opal-security 2.0.13 → 2.0.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +37 -17
- package/lib/commands/iam-roles/start.d.ts +1 -0
- package/lib/commands/iam-roles/start.js +8 -0
- package/lib/commands/login.d.ts +1 -0
- package/lib/commands/login.js +3 -2
- package/lib/commands/set-token.d.ts +10 -0
- package/lib/commands/set-token.js +58 -0
- package/lib/commands/set-url.js +2 -0
- package/oclif.manifest.json +1 -1
- package/package.json +12 -8
package/README.md
CHANGED
|
@@ -22,7 +22,7 @@ $ npm install -g opal-security
|
|
|
22
22
|
$ opal COMMAND
|
|
23
23
|
running command...
|
|
24
24
|
$ opal (-v|--version|version)
|
|
25
|
-
opal-security/2.0.
|
|
25
|
+
opal-security/2.0.16 darwin-x64 node-v16.16.0
|
|
26
26
|
$ opal --help [COMMAND]
|
|
27
27
|
USAGE
|
|
28
28
|
$ opal COMMAND
|
|
@@ -43,6 +43,7 @@ USAGE
|
|
|
43
43
|
* [`opal logout`](#opal-logout)
|
|
44
44
|
* [`opal postgres-instances:start`](#opal-postgres-instancesstart)
|
|
45
45
|
* [`opal resources:get`](#opal-resourcesget)
|
|
46
|
+
* [`opal set-token`](#opal-set-token)
|
|
46
47
|
* [`opal set-url`](#opal-set-url)
|
|
47
48
|
* [`opal ssh:copyFrom`](#opal-sshcopyfrom)
|
|
48
49
|
* [`opal ssh:copyTo`](#opal-sshcopyto)
|
|
@@ -86,7 +87,7 @@ EXAMPLE
|
|
|
86
87
|
opal aws:identity
|
|
87
88
|
```
|
|
88
89
|
|
|
89
|
-
_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
90
|
+
_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/aws/identity.ts)_
|
|
90
91
|
|
|
91
92
|
## `opal curl-example`
|
|
92
93
|
|
|
@@ -100,7 +101,7 @@ OPTIONS
|
|
|
100
101
|
-h, --help show CLI help
|
|
101
102
|
```
|
|
102
103
|
|
|
103
|
-
_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
104
|
+
_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/curl-example.ts)_
|
|
104
105
|
|
|
105
106
|
## `opal help [COMMAND]`
|
|
106
107
|
|
|
@@ -117,7 +118,7 @@ OPTIONS
|
|
|
117
118
|
--all see all commands in CLI
|
|
118
119
|
```
|
|
119
120
|
|
|
120
|
-
_See code: [@oclif/plugin-help](https://github.com/oclif/plugin-help/blob/v3.2.
|
|
121
|
+
_See code: [@oclif/plugin-help](https://github.com/oclif/plugin-help/blob/v3.2.18/src/commands/help.ts)_
|
|
121
122
|
|
|
122
123
|
## `opal iam-roles:start`
|
|
123
124
|
|
|
@@ -128,16 +129,18 @@ USAGE
|
|
|
128
129
|
$ opal iam-roles:start
|
|
129
130
|
|
|
130
131
|
OPTIONS
|
|
131
|
-
-h, --help
|
|
132
|
-
--id=id
|
|
133
|
-
--
|
|
132
|
+
-h, --help show CLI help
|
|
133
|
+
--id=id The ID of the Opal role resource.
|
|
134
|
+
--profileName=profileName Uses a custom AWS profile name for the IAM role. Default value is the role's name.
|
|
135
|
+
--sessionId=sessionId SessionId of a session that has already been created via the web flow.
