ccli 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.tool-versions +1 -0
- data/CHANGELOG.md +4 -0
- data/README.md +57 -22
- data/ccli.gemspec +1 -1
- data/docs/get_login_token.md +3 -2
- data/lib/cli.rb +6 -1
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b808de24e75aa7de88a4fa899401f33b0c07a8bfc056371b6b4dba3037ac4c1c
|
4
|
+
data.tar.gz: 8d6aed4c6a3ddd82c0a9d5d2eaa26d5668b5da7d8ae6b3a1d7bfac473c724158
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 23cdaf53c3e84c90ea7bd8caac55c1c0dc5479e70dbd7d893d31e4c9ef7830cda495f90d5d075c0cce93d242abad23b639c69f337df557b060219d633d8c373a
|
7
|
+
data.tar.gz: eb84e14c287080cecf3b91e08ef7837c1a7e64e923f9e505974f9fc28f5c95fbf0fcc14777663967f8f553cf9c5f39db52fb8094ca5b20207a4d2db105199e2a
|
data/.tool-versions
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
ruby 2.6.0
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# ccli
|
2
2
|
|
3
|
-
|
3
|
+
Command Line Client for [Cryptopus](https://github.com/puzzle/cryptopus)
|
4
4
|
|
5
5
|
## Installation
|
6
6
|
|
@@ -19,41 +19,72 @@ This will install the `cry` command including its dependencies
|
|
19
19
|
|
20
20
|
[Receiving the login token from Cryptopus](docs/get_login_token.md)
|
21
21
|
|
22
|
-
###
|
22
|
+
### Commands
|
23
23
|
|
24
|
-
|
24
|
+
```
|
25
|
+
Command: Summary:
|
25
26
|
|
26
|
-
|
27
|
+
account Fetches an account by the given id
|
28
|
+
folder Selects the Cryptopus folder by id
|
29
|
+
help Display global or [command] help documentation
|
30
|
+
k8s-secret-pull Pulls secret from Kubectl to Cryptopus
|
31
|
+
k8s-secret-push Pushes secret from Cryptopus to Kubectl
|
32
|
+
login Logs in to the ccli
|
33
|
+
logout Logs out of the ccli
|
34
|
+
ose-secret-pull Pulls secret from Openshift to Cryptopus
|
35
|
+
ose-secret-push Pushes secret from Cryptopus to Openshift
|
36
|
+
teams Lists all available teams
|
37
|
+
use Select the current folder
|
38
|
+
```
|
27
39
|
|
28
|
-
|
40
|
+
Show more specific documentation by calling `cry help <command>`
|
29
41
|
|
30
|
-
|
42
|
+
### Account
|
31
43
|
|
32
|
-
|
44
|
+
#### Logging in
|
33
45
|
|
46
|
+
Use the ccli login copy button from the UI or do it manually:
|
34
47
|
|
35
|
-
|
48
|
+
user=<my-user>
|
49
|
+
token=<my-token>
|
50
|
+
url=https://cryptopus.example.com
|
36
51
|
|
37
|
-
|
52
|
+
cry login $(echo -n "$user:$token" | base64)@$url
|
53
|
+
|
54
|
+
#### Retrieving
|
55
|
+
|
56
|
+
To retreive account data as yaml:
|
38
57
|
|
39
58
|
```
|
40
|
-
|
59
|
+
cry account 42 > account.yaml
|
60
|
+
```
|
61
|
+
Retreiving account's password and assign it to a variable:
|
41
62
|
|
42
|
-
|
43
|
-
|
44
|
-
help Display global or [command] help documentation
|
45
|
-
k8s-secret-pull Pulls secret from Kubectl to Cryptopus
|
46
|
-
k8s-secret-push Pushes secret from Cryptopus to Kubectl
|
47
|
-
login Logs in to the ccli
|
48
|
-
logout Logs out of the ccli
|
49
|
-
ose-secret-pull Pulls secret from Openshift to Cryptopus
|
50
|
-
ose-secret-push Pushes secret from Cryptopus to Openshift
|
51
|
-
teams Lists all available teams
|
52
|
-
use Select the current folder
|
63
|
+
```
|
64
|
+
PASSWORD=$(cry account 42 --password)
|
53
65
|
```
|
54
66
|
|
55
|
-
|
67
|
+
#### Updating
|
56
68
|
|
69
|
+
not supported yet by ccli
|
70
|
+
|
71
|
+
### Kubernetes/Openshift
|
72
|
+
|
73
|
+
#### Required tools
|
74
|
+
|
75
|
+
First you'll have to install either [oc](https://docs.openshift.com/container-platform/4.3/cli_reference/openshift_cli/getting-started-cli.html#installing-the-cli) or [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) depending on your usage
|
76
|
+
|
77
|
+
#### Pulling Kubernetes / Openshift Secrets
|
78
|
+
|
79
|
+
when using the command `{ose|k8s}-secret-pull` after beeing logged in to a k8s/ose project, all secrets labeled with `cryptopus-sync=true` are backed up to cryptopus.
