diff --git a/cmd/root.go b/cmd/root.go index 21d6f3c97..1d48b61e2 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -74,7 +74,7 @@ func AddDefaultAirshipCTLCommands(cmd *cobra.Command, factory cfg.Factory) *cobr cmd.AddCommand(completion.NewCompletionCommand()) cmd.AddCommand(document.NewDocumentCommand(factory)) cmd.AddCommand(config.NewConfigCommand(factory)) - cmd.AddCommand(secret.NewSecretCommand(factory)) + cmd.AddCommand(secret.NewSecretCommand()) cmd.AddCommand(phase.NewPhaseCommand(factory)) cmd.AddCommand(plan.NewPlanCommand(factory)) cmd.AddCommand(NewVersionCommand()) diff --git a/cmd/secret/decrypt/decrypt.go b/cmd/secret/decrypt/decrypt.go deleted file mode 100644 index c3e8a7947..000000000 --- a/cmd/secret/decrypt/decrypt.go +++ /dev/null @@ -1,65 +0,0 @@ -/* - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - https://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package decrypt - -import ( - "github.com/spf13/cobra" - - "opendev.org/airship/airshipctl/pkg/config" - "opendev.org/airship/airshipctl/pkg/errors" - "opendev.org/airship/airshipctl/pkg/log" -) - -const ( - decryptShort = ` -Decrypt encrypted yaml files into plaintext files representing Kubernetes objects consisting of sensitive data.` - - decryptExample = ` -# Decrypt all encrypted files in the manifests directory. -airshipctl secret decrypt - -# Decrypt encrypted file from src and write the plain text to a different dst file -airshipctl secret decrypt \ - --src /tmp/manifests/target/secrets/encrypted-qualified-secret.yaml \ - --dst /tmp/manifests/target/secrets/qualified-secret.yaml -` -) - -// NewDecryptCommand creates a new command for decrypting encrypted secrets in the manifests -func NewDecryptCommand(_ config.Factory) *cobra.Command { - var srcPath, dstPath string - - decryptCmd := &cobra.Command{ - Use: "decrypt", - Short: decryptShort[1:], - Example: decryptExample, - RunE: func(cmd *cobra.Command, args []string) error { - // TODO: Need to integrate with business logic to decrypt with sops - return errors.ErrNotImplemented{What: "secret encryption/decryption"} - }, - } - decryptCmd.Flags().StringVar(&srcPath, "src", "", - `Path to the file or directory that has secrets in encrypted text that need to be decrypted. `+ - `Defaults to the manifest location in airship config`) - decryptCmd.Flags().StringVar(&dstPath, "dst", "", - "Path to the file or directory to store decrypted secrets. Defaults to src if empty.") - - err := decryptCmd.MarkFlagRequired("dst") - if err != nil { - log.Fatalf("marking dst flag required failed: %v", err) - } - - return decryptCmd -} diff --git a/cmd/secret/decrypt/decrypt_test.go b/cmd/secret/decrypt/decrypt_test.go deleted file mode 100644 index d6694674a..000000000 --- a/cmd/secret/decrypt/decrypt_test.go +++ /dev/null @@ -1,36 +0,0 @@ -/* - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - https://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package decrypt_test - -import ( - "testing" - - "opendev.org/airship/airshipctl/cmd/secret/decrypt" - "opendev.org/airship/airshipctl/testutil" -) - -func TestDecrypt(t *testing.T) { - cmdTests := []*testutil.CmdTest{ - { - Name: "decrypt-cmd-cmd-with-help", - CmdLine: "--help", - Cmd: decrypt.NewDecryptCommand(nil), - }, - } - - for _, tt := range cmdTests { - testutil.RunTest(t, tt) - } -} diff --git a/cmd/secret/decrypt/testdata/TestDecryptGoldenOutput/decrypt-cmd-cmd-with-help.golden b/cmd/secret/decrypt/testdata/TestDecryptGoldenOutput/decrypt-cmd-cmd-with-help.golden deleted file mode 100644 index 119794324..000000000 --- a/cmd/secret/decrypt/testdata/TestDecryptGoldenOutput/decrypt-cmd-cmd-with-help.golden +++ /dev/null @@ -1,20 +0,0 @@ -Decrypt encrypted yaml files into plaintext files representing Kubernetes objects consisting of sensitive data. - -Usage: - decrypt [flags] - -Examples: - -# Decrypt all encrypted files in the manifests directory. -airshipctl secret decrypt - -# Decrypt encrypted file from src and write the plain text to a different dst file -airshipctl secret decrypt \ - --src /tmp/manifests/target/secrets/encrypted-qualified-secret.yaml \ - --dst /tmp/manifests/target/secrets/qualified-secret.yaml - - -Flags: - --dst string Path to the file or directory to store decrypted secrets. Defaults to src if empty. - -h, --help help for decrypt - --src string Path to the file or directory that has secrets in encrypted text that need to be decrypted. Defaults to the manifest location in airship config diff --git a/cmd/secret/encrypt/encrypt.go b/cmd/secret/encrypt/encrypt.go deleted file mode 100644 index 2fa7972af..000000000 --- a/cmd/secret/encrypt/encrypt.go +++ /dev/null @@ -1,64 +0,0 @@ -/* - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - https://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package encrypt - -import ( - "github.com/spf13/cobra" - - "opendev.org/airship/airshipctl/pkg/config" - "opendev.org/airship/airshipctl/pkg/errors" - "opendev.org/airship/airshipctl/pkg/log" -) - -const ( - encryptShort = ` -Encrypt plain text yaml files representing Kubernetes objects consisting of sensