https://racer159.visualstudio.com/zarf-public-test/_git/zarf-public-test@01a23218923f24194133b5eb11268cf8d73ff1bb + - https://dev.azure.com/defenseunicorns/zarf-public-test/_git/zarf-public-test@01a23218923f24194133b5eb11268cf8d73ff1bb diff --git a/src/test/packages/22-git-and-flux/zarf.yaml b/src/test/packages/22-git-and-flux/zarf.yaml index 34ff5fdb98..3ebe431ea3 100644 --- a/src/test/packages/22-git-and-flux/zarf.yaml +++ b/src/test/packages/22-git-and-flux/zarf.yaml @@ -11,7 +11,7 @@ components: # Do a full Git Repo Mirror - https://github.com/defenseunicorns/zarf-public-test.git # The following performs a full Git Repo Mirror forcing a fallback to host `git` - - https://racer159.visualstudio.com/zarf-public-test/_git/zarf-public-test + - https://dev.azure.com/defenseunicorns/zarf-public-test/_git/zarf-public-test # Perform a full repo mirror of a simple repository with a single branch - (this causes an "already up to date" error in go-git) - https://github.com/defenseunicorns/golang-tekton-hello-world.git @@ -23,7 +23,7 @@ components: # The following performs a refspec tag Git Repo Mirror with `go-git` - https://github.com/defenseunicorns/zarf-public-test.git@refs/tags/v0.0.1 # The following performs a tag Git Repo Mirror forcing a fallback to host `git` - - https://racer159.visualstudio.com/zarf-public-test/_git/zarf-public-test@v0.0.1 + - https://dev.azure.com/defenseunicorns/zarf-public-test/_git/zarf-public-test@v0.0.1 actions: onDeploy: before: @@ -38,7 +38,7 @@ components: # The following performs a branch Git Repo Mirror with `go-git` (internal to Zarf) - https://github.com/defenseunicorns/zarf-public-test.git@refs/heads/dragons # The following performs a branch Git Repo Mirror forcing a fallback to host `git` - - https://racer159.visualstudio.com/zarf-public-test/_git/zarf-public-test@refs/heads/dragons + - https://dev.azure.com/defenseunicorns/zarf-public-test/_git/zarf-public-test@refs/heads/dragons actions: onDeploy: before: @@ -53,7 +53,7 @@ components: # The following performs a SHA Git Repo Mirror with `go-git` (internal to Zarf) - https://github.com/defenseunicorns/zarf-public-test.git@01a23218923f24194133b5eb11268cf8d73ff1bb # The following performs a SHA Git Repo Mirror forcing a fallback to host `git` - - https://racer159.visualstudio.com/zarf-public-test/_git/zarf-public-test@01a23218923f24194133b5eb11268cf8d73ff1bb + - https://dev.azure.com/defenseunicorns/zarf-public-test/_git/zarf-public-test@01a23218923f24194133b5eb11268cf8d73ff1bb actions: onDeploy: before: From de910357d983aa280fa0aa9c5a97ccdc7f4198b0 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Thu, 10 Aug 2023 13:01:23 -0500 Subject: [PATCH 35/43] Update deprecation warnings to v1.0.0 --- .../100-cli-commands/zarf_package_deploy.md | 1 - .../100-cli-commands/zarf_tools_update-creds.md | 1 + src/cmd/package.go | 2 ++ src/cmd/root.go | 5 ++--- src/cmd/tools/zarf.go | 9 +-------- src/config/lang/english.go | 17 ++++++++--------- src/pkg/packager/compose.go | 10 +++++----- src/pkg/packager/create.go | 14 +++++++------- .../deprecated/pluralize-set-variable.go | 2 +- .../packager/deprecated/scripts-to-actions.go | 2 +- src/pkg/packager/prepare.go | 4 ++-- src/test/e2e/51_oci_compose_test.go | 4 ++-- src/types/component.go | 8 ++++---- src/ui/lib/api-types.ts | 9 +++++---- zarf.schema.json | 6 +++--- 15 files changed, 44 insertions(+), 50 deletions(-) diff --git a/docs/2-the-zarf-cli/100-cli-commands/zarf_package_deploy.md b/docs/2-the-zarf-cli/100-cli-commands/zarf_package_deploy.md index a2baee7d41..43f643b258 100644 --- a/docs/2-the-zarf-cli/100-cli-commands/zarf_package_deploy.md +++ b/docs/2-the-zarf-cli/100-cli-commands/zarf_package_deploy.md @@ -21,7 +21,6 @@ zarf package deploy [ PACKAGE ] [flags] -h, --help help for deploy -k, --key string Path to public key file for validating signed packages --set stringToString Specify deployment variables to set on the command line (KEY=value) (default []) - --sget string [Deprecated] Path to public sget key file for remote packages signed via cosign. This flag will be removed in v0.31.0 please use the --key flag instead. --shasum string Shasum of the package to deploy. Required if deploying a remote package and "--insecure" is not provided ``` diff --git a/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md index 175749b4eb..d6c981e5c4 100644 --- a/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md +++ b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md @@ -68,6 +68,7 @@ zarf tools update-creds [flags] -a, --architecture string Architecture for OCI images and Zarf packages --insecure Allow access to insecure registries and disable other recommended security enforcements such as package checksum and signature validation. This flag should only be used if you have a specific reason and accept the reduced security posture. -l, --log-level string Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info") + --no-color Disable colors in output --no-log-file Disable log file creation --no-progress Disable fancy UI progress bars, spinners, logos, etc --tmpdir string Specify the temporary directory to use for intermediate files diff --git a/src/cmd/package.go b/src/cmd/package.go index feb45320ff..dd29c37570 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -331,6 +331,8 @@ func bindDeployFlags(v *spf13viper.Viper) { deployFlags.StringVar(&pkgConfig.DeployOpts.Shasum, "shasum", v.GetString(common.VPkgDeployShasum), lang.CmdPackageDeployFlagShasum) deployFlags.StringVar(&pkgConfig.DeployOpts.SGetKeyPath, "sget", v.GetString(common.VPkgDeploySget), lang.CmdPackageDeployFlagSget) deployFlags.StringVarP(&pkgConfig.DeployOpts.PublicKeyPath, "key", "k", v.GetString(common.VPkgDeployPublicKey), lang.CmdPackageDeployFlagPublicKey) + + deployFlags.MarkHidden("sget") } func bindInspectFlags(v *spf13viper.Viper) { diff --git a/src/cmd/root.go b/src/cmd/root.go index de044f0451..c4ae3019a0 100644 --- a/src/cmd/root.go +++ b/src/cmd/root.go @@ -15,7 +15,6 @@ import ( "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/message" "github.com/defenseunicorns/zarf/src/types" - "github.com/pterm/pterm" "github.com/spf13/cobra" ) @@ -49,10 +48,10 @@ var rootCmd = &cobra.Command{ if len(args) > 0 { if strings.Contains(args[0], config.ZarfPackagePrefix) || strings.Contains(args[0], "zarf-init") { - pterm.FgYellow.Printfln("\n"+lang.RootCmdDeprecatedDeploy, args[0]) + message.Warnf(lang.RootCmdDeprecatedDeploy, args[0]) } if args[0] == config.ZarfYAML { - pterm.FgYellow.Printfln("\n" + lang.RootCmdDeprecatedCreate) + message.Warn(lang.RootCmdDeprecatedCreate) } } }, diff --git a/src/cmd/tools/zarf.go b/src/cmd/tools/zarf.go index f6fe16de9b..b09922da98 100644 --- a/src/cmd/tools/zarf.go +++ b/src/cmd/tools/zarf.go @@ -36,15 +36,8 @@ var deprecatedGetGitCredsCmd = &cobra.Command{ Short: lang.CmdToolsGetGitPasswdShort, Long: lang.CmdToolsGetGitPasswdLong, Run: func(cmd *cobra.Command, args []string) { - state, err := cluster.NewClusterOrDie().LoadZarfState() - if err != nil || state.Distro == "" { - // If no distro the zarf secret did not load properly - message.Fatalf(nil, lang.ErrLoadState) - } - - message.Note(lang.CmdToolsGetGitPasswdInfo) message.Warn(lang.CmdToolsGetGitPasswdDeprecation) - message.PrintComponentCredential(state, "git") + getCredsCmd.Run(getCredsCmd, []string{"git"}) }, } diff --git a/src/config/lang/english.go b/src/config/lang/english.go index 7c896a3f8e..1a163c5314 100644 --- a/src/config/lang/english.go +++ b/src/config/lang/english.go @@ -47,8 +47,8 @@ const ( RootCmdFlagTempDir = "Specify the temporary directory to use for intermediate files" RootCmdFlagInsecure = "Allow access to insecure registries and disable other recommended security enforcements such as package checksum and signature validation. This flag should only be used if you have a specific reason and accept the reduced security posture." - RootCmdDeprecatedDeploy = "Please use \"zarf package deploy %s\" to deploy this package." - RootCmdDeprecatedCreate = "Please use \"zarf package create\" to create this package." + RootCmdDeprecatedDeploy = "Deprecated: Please use \"zarf package deploy %s\" to deploy this package. This warning will be removed in Zarf v1.0.0." + RootCmdDeprecatedCreate = "Deprecated: Please use \"zarf package create\" to create this package. This warning will be removed in Zarf v1.0.0." RootCmdErrInvalidLogLevel = "Invalid log level. Valid options are: warn, info, debug, trace." @@ -248,7 +248,7 @@ const ( CmdPackageDeployFlagSet = "Specify deployment variables to set on the command line (KEY=value)" CmdPackageDeployFlagComponents = "Comma-separated list of components to install. Adding this flag will skip the init prompts for which components to install" CmdPackageDeployFlagShasum = "Shasum of the package to deploy. Required if deploying a remote package and \"--insecure\" is not provided" - CmdPackageDeployFlagSget = "[Deprecated] Path to public sget key file for remote packages signed via cosign. This flag will be removed in v0.31.0 please use the --key flag instead." + CmdPackageDeployFlagSget = "[Deprecated] Path to public sget key file for remote packages signed via cosign. This flag will be removed in v1.0.0 please use the --key flag instead." CmdPackageDeployFlagPublicKey = "Path to public key file for validating signed packages" CmdPackageDeployValidateArchitectureErr = "this package architecture is %s, but the target cluster has the %s architecture. These architectures must be the same" CmdPackageDeployValidateLastNonBreakingVersionWarn = "the version of this Zarf binary '%s' is less than the LastNonBreakingVersion of '%s'. You may need to upgrade your Zarf version to at least '%s' to deploy this package" @@ -370,10 +370,9 @@ const ( CmdToolsRegistryFlagNonDist = "Allow pushing non-distributable (foreign) layers" CmdToolsRegistryFlagPlatform = "Specifies the platform in the form os/arch[/variant][:osversion] (e.g. linux/amd64)." - CmdToolsGetGitPasswdShort = "Returns the push user's password for the Git server" - CmdToolsGetGitPasswdLong = "Reads the password for a user with push access to the configured Git server from the zarf-state secret in the zarf namespace" - CmdToolsGetGitPasswdInfo = "Git Server Push Password: " - CmdToolsGetGitPasswdDeprecation = "Deprecated: This command has been replaced by 'zarf tools get-creds git' and will be removed in a future release." + CmdToolsGetGitPasswdShort = "Deprecated: Returns the push user's password for the Git server" + CmdToolsGetGitPasswdLong = "Deprecated: Reads the password for a user with push access to the configured Git server in Zarf State. Note that this command has been replaced by 'zarf tools get-creds git' and will be removed in Zarf v1.0.0." + CmdToolsGetGitPasswdDeprecation = "Deprecated: This command has been replaced by 'zarf tools get-creds git' and will be removed in Zarf v1.0.0." CmdToolsMonitorShort = "Launches a terminal UI to monitor the connected cluster using K9s." @@ -529,7 +528,7 @@ const ( // src/internal/packager/validate. const ( - PkgValidateTemplateDeprecation = "Package template '%s' is using the deprecated syntax ###ZARF_PKG_VAR_%s###. This will be removed in a future Zarf version. Please update to ###ZARF_PKG_TMPL_%s###." + PkgValidateTemplateDeprecation = "Package template '%s' is using the deprecated syntax ###ZARF_PKG_VAR_%s###. This will be removed in Zarf v1.0.0. Please update to ###ZARF_PKG_TMPL_%s###." PkgValidateMustBeUppercase = "variable name '%s' must be all uppercase and contain no special characters except _" PkgValidateErrAction = "invalid action: %w" PkgValidateErrActionVariables = "component %s cannot contain setVariables outside of onDeploy in actions" @@ -575,5 +574,5 @@ var ( // Collection of reusable warn messages. var ( - WarnSGetDeprecation = "Using sget to download resources is being deprecated and will removed in the v0.31.0 release of Zarf. Please publish the packages as OCI artifacts instead." + WarnSGetDeprecation = "Using sget to download resources is being deprecated and will removed in the v1.0.0 release of Zarf. Please publish the packages as OCI artifacts instead." ) diff --git a/src/pkg/packager/compose.go b/src/pkg/packager/compose.go