|
|
134
136
|
|
|
135
137
|
EXAMPLES
|
|
136
138
|
opal iam-roles:start
|
|
137
139
|
opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398
|
|
140
|
+
opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --profileName "custom-profile"
|
|
138
141
|
```
|
|
139
142
|
|
|
140
|
-
_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
143
|
+
_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/iam-roles/start.ts)_
|
|
141
144
|
|
|
142
145
|
## `opal kube-roles:start`
|
|
143
146
|
|
|
@@ -160,7 +163,7 @@ EXAMPLES
|
|
|
160
163
|
"arn:aws:iam::712234975475:role/acme-eks-cluster-admin-role"
|
|
161
164
|
```
|
|
162
165
|
|
|
163
|
-
_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
166
|
+
_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/kube-roles/start.ts)_
|
|
164
167
|
|
|
165
168
|
## `opal login`
|
|
166
169
|
|
|
@@ -177,7 +180,7 @@ EXAMPLE
|
|
|
177
180
|
$ opal login
|
|
178
181
|
```
|
|
179
182
|
|
|
180
|
-
_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
183
|
+
_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/login.ts)_
|
|
181
184
|
|
|
182
185
|
## `opal logout`
|
|
183
186
|
|
|
@@ -194,7 +197,7 @@ EXAMPLE
|
|
|
194
197
|
$ opal logout
|
|
195
198
|
```
|
|
196
199
|
|
|
197
|
-
_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
200
|
+
_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/logout.ts)_
|
|
198
201
|
|
|
199
202
|
## `opal postgres-instances:start`
|
|
200
203
|
|
|
@@ -216,7 +219,7 @@ EXAMPLES
|
|
|
216
219
|
opal postgres-instances:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId "fullaccess"
|
|
217
220
|
```
|
|
218
221
|
|
|
219
|
-
_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
222
|
+
_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/postgres-instances/start.ts)_
|
|
220
223
|
|
|
221
224
|
## `opal resources:get`
|
|
222
225
|
|
|
@@ -234,7 +237,24 @@ EXAMPLE
|
|
|
234
237
|
opal resources:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4
|
|
235
238
|
```
|
|
236
239
|
|
|
237
|
-
_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
240
|
+
_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/resources/get.ts)_
|
|
241
|
+
|
|
242
|
+
## `opal set-token`
|
|
243
|
+
|
|
244
|
+
Sets an API token to authenticate with the Opal server - alternative auth flow for headless environments.
|
|
245
|
+
|
|
246
|
+
```
|
|
247
|
+
USAGE
|
|
248
|
+
$ opal set-token
|
|
249
|
+
|
|
250
|
+
OPTIONS
|
|
251
|
+
-h, --help show CLI help
|
|
252
|
+
|
|
253
|
+
EXAMPLE
|
|
254
|
+
$ opal set-token
|
|
255
|
+
```
|
|
256
|
+
|
|
257
|
+
_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/set-token.ts)_
|
|
238
258
|
|
|
239
259
|
## `opal set-url`
|
|
240
260
|
|
|
@@ -258,7 +278,7 @@ EXAMPLE
|
|
|
258
278
|
$ opal set-host
|
|
259
279
|
```
|
|
260
280
|
|
|
261
|
-
_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
281
|
+
_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/set-url.ts)_
|
|
262
282
|
|
|
263
283
|
## `opal ssh:copyFrom`
|
|
264
284
|
|
|
@@ -285,7 +305,7 @@ EXAMPLES
|
|
|
285
305
|
opal ssh:copyFrom --src instance/dir --dest my/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
|
|
286
306
|
```
|
|
287
307
|
|
|
288
|
-
_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
308
|
+
_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/ssh/copyFrom.ts)_
|
|
289
309
|
|
|
290
310
|
## `opal ssh:copyTo`
|
|
291
311
|
|
|
@@ -312,7 +332,7 @@ EXAMPLES
|
|
|
312
332
|
opal ssh:copyTo --src my/dir --dest instance/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
|
|
313
333
|
```
|
|
314
334
|
|
|
315
|
-
_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
335
|
+
_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/ssh/copyTo.ts)_
|
|
316
336
|
|
|
317
337
|
## `opal ssh:start`
|
|
318
338
|
|
|
@@ -332,5 +352,5 @@ EXAMPLES
|
|
|
332
352
|
opal ssh:start --id 51f7176b-0464-4a6f-8369-e951e187b398
|
|
333
353
|
```
|
|
334
354
|
|
|
335
|
-
_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.
