ccli 0.1.1 → 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a20c067bb37955bc5db9f0977498c65038f57707e9f9a84cd39a229748daa283
4
- data.tar.gz: 888934204b52a9017f4aa8c9d1deea23513c07ca5b08c48831610c2320ed6128
3
+ metadata.gz: cd81289d8f1456f22834f09726e3e21275e41ba9eed0770ae6c428b888026e7f
4
+ data.tar.gz: d568dd0e2761eab159da28682f8ea9cf0ea937c3500ad2d4cc36679ffaff051d
5
5
  SHA512:
6
- metadata.gz: 6152b10e88db00f0e7c0c7e9d2baedf9a7446b2695b5aa806b8f195a275c1410d4628df5bac7b8bebcd86390f01e4c9581cf971f7b90e7335326d4433bf21843
7
- data.tar.gz: 0f2761c2c6a7059f2ded3ebb3a853d0a2d99bc31e793655519a75696ac15c0c9c3b3156654de094794bf0840387a2f4f9912bf6200d214c8f69f2fb3df15068b
6
+ metadata.gz: 1367531fedc2c9d0536dca82db34472cc55114c1dfb563936fb0f893159c20c6c4e9634fc06e623d9c1be11b58a4edc8a16548d65f91364bdb31a818c6c02e8f
7
+ data.tar.gz: a65442a27de2040b4e0c9c5d53ca709954dd1fab2555197e01684a76744a7cc6c314fb74a79e69ae78929dd284ce68c0e2262071bd00dcd5e57626b370d1f5fb
@@ -1,7 +1,9 @@
1
1
  AllCops:
2
2
  DisplayCopNames: true
3
+ TargetRubyVersion: 2.5
3
4
  Exclude:
4
5
  - spec/**/*
6
+ - ccli.gemspec
5
7
 
6
8
  Metrics/AbcSize:
7
9
  Max: 20
@@ -0,0 +1,19 @@
1
+ # Changelog
2
+
3
+ ## 1.0.0
4
+
5
+ - De- and encode data from secrets
6
+
7
+ ## 0.1.2
8
+
9
+ - Updating docs
10
+ - Bugfixing
11
+
12
+ ## 0.1.1
13
+
14
+ - Adding MIT license
15
+
16
+ ## 0.1.0
17
+
18
+ - Publish first version
19
+ - Commands: `login`, `logout`, `account`, `folder`, `{ose,k8s}-secret-pull`, `{ose,k8s}-secret-push`, `teams`, `use`
data/README.md CHANGED
@@ -17,7 +17,15 @@ This will install the `cry` command including its dependencies
17
17
 
18
18
  ## Usage
19
19
 
20
- ### Labeling secret to be synced
20
+ [Receiving the login token from Cryptopus](docs/get_login_token.md)
21
+
22
+ ### Kubernetes/Openshift
23
+
24
+ #### Required tools
25
+
26
+ First you'll have to install either [oc](https://docs.openshift.com/container-platform/4.3/cli_reference/openshift_cli/getting-started-cli.html#installing-the-cli) or [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) depending on your usage
27
+
28
+ #### Labeling secret to be synced
21
29
 
22
30
  So that a secret even gets considered by the `ccli`, you have to add the `cryptopus-sync=true` label to your secret:
23
31
 
data/bin/cry CHANGED
@@ -1,6 +1,6 @@
1
1
  #!/usr/bin/env ruby
2
2
  # frozen_string_literal: true
3
3
 
