From 29f1db4bf95193b26db9702d7d5bab4e29ec30ae Mon Sep 17 00:00:00 2001 From: Tyler Gillson Date: Wed, 4 Sep 2024 11:27:31 -0600 Subject: [PATCH] fix: filter vCenter local file privileges properly, skip KUBECONFIG check when updating passwords in direct mode (#207) ## Issue N/A ## Description - Filter empty lines and comments from vCenter local file privileges - Skip `KUBECONFIG` check when updating passwords in direct mode --------- Signed-off-by: Tyler Gillson --- go.mod | 2 +- go.sum | 4 +- pkg/config/versions.go | 2 +- pkg/services/validator/validator_service.go | 19 +++++---- pkg/services/validator/vmware.go | 41 +++++++++++-------- .../_validator/testcases/data/validator.yaml | 2 +- 6 files changed, 41 insertions(+), 29 deletions(-) diff --git a/go.mod b/go.mod index 0e3d453e..56bdff21 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/pterm/pterm v0.12.79 github.com/sirupsen/logrus v1.9.3 github.com/spectrocloud-labs/embeddedfs v0.1.0 - github.com/spectrocloud-labs/prompts-tui v0.1.1 + github.com/spectrocloud-labs/prompts-tui v0.1.2 github.com/spf13/cobra v1.8.1 github.com/spf13/viper v1.19.0 github.com/validator-labs/validator v0.1.8 diff --git a/go.sum b/go.sum index 5e135878..64838473 100644 --- a/go.sum +++ b/go.sum @@ -807,8 +807,8 @@ github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9yS github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0= github.com/spectrocloud-labs/embeddedfs v0.1.0 h1:Izs9wPYLVp8Fp9mi9zYysu9AzvHK1kIelQz3IIfh4N0= github.com/spectrocloud-labs/embeddedfs v0.1.0/go.mod h1:JrCbGXImUCsim3jjYSahRJUKyVN57Fb5u3DkE3crqA4= -github.com/spectrocloud-labs/prompts-tui v0.1.1 h1:jNYFt6UzrSEc8K6GXyRenH1jzKbHwJbCCGMYtYYXKUo= -github.com/spectrocloud-labs/prompts-tui v0.1.1/go.mod h1:XCvyEc3OLxKVXNLbOGZJOR6PiktfWqjYdrwU+ymCmLQ= +github.com/spectrocloud-labs/prompts-tui v0.1.2 h1:l9Bf1XdR4rHIJ+9evfBoTLThk+W2u3V2MfWYdZGwYMc= +github.com/spectrocloud-labs/prompts-tui v0.1.2/go.mod h1:XCvyEc3OLxKVXNLbOGZJOR6PiktfWqjYdrwU+ymCmLQ= github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= diff --git a/pkg/config/versions.go b/pkg/config/versions.go index 0e84eaf3..b722da21 100644 --- a/pkg/config/versions.go +++ b/pkg/config/versions.go @@ -7,6 +7,6 @@ var ValidatorChartVersions = map[string]string{ ValidatorPluginAzure: "v0.0.20", ValidatorPluginMaas: "v0.0.12", ValidatorPluginNetwork: "v0.0.26", - ValidatorPluginOci: "v0.3.2", + ValidatorPluginOci: "v0.3.3", ValidatorPluginVsphere: "v0.0.34", } diff --git a/pkg/services/validator/validator_service.go b/pkg/services/validator/validator_service.go index cfbf9a7f..e5975138 100644 --- a/pkg/services/validator/validator_service.go +++ b/pkg/services/validator/validator_service.go @@ -474,22 +474,27 @@ func UpdateValidatorCredentials(c *components.ValidatorConfig) error { // UpdateValidatorPluginCredentials updates validator plugin credentials func UpdateValidatorPluginCredentials(c *components.ValidatorConfig, tc *cfg.TaskConfig) error { - k8sClient, err := k8sClientFromConfig(c) - if err != nil { - return err + var err error + var kClient kubernetes.Interface + + if !tc.Direct { + kClient, err = k8sClientFromConfig(c) + if err != nil { + return err + } } if c.AWSPlugin != nil && c.AWSPlugin.Enabled { - if err := readAwsCredentials(c.AWSPlugin, tc, k8sClient); err != nil { + if err := readAwsCredentials(c.AWSPlugin, tc, kClient); err != nil { return fmt.Errorf("failed to update AWS credentials: %w", err) } } if c.AzurePlugin != nil && c.AzurePlugin.Enabled { - if err := readAzureCredentials(c.AzurePlugin, tc, k8sClient); err != nil { + if err := readAzureCredentials(c.AzurePlugin, tc, kClient); err != nil { return fmt.Errorf("failed