|
|
355
|
+
_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.0.16/src/commands/ssh/start.ts)_
|
|
336
356
|
<!-- commandsstop -->
|
|
@@ -6,6 +6,7 @@ export default class StartIAMRoleSession extends Command {
|
|
|
6
6
|
help: import("@oclif/parser/lib/flags").IBooleanFlag<void>;
|
|
7
7
|
id: flags.IOptionFlag<string | undefined>;
|
|
8
8
|
sessionId: flags.IOptionFlag<string | undefined>;
|
|
9
|
+
profileName: flags.IOptionFlag<string | undefined>;
|
|
9
10
|
};
|
|
10
11
|
run(): Promise<void>;
|
|
11
12
|
}
|
|
@@ -114,6 +114,9 @@ class StartIAMRoleSession extends command_1.Command {
|
|
|
114
114
|
}
|
|
115
115
|
roleName = (sshInstanceResp === null || sshInstanceResp === void 0 ? void 0 : sshInstanceResp.data.resource.resource.name) || 'iam-role';
|
|
116
116
|
}
|
|
117
|
+
if (flags.profileName && flags.profileName !== "") {
|
|
118
|
+
roleName = flags.profileName;
|
|
119
|
+
}
|
|
117
120
|
const { resp, error } = await handler_1.runMutation({
|
|
118
121
|
command: this,
|
|
119
122
|
query: StartIAMRoleSessionDocument,
|
|
@@ -150,6 +153,7 @@ StartIAMRoleSession.description = 'Starts a session to assume an IAM role.';
|
|
|
150
153
|
StartIAMRoleSession.examples = [
|
|
151
154
|
'opal iam-roles:start',
|
|
152
155
|
'opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398',
|
|
156
|
+
'opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --profileName "custom-profile"',
|
|
153
157
|
];
|
|
154
158
|
StartIAMRoleSession.flags = {
|
|
155
159
|
help: command_1.flags.help({ char: 'h' }),
|
|
@@ -161,4 +165,8 @@ StartIAMRoleSession.flags = {
|
|
|
161
165
|
multiple: false,
|
|
162
166
|
description: 'SessionId of a session that has already been created via the web flow.',
|
|
163
167
|
}),
|
|
168
|
+
profileName: command_1.flags.string({
|
|
169
|
+
multiple: false,
|
|
170
|
+
description: 'Uses a custom AWS profile name for the IAM role. Default value is the role\'s name.'
|
|
171
|
+
})
|
|
164
172
|
};
|
package/lib/commands/login.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { Command } from '@oclif/command';
|
|
2
|
+
export declare const CLIAuthSessionCheckDocument = "\nquery CLIAuthSessionCheck {\n organizationSettings {\n ... on OrganizationSettingsResult {\n settings {\n id\n }\n }\n }\n}\n";
|
|
2
3
|
export default class Login extends Command {
|
|
3
4
|
static description: string;
|
|
4
5
|
static examples: string[];
|
package/lib/commands/login.js
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.CLIAuthSessionCheckDocument = void 0;
|
|
3
4
|
const command_1 = require("@oclif/command");
|
|
4
5
|
const keytar = require("keytar");
|
|
5
6
|
const open = require("open");
|
|
@@ -27,7 +28,7 @@ query CLISignInMethod($input: SignInMethodInput!) {
|
|
|
27
28
|
}
|
|
28
29
|
}
|
|
29
30
|
}`;
|
|
30
|
-
|
|
31
|
+
exports.CLIAuthSessionCheckDocument = `
|
|
31
32
|
query CLIAuthSessionCheck {
|
|
32
33
|
organizationSettings {
|
|
33
34
|
... on OrganizationSettingsResult {
|
|
@@ -131,7 +132,7 @@ class Login extends command_1.Command {
|
|
|
131
132
|
// "Representative" authenticated call to check the log-in worked as expected.
|
|
132
133
|
const { resp: authCheckResp, error: authCheckErr } = await handler_1.runQuery({
|
|
133
134
|
command: this,
|
|
134
|
-
query: CLIAuthSessionCheckDocument,
|
|
135
|
+
query: exports.CLIAuthSessionCheckDocument,
|
|
135
136
|
variables: {},
|
|
136
137
|
});
|
|
137
138
|
if (authCheckErr || !((_e = (_d = (_c = authCheckResp === null || authCheckResp === void 0 ? void 0 : authCheckResp.data) === null || _c === void 0 ? void 0 : _c.organizationSettings) === null || _d === void 0 ? void 0 : _d.settings) === null || _e === void 0 ? void 0 : _e.id)) {
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { Command } from '@oclif/command';
|
|
2
|
+
export default class SetToken extends Command {
|
|
3
|
+
static description: string;
|
|
4
|
+
static examples: string[];
|
|
5
|
+
static flags: {
|
|
6
|
+
help: import("@oclif/parser/lib/flags").IBooleanFlag<void>;
|
|
7
|
+
};
|
|
8
|
+
static args: never[];
|
|
9
|
+
run(): Promise<void>;
|
|
10
|
+
}
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
const command_1 = require("@oclif/command");
|
|
4
|
+
const keytar = require("keytar");
|
|
5
|
+
const inquirer = require("inquirer");
|
|
6
|
+
const apollo_1 = require("../lib/apollo");
|
|
7
|
+
const credentials_1 = require("../lib/credentials");
|
|
8
|
+
const handler_1 = require("../handler");
|
|
9
|
+
const credentials_2 = require("../lib/credentials");
|
|
10
|
+
const login_1 = require("./login");
|
|
11
|
+
class SetToken extends command_1.Command {
|
|
12
|
+
async run() {
|
|
13
|
+
var _a, _b, _c;
|
|
14
|
+
try {
|
|
15
|
+
await apollo_1.initClient(this);
|
|
16
|
+
const { apiToken } = await inquirer.prompt([
|
|
17
|
+
{
|
|
18
|
+
name: 'apiToken',
|
|
19
|
+
message: 'Enter your API Key:',
|
|
20
|
+
type: 'password',
|
|
21
|
+
validate: key => Boolean(key),
|
|
22
|
+
},
|
|
23
|
+
]);
|
|
24
|
+
// Clear previously-stored credentials from keychain if they exist
|
|
25
|
+
let email;
|
|
26
|
+
let organizationID;
|
|
27
|
+
if (await credentials_1.cred.accessToken) {
|
|
28
|
+
email = await credentials_1.cred.email;
|
|
29
|
+
organizationID = await credentials_1.cred.organizationID;
|
|
30
|
+
await credentials_1.cred.removeCredentials(-1);
|
|
31
|
+
}
|
|
32
|
+
// Store API token in keychain - mimics login command
|
|
33
|
+
await keytar.setPassword(credentials_2.OPAL_CREDS_KEY, (email || 'unset-email') + '|' + organizationID, apiToken || '');
|
|
34
|
+
// "Representative" authenticated call to check the log-in worked as expected.