4
- require_relative '../lib/cli'
4
+ require 'cli'
5
5
 
6
6
  CLI.new.run
@@ -5,8 +5,15 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = 'ccli'
8
- s.version = '0.1.1'
8
+ s.description = <<-EOF
9
+ CCLI is the Cryptopus Command Line Interface. It allows to fetch account data and list teams from Cryptopus.
10
+ One of the main functionality is backing up secrets from cluster services (currently: openshift, kubernetes)
11
+ to Cryptopus and restoring them as well.
12
+ EOF
13
+ s.version = '1.0.0'
9
14
  s.summary = 'Command line client for the opensource password manager Cryptopus'
15
+ s.license = 'MIT'
16
+ s.homepage = 'https://github.com/puzzle/ccli'
10
17
  s.authors = ['Nils Rauch']
11
18
  s.email = 'rauch@puzzle.ch'
12
19
  s.require_paths = ['lib']
@@ -17,12 +24,14 @@ Gem::Specification.new do |s|
17
24
  s.executables = s.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
25
  s.required_ruby_version = Gem::Requirement.new('>= 2.0')
19
26
  s.metadata = {
20
- "source_code_uri" => "https://www.github.com/puzzle/ccli"
27
+ "bug_tracker_uri" => "https://github.com/puzzle/ccli/issues",
28
+ "changelog_uri" => "https://github.com/puzzle/ccli/blob/master/CHANGELOG.md",
29
+ "source_code_uri" => "https://github.com/puzzle/ccli"
21
30
  }
22
- s.license = 'MIT'
23
31
 
24
32
  s.add_runtime_dependency 'commander', '~> 4.5', '>= 4.5.2'
25
33
  s.add_runtime_dependency 'tty-command'
26
34
  s.add_runtime_dependency 'tty-exit'
27
35
  s.add_runtime_dependency 'tty-logger'
36
+
28
37
  end
@@ -0,0 +1,17 @@
1
+ # Receiving the Login token from Cryptopus
2
+
3
+ To use the CCLI, you'll first have to receive the login token from Cryptopus.
4
+
5
+ 1. Log in to your instance of Cryptopus
6
+ 2. Navigate to your user settings
7
+ 3. Choose or create the api user you want to use via the ccli (keep the valid time in mind)
8
+ 4. Use the ccli login copy button
9
+ 5. Copy the command from your clipboard to the terminal
10
+
11
+ ## Accessing user settings
12
+
13
+ ![user_settings](images/access_user_settings.png)
14
+
15
+ ## Copy CCLI Login
16
+
17
+ ![copy_ccli_login](images/copy_ccli_login.png)
@@ -35,7 +35,7 @@ class ClusterSecretAdapter
35
35
  raise client_not_logged_in_error unless client_logged_in?
36
36
 
37
37
  File.open("/tmp/#{secret.name}.yml", 'w') do |file|
38
- file.write secret.ose_secret
38
+ file.write secret.to_yaml
39
39
  end
40
40
 
41
41
  cmd.run("#{client} delete -f /tmp/#{secret.name}.yml --ignore-not-found=true")
data/lib/cli.rb CHANGED
@@ -27,7 +27,6 @@ class CLI
27
27
  token, url = extract_login_args(args)
28
28
  execute_action do
29
29
  session_adapter.update_session({ encoded_token: token, url: url })
30
- renew_auth_token
31
30
 
32
31
  # Test authentification by calling teams endpoint
33
32
  Team.all
@@ -332,10 +331,6 @@ class CLI
332
331
  def k8s_adapter
333
332
  @k8s_adapter ||= K8SAdapter.new
334
333
  end
335
-
336
- def renew_auth_token
337
- session_adapter.update_session({ token: cryptopus_adapter.renewed_auth_token })
338
- end
339
334
  end
340
335
  # rubocop:enable Metrics/ClassLength
341
336
 
@@ -16,7 +16,21 @@ class OSESecret
16
16
  OSESecretSerializer.to_yaml(self)
17
17
  end
18
18
 
19
+ private
20
+
21
+ def encoded_data(data)
22
+ data.transform_values do |value|
23
+ Base64.strict_encode64(value)
24
+ rescue ArgumentError
25
+ value
26
+ end
27
+ end
28
+
19
29
  class << self
30
+ def from_yaml(yaml)
31
+ OSESecretSerializer.from_yaml(yaml)
32
+ end
33
+
20
34
  def find_by_name(name)
21
35
  OSESecretSerializer.from_yaml(OSEAdapter.new.fetch_secret(name))
22
36
  end
@@ -51,7 +51,7 @@ class AccountSerializer
51
51
  end
52
52
 
53
53
  def to_osesecret(account)
54
- OSESecret.new(account.accountname, account.ose_secret)
54
+ OSESecret.from_yaml(account.ose_secret)
55
55
  end
56
56
  end
57
57
  end
@@ -1,16 +1,54 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require 'psych'
4
+ require 'base64'
4
5
 
