npm - @toa.io/cli - Versions diffs - 0.20.0-dev.30 → 0.20.0-dev.33 - Mend

@toa.io/cli 0.20.0-dev.30 → 0.20.0-dev.33

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@toa.io/cli",
-  "version": "0.20.0-dev.30",
+  "version": "0.20.0-dev.33",
   "description": "Toa CLI",
   "author": "temich <tema.gurtovoy@gmail.com>",
   "homepage": "https://github.com/toa-io/toa#readme",
@@ -22,14 +22,14 @@
     "@toa.io/runtime": "*"
   },
   "dependencies": {
-    "@toa.io/console": "0.20.0-dev.31",
-    "@toa.io/generic": "0.20.0-dev.31",
-    "@toa.io/kubernetes": "0.20.0-dev.31",
-    "@toa.io/norm": "0.20.0-dev.31",
-    "@toa.io/yaml": "0.20.0-dev.31",
+    "@toa.io/console": "0.20.0-dev.34",
+    "@toa.io/generic": "0.20.0-dev.34",
+    "@toa.io/kubernetes": "0.20.0-dev.34",
+    "@toa.io/norm": "0.20.0-dev.34",
+    "@toa.io/yaml": "0.20.0-dev.34",
     "dotenv": "16.1.1",
     "find-up": "5.0.0",
     "yargs": "17.6.2"
   },
-  "gitHead": "f9ad6bf2bab1298b96ca52557b7e36b6041cfc88"
+  "gitHead": "7035b1985fe9bb844069308a272d061bfbd38bf0"
 }