|
|
35
|
+
const { resp: authCheckResp, error: authCheckErr } = await handler_1.runQuery({
|
|
36
|
+
command: this,
|
|
37
|
+
query: login_1.CLIAuthSessionCheckDocument,
|
|
38
|
+
variables: {},
|
|
39
|
+
});
|
|
40
|
+
if (authCheckErr ||
|
|
41
|
+
!((_c = (_b = (_a = authCheckResp === null || authCheckResp === void 0 ? void 0 : authCheckResp.data) === null || _a === void 0 ? void 0 : _a.organizationSettings) === null || _b === void 0 ? void 0 : _b.settings) === null || _c === void 0 ? void 0 : _c.id)) {
|
|
42
|
+
this.log('Error verifying log in. Authenticated commands may fail. Please double check your API token and use `opal logout; opal set-token` to try again.\n');
|
|
43
|
+
return;
|
|
44
|
+
}
|
|
45
|
+
this.log('🎉 You have successfully authenticated with Opal! You can now run authenticated commands.\n');
|
|
46
|
+
}
|
|
47
|
+
catch (error) {
|
|
48
|
+
this.error(error);
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
exports.default = SetToken;
|
|
53
|
+
SetToken.description = 'Sets an API token to authenticate with the Opal server - alternative auth flow for headless environments.';
|
|
54
|
+
SetToken.examples = ['$ opal set-token'];
|
|
55
|
+
SetToken.flags = {
|
|
56
|
+
help: command_1.flags.help({ char: 'h' }),
|
|
57
|
+
};
|
|
58
|
+
SetToken.args = [];
|
package/lib/commands/set-url.js
CHANGED
|
@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
const command_1 = require("@oclif/command");
|
|
4
4
|
const apollo_1 = require("../lib/apollo");
|
|
5
5
|
const config_1 = require("../lib/config");
|
|
6
|
+
const credentials_1 = require("../lib/credentials");
|
|
6
7
|
class SetUrl extends command_1.Command {
|
|
7
8
|
async run() {
|
|
8
9
|
try {
|
|
@@ -31,6 +32,7 @@ class SetUrl extends command_1.Command {
|
|
|
31
32
|
configData[config_1.allowSelfSignedCertsKey] = flags.allowSelfSignedCerts !== undefined;
|
|
32
33
|
config_1.writeConfigData(this.config.configDir, configData);
|
|
33
34
|
const updatedConfigData = config_1.getOrCreateConfigData(this.config.configDir);
|
|
35
|
+
await credentials_1.cred.removeCredentials(-1);
|
|
34
36
|
await apollo_1.initClient(this);
|
|
35
37
|
this.log(`Opal CLI will now make requests to the server at ${updatedConfigData[config_1.urlKey]}`);
|
|
36
38
|
}
|
package/oclif.manifest.json
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":"2.0.
|
|
1
|
+
{"version":"2.0.16","commands":{"curl-example":{"id":"curl-example","description":"Prints out an example cURL command containing the parameters the CLI uses to query the Opal server.","pluginName":"opal-security","pluginType":"core","aliases":[],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false}},"args":[]},"login":{"id":"login","description":"Authenticates you with the Opal server.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["$ opal login"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false}},"args":[]},"logout":{"id":"logout","description":"Clears locally stored Opal server authentication credentials.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["$ opal logout"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false}},"args":[]},"set-token":{"id":"set-token","description":"Sets an API token to authenticate with the Opal server - alternative auth flow for headless environments.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["$ opal set-token"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false}},"args":[]},"set-url":{"id":"set-url","description":"Sets the url of the Opal server. Defaults to https://app.opal.dev.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["$ opal set-host"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"custom":{"name":"custom","type":"option"},"allowSelfSignedCerts":{"name":"allowSelfSignedCerts","type":"boolean","allowNo":false},"prod":{"name":"prod","type":"boolean","allowNo":false},"staging":{"name":"staging","type":"boolean","allowNo":false},"demo":{"name":"demo","type":"boolean","allowNo":false},"dev":{"name":"dev","type":"boolean","allowNo":false},"devLocal":{"name":"devLocal","type":"boolean","allowNo":false}},"args":[]},"aws:identity":{"id":"aws:identity","description":"Gets the current caller identity for the \"opal\" AWS profile.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal aws:identity"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false}},"args":[]},"iam-roles:start":{"id":"iam-roles:start","description":"Starts a session to assume an IAM role.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal iam-roles:start","opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398","opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --profileName \"custom-profile\""],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"id":{"name":"id","type":"option","description":"The ID of the Opal role resource."},"sessionId":{"name":"sessionId","type":"option","description":"SessionId of a session that has already been created via the web flow."},"profileName":{"name":"profileName","type":"option","description":"Uses a custom AWS profile name for the IAM role. Default value is the role's name."