Skip to content

Commit

Permalink
fix: filter vCenter local file privileges properly, skip KUBECONFIG c…
Browse files Browse the repository at this point in the history 
…heck when updating passwords in direct mode (#207)

## Issue
N/A

## Description
- Filter empty lines and comments from vCenter local file privileges
- Skip `KUBECONFIG` check when updating passwords in direct mode

---------

Signed-off-by: Tyler Gillson <tyler.gillson@gmail.com>
  • Loading branch information
@TylerGillson
TylerGillson authored Sep 4, 2024
1 parent f337321 commit 29f1db4
Show file tree
Hide file tree
Showing 6 changed files with 41 additions and 29 deletions.
2 changes: 1 addition & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ require (
github.com/pterm/pterm v0.12.79
github.com/sirupsen/logrus v1.9.3
github.com/spectrocloud-labs/embeddedfs v0.1.0
github.com/spectrocloud-labs/prompts-tui v0.1.1
github.com/spectrocloud-labs/prompts-tui v0.1.2
github.com/spf13/cobra v1.8.1
github.com/spf13/viper v1.19.0
github.com/validator-labs/validator v0.1.8
Expand Down
4 changes: 2 additions & 2 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -807,8 +807,8 @@ github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9yS
github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0=
github.com/spectrocloud-labs/embeddedfs v0.1.0 h1:Izs9wPYLVp8Fp9mi9zYysu9AzvHK1kIelQz3IIfh4N0=
github.com/spectrocloud-labs/embeddedfs v0.1.0/go.mod h1:JrCbGXImUCsim3jjYSahRJUKyVN57Fb5u3DkE3crqA4=
github.com/spectrocloud-labs/prompts-tui v0.1.1 h1:jNYFt6UzrSEc8K6GXyRenH1jzKbHwJbCCGMYtYYXKUo=
github.com/spectrocloud-labs/prompts-tui v0.1.1/go.mod h1:XCvyEc3OLxKVXNLbOGZJOR6PiktfWqjYdrwU+ymCmLQ=
github.com/spectrocloud-labs/prompts-tui v0.1.2 h1:l9Bf1XdR4rHIJ+9evfBoTLThk+W2u3V2MfWYdZGwYMc=
github.com/spectrocloud-labs/prompts-tui v0.1.2/go.mod h1:XCvyEc3OLxKVXNLbOGZJOR6PiktfWqjYdrwU+ymCmLQ=
github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8=
github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY=
github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
Expand Down
2 changes: 1 addition & 1 deletion pkg/config/versions.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,6 @@ var ValidatorChartVersions = map[string]string{
ValidatorPluginAzure: "v0.0.20",
ValidatorPluginMaas: "v0.0.12",
ValidatorPluginNetwork: "v0.0.26",
ValidatorPluginOci: "v0.3.2",
ValidatorPluginOci: "v0.3.3",
ValidatorPluginVsphere: "v0.0.34",
}
19 changes: 12 additions & 7 deletions pkg/services/validator/validator_service.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -474,22 +474,27 @@ func UpdateValidatorCredentials(c *components.ValidatorConfig) error {

// UpdateValidatorPluginCredentials updates validator plugin credentials
func UpdateValidatorPluginCredentials(c *components.ValidatorConfig, tc *cfg.TaskConfig) error {
k8sClient, err := k8sClientFromConfig(c)
if err != nil {
return err
var err error
var kClient kubernetes.Interface