package/readme.md CHANGED Viewed

@@ -35,7 +35,8 @@ Export environment to a `.env` file.
 <dd>
 <code>environment</code> deployment environment name (default <code>local</code>).<br/>
 <code>--path</code> path to a Context (default <code>.</code>)<br/>
-<code>--as</code> output file path (default <code>.env</code>)
+<code>--as</code> output file path (default <code>.env</code>)<br/>
+<code>--interactive</code> prompt for secret values
 </dd>
 </dl>
@@ -72,7 +73,8 @@ $ toa replay ./path/to/context
 $ toa replay --title "should add numbers"
 ```
-If the path is a Context root (containing `context.toa.yaml` file), samples for components within the Context will be
+If the path is a Context root (containing `context.toa.yaml` file), samples for components within
+the Context will be
 found and replayed sequentially.
 ### export manifest
@@ -131,11 +133,14 @@ Deploy a generic Kubernetes secret with the prefix `toa-`.
 <dd>
 <code>secret</code> Secret name.<br/>
 <code>key-values</code> List of keys and values of the secret as <code>key=value</code>.<br/>
-<code>--namespace</code> Kubernetes namespace where the secret should be deployed.
+<code>--namespace</code> Kubernetes namespace where the secret should be deployed.<br/>
+<code>--interactive</code> prompt for secret values<br/>
+<code>--environment</code> environment name for interactive mode<br/>
+<code>--path</code> path to a context for interactive mode
 </dd>
 </dl>
-> Existing secret will be replaced.
+> If a secret already exists, then given `key-values` will be added to it.
 #### Example

package/src/commands/conceal.js CHANGED Viewed

@@ -18,14 +18,35 @@ const builder = (yargs) => {
       type: 'string',
       desc: 'Target Kubernetes namespace'
     })
+    .option('interactive', {
+      alias: 'i',
+      group: 'Command options:',
+      describe: 'Prompt for secrets',
+      type: 'boolean',
+      default: false
+    })
+    .option('environment', {
+      alias: 'e',
+      group: 'Command options:',
+      describe: 'Environment name for interactive mode',
+      type: 'string'
+    })
+    .option('path', {
+      alias: 'p',
+      group: 'Command options:',
+      describe: 'Path to a Context for interactive mode',
+      type: 'string',
+      default: '.'
+    })
     .example([
-      ['$0 conceal amqp-credentials username=developer'],
-      ['$0 conceal amqp-credentials username=developer password=secret'],
-      ['$0 conceal amqp-credentials username=developer --namespace app']
+      ['$0 conceal -i'],
+      ['$0 conceal credentials username=developer'],
+      ['$0 conceal credentials username=developer password=secret'],
+      ['$0 conceal credentials username=developer --namespace app']
     ])
 }
-exports.command = 'conceal <secret> <key-values...>'
+exports.command = 'conceal [secret] [key-values...]'
 exports.desc = 'Deploy a secret'
 exports.builder = builder
 exports.handler = conceal

package/src/commands/env.js CHANGED Viewed

@@ -22,6 +22,13 @@ const builder = (yargs) => {
       type: 'string',
       default: '.env'
     })
+    .option('interactive', {
+      alias: 'i',
+      group: 'Command options:',
+      describe: 'Prompt for secrets',
+      type: 'boolean',
+      default: false
+    })
 }
 exports.command = 'env [environment]'

package/src/handlers/conceal.js CHANGED Viewed

@@ -1,8 +1,18 @@
 'use strict'
 const { secrets } = require('@toa.io/kubernetes')
+const boot = require('@toa.io/boot')
+const { context: find } = require('../util/find')
+const { promptSecrets } = require('./env')
 const conceal = async (argv) => {
+  if (argv.interactive) await concealValues(argv)
+  else await concealValue(argv)
+}
+async function concealValue (argv) {
+  if (argv['key-values'].length === 0) throw new Error('Key-values must be passed')
   const values = argv['key-values'].reduce((values, pair) => {
     const [key, value] = pair.split('=')
@@ -13,7 +23,36 @@ const conceal = async (argv) => {
   const secret = PREFIX + argv.secret
-  await secrets.store(secret, values, argv.namespace)
+  await secrets.upsert(secret, values, argv.namespace)
+}
+async function concealValues (argv) {
+  const path = find(argv.path)
+  const operator = await boot.deployment(path, argv.environment)
+  const variables = operator.variables()
+  const values = await promptSecrets(variables)
+  const groups = groupValues(values)
+  for (const [secret, values] of Object.entries(groups)) {
+    await secrets.upsert(secret, values, argv.namespace)
+  }
+}
+/**
+ * @return {Record<string, Record<string, string>>}
+ */
+function groupValues (values) {
+  const secrets = {}
+  for (const [key, value] of Object.entries(values)) {
+    const [secret, variable] = key.split('/')
+    if (!(secret in secrets)) secrets[secret] = {}
+    secrets[secret][variable] = value
+  }
+  return secrets
 }
 const PREFIX = 'toa-'

package/src/handlers/env.js CHANGED Viewed

@@ -1,6 +1,9 @@
 'use strict'
 const { join } = require('node:path')
+const readline = require('node:readline/promises')
+const { stdin: input, stdout: output } = require('node:process')
 const dotenv = require('dotenv')
 const { file } = require('@toa.io/filesystem')
 const boot = require('@toa.io/boot')
@@ -12,13 +15,16 @@ async function env (argv) {
   const operator = await boot.deployment(path, argv.environment)
   const variables = operator.variables()
   const currentValues = await read(filepath)
-  const values = []
-  for (const scoped of Object.values(variables)) values.push(...scoped)
+  const result = merge(variables, currentValues)
+  if (argv.interactive) {
+    const secrets = await promptSecrets(result)
-  const nextValues = merge(values, currentValues)
+    mergeSecrets(result, secrets)
+  }
-  await write(filepath, nextValues)
+  await write(filepath, result)
 }
 /**
@@ -41,25 +47,71 @@ async function read (path) {
  * @return {Promise<void>}
  */
 async function write (path, values) {
-  const contents = values.reduce((lines, { name, value }) => lines + `${name}=${value}\n`, '')
+  const contents = values.reduce((lines, { name, value }) => lines + `${name}=${value ?? ''}\n`, '')
   await file.write(path, contents)
 }
 /**
- * @param {toa.deployment.dependency.Variable[] } variables
+ * @param {toa.deployment.dependency.Variable[]} variables
  * @param {Record<string, string>} current
  * @return {toa.deployment.dependency.Variable[]}
  */
 function merge (variables, current) {
   return variables.map((variable) => {
-    if (variable.secret === undefined) return variable
+    if (variable.secret === undefined || !current[variable.name]) return variable
     return {
       name: variable.name,
-      value: current[variable.name] ?? ''
+      value: current[variable.name]
     }
   })
 }
+async function promptSecrets (variables) {
+  const rl = readline.createInterface({ input, output })
+  const secrets = {}
+  for (const variable of variables) {
+    if (variable.secret === undefined) continue
+    const key = getKey(variable.secret)
+    secrets[key] = await promptSecret(key, rl)
+  }
+  rl.close()
+  return secrets
+}
+async function promptSecret (key, rl) {
+  if (SECRETS[key] === undefined) SECRETS[key] = await rl.question(`${key}: `)
+  return SECRETS[key]
+}
+/**
+ * @param {toa.deployment.dependency.Variable[]} variables
+ * @param {Record<string, string>} secrets
+ */
+function mergeSecrets (variables, secrets) {
+  for (const variable of variables) {
+    if (variable.secret === undefined) continue
+    const key = getKey(variable.secret)
+    variable.value = secrets[key]
+    delete variable.secret
+  }
+}
+function getKey (secret) {
+  return `${secret.name}/${secret.key}`
+}
+const SECRETS = {}
 exports.env = env
+exports.promptSecrets = promptSecrets

package/src/handlers/reveal.js CHANGED Viewed

@@ -1,16 +1,16 @@
 'use strict'
 const { secrets } = require('@toa.io/kubernetes')
-const { remap, decode } = require('@toa.io/generic')
 const { PREFIX } = require('./conceal')
 const reveal = async (argv) => {
   const prefixed = PREFIX + argv.secret
-  const secret = await secrets.get(prefixed)
-  const values = remap(secret.data, decode)
+  const data = await secrets.get(prefixed)
-  for (const [key, value] of Object.entries(values)) {
+  if (data === null) return
+  for (const [key, value] of Object.entries(data)) {
     const line = `${key}: ${value}`
     console.log(line)