5
6
  class OSESecretSerializer
6
7
  class << self
8
+ # rubocop:disable Metrics/MethodLength
7
9
  def from_yaml(yaml)
8
- secret_hash = Psych.load(yaml, symbolize_names: true)
9
- OSESecret.new(secret_hash.dig(:metadata, :name), yaml)
10
+ secret_hash = Psych.load(yaml)
11
+ data = {
12
+ 'apiVersion' => secret_hash['apiVersion'],
13
+ 'data' => decoded_data(secret_hash['data']),
14
+ 'kind' => secret_hash['kind'],
15
+ 'metadata' => {
16
+ 'name' => secret_hash['metadata']['name'],
17
+ 'labels' => secret_hash['metadata']['labels']
18
+ }
19
+ }.to_yaml
20
+ OSESecret.new(secret_hash['metadata']['name'], data.to_s)
10
21
  end
22
+ # rubocop:enable Metrics/MethodLength
11
23
 
12
24
  def to_account(secret)
13
25
  Account.new(accountname: secret.name, ose_secret: secret.ose_secret, type: 'ose_secret')
14
26
  end
27
+
28
+ def to_yaml(secret)
29
+ secret_hash = Psych.load(secret.ose_secret)
30
+ secret_hash['data'] = encoded_data(secret_hash['data'])
31
+ secret_hash.to_yaml
32
+ end
33
+
34
+ private
35
+
36
+ def decoded_data(data)
37
+ return {} unless data
38
+
39
+ data.transform_values do |value|
40
+ Base64.strict_decode64(value)
41
+ rescue ArgumentError
42
+ value
43
+ end
44
+ end
45
+
46
+ def encoded_data(data)
47
+ return {} unless data
48
+
49
+ data.transform_values do |value|
50
+ Base64.strict_encode64(value)
51
+ end
52
+ end
15
53
  end
16
54
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ccli
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nils Rauch
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-22 00:00:00.000000000 Z
11
+ date: 2020-12-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: commander
@@ -72,7 +72,10 @@ dependencies:
72
72
  - - ">="
73
73
  - !ruby/object:Gem::Version
74
74
  version: '0'
75
- description:
75
+ description: |2
76
+ CCLI is the Cryptopus Command Line Interface. It allows to fetch account data and list teams from Cryptopus.
77
+ One of the main functionality is backing up secrets from cluster services (currently: openshift, kubernetes)
78
+ to Cryptopus and restoring them as well.
76
79
  email: rauch@puzzle.ch
77
80
  executables:
78
81
  - cry
@@ -81,11 +84,15 @@ extra_rdoc_files: []
81
84
  files:
82
85
  - ".rubocop.yml"
83
86
  - ".travis.yml"
87
+ - CHANGELOG.md
84
88
  - Gemfile
85
89
  - Gemfile.lock
86
90
  - README.md
87
91
  - bin/cry
88
92
  - ccli.gemspec
93
+ - docs/get_login_token.md
94
+ - docs/images/access_user_settings.png
95
+ - docs/images/copy_ccli_login.png
89
96
  - lib/adapters/cluster_secret_adapter.rb
90
97
  - lib/adapters/cryptopus_adapter.rb
91
98
  - lib/adapters/k8s_adapter.rb
@@ -103,11 +110,13 @@ files:
103
110
  - lib/serializers/folder_serializer.rb
104
111
  - lib/serializers/ose_secret_serializer.rb
105
112
  - lib/serializers/team_serializer.rb
106
- homepage:
113
+ homepage: https://github.com/puzzle/ccli
107
114
  licenses:
108
115
  - MIT
109
116
  metadata:
110
- source_code_uri: https://www.github.com/puzzle/ccli
117
+ bug_tracker_uri: https://github.com/puzzle/ccli/issues
118
+ changelog_uri: https://github.com/puzzle/ccli/blob/master/CHANGELOG.md
119
+ source_code_uri: https://github.com/puzzle/ccli
111
120
  post_install_message:
112
121
  rdoc_options: []
113
122
  require_paths:
@@ -123,8 +132,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
123
132
  - !ruby/object:Gem::Version
124
133
  version: '0'
125
134
  requirements: []
126
- rubyforge_project:
127
- rubygems_version: 2.7.9
135
+ rubygems_version: 3.1.4
128
136
  signing_key:
129
137
  specification_version: 4
130
138
  summary: Command line client for the opensource password manager Cryptopus