aptible-cli 0.16.2 → 0.16.7

data/lib/aptible/cli/resource_formatter.rb

@@ -4,6 +4,41 @@ module Aptible
       class << self
         NO_NESTING = Object.new.freeze
 
+        def inject_backup(node, backup, include_db: false)
+          description = "#{backup.id}: #{backup.created_at}, " \
+                        "#{backup.aws_region}"
+
+          if include_db
+            db = backup.database_with_deleted
+            node.keyed_object('database', 'id') do |n|
+              inject_deleted_database(n, db, backup.account)
+            end
+
+            description = "#{description}, " \
+                          "#{db.handle} deleted at #{db.deleted_at}"
+          end
+
+          node.value('id', backup.id)
+          node.value('description', description)
+          node.value('created_at', backup.created_at)
+          node.value('region', backup.aws_region)
+          node.value('size', backup.size)
+
+          if backup.copied_from
+            node.keyed_object('copied_from', 'description') do |n|
+              inject_backup(n, backup.copied_from)
+            end
+          end
+        end
+
+        def inject_deleted_database(node, database, account)
+          node.value('id', database.id)
+          node.value('handle', database.handle)
+          node.value('type', database.type)
+          node.value('deleted_at', database.deleted_at)
+          attach_account(node, account)
+        end
+
         def inject_account(node, account)
           node.value('id', account.id)
           node.value('handle', account.handle)
@@ -47,6 +82,7 @@ module Aptible
 
           node.value('type', database.type)
           node.value('status', database.status)
+
           node.value('connection_url', database.connection_url)
 
           node.list('credentials') do |creds_list|
@@ -54,7 +90,6 @@ module Aptible
               creds_list.object { |n| inject_credential(n, cred) }
             end
           end
-
           attach_account(node, account)
         end
 

data/lib/aptible/cli/subcommands/backup.rb

@@ -9,12 +9,13 @@ module Aptible
 
             desc 'backup:restore BACKUP_ID ' \
                  '[--environment ENVIRONMENT_HANDLE] [--handle HANDLE] ' \
-                 '[--container-size SIZE_MB] [--size SIZE_GB]',
+                 '[--container-size SIZE_MB] [--disk-size SIZE_GB]',
                  'Restore a backup'
             option :handle, desc: 'a name to use for the new database'
             option :environment, desc: 'a different environment to restore to'
             option :container_size, type: :numeric
             option :size, type: :numeric
+            option :disk_size, type: :numeric
             define_method 'backup:restore' do |backup_id|
               backup = Aptible::Api::Backup.find(backup_id, token: fetch_token)
               raise Thor::Error, "Backup ##{backup_id} not found" if backup.nil?
@@ -22,7 +23,8 @@ module Aptible
               handle = options[:handle]
               unless handle
                 ts_suffix = backup.created_at.getgm.strftime '%Y-%m-%d-%H-%M-%S'
-                handle = "#{backup.database.handle}-at-#{ts_suffix}"
+                handle =
+                  "#{backup.database_with_deleted.handle}-at-#{ts_suffix}"
               end
 
               destination_account = if options[:environment]
@@ -35,10 +37,16 @@ module Aptible
                 type: 'restore',
                 handle: handle,
                 container_size: options[:container_size],
-                disk_size: options[:size],
+                disk_size: options[:disk_size] || options[:size],
                 destination_account: destination_account
               }.delete_if { |_, v| v.nil? }
 
+              CLI.logger.warn([
+                'You have used the "--size" option to specify a disk size.',
+                'This option which be deprecated in a future version.',
+                'Please use the "--disk-size" option, instead.'
+              ].join("\n")) if options[:size]
+
               operation = backup.create_operation!(opts)
               CLI.logger.info "Restoring backup into #{handle}"
               attach_to_operation_logs(operation)
@@ -62,22 +70,58 @@ module Aptible
               database = ensure_database(options.merge(db: handle))
 
               Formatter.render(Renderer.current) do |root|
-                root.keyed_list('description') do |l|
+                root.keyed_list('description') do |node|
                   database.each_backup do |backup|
-                    break if backup.created_at < min_created_at
-                    description = "#{backup.id}: #{backup.created_at}, " \
-                      "#{backup.aws_region}"
+                    if backup.created_at < min_created_at && !backup.copied_from
+                      break
+                    end
+                    node.object do |n|
+                      ResourceFormatter.inject_backup(n, backup)
+                    end
+                  end
+                end
+              end
+            end
 