}},"args":[]},"kube-roles:start":{"id":"kube-roles:start","description":"Starts a session to assume a Kubernetes cluster IAM role.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal kube-roles:start","opal kube-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398","opal kube-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId \"arn:aws:iam::712234975475:role/acme-eks-cluster-admin-role\""],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"id":{"name":"id","type":"option","description":"The ID of the Opal role resource."},"accessLevelRemoteId":{"name":"accessLevelRemoteId","type":"option","description":"The remote ID of the access level with which to access the cluster."},"sessionId":{"name":"sessionId","type":"option","description":"SessionId of a session that has already been created via the web flow."}},"args":[]},"postgres-instances:start":{"id":"postgres-instances:start","description":"Starts a session to query a Postgres database.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal postgres-instances:start","opal postgres-instances:start --id 51f7176b-0464-4a6f-8369-e951e187b398","opal postgres-instances:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId \"fullaccess\""],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"id":{"name":"id","type":"option","description":"The ID of the Opal instance resource."},"accessLevelRemoteId":{"name":"accessLevelRemoteId","type":"option","description":"The remote ID of the access level with which to access the database."},"sessionId":{"name":"sessionId","type":"option","description":"SessionId of a session that has already been created via the web flow."}},"args":[]},"resources:get":{"id":"resources:get","description":"Get resource info for a particular resource.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal resources:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"id":{"name":"id","type":"option","required":true}},"args":[]},"ssh:copyFrom":{"id":"ssh:copyFrom","description":"Use SCP to copy files from a compute instance.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal ssh:copyFrom --src instance/dir --dest my/dir","opal ssh:copyFrom --src instance/dir --dest my/dir --id 51f7176b-0464-4a6f-8369-e951e187b398"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"src":{"name":"src","type":"option","description":"The path of the directory or file you would like to copy over SCP. Note we only support one file or directory at a time.","required":true},"dest":{"name":"dest","type":"option","description":"Pick which directory you want your files to be copied to.","required":false,"default":"."},"user":{"name":"user","type":"option","description":"Pick which user you want to run SCP over. Keep in mind not all users will have access to each other's home directory.","required":false,"default":"ssm-user"},"id":{"name":"id","type":"option","description":"The ID of the Opal instance resource."},"sessionId":{"name":"sessionId","type":"option","description":"SessionId of a session that has already been created via the web flow."}},"args":[]},"ssh:copyTo":{"id":"ssh:copyTo","description":"Use SCP to copy files to a compute instance.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal ssh:copyTo --src my/dir --dest instance/dir","opal ssh:copyTo --src my/dir --dest instance/dir --id 51f7176b-0464-4a6f-8369-e951e187b398"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"src":{"name":"src","type":"option","description":"The path of the directory or file you would like to copy over SCP. Note we only support one file or directory at a time.","required":true},"dest":{"name":"dest","type":"option","description":"Pick which directory you want your files to be copied to.","required":false,"default":"."},"user":{"name":"user","type":"option","description":"Pick which user you want to run SCP over. Keep in mind not all users will have access to each other's home directory.","required":false,"default":"ssm-user"},"id":{"name":"id","type":"option","description":"The ID of the Opal instance resource."},"sessionId":{"name":"sessionId","type":"option","description":"SessionId of a session that has already been created via the web flow."}},"args":[]},"ssh:start":{"id":"ssh:start","description":"Start an SSH session to access a particular compute instance.","pluginName":"opal-security","pluginType":"core","aliases":[],"examples":["opal ssh:start","opal ssh:start --id 51f7176b-0464-4a6f-8369-e951e187b398"],"flags":{"help":{"name":"help","type":"boolean","char":"h","description":"show CLI help","allowNo":false},"id":{"name":"id","type":"option","description":"The ID of the Opal instance resource."},"sessionId":{"name":"sessionId","type":"option","description":"SessionId of a session that has already been created via the web flow."}},"args":[]}}}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "opal-security",
|
|
3
3
|
"description": "Opal allows you to centrally manage access to all of your sensitive systems.",
|
|
4
|
-
"version": "2.0.