|
80
|
+
|
81
|
+
to label a specific secret do:
|
82
|
+
|
83
|
+
**oc:** `oc label secret <secret-name> cryptopus-sync=true`
|
84
|
+
|
85
|
+
**kubectl:** `kubectl label secret <secret-name> cryptopus-sync=true`
|
86
|
+
|
87
|
+
Restored secrets by `{ose|k8s}-secret-push` are labeled automatically.
|
57
88
|
|
58
89
|
## Development
|
59
90
|
|
@@ -69,3 +100,7 @@ You will need the following things properly installed on your computer:
|
|
69
100
|
- `rvm install 2.6.0`
|
70
101
|
- `gem install bundler`
|
71
102
|
- `bundle install`
|
103
|
+
|
104
|
+
### Running tests
|
105
|
+
|
106
|
+
`bundle exec rspec`
|
data/ccli.gemspec
CHANGED
@@ -10,7 +10,7 @@ Gem::Specification.new do |s|
|
|
10
10
|
One of the main functionality is backing up secrets from cluster services (currently: openshift, kubernetes)
|
11
11
|
to Cryptopus and restoring them as well.
|
12
12
|
EOF
|
13
|
-
s.version = '1.0.
|
13
|
+
s.version = '1.0.1'
|
14
14
|
s.summary = 'Command line client for the opensource password manager Cryptopus'
|
15
15
|
s.license = 'MIT'
|
16
16
|
s.homepage = 'https://github.com/puzzle/ccli'
|
data/docs/get_login_token.md
CHANGED
@@ -5,8 +5,9 @@ To use the CCLI, you'll first have to receive the login token from Cryptopus.
|
|
5
5
|
1. Log in to your instance of Cryptopus
|
6
6
|
2. Navigate to your user settings
|
7
7
|
3. Choose or create the api user you want to use via the ccli (keep the valid time in mind)
|
8
|
-
4.
|
9
|
-
5.
|
8
|
+
4. Grant the API user permissions to access the groups you need to use with the ccli
|
9
|
+
5. Use the ccli login copy button
|
10
|
+
6. Copy the command from your clipboard to the terminal
|
10
11
|
|
11
12
|
## Accessing user settings
|
12
13
|
|
data/lib/cli.rb
CHANGED
@@ -14,7 +14,7 @@ class CLI
|
|
14
14
|
# rubocop:disable Metrics/MethodLength, Metrics/AbcSize, Metric/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/BlockLength
|
15
15
|
def run
|
16
16
|
program :name, 'cry - cryptopus cli'
|
17
|
-
program :version, '1.0.
|
17
|
+
program :version, '1.0.1'
|
18
18
|
program :description, 'CLI tool to manage Openshift Secrets via Cryptopus'
|
19
19
|
program :help, 'Source Code', 'https://www.github.com/puzzle/ccli'
|
20
20
|
program :help, 'Usage', 'cry [flags]'
|
@@ -27,6 +27,7 @@ class CLI
|
|
27
27
|
token, url = extract_login_args(args)
|
28
28
|
execute_action do
|
29
29
|
session_adapter.update_session({ encoded_token: token, url: url })
|
30
|
+
renew_auth_token
|
30
31
|
|
31
32
|
# Test authentification by calling teams endpoint
|
32
33
|
Team.all
|
@@ -331,6 +332,10 @@ class CLI
|
|
331
332
|
def k8s_adapter
|
332
333
|
@k8s_adapter ||= K8SAdapter.new
|
333
334
|
end
|
335
|
+
|
336
|
+
def renew_auth_token
|
337
|
+
session_adapter.update_session({ token: cryptopus_adapter.renewed_auth_token })
|
338
|
+
end
|
334
339
|
end
|
335
340
|
# rubocop:enable Metrics/ClassLength
|
336
341
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ccli
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nils Rauch
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-04-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: commander
|
@@ -83,6 +83,7 @@ extensions: []
|
|
83
83
|
extra_rdoc_files: []
|
84
84
|
files:
|
85
85
|
- ".rubocop.yml"
|
86
|
+
- ".tool-versions"
|
86
87
|
- ".travis.yml"
|
87
88
|
- CHANGELOG.md
|
88
89
|
- Gemfile
|
@@ -132,7 +133,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
132
133
|
- !ruby/object:Gem::Version
|
133
134
|
version: '0'
|
134
135
|
requirements: []
|
135
|
-
rubygems_version: 3.
|
136
|
+
rubygems_version: 3.0.8
|
136
137
|
signing_key:
|
137
138
|
specification_version: 4
|
138
139
|
summary: Command line client for the opensource password manager Cryptopus
|