to update Azure credentials: %w", err) } } if c.MaasPlugin != nil && c.MaasPlugin.Enabled { - if err := readMaasCredentials(c.MaasPlugin, tc, k8sClient); err != nil { + if err := readMaasCredentials(c.MaasPlugin, tc, kClient); err != nil { return fmt.Errorf("failed to update MAAS credentials: %w", err) } } @@ -501,7 +506,7 @@ func UpdateValidatorPluginCredentials(c *components.ValidatorConfig, tc *cfg.Tas } } if c.VspherePlugin != nil && c.VspherePlugin.Enabled { - if err := readVsphereCredentials(c.VspherePlugin, tc, k8sClient); err != nil { + if err := readVsphereCredentials(c.VspherePlugin, tc, kClient); err != nil { return fmt.Errorf("failed to update vSphere credentials: %w", err) } } diff --git a/pkg/services/validator/vmware.go b/pkg/services/validator/vmware.go index 75ad99d1..799cc49a 100644 --- a/pkg/services/validator/vmware.go +++ b/pkg/services/validator/vmware.go @@ -377,10 +377,11 @@ func loadPrivileges(privilegeFile string) (string, func(string) error, error) { slices.Sort(privileges) validate := func(input string) error { - if strings.HasPrefix(input, "#") { + s := strings.TrimSpace(input) + if s == "" || strings.HasPrefix(s, "#") { return nil } - if !slices.Contains(privileges, strings.TrimSpace(input)) { + if !slices.Contains(privileges, s) { log.ErrorCLI("failed to read vCenter privileges", "invalidPrivilege", input) return prompts.ErrValidationFailed } @@ -414,21 +415,37 @@ func readPrivileges(rulePrivileges []string) ([]string, error) { if err != nil { return nil, err } + + var privileges []string if inputType == cfg.LocalFilepath { - return readPrivilegesFromFile(validate) + privileges, err = readPrivilegesFromFile(validate) + } else { + privileges, err = readPrivilegesFromEditor(defaultPrivileges, validate) } + if err != nil { + log.ErrorCLI("failed to read vCenter privileges", "error", err) - return readPrivilegesFromEditor(defaultPrivileges, validate) + retry, err := prompts.ReadBool("Reconfigure privileges", true) + if err != nil { + return nil, err + } + if retry { + return readPrivileges(rulePrivileges) + } + } + return privileges, nil } func readPrivilegesFromEditor(defaultPrivileges string, validate func(string) error) ([]string, error) { log.InfoCLI("Configure vCenter privileges") time.Sleep(2 * time.Second) + joinedPrivileges, err := prompts.EditFileValidatedByLine(cfg.VcenterPrivilegePrompt, defaultPrivileges, "\n", validate, 1) if err != nil { return nil, err } privileges := strings.Split(joinedPrivileges, "\n") + return privileges, nil } @@ -437,24 +454,14 @@ func readPrivilegesFromFile(validate func(string) error) ([]string, error) { if err != nil { return nil, err } + privilegeBytes, err := os.ReadFile(privilegeFile) //#nosec if err != nil { return nil, fmt.Errorf("failed to read privilege file: %w", err) } privileges := strings.Split(string(privilegeBytes), "\n") - for _, p := range privileges { - if err := validate(p); err != nil { - retry, err := prompts.ReadBool("Reconfigure privileges", true) - if err != nil { - return nil, err - } - if retry { - return readPrivilegesFromFile(validate) - } - return nil, err - } - } - return privileges, nil + + return prompts.FilterLines(privileges, validate) } // nolint:dupl diff --git a/tests/integration/_validator/testcases/data/validator.yaml b/tests/integration/_validator/testcases/data/validator.yaml index 663be89d..08acabec 100644 --- a/tests/integration/_validator/testcases/data/validator.yaml +++ b/tests/integration/_validator/testcases/data/validator.yaml @@ -201,7 +201,7 @@ ociPlugin: chart: name: validator-plugin-oci repository: validator-plugin-oci - version: v0.3.2 + version: v0.3.3 values: "" secrets: - name: oci-creds