-                    l.object do |o|
-                      o.value('id', backup.id)
-                      o.value('description', description)
-                      o.value('created_at', backup.created_at)
-                      o.value('region', backup.aws_region)
+            desc 'backup:orphaned', 'List backups associated with ' \
+                                    'deprovisioned databases'
+            option :environment
+            option :max_age, default: '1y',
+                             desc: 'Limit backups returned '\
+                                   '(example usage: 1w, 1y, etc.)'
+            define_method 'backup:orphaned' do
+              age = ChronicDuration.parse(options[:max_age])
+              raise Thor::Error, "Invalid age: #{options[:max_age]}" if age.nil?
+              min_created_at = Time.now - age
+
+              Formatter.render(Renderer.current) do |root|
+                root.keyed_list('description') do |node|
+                  scoped_environments(options).each do |account|
+                    account.each_orphaned_backup do |backup|
+                      created_at = backup.created_at
+                      copied_from = backup.copied_from
+                      break if created_at < min_created_at && !copied_from
+                      node.object do |n|
+                        ResourceFormatter.inject_backup(
+                          n, backup, include_db: true
+                        )
+                      end
                     end
                   end
                 end
               end
             end
+
+            desc 'backup:purge BACKUP_ID',
+                 'Permanently delete a backup and any copies of it'
+            define_method 'backup:purge' do |backup_id|
+              backup = Aptible::Api::Backup.find(backup_id, token: fetch_token)
+              raise Thor::Error, "Backup ##{backup_id} not found" if backup.nil?
+
+              operation = backup.create_operation!(type: 'purge')
+              CLI.logger.info "Purging backup #{backup_id}"
+              attach_to_operation_logs(operation)
+            end
           end
         end
       end

data/lib/aptible/cli/subcommands/db.rb

@@ -53,12 +53,13 @@ module Aptible
 
             desc 'db:create HANDLE ' \
                  '[--type TYPE] [--version VERSION] ' \
-                 '[--container-size SIZE_MB] [--size SIZE_GB]',
+                 '[--container-size SIZE_MB] [--disk-size SIZE_GB]',
                  'Create a new database'
             option :type, type: :string
             option :version, type: :string
             option :container_size, type: :numeric
-            option :size, default: 10, type: :numeric
+            option :size, type: :numeric
+            option :disk_size, default: 10, type: :numeric
             option :environment
             define_method 'db:create' do |handle|
               account = ensure_environment(options)
@@ -66,9 +67,15 @@ module Aptible
               db_opts = {
                 handle: handle,
                 initial_container_size: options[:container_size],
-                initial_disk_size: options[:size]
+                initial_disk_size: options[:disk_size] || options[:size]
               }.delete_if { |_, v| v.nil? }
 
+              CLI.logger.warn([
+                'You have used the "--size" option to specify a disk size.',
+                'This option which be deprecated in a future version.',
+                'Please use the "--disk-size" option, instead.'
+              ].join("\n")) if options[:size]
+
               type = options[:type]
               version = options[:version]
 
@@ -87,7 +94,7 @@ module Aptible
               op_opts = {
                 type: 'provision',
                 container_size: options[:container_size],
-                disk_size: options[:size]
+                disk_size: options[:disk_size] || options[:size]
               }.delete_if { |_, v| v.nil? }
               op = database.create_operation(op_opts)
 
@@ -114,6 +121,52 @@ module Aptible
               render_database(database, database.account)
             end
 
+            desc 'db:replicate HANDLE REPLICA_HANDLE ' \
+                 '[--container-size SIZE_MB] [--disk-size SIZE_GB] ' \
+                 '[--logical --version VERSION]',
+                 'Create a replica/follower of a database'
+            option :environment
+            option :container_size, type: :numeric
+            option :size, type: :numeric
+            option :disk_size, type: :numeric
+            option :logical, type: :boolean
+            option :version, type: :string
+            define_method 'db:replicate' do |source_handle, dest_handle|
+              source = ensure_database(options.merge(db: source_handle))
+
+              if options[:logical]
+                if source.type != 'postgresql'
+                  raise Thor::Error, 'Logical replication only works for ' \
+                                     'PostgreSQL'
+                end
+                if options[:version]
+                  image = find_database_image(source.type, options[:version])
+                else
+                  raise Thor::Error, '--version is required for logical ' \
+                                     'replication'
+                end
+              end
+
+              CLI.logger.info "Replicating #{source_handle}..."
+
+              opts = {
+                environment: options[:environment],
+                container_size: options[:container_size],
+                size: options[:disk_size] || options[:size],
+                logical: options[:logical],
+                database_image: image || nil
+              }.delete_if { |_, v| v.nil? }
+
+              CLI.logger.warn([
+                'You have used the "--size" option to specify a disk size.',
+                'This option which be deprecated in a future version.',
+                'Please use the "--disk-size" option, instead.'
+              ].join("\n")) if options[:size]
+
+              database = replicate_database(source, dest_handle, opts)
+              render_database(database.reload, database.account)
+            end
+
             desc 'db:dump HANDLE [pg_dump options]',
                  'Dump a remote database to file'
             option :environment
@@ -221,10 +274,11 @@ module Aptible
             end
 
