ccli 1.0.0 → 1.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cd81289d8f1456f22834f09726e3e21275e41ba9eed0770ae6c428b888026e7f
-  data.tar.gz: d568dd0e2761eab159da28682f8ea9cf0ea937c3500ad2d4cc36679ffaff051d
+  metadata.gz: b808de24e75aa7de88a4fa899401f33b0c07a8bfc056371b6b4dba3037ac4c1c
+  data.tar.gz: 8d6aed4c6a3ddd82c0a9d5d2eaa26d5668b5da7d8ae6b3a1d7bfac473c724158
 SHA512:
-  metadata.gz: 1367531fedc2c9d0536dca82db34472cc55114c1dfb563936fb0f893159c20c6c4e9634fc06e623d9c1be11b58a4edc8a16548d65f91364bdb31a818c6c02e8f
-  data.tar.gz: a65442a27de2040b4e0c9c5d53ca709954dd1fab2555197e01684a76744a7cc6c314fb74a79e69ae78929dd284ce68c0e2262071bd00dcd5e57626b370d1f5fb
+  metadata.gz: 23cdaf53c3e84c90ea7bd8caac55c1c0dc5479e70dbd7d893d31e4c9ef7830cda495f90d5d075c0cce93d242abad23b639c69f337df557b060219d633d8c373a
+  data.tar.gz: eb84e14c287080cecf3b91e08ef7837c1a7e64e923f9e505974f9fc28f5c95fbf0fcc14777663967f8f553cf9c5f39db52fb8094ca5b20207a4d2db105199e2a

data/.tool-versions

@@ -0,0 +1 @@
+ruby 2.6.0

data/CHANGELOG.md

@@ -1,5 +1,9 @@
 # Changelog
 
+## 1.0.1
+
+- Reset api user token after login
+
 ## 1.0.0
 
 - De- and encode data from secrets

data/README.md

@@ -1,6 +1,6 @@
 # ccli
 
-Cryptopus Command Line Client
+Command Line Client for [Cryptopus](https://github.com/puzzle/cryptopus)
 
 ## Installation
 
@@ -19,41 +19,72 @@ This will install the `cry` command including its dependencies
 
 [Receiving the login token from Cryptopus](docs/get_login_token.md)
 
-### Kubernetes/Openshift
+### Commands
 
-#### Required tools
+```
+  Command:           Summary:
 
-First you'll have to install either [oc](https://docs.openshift.com/container-platform/4.3/cli_reference/openshift_cli/getting-started-cli.html#installing-the-cli) or [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) depending on your usage
+  account            Fetches an account by the given id
+  folder             Selects the Cryptopus folder by id
+  help               Display global or [command] help documentation
+  k8s-secret-pull    Pulls secret from Kubectl to Cryptopus
+  k8s-secret-push    Pushes secret from Cryptopus to Kubectl
+  login              Logs in to the ccli
+  logout             Logs out of the ccli
+  ose-secret-pull    Pulls secret from Openshift to Cryptopus
+  ose-secret-push    Pushes secret from Cryptopus to Openshift
+  teams              Lists all available teams
+  use                Select the current folder
+```
 
-#### Labeling secret to be synced
+Show more specific documentation by calling `cry help <command>`
 
-So that a secret even gets considered by the `ccli`, you have to add the `cryptopus-sync=true` label to your secret:
+### Account
 
-**oc:** `oc label secret <secret-name> cryptopus-sync=true`
+#### Logging in
 
+Use the ccli login copy button from the UI or do it manually:
 
-**kubectl:** `kubectl label secret <secret-name> cryptopus-sync=true`
+    user=<my-user>
+    token=<my-token>
+    url=https://cryptopus.example.com
 
-### Commands
+    cry login $(echo -n "$user:$token" | base64)@$url
+
+#### Retrieving
+
+To retreive account data as yaml:
 
 ```
-  Command:           Summary:
+cry account 42 > account.yaml
+```
+Retreiving account's password and assign it to a variable:
 
-  account            Fetches an account by the given id          
-  folder             Selects the Cryptopus folder by id          
-  help               Display global or [command] help documentation              
-  k8s-secret-pull    Pulls secret from Kubectl to Cryptopus              
-  k8s-secret-push    Pushes secret from Cryptopus to Kubectl             
-  login              Logs in to the ccli         
-  logout             Logs out of the ccli                
-  ose-secret-pull    Pulls secret from Openshift to Cryptopus            
-  ose-secret-push    Pushes secret from Cryptopus to Openshift           
-  teams              Lists all available teams           
-  use                Select the current folder   
+```
+PASSWORD=$(cry account 42 --password)
 ```
 