index c9d3d433b6..8bb2f7c94a 100644 --- a/src/pkg/packager/compose.go +++ b/src/pkg/packager/compose.go @@ -275,9 +275,9 @@ func (p *Packager) fixComposedFilepaths(pathAncestry string, child types.ZarfCom child.Actions.OnCreate.Defaults.Dir = composedDefaultDir } - if child.CosignKeyPath != "" { - composed := p.getComposedFilePath(pathAncestry, child.CosignKeyPath) - child.CosignKeyPath = composed + if child.DeprecatedCosignKeyPath != "" { + composed := p.getComposedFilePath(pathAncestry, child.DeprecatedCosignKeyPath) + child.DeprecatedCosignKeyPath = composed } child = p.composeExtensions(pathAncestry, child) @@ -311,8 +311,8 @@ func (p *Packager) mergeComponentOverrides(target *types.ZarfComponent, override } // Override cosign key path if it was provided. - if override.CosignKeyPath != "" { - target.CosignKeyPath = override.CosignKeyPath + if override.DeprecatedCosignKeyPath != "" { + target.DeprecatedCosignKeyPath = override.DeprecatedCosignKeyPath } // Append slices where they exist. diff --git a/src/pkg/packager/create.go b/src/pkg/packager/create.go index 38c0362f8d..43ad3e2937 100755 --- a/src/pkg/packager/create.go +++ b/src/pkg/packager/create.go @@ -307,13 +307,13 @@ func (p *Packager) addComponent(index int, component types.ZarfComponent, isSkel return fmt.Errorf("unable to create the component paths: %s", err.Error()) } - if isSkeleton && component.CosignKeyPath != "" { + if isSkeleton && component.DeprecatedCosignKeyPath != "" { dst := filepath.Join(componentPath.Base, "cosign.pub") - err := utils.CreatePathAndCopy(component.CosignKeyPath, dst) + err := utils.CreatePathAndCopy(component.DeprecatedCosignKeyPath, dst) if err != nil { return err } - p.cfg.Pkg.Components[index].CosignKeyPath = "cosign.pub" + p.cfg.Pkg.Components[index].DeprecatedCosignKeyPath = "cosign.pub" } onCreate := component.Actions.OnCreate @@ -356,7 +356,7 @@ func (p *Packager) addComponent(index int, component types.ZarfComponent, isSkel if isSkeleton { continue } - if err := utils.DownloadToFile(path, dst, component.CosignKeyPath); err != nil { + if err := utils.DownloadToFile(path, dst, component.DeprecatedCosignKeyPath); err != nil { return fmt.Errorf(lang.ErrDownloading, path, err.Error()) } } else { @@ -380,7 +380,7 @@ func (p *Packager) addComponent(index int, component types.ZarfComponent, isSkel if isSkeleton { continue } - if err := utils.DownloadToFile(file.Source, dst, component.CosignKeyPath); err != nil { + if err := utils.DownloadToFile(file.Source, dst, component.DeprecatedCosignKeyPath); err != nil { return fmt.Errorf(lang.ErrDownloading, file.Source, err.Error()) } } else { @@ -420,7 +420,7 @@ func (p *Packager) addComponent(index int, component types.ZarfComponent, isSkel if isSkeleton { continue } - if err := utils.DownloadToFile(data.Source, dst, component.CosignKeyPath); err != nil { + if err := utils.DownloadToFile(data.Source, dst, component.DeprecatedCosignKeyPath); err != nil { return fmt.Errorf(lang.ErrDownloading, data.Source, err.Error()) } } else { @@ -459,7 +459,7 @@ func (p *Packager) addComponent(index int, component types.ZarfComponent, isSkel if isSkeleton { continue } - if err := utils.DownloadToFile(path, dst, component.CosignKeyPath); err != nil { + if err := utils.DownloadToFile(path, dst, component.DeprecatedCosignKeyPath); err != nil { return fmt.Errorf(lang.ErrDownloading, path, err.Error()) } } else { diff --git a/src/pkg/packager/deprecated/pluralize-set-variable.go b/src/pkg/packager/deprecated/pluralize-set-variable.go index 92970e1f00..9835c80a64 100644 --- a/src/pkg/packager/deprecated/pluralize-set-variable.go +++ b/src/pkg/packager/deprecated/pluralize-set-variable.go @@ -49,7 +49,7 @@ func migrateSetVariableToSetVariables(c types.ZarfComponent) (types.ZarfComponen // Leave deprecated setVariable in place, but warn users if hasSetVariable { - return c, fmt.Sprintf("Component '%s' is using setVariable in actions which will be removed in a future version of Zarf. Please migrate to the list form of setVariables.", c.Name) + return c, fmt.Sprintf("Component '%s' is using setVariable in actions which will be removed in Zarf v1.0.0. Please migrate to the list form of setVariables.", c.Name) } return c, "" diff --git a/src/pkg/packager/deprecated/scripts-to-actions.go b/src/pkg/packager/deprecated/scripts-to-actions.go index 747a8a18bb..2040e7eb90 100644 --- a/src/pkg/packager/deprecated/scripts-to-actions.go +++ b/src/pkg/packager/deprecated/scripts-to-actions.go @@ -63,7 +63,7 @@ func migrateScriptsToActions(c types.ZarfComponent) (types.ZarfComponent, string // Leave deprecated scripts in place, but warn users if hasScripts { - return c, fmt.Sprintf("Component '%s' is using scripts which will be removed in a future version of Zarf. Please migrate to actions.", c.Name) + return c, fmt.Sprintf("Component '%s' is using scripts which will be removed in Zarf v1.0.0. Please migrate to actions.", c.Name) } return c, "" diff --git a/src/pkg/packager/prepare.go b/src/pkg/packager/prepare.go index ba4cfa7a90..c7262c6f04 100644 --- a/src/pkg/packager/prepare.go +++ b/src/pkg/packager/prepare.go @@ -133,7 +133,7 @@ func (p *Packager) FindImages(baseDir, repoHelmChartPath string, kubeVersionOver for idx, path := range chart.ValuesFiles { dst := helm.StandardName(componentPath.Values, chart) + "-" + strconv.Itoa(idx) if helpers.IsURL(path) { - if err := utils.DownloadToFile(path, dst, component.CosignKeyPath); err != nil { + if err := utils.DownloadToFile(path, dst, component.DeprecatedCosignKeyPath); err != nil { return nil, fmt.Errorf(lang.ErrDownloading, path, err.Error()) } } else { @@ -199,7 +199,7 @@ func (p *Packager) FindImages(baseDir, repoHelmChartPath string, kubeVersionOver if helpers.IsURL(f) { mname := fmt.Sprintf("manifest-%s-%d.yaml", manifest.Name, idx) destination := filepath.Join(componentPath.Manifests, mname) - if err := utils.DownloadToFile(f, destination, component.CosignKeyPath); err != nil { + if err := utils.DownloadToFile(f, destination, component.DeprecatedCosignKeyPath); err != nil { return nil, fmt.Errorf(lang.ErrDownloading, f, err.Error()) } f = destination diff --git a/src/test/e2e/51_oci_compose_test.go b/src/test/e2e/51_oci_compose_test.go index 8491620136..e076c67ba3 100644 --- a/src/test/e2e/51_oci_compose_test.go +++ b/src/test/e2e/51_oci_compose_test.go @@ -203,8 +203,8 @@ func (suite *SkeletonSuite) verifyComponentPaths(unpackedPath string, components Values: filepath.Join(base, types.ValuesFolder), } - if isSkeleton && component.CosignKeyPath != "" { - suite.FileExists(filepath.Join(base, component.CosignKeyPath)) + if isSkeleton && component.DeprecatedCosignKeyPath != "" { + suite.FileExists(filepath.Join(base, component.DeprecatedCosignKeyPath)) } if isSkeleton && component.Extensions.BigBang != nil { diff --git a/src/types/component.go b/src/types/component.go index 5484f8db48..b6297925e5 100644 --- a/src/types/component.go +++ b/src/types/component.go @@ -31,14 +31,14 @@ type ZarfComponent struct { // Note: ignores default and required flags Group string `json:"group,omitempty" jsonschema:"description=Create a user selector field based on all components in the same group"` - //Path to cosign public key for signed online resources - CosignKeyPath string `json:"cosignKeyPath,omitempty" jsonschema:"description=[Deprecated] Specify a path to a public key to validate signed online resources"` + // (Deprecated) Path to cosign public key for signed online resources + DeprecatedCosignKeyPath string `json:"cosignKeyPath,omitempty" jsonschema:"description=[Deprecated] Specify a path to a public key to validate signed online resources. This will be removed in Zarf v1.0.0.,deprecated=true"` // Import refers to another zarf.yaml package component. Import ZarfComponentImport `json:"import,omitempty" jsonschema:"description=Import a component from another Zarf package"` // (Deprecated) DeprecatedScripts are custom commands that run before or after package deployment - DeprecatedScripts DeprecatedZarfComponentScripts `json:"scripts,omitempty" jsonschema:"description=[Deprecated] (replaced by actions) Custom commands to run before or after package deployment,deprecated=true"` + DeprecatedScripts DeprecatedZarfComponentScripts `json:"scripts,omitempty" jsonschema:"description=[Deprecated] (replaced by actions) Custom commands to run before or after package deployment. This will be removed in Zarf v1.0.0.,deprecated=true"` // Files are files to place on disk during deploy Files []ZarfFile `json:"files,omitempty" jsonschema:"description=Files or folders to place on disk during package deployment"` @@ -161,7 +161,7 @@ type ZarfComponentAction struct { Env []string `json:"env,omitempty" jsonschema:"description=Additional environment variables to set for the command"` Cmd string `json:"cmd,omitempty" jsonschema:"description=The command to run. Must specify either cmd or wait for the action to do anything."` Shell *ZarfComponentActionShell `json:"shell,omitempty" jsonschema:"description=(cmd only) Indicates a preference for a shell for the provided cmd to be executed in on supported operating systems"` - DeprecatedSetVariable string `json:"setVariable,omitempty" jsonschema:"description=[Deprecated] (replaced by setVariables) (onDeploy/cmd only) The name of a variable to update with the output of the command. This variable will be available to all remaining actions and components in the package.,pattern=^[A-Z0-9_]+$"` + DeprecatedSetVariable string `json:"setVariable,omitempty" jsonschema:"description=[Deprecated] (replaced by setVariables) (onDeploy/cmd only) The name of a variable to update with the output of the command. This variable will be available to all remaining actions and components in the package. This will be removed in Zarf v1.0.0,pattern=^[A-Z0-9_]+$"` SetVariables []ZarfComponentActionSetVariable `json:"setVariables,omitempty" jsonschema:"description=(onDeploy/cmd only) An array of variables to update with the output of the command. These variables will be available to all remaining actions and components in the package."` Description string `json:"description,omitempty" jsonschema:"description=Description of the action to be displayed during package execution instead of the command"` Wait *ZarfComponentActionWait `json:"wait,omitempty" jsonschema:"description=Wait for a condition to be met before continuing. Must specify either cmd or wait for the action. See the 'zarf tools wait-for' command for more info."` diff --git a/src/ui/lib/api-types.ts b/src/ui/lib/api-types.ts index 8ce498a114..36179f8cf3 100644 --- a/src/ui/lib/api-types.ts +++ b/src/ui/lib/api-types.ts @@ -289,7 +289,8 @@ export interface ZarfComponent { */ charts?: ZarfChart[]; /** - * [Deprecated] Specify a path to a public key to validate signed online resources + * [Deprecated] Specify a path to a public key to validate signed online resources. This + * will be removed in Zarf v1.0.0. */ cosignKeyPath?: string; /** @@ -346,7 +347,7 @@ export interface ZarfComponent { required?: boolean; /** * [Deprecated] (replaced by actions) Custom commands to run before or after package - * deployment + * deployment. This will be removed in Zarf v1.0.0. */ scripts?: DeprecatedZarfComponentScripts; } @@ -431,7 +432,7 @@ export interface ZarfComponentAction { /** * [Deprecated] (replaced by setVariables) (onDeploy/cmd only) The name of a variable to * update with the output of the command. This variable will be available to all remaining - * actions and components in the package. + * actions and components in the package. This will be removed in Zarf v1.0.0 */ setVariable?: string; /** @@ -834,7 +835,7 @@ export enum LocalOS { /** * [Deprecated] (replaced by actions) Custom commands to run before or after package - * deployment + * deployment. This will be removed in Zarf v1.0.0. */ export interface DeprecatedZarfComponentScripts { /** diff --git a/zarf.schema.json b/zarf.schema.json index fa97af3d7f..61b0812f8a 100644 --- a/zarf.schema.json +++ b/zarf.schema.json @@ -257,7 +257,7 @@ }, "cosignKeyPath": { "type": "string", - "description": "[Deprecated] Specify a path to a public key to validate signed online resources" + "description": "[Deprecated] Specify a