|
|
4
|
+
"version": "2.0.16",
|
|
5
5
|
"author": "Stephen Cobbe",
|
|
6
6
|
"bin": {
|
|
7
7
|
"opal": "./bin/run"
|
|
@@ -9,22 +9,24 @@
|
|
|
9
9
|
"bugs": "https://github.com/opalsecurity/opal-cli/issues",
|
|
10
10
|
"dependencies": {
|
|
11
11
|
"@apollo/client": "^3.3.13",
|
|
12
|
-
"@graphql-codegen/cli": "^
|
|
12
|
+
"@graphql-codegen/cli": "^2.6.2",
|
|
13
13
|
"@graphql-codegen/near-operation-file-preset": "^1.17.13",
|
|
14
14
|
"@graphql-codegen/typescript": "^1.21.1",
|
|
15
15
|
"@graphql-codegen/typescript-oclif": "^1.17.9",
|
|
16
|
-
"@oclif/command": "^1.8.
|
|
16
|
+
"@oclif/command": "^1.8.16",
|
|
17
17
|
"@oclif/config": "^1.17.0",
|
|
18
|
+
"@oclif/errors": "^1.3.5",
|
|
18
19
|
"@oclif/plugin-autocomplete": "^0.3.0",
|
|
19
|
-
"@oclif/plugin-help": "^
|
|
20
|
+
"@oclif/plugin-help": "^5.1.12",
|
|
20
21
|
"@types/inquirer": "^7.3.1",
|
|
21
22
|
"@types/prettyjson": "0.0.29",
|
|
22
23
|
"chalk": "^2.4.2",
|
|
23
24
|
"graphql": "^15.5.0",
|
|
25
|
+
"inquirer": "^8.2.4",
|
|
24
26
|
"inquirer-autocomplete-prompt": "^1.4.0",
|
|
25
27
|
"keytar": "^7.7.0",
|
|
26
28
|
"lodash": "^4.17.21",
|
|
27
|
-
"node-fetch": "^2.6.
|
|
29
|
+
"node-fetch": "^2.6.7",
|
|
28
30
|
"open": "^8.0.4",
|
|
29
31
|
"openid-client": "^4.6.0",
|
|
30
32
|
"prettyjson": "^1.2.1",
|
|
@@ -35,17 +37,16 @@
|
|
|
35
37
|
"@oclif/dev-cli": "^1.26.0",
|
|
36
38
|
"@oclif/test": "^1.2.8",
|
|
37
39
|
"@types/chai": "^4.2.16",
|
|
38
|
-
"@types/chalk": "^2.2.0",
|
|
39
40
|
"@types/lodash": "^4.14.169",
|
|
40
41
|
"@types/mocha": "^5.2.7",
|
|
41
42
|
"@types/node": "^14.14.37",
|
|
42
43
|
"@types/semver": "^7.3.8",
|
|
43
44
|
"chai": "^4.3.4",
|
|
44
|
-
"eslint": "^
|
|
45
|
+
"eslint": "^8.17.0",
|
|
45
46
|
"eslint-config-oclif": "^3.1.0",
|
|
46
47
|
"eslint-config-oclif-typescript": "^0.1.0",
|
|
47
48
|
"globby": "^10.0.2",
|
|
48
|
-
"mocha": "^
|
|
49
|
+
"mocha": "^10.0.0",
|
|
49
50
|
"nyc": "^14.1.1",
|
|
50
51
|
"ts-node": "^8.10.2",
|
|
51
52
|
"typescript": "^3.9.9"
|
|
@@ -78,6 +79,9 @@
|
|
|
78
79
|
"type": "git",
|
|
79
80
|
"url": "https://github.com/opalsecurity/opal-cli.git"
|
|
80
81
|
},
|
|
82
|
+
"resolutions": {
|
|
83
|
+
"ansi-regex": "5.0.1"
|
|
84
|
+
},
|
|
81
85
|
"scripts": {
|
|
82
86
|
"postpack": "rm -f oclif.manifest.json",
|
|
83
87
|
"posttest": "eslint . --ext .ts --config .eslintrc",
|