             desc 'db:restart HANDLE ' \
-                 '[--container-size SIZE_MB] [--size SIZE_GB]',
+                 '[--container-size SIZE_MB] [--disk-size SIZE_GB]',
                  'Restart a database'
             option :environment
             option :container_size, type: :numeric
+            option :disk_size, type: :numeric
             option :size, type: :numeric
             define_method 'db:restart' do |handle|
               database = ensure_database(options.merge(db: handle))
@@ -232,9 +286,15 @@ module Aptible
               opts = {
                 type: 'restart',
                 container_size: options[:container_size],
-                disk_size: options[:size]
+                disk_size: options[:disk_size] || options[:size]
               }.delete_if { |_, v| v.nil? }
 
+              CLI.logger.warn([
+                'You have used the "--size" option to specify a disk size.',
+                'This option which be deprecated in a future version.',
+                'Please use the "--disk-size" option, instead.'
+              ].join("\n")) if options[:size]
+
               CLI.logger.info "Restarting #{database.handle}..."
               op = database.create_operation!(opts)
               attach_to_operation_logs(op)

data/lib/aptible/cli/subcommands/inspect.rb

@@ -19,7 +19,7 @@ module Aptible
             raise "Invalid scheme: #{uri.scheme} (use https)"
           end
 
-          apis = [Aptible::Auth, Aptible::Api, Aptible::Billing]
+          apis = [Aptible::Auth, Aptible::Api]
 
           api = apis.find do |klass|
             uri.host == URI(klass.configuration.root_url).host

data/lib/aptible/cli/version.rb

@@ -1,5 +1,5 @@
 module Aptible
   module CLI
-    VERSION = '0.16.2'.freeze
+    VERSION = '0.16.7'.freeze
   end
 end

data/spec/aptible/cli/agent_spec.rb

@@ -30,10 +30,15 @@ describe Aptible::CLI::Agent do
     let(:created_at) { Time.now }
     let(:expires_at) { created_at + 1.week }
 
-    before do
-      m = -> (code) { @code = code }
-      OAuth2::Error.send :define_method, :initialize, m
+    def make_oauth2_error(code, ctx = nil)
+      parsed = { 'error' => code }
+      parsed['exception_context'] = ctx if ctx
+      response = double('response', parsed: parsed, body: "error #{code}")
+      allow(response).to receive(:error=)
+      OAuth2::Error.new(response)
+    end
 
+    before do
       allow(token).to receive(:access_token).and_return 'access_token'
       allow(token).to receive(:created_at).and_return created_at
       allow(token).to receive(:expires_at).and_return expires_at
@@ -55,7 +60,7 @@ describe Aptible::CLI::Agent do
 
     it 'should raise an error if authentication fails' do
       allow(Aptible::Auth::Token).to receive(:create)
-        .and_raise(OAuth2::Error, 'foo')
+        .and_raise(make_oauth2_error('foo'))
       expect do
         subject.login
       end.to raise_error 'Could not authenticate with given credentials: foo'
@@ -87,7 +92,7 @@ describe Aptible::CLI::Agent do
       expect { subject.login }.to raise_error(/Invalid token lifetime/)
     end
 
-    context 'with OTP' do
+    context 'with 2FA' do
       let(:email) { 'foo@example.org' }
       let(:password) { 'bar' }
       let(:token) { '123456' }
@@ -124,7 +129,7 @@ describe Aptible::CLI::Agent do
           expect(Aptible::Auth::Token).to receive(:create)
             .with(email: email, password: password, expires_in: 1.week.seconds)
             .once
-            .and_raise(OAuth2::Error, 'otp_token_required')
+            .and_raise(make_oauth2_error('otp_token_required'))
 
           expect(Aptible::Auth::Token).to receive(:create)
             .with(email: email, password: password, otp_token: token,
@@ -139,7 +144,7 @@ describe Aptible::CLI::Agent do
           expect(Aptible::Auth::Token).to receive(:create)
             .with(email: email, password: password, expires_in: 1.day.seconds)
             .once
-            .and_raise(OAuth2::Error, 'otp_token_required')
+            .and_raise(make_oauth2_error('otp_token_required'))
 