-Show more specific documentation by calling `cry help <command>`
+#### Updating
 
+not supported yet by ccli
+
+### Kubernetes/Openshift
+
+#### Required tools
+
+First you'll have to install either [oc](https://docs.openshift.com/container-platform/4.3/cli_reference/openshift_cli/getting-started-cli.html#installing-the-cli) or [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) depending on your usage
+
+#### Pulling Kubernetes / Openshift Secrets
+
+when using the command `{ose|k8s}-secret-pull` after beeing logged in to a k8s/ose project, all secrets labeled with `cryptopus-sync=true` are backed up to cryptopus.
+
+to label a specific secret do:
+
+**oc:** `oc label secret <secret-name> cryptopus-sync=true`
+
+**kubectl:** `kubectl label secret <secret-name> cryptopus-sync=true`
+
+Restored secrets by `{ose|k8s}-secret-push` are labeled automatically.
 
 ## Development
 
@@ -69,3 +100,7 @@ You will need the following things properly installed on your computer:
 - `rvm install 2.6.0`
 - `gem install bundler`
 - `bundle install`
+
+### Running tests
+
+`bundle exec rspec`

data/ccli.gemspec

@@ -10,7 +10,7 @@ Gem::Specification.new do |s|
     One of the main functionality is backing up secrets from cluster services (currently: openshift, kubernetes)
     to Cryptopus and restoring them as well.
   EOF
-  s.version       = '1.0.0'
+  s.version       = '1.0.1'
   s.summary       = 'Command line client for the opensource password manager Cryptopus'
   s.license       = 'MIT'
   s.homepage      = 'https://github.com/puzzle/ccli'

data/docs/get_login_token.md

@@ -5,8 +5,9 @@ To use the CCLI, you'll first have to receive the login token from Cryptopus.
 1. Log in to your instance of Cryptopus
 2. Navigate to your user settings
 3. Choose or create the api user you want to use via the ccli (keep the valid time in mind)
-4. Use the ccli login copy button
-5. Copy the command from your clipboard to the terminal
+4. Grant the API user permissions to access the groups you need to use with the ccli
+5. Use the ccli login copy button
+6. Copy the command from your clipboard to the terminal
 
 ## Accessing user settings
 

data/lib/cli.rb

@@ -14,7 +14,7 @@ class CLI
   # rubocop:disable Metrics/MethodLength, Metrics/AbcSize, Metric/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/BlockLength
   def run
     program :name, 'cry - cryptopus cli'
-    program :version, '1.0.0'
+    program :version, '1.0.1'
     program :description, 'CLI tool to manage Openshift Secrets via Cryptopus'
     program :help, 'Source Code', 'https://www.github.com/puzzle/ccli'
     program :help, 'Usage', 'cry [flags]'
@@ -27,6 +27,7 @@ class CLI
         token, url = extract_login_args(args)
         execute_action do
           session_adapter.update_session({ encoded_token: token, url: url })
+          renew_auth_token
 
           # Test authentification by calling teams endpoint
           Team.all
@@ -331,6 +332,10 @@ class CLI
   def k8s_adapter
     @k8s_adapter ||= K8SAdapter.new
   end
+
+  def renew_auth_token
+    session_adapter.update_session({ token: cryptopus_adapter.renewed_auth_token })
+  end
 end
 # rubocop:enable Metrics/ClassLength
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ccli
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.1
 platform: ruby
 authors:
 - Nils Rauch
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-12-18 00:00:00.000000000 Z
+date: 2022-04-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: commander
@@ -83,6 +83,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".rubocop.yml"
+- ".tool-versions"
 - ".travis.yml"
 - CHANGELOG.md
 - Gemfile
@@ -132,7 +133,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.0.8
 signing_key: 
 specification_version: 4
 summary: Command line client for the opensource password manager Cryptopus