if !tc.Direct {
kClient, err = k8sClientFromConfig(c)
if err != nil {
return err
}
}
if c.AWSPlugin != nil && c.AWSPlugin.Enabled {
if err := readAwsCredentials(c.AWSPlugin, tc, k8sClient); err != nil {
if err := readAwsCredentials(c.AWSPlugin, tc, kClient); err != nil {
return fmt.Errorf("failed to update AWS credentials: %w", err)
}
}
if c.AzurePlugin != nil && c.AzurePlugin.Enabled {
if err := readAzureCredentials(c.AzurePlugin, tc, k8sClient); err != nil {
if err := readAzureCredentials(c.AzurePlugin, tc, kClient); err != nil {
return fmt.Errorf("failed to update Azure credentials: %w", err)
}
}
if c.MaasPlugin != nil && c.MaasPlugin.Enabled {
if err := readMaasCredentials(c.MaasPlugin, tc, k8sClient); err != nil {
if err := readMaasCredentials(c.MaasPlugin, tc, kClient); err != nil {
return fmt.Errorf("failed to update MAAS credentials: %w", err)
}
}
Expand All @@ -501,7 +506,7 @@ func UpdateValidatorPluginCredentials(c *components.ValidatorConfig, tc *cfg.Tas
}
}
if c.VspherePlugin != nil && c.VspherePlugin.Enabled {
if err := readVsphereCredentials(c.VspherePlugin, tc, k8sClient); err != nil {
if err := readVsphereCredentials(c.VspherePlugin, tc, kClient); err != nil {
return fmt.Errorf("failed to update vSphere credentials: %w", err)
}
}
Expand Down
41 changes: 24 additions & 17 deletions pkg/services/validator/vmware.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -377,10 +377,11 @@ func loadPrivileges(privilegeFile string) (string, func(string) error, error) {
slices.Sort(privileges)

validate := func(input string) error {
if strings.HasPrefix(input, "#") {
s := strings.TrimSpace(input)
if s == "" || strings.HasPrefix(s, "#") {
return nil
}
if !slices.Contains(privileges, strings.TrimSpace(input)) {
if !slices.Contains(privileges, s) {
log.ErrorCLI("failed to read vCenter privileges", "invalidPrivilege", input)
return prompts.ErrValidationFailed
}
Expand Down Expand Up @@ -414,21 +415,37 @@ func readPrivileges(rulePrivileges []string) ([]string, error) {
if err != nil {
return nil, err
}

var privileges []string
if inputType == cfg.LocalFilepath {
return readPrivilegesFromFile(validate)
privileges, err = readPrivilegesFromFile(validate)
} else {
privileges, err = readPrivilegesFromEditor(defaultPrivileges, validate)
}
if err != nil {
log.ErrorCLI("failed to read vCenter privileges", "error", err)

return readPrivilegesFromEditor(defaultPrivileges, validate)
retry, err := prompts.ReadBool("Reconfigure privileges", true)
if err != nil {
return nil, err
}
if retry {
return readPrivileges(rulePrivileges)
}
}
return privileges, nil
}

func readPrivilegesFromEditor(defaultPrivileges string, validate func(string) error) ([]string, error) {
log.InfoCLI("Configure vCenter privileges")
time.Sleep(2 * time.Second)

joinedPrivileges, err := prompts.EditFileValidatedByLine(cfg.VcenterPrivilegePrompt, defaultPrivileges, "\n", validate, 1)
if err != nil {
return nil, err
}
privileges := strings.Split(joinedPrivileges, "\n")

return privileges, nil
}

Expand All @@ -437,24 +454,14 @@ func readPrivilegesFromFile(validate func(string) error) ([]string, error) {
if err != nil {
return nil, err
}

privilegeBytes, err := os.ReadFile(privilegeFile) //#nosec
if err != nil {
return nil, fmt.Errorf("failed to read privilege file: %w", err)
}
privileges := strings.Split(string(privilegeBytes), "\n")
for _, p := range privileges {
if err := validate(p); err != nil {
retry, err := prompts.ReadBool("Reconfigure privileges", true)
if err != nil {
return nil, err
}
if retry {
return readPrivilegesFromFile(validate)
}
return nil, err
}
}
return privileges, nil

return prompts.FilterLines(privileges, validate)
}

// nolint:dupl
Expand Down
2 changes: 1 addition & 1 deletion tests/integration/_validator/testcases/data/validator.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -201,7 +201,7 @@ ociPlugin:
chart:
name: validator-plugin-oci
repository: validator-plugin-oci
version: v0.3.2
version: v0.3.3
values: ""
secrets:
- name: oci-creds
Expand Down

0 comments on commit 29f1db4

Please sign in to comment.