           expect(Aptible::Auth::Token).to receive(:create)
             .with(email: email, password: password, otp_token: token,
@@ -155,17 +160,134 @@ describe Aptible::CLI::Agent do
           expect(Aptible::Auth::Token).to receive(:create)
             .with(email: email, password: password, expires_in: 1.week.seconds)
             .once
-            .and_raise(OAuth2::Error, 'otp_token_required')
+            .and_raise(make_oauth2_error('otp_token_required'))
 
           expect(Aptible::Auth::Token).to receive(:create)
             .with(email: email, password: password, otp_token: token,
                   expires_in: 12.hours.seconds)
             .once
-            .and_raise(OAuth2::Error, 'foo')
+            .and_raise(make_oauth2_error('foo'))
 
           expect { subject.login }.to raise_error(/Could not authenticate/)
         end
       end
+
+      context 'with U2F' do
+        before do
+          allow(subject).to receive(:options)
+            .and_return(email: email, password: password)
+        end
+
+        it 'shouldn\'t use U2F if not supported' do
+          allow(subject).to receive(:which)
+            .and_return(nil)
+
+          e = make_oauth2_error(
+            'otp_token_required',
+            'u2f' => {
+              'challenge' => 'some 123',
+              'devices' => [
+                { 'version' => 'U2F_V2', 'key_handle' => '123' },
+                { 'version' => 'U2F_V2', 'key_handle' => '456' }
+              ]
+            }
+          )
+
+          expect(Aptible::Auth::Token).to receive(:create)
+            .with(email: email, password: password, expires_in: 1.week.seconds)
+            .once
+            .and_raise(e)
+
+          expect(Aptible::CLI::Helpers::SecurityKey).not_to \
+            receive(:authenticate)
+
+          expect(subject).to receive(:ask).with('2FA Token: ')
+            .once
+            .and_return(token)
+
+          expect(Aptible::Auth::Token).to receive(:create)
+            .with(email: email, password: password, otp_token: token,
+                  expires_in: 12.hours.seconds)
+            .once
+            .and_return(token)
+
+          subject.login
+        end
+
+        it 'should call into U2F if supported' do
+          allow(subject).to receive(:which).and_return('u2f-host')
+          allow(subject).to receive(:ask).with('2FA Token: ') { sleep }
+
+          e = make_oauth2_error(
+            'otp_token_required',
+            'u2f' => {
+              'challenge' => 'some 123',
+              'devices' => [
+                { 'version' => 'U2F_V2', 'key_handle' => '123' },
+                { 'version' => 'U2F_V2', 'key_handle' => '456' }
+              ]
+            }
+          )
+
+          u2f = double('u2f response')
+
+          expect(Aptible::Auth::Token).to receive(:create)
+            .with(email: email, password: password, expires_in: 1.week.seconds)
+            .once
+            .and_raise(e)
+
+          expect(subject).to receive(:puts).with(/security key/i)
+
+          expect(Aptible::CLI::Helpers::SecurityKey).to receive(:authenticate)
+            .with(
+              'https://auth.aptible.com/',
+              'https://auth.aptible.com/u2f/trusted_facets',
+              'some 123',
+              array_including(
+                instance_of(Aptible::CLI::Helpers::SecurityKey::Device),
+                instance_of(Aptible::CLI::Helpers::SecurityKey::Device)
+              )
+            ).and_return(u2f)
+
+          expect(Aptible::Auth::Token).to receive(:create)
+            .with(email: email, password: password, u2f: u2f,
+                  expires_in: 12.hours.seconds)
+            .once
+            .and_return(token)
+
+          subject.login
+        end
+      end
+
+      context 'SSO logins' do
+        let(:token) { 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJpZCI6I' }
+
+        it 'accepts a token as an argument' do
+          options = { sso: token }
+          allow(subject).to receive(:options).and_return options
+
+          expect(subject).to receive(:save_token).with(token)
+
+          subject.login
+        end
+
+        it 'rejects clearly invalid tokens' do
+          options = { sso: 'blarg' }
+          allow(subject).to receive(:options).and_return options
+
+          expect { subject.login }.to raise_error Thor::Error
+        end
+
+        it 'prompts for a token if none provided' do
+          options = { sso: 'sso' }
+          allow(subject).to receive(:options).and_return options
+
+          expect(subject).to receive(:ask).once.and_return(token)
+          expect(subject).to receive(:save_token).with(token)
+
+          subject.login
+        end
+      end
     end
   end