path to a public key to validate signed online resources. This will be removed in Zarf v1.0.0." }, "import": { "$schema": "http://json-schema.org/draft-04/schema#", @@ -267,7 +267,7 @@ "scripts": { "$schema": "http://json-schema.org/draft-04/schema#", "$ref": "#/definitions/DeprecatedZarfComponentScripts", - "description": "[Deprecated] (replaced by actions) Custom commands to run before or after package deployment" + "description": "[Deprecated] (replaced by actions) Custom commands to run before or after package deployment. This will be removed in Zarf v1.0.0." }, "files": { "items": { @@ -365,7 +365,7 @@ "setVariable": { "pattern": "^[A-Z0-9_]+$", "type": "string", - "description": "[Deprecated] (replaced by setVariables) (onDeploy/cmd only) The name of a variable to update with the output of the command. This variable will be available to all remaining actions and components in the package." + "description": "[Deprecated] (replaced by setVariables) (onDeploy/cmd only) The name of a variable to update with the output of the command. This variable will be available to all remaining actions and components in the package. This will be removed in Zarf v1.0.0" }, "setVariables": { "items": { From f2daf529cb5d84aeb849e883d48d7716c8a48195 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Thu, 10 Aug 2023 14:50:16 -0500 Subject: [PATCH 36/43] Fix git test --- src/test/e2e/07_create_git_test.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/test/e2e/07_create_git_test.go b/src/test/e2e/07_create_git_test.go index 8d2ef68521..115558ace9 100644 --- a/src/test/e2e/07_create_git_test.go +++ b/src/test/e2e/07_create_git_test.go @@ -32,7 +32,7 @@ func TestCreateGit(t *testing.T) { "v0.0.1\n", " dragons\n* main\n") // Verify the full-repo component fallback - gitDir = fmt.Sprintf("%s/components/full-repo/repos/zarf-public-test-1651489007/.git", extractDir) + gitDir = fmt.Sprintf("%s/components/full-repo/repos/zarf-public-test-410141584/.git", extractDir) verifyGitRepo(t, gitDir, "0a6b587", "(HEAD -> main, online-upstream/main, online-upstream/HEAD)", "Adjust dragon spacing", "v0.0.1\n", " dragons\n* main\n") @@ -50,7 +50,7 @@ func TestCreateGit(t *testing.T) { "v0.0.1\n", "* zarf-ref-v0.0.1\n") // Verify specific tag component tag fallback - gitDir = fmt.Sprintf("%s/components/specific-tag/repos/zarf-public-test-308170788/.git", extractDir) + gitDir = fmt.Sprintf("%s/components/specific-tag/repos/zarf-public-test-3956869879/.git", extractDir) verifyGitRepo(t, gitDir, "5249809", "(HEAD -> zarf-ref-v0.0.1, tag: v0.0.1)", "Added README.md", "v0.0.1\n", "* zarf-ref-v0.0.1\n") @@ -62,7 +62,7 @@ func TestCreateGit(t *testing.T) { "", "* dragons\n") // Verify specific branch component fallback - gitDir = fmt.Sprintf("%s/components/specific-branch/repos/zarf-public-test-1204519508/.git", extractDir) + gitDir = fmt.Sprintf("%s/components/specific-branch/repos/zarf-public-test-3363080017/.git", extractDir) verifyGitRepo(t, gitDir, "01a2321", "(HEAD -> dragons, online-upstream/dragons)", "Explain what this repo does", "", "* dragons\n") @@ -74,7 +74,7 @@ func TestCreateGit(t *testing.T) { "v0.0.1\n", " main\n* zarf-ref-01a23218923f24194133b5eb11268cf8d73ff1bb\n") // Verify specific hash component fallback - gitDir = fmt.Sprintf("%s/components/specific-hash/repos/zarf-public-test-2793472375/.git", extractDir) + gitDir = fmt.Sprintf("%s/components/specific-hash/repos/zarf-public-test-1425142831/.git", extractDir) verifyGitRepo(t, gitDir, "01a2321", "(HEAD -> zarf-ref-01a23218923f24194133b5eb11268cf8d73ff1bb, online-upstream/dragons)", "Explain what this repo does", "v0.0.1\n", " main\n* zarf-ref-01a23218923f24194133b5eb11268cf8d73ff1bb\n") From c0aa22c07eecae06835944a82e82b6322b1cc995 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Thu, 10 Aug 2023 15:11:58 -0500 Subject: [PATCH 37/43] Remove sget flag from the config file test --- src/test/e2e/30_config_file_test.go | 1 - src/test/zarf-config-test.toml | 1 - 2 files changed, 2 deletions(-) diff --git a/src/test/e2e/30_config_file_test.go b/src/test/e2e/30_config_file_test.go index 4ed4b4e45a..3c8189a146 100644 --- a/src/test/e2e/30_config_file_test.go +++ b/src/test/e2e/30_config_file_test.go @@ -131,7 +131,6 @@ func configFileDefaultTests(t *testing.T) { packageDeployFlags := []string{ "deploy.components: 8d6fde37", - "deploy.sget: ee7905de", "deploy.shasum: 7606fe19", "[thing2=2b3c4d5e]", } diff --git a/src/test/zarf-config-test.toml b/src/test/zarf-config-test.toml index a81de98fe9..3585a45f3f 100644 --- a/src/test/zarf-config-test.toml +++ b/src/test/zarf-config-test.toml @@ -37,7 +37,6 @@ thing1 = '1a2b3c4d' [package.deploy] components = 'deploy.components: 8d6fde37' -sget = 'deploy.sget: ee7905de' shasum = 'deploy.shasum: 7606fe19' [package.deploy.set] From 7bc15a5dd1699cf523785ab52b58f521370a8280 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Sat, 12 Aug 2023 18:46:17 -0500 Subject: [PATCH 38/43] Update src/cmd/common/viper.go Co-authored-by: razzle --- src/cmd/common/viper.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/cmd/common/viper.go b/src/cmd/common/viper.go index db042f432e..755adcedd3 100644 --- a/src/cmd/common/viper.go +++ b/src/cmd/common/viper.go @@ -155,6 +155,10 @@ func isVersionCmd() bool { } func printViperConfigUsed() { + vInitialized := v != nil + if !vInitialized { + return + } // Optional, so ignore file not found errors if vConfigError != nil { // Config file not found; ignore From 257ca9d27be46d8a8175619cb5f363c27d462ec4 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Sat, 12 Aug 2023 18:56:12 -0500 Subject: [PATCH 39/43] Fix feedback --- .../100-cli-commands/zarf_init.md | 2 +- .../zarf_tools_update-creds.md | 2 +- src/cmd/common/viper.go | 11 +++----- src/cmd/initialize.go | 4 +-- src/cmd/package.go | 25 +++++++++---------- src/cmd/prepare.go | 4 +-- src/config/lang/english.go | 6 ++--- src/pkg/packager/variables.go | 15 +++-------- src/pkg/utils/helpers/misc.go | 9 +++++++ 9 files changed, 38 insertions(+), 40 deletions(-) diff --git a/docs/2-the-zarf-cli/100-cli-commands/zarf_init.md b/docs/2-the-zarf-cli/100-cli-commands/zarf_init.md index 145f783633..3aabfdac50 100644 --- a/docs/2-the-zarf-cli/100-cli-commands/zarf_init.md +++ b/docs/2-the-zarf-cli/100-cli-commands/zarf_init.md @@ -43,7 +43,7 @@ zarf init [flags] # Initializing w/ an external artifact server: zarf init --artifact-push-password={PASSWORD} --artifact-push-username={USERNAME} --artifact-url={URL} - # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well. + # NOTE: Not specifying a pull username/password will use the push user for pulling as well. ``` diff --git a/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md index d6c981e5c4..4176ec237b 100644 --- a/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md +++ b/docs/2-the-zarf-cli/100-cli-commands/zarf_tools_update-creds.md @@ -38,7 +38,7 @@ zarf tools update-creds [flags] zarf tools update-creds git --git-push-username={USERNAME} --git-push-password={PASSWORD} zarf tools update-creds artifact --artifact-push-username={USERNAME} --artifact-push-token={PASSWORD} - # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well. + # NOTE: Not specifying a pull username/password will keep the previous pull username/password. ``` diff --git a/src/cmd/common/viper.go b/src/cmd/common/viper.go index 755adcedd3..7ab6b890fc 100644 --- a/src/cmd/common/viper.go +++ b/src/cmd/common/viper.go @@ -109,13 +109,8 @@ func InitViper() *viper.Viper { v = viper.New() - // Skip for vendor-only commands - if CheckVendorOnlyFromArgs() { - return v - } - - // Skip for the version command - if isVersionCmd() { + // Skip for vendor-only commands or the version command + if CheckVendorOnlyFromArgs() || isVersionCmd() { return v } @@ -155,10 +150,12 @@ func isVersionCmd() bool { } func printViperConfigUsed() { + // Only print config info if viper is initialized. vInitialized := v != nil if !vInitialized { return } + // Optional, so ignore file not found errors if vConfigError != nil { // Config file not found; ignore diff --git a/src/cmd/initialize.go b/src/cmd/initialize.go index dcabe355af..53c77a78bb 100644 --- a/src/cmd/initialize.go +++ b/src/cmd/initialize.go @@ -53,8 +53,8 @@ var initCmd = &cobra.Command{ // Ensure uppercase keys from viper v := common.GetViper() - viperConfig := helpers.TransformMapKeys(v.GetStringMapString(common.VPkgDeploySet), strings.ToUpper) - pkgConfig.DeployOpts.SetVariables = helpers.MergeMap(viperConfig, pkgConfig.DeployOpts.SetVariables) + pkgConfig.DeployOpts.SetVariables = helpers.TransformAndMergeMap( + v.GetStringMapString(common.VPkgDeploySet), pkgConfig.DeployOpts.SetVariables, strings.ToUpper) // Configure the packager pkgClient := packager.NewOrDie(&pkgConfig) diff --git a/src/cmd/package.go b/src/cmd/package.go index dd29c37570..52dfbe0462 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -23,7 +23,7 @@ import ( "github.com/defenseunicorns/zarf/src/pkg/packager" "github.com/defenseunicorns/zarf/src/pkg/utils/helpers" "github.com/spf13/cobra" - spf13viper "github.com/spf13/viper" + "github.com/spf13/viper" ) var includeInspectSBOM bool @@ -59,8 +59,8 @@ var packageCreateCmd = &cobra.Command{ // Ensure uppercase keys from viper v := common.GetViper() - viperConfig := helpers.TransformMapKeys(v.GetStringMapString(common.VPkgCreateSet), strings.ToUpper) - pkgConfig.CreateOpts.SetVariables = helpers.MergeMap(viperConfig, pkgConfig.CreateOpts.SetVariables) + pkgConfig.CreateOpts.SetVariables = helpers.TransformAndMergeMap( + v.GetStringMapString(common.VPkgCreateSet), pkgConfig.CreateOpts.SetVariables, strings.ToUpper) // Configure the packager pkgClient := packager.NewOrDie(&pkgConfig) @@ -84,11 +84,10 @@ var packageDeployCmd = &cobra.Command{ // Ensure uppercase keys from viper and CLI --set v := common.GetViper() - viperConfigSetVariables := helpers.TransformMapKeys(v.GetStringMapString(common.VPkgDeploySet), strings.ToUpper) - pkgConfig.DeployOpts.SetVariables = helpers.TransformMapKeys(pkgConfig.DeployOpts.SetVariables, strings.ToUpper) // Merge the viper config file variables and provided CLI flag variables (CLI takes precedence)) - pkgConfig.DeployOpts.SetVariables = helpers.MergeMap(viperConfigSetVariables, pkgConfig.DeployOpts.SetVariables) + pkgConfig.DeployOpts.SetVariables = helpers.TransformAndMergeMap( + v.GetStringMapString(common.VPkgDeploySet), pkgConfig.DeployOpts.SetVariables, strings.ToUpper) pkgConfig.PkgSourcePath = pkgConfig.DeployOpts.PackagePath @@ -284,13 +283,13 @@ func init() { bindPullFlags(v) } -func bindPackageFlags(v *spf13viper.Viper) { +func bindPackageFlags(v *viper.Viper) { packageFlags := packageCmd.PersistentFlags() v.SetDefault(common.VPkgOCIConcurrency, 3) packageFlags.IntVar(&config.CommonOptions.OCIConcurrency, "oci-concurrency", v.GetInt(common.VPkgOCIConcurrency), lang.CmdPackageFlagConcurrency) } -func bindCreateFlags(v *spf13viper.Viper) { +func bindCreateFlags(v *viper.Viper) { createFlags := packageCreateCmd.Flags() // Always require confirm flag (no viper) @@ -317,7 +316,7 @@ func bindCreateFlags(v *spf13viper.Viper) { createFlags.MarkHidden("output-directory") } -func bindDeployFlags(v *spf13viper.Viper) { +func bindDeployFlags(v *viper.Viper) { deployFlags := packageDeployCmd.Flags() // Always require confirm flag (no viper) @@ -335,27 +334,27 @@ func bindDeployFlags(v *spf13viper.Viper) { deployFlags.MarkHidden("sget") } -func bindInspectFlags(v *spf13viper.Viper) { +func bindInspectFlags(v *viper.Viper) { inspectFlags := packageInspectCmd.Flags() inspectFlags.BoolVarP(&includeInspectSBOM, "sbom", "s", false, lang.CmdPackageInspectFlagSbom) inspectFlags.StringVar(&outputInspectSBOM, "sbom-out", "", lang.CmdPackageInspectFlagSbomOut) inspectFlags.StringVarP(&inspectPublicKey, "key", "k", v.GetString(common.VPkgDeployPublicKey), lang.CmdPackageInspectFlagPublicKey) } -func bindRemoveFlags(v *spf13viper.Viper) { +func bindRemoveFlags(v *viper.Viper) { removeFlags := packageRemoveCmd.Flags() removeFlags.BoolVar(&config.CommonOptions.Confirm, "confirm", false, lang.CmdPackageRemoveFlagConfirm) removeFlags.StringVar(&pkgConfig.DeployOpts.Components, "components", v.GetString(common.VPkgDeployComponents), lang.CmdPackageRemoveFlagComponents) _ = packageRemoveCmd.MarkFlagRequired("confirm") } -func bindPublishFlags(v *spf13viper.Viper) { +func bindPublishFlags(v *viper.Viper) { publishFlags := packagePublishCmd.Flags() publishFlags.StringVarP(&pkgConfig.PublishOpts.SigningKeyPath, "key", "k", v.GetString(common.VPkgPublishSigningKey), lang.CmdPackagePublishFlagSigningKey) publishFlags.StringVar(&pkgConfig.PublishOpts.SigningKeyPassword, "key-pass", v.GetString(common.VPkgPublishSigningKeyPassword), lang.CmdPackagePublishFlagSigningKeyPassword) } -func bindPullFlags(v *spf13viper.Viper) { +func bindPullFlags(v *viper.Viper) { pullFlags := packagePullCmd.Flags() pullFlags.StringVarP(&pkgConfig.PullOpts.OutputDirectory, "output-directory", "o", v.GetString(common.VPkgPullOutputDir), lang.CmdPackagePullFlagOutputDirectory) pullFlags.StringVarP(&pkgConfig.PullOpts.PublicKeyPath, "key", "k", v.GetString(common.VPkgPullPublicKey), lang.CmdPackagePullFlagPublicKey) diff --git a/src/cmd/prepare.go b/src/cmd/prepare.go index af99226032..3b5cd1f221 100644 --- a/src/cmd/prepare.go +++ b/src/cmd/prepare.go @@ -104,8 +104,8 @@ var prepareFindImages = &cobra.Command{ // Ensure uppercase keys from viper v := common.GetViper() - viperConfig := helpers.TransformMapKeys(v.GetStringMapString(common.VPkgCreateSet), strings.ToUpper) - pkgConfig.CreateOpts.SetVariables = helpers.MergeMap(viperConfig, pkgConfig.CreateOpts.SetVariables) + pkgConfig.CreateOpts.SetVariables = helpers.TransformAndMergeMap( + v.GetStringMapString(common.VPkgCreateSet), pkgConfig.CreateOpts.SetVariables, strings.ToUpper) // Configure the packager pkgClient := packager.NewOrDie(&pkgConfig) diff --git a/src/config/lang/english.go b/src/config/lang/english.go index 1a163c5314..efdf9811bc 100644 --- a/src/config/lang/english.go +++ b/src/config/lang/english.go @@ -128,7 +128,7 @@ const ( # Initializing w/ an external artifact server: zarf init --artifact-push-password={PASSWORD} --artifact-push-username={USERNAME} --artifact-url={URL} - # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well. + # NOTE: Not specifying a pull username/password will use the push user for pulling as well. ` CmdInitErrFlags = "Invalid command flags were provided." @@ -404,7 +404,7 @@ const ( CmdToolsGenKeySuccess = "Generated key pair and written to %s and %s" CmdToolsSbomShort = "Generates a Software Bill of Materials (SBOM) for the given package" - CmdToolsSbomErr = "Unable to create sbom (syft) CLI" + CmdToolsSbomErr = "Unable to create SBOM (Syft) CLI" CmdToolsWaitForShort = "Waits for a given Kubernetes resource to be ready" CmdToolsWaitForLong = "By default Zarf will wait for all Kubernetes resources to be ready before completion of a component during a deployment.\n" + @@ -478,7 +478,7 @@ const ( zarf tools update-creds git --git-push-username={USERNAME} --git-push-password={PASSWORD} zarf tools update-creds artifact --artifact-push-username={USERNAME} --artifact-push-token={PASSWORD} - # NOTE: Not specifying --*-pull-password/username when using --*-push-password/username will use the push user for pulling as well. + # NOTE: Not specifying a pull username/password will keep the previous pull username/password. ` CmdToolsUpdateCredsConfirmFlag = "Confirm updating credentials without prompting" CmdToolsUpdateCredsConfirmProvided = "Confirm flag specified, continuing without prompting." diff --git a/src/pkg/packager/variables.go b/src/pkg/packager/variables.go index 5b062fc50c..4ee705c3ad 100644 --- a/src/pkg/packager/variables.go +++ b/src/pkg/packager/variables.go @@ -6,12 +6,10 @@ package packager import ( "fmt" - "strings" "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/pkg/utils" - "github.com/defenseunicorns/zarf/src/pkg/utils/helpers" "github.com/defenseunicorns/zarf/src/types" ) @@ -20,9 +18,6 @@ func (p *Packager) fillActiveTemplate() error { templateMap := map[string]string{} promptAndSetTemplate := func(templatePrefix string, deprecated bool) error { - // Ensure uppercase keys - setFromCLIConfig := helpers.TransformMapKeys(p.cfg.CreateOpts.SetVariables, strings.ToUpper) - yamlTemplates, err := utils.FindYamlTemplates(&p.cfg.Pkg, templatePrefix, "###") if err != nil { return err @@ -33,14 +28,14 @@ func (p *Packager) fillActiveTemplate() error { p.warnings = append(p.warnings, fmt.Sprintf(lang.PkgValidateTemplateDeprecation, key, key, key)) } - _, present := setFromCLIConfig[key] + _, present := p.cfg.CreateOpts.SetVariables[key] if !present && !config.CommonOptions.Confirm { setVal, err := p.promptVariable(types.ZarfPackageVariable{ Name: key, }) if err == nil { - setFromCLIConfig[key] = setVal + p.cfg.CreateOpts.SetVariables[key] = setVal } else { return err } @@ -49,7 +44,7 @@ func (p *Packager) fillActiveTemplate() error { } } - for key, value := range setFromCLIConfig { + for key, value := range p.cfg.CreateOpts.SetVariables { templateMap[fmt.Sprintf("%s%s###", templatePrefix, key)] = value } @@ -78,9 +73,7 @@ func (p *Packager) fillActiveTemplate() error { // setVariableMapInConfig handles setting the active variables used to template component files. func (p *Packager) setVariableMapInConfig() error { - // Ensure uppercase keys - setVariableValues := helpers.TransformMapKeys(p.cfg.DeployOpts.SetVariables, strings.ToUpper) - for name, value := range setVariableValues { + for name, value := range p.cfg.DeployOpts.SetVariables { p.setVariableInConfig(name, value, false, false, "") } diff --git a/src/pkg/utils/helpers/misc.go b/src/pkg/utils/helpers/misc.go index bedba7011d..2f6292c419 100644 --- a/src/pkg/utils/helpers/misc.go +++ b/src/pkg/utils/helpers/misc.go @@ -110,6 +110,15 @@ func MergeMap[T any](m1, m2 map[string]T) (r map[string]T) { return r } +// TransformAndMergeMap transforms keys in both maps then merges map m2 with m1 overwriting common values with m2's values. +func TransformAndMergeMap[T any](m1, m2 map[string]T, transform func(string) string) (r map[string]T) { + mt1 := TransformMapKeys(m1, transform) + mt2 := TransformMapKeys(m2, transform) + r = MergeMap(mt1, mt2) + + return r +} + // MergeMapRecursive recursively (nestedly) merges map m2 with m1 overwriting common values with m2's values. func MergeMapRecursive(m1, m2 map[string]interface{}) (r map[string]interface{}) { r = map[string]interface{}{} From 5f5d702264467bbb481246d278400647a4786190 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 14 Aug 2023 15:45:21 -0500 Subject: [PATCH 40/43] Remove chown comment --- .github/workflows/test-e2e.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/test-e2e.yml b/.github/workflows/test-e2e.yml index acf7276168..f54411c534 100644 --- a/.github/workflows/test-e2e.yml +++ b/.github/workflows/test-e2e.yml @@ -96,7 +96,6 @@ jobs: # NOTE: "PATH=$PATH" preserves the default user $PATH. This is needed to maintain the version of go installed # in a previous step. This test run will use Zarf to create a K3s cluster, and a brand new cluster will be # used for each test - # chown the logs since they were originally created as root run: | chmod +x build/zarf sudo env "PATH=$PATH" CI=true APPLIANCE_MODE=true make test-e2e ARCH=amd64 From 1185eb46a475dbf2279deeb1c9938d1b77a36774 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Mon, 14 Aug 2023 15:49:09 -0500 Subject: [PATCH 41/43] Small cleanup --- Makefile | 1 - src/internal/agent/hooks/argocd-application.go | 3 ++- src/internal/agent/hooks/flux.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 7f5e6d92cb..31be941746 100644 --- a/Makefile +++ b/Makefile @@ -168,7 +168,6 @@ test-external: ## Run the Zarf CLI E2E tests for an external registry and cluste @test -s $(ZARF_BIN) || $(MAKE) build-cli @test -s ./build/zarf-init-$(ARCH)-$(CLI_VERSION).tar.zst || $(MAKE) init-package @test -s ./build/zarf-package-podinfo-flux-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/podinfo-flux -o build -a $(ARCH) --confirm - @test -s ./build/zarf-package-argocd-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/argocd -o build -a $(ARCH) --confirm cd src/test/external && go test -failfast -v -timeout 30m ## NOTE: Requires an existing cluster and diff --git a/src/internal/agent/hooks/argocd-application.go b/src/internal/agent/hooks/argocd-application.go index 03907f816d..dc99b4033a 100644 --- a/src/internal/agent/hooks/argocd-application.go +++ b/src/internal/agent/hooks/argocd-application.go @@ -7,6 +7,7 @@ package hooks import ( "encoding/json" "fmt" + "github.com/defenseunicorns/zarf/src/config/lang" "github.com/defenseunicorns/zarf/src/internal/agent/operations" "github.com/defenseunicorns/zarf/src/internal/agent/state" @@ -27,7 +28,7 @@ type ArgoApplication struct { Spec struct { Source Source `json:"source"` Sources []Source `json:"sources"` - } + } `json:"spec"` } var ( diff --git a/src/internal/agent/hooks/flux.go b/src/internal/agent/hooks/flux.go index a246dfe650..8c9b0376c2 100644 --- a/src/internal/agent/hooks/flux.go +++ b/src/internal/agent/hooks/flux.go @@ -29,7 +29,7 @@ type GenericGitRepo struct { Spec struct { URL string `json:"url"` SecretRef SecretRef `json:"secretRef,omitempty"` - } + } `json:"spec"` } // NewGitRepositoryMutationHook creates a new instance of the git repo mutation hook. From b61480545374bdf99372dd9a1aedd376380b90cd Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Tue, 15 Aug 2023 16:15:41 -0500 Subject: [PATCH 42/43] move zarf logging username to config --- src/config/config.go | 2 ++ src/pkg/message/credentials.go | 6 ++---- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/config/config.go b/src/config/config.go index 593dbcbd8c..8f1b65595f 100644 --- a/src/config/config.go +++ b/src/config/config.go @@ -70,6 +70,8 @@ const ( ZarfGitPushUser = "zarf-git-user" ZarfGitReadUser = "zarf-git-read-user" + ZarfLoggingUser = "zarf-admin" + ZarfInClusterGitServiceURL = "http://zarf-gitea-http.zarf.svc.cluster.local:3000" ZarfInClusterArtifactServiceURL = ZarfInClusterGitServiceURL + "/api/packages/" + ZarfGitPushUser ) diff --git a/src/pkg/message/credentials.go b/src/pkg/message/credentials.go index 6f82ff6012..b1f8ccbe8d 100644 --- a/src/pkg/message/credentials.go +++ b/src/pkg/message/credentials.go @@ -16,8 +16,6 @@ import ( // Common constants for printing credentials const ( - loggingUsername = "zarf-admin" - RegistryKey = "registry" RegistryReadKey = "registry-readonly" GitKey = "git" @@ -51,7 +49,7 @@ func PrintCredentialTable(state *types.ZarfState, componentsToDeploy []types.Dep for _, component := range componentsToDeploy { // Show message if including logging stack if component.Name == "logging" { - loginTable = append(loginTable, pterm.TableData{{" Logging", loggingUsername, state.LoggingSecret, "zarf connect logging", LoggingKey}}...) + loginTable = append(loginTable, pterm.TableData{{" Logging", config.ZarfLoggingUser, state.LoggingSecret, "zarf connect logging", LoggingKey}}...) } // Show message if including git-server if component.Name == "git-server" { @@ -78,7 +76,7 @@ func PrintCredentialTable(state *types.ZarfState, componentsToDeploy []types.Dep func PrintComponentCredential(state *types.ZarfState, componentName string) { switch strings.ToLower(componentName) { case LoggingKey: - Notef("Logging credentials (username: %s):", loggingUsername) + Notef("Logging credentials (username: %s):", config.ZarfLoggingUser) fmt.Println(state.LoggingSecret) case GitKey: Notef("Git Server push password (username: %s):", state.GitServer.PushUsername) From 95979a995eff3a7198d17ea1d90da49e724b6db4 Mon Sep 17 00:00:00 2001 From: Wayne Starr Date: Tue, 15 Aug 2023 16:17:04 -0500 Subject: [PATCH 43/43] move zarf logging username to config --- src/config/config.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/config/config.go b/src/config/config.go index 8f1b65595f..9bc9cfaf1c 100644 --- a/src/config/config.go +++ b/src/config/config.go @@ -70,10 +70,10 @@ const ( ZarfGitPushUser = "zarf-git-user" ZarfGitReadUser = "zarf-git-read-user" - ZarfLoggingUser = "zarf-admin" - ZarfInClusterGitServiceURL = "http://zarf-gitea-http.zarf.svc.cluster.local:3000" ZarfInClusterArtifactServiceURL = ZarfInClusterGitServiceURL + "/api/packages/" + ZarfGitPushUser + + ZarfLoggingUser = "zarf-admin" ) // Zarf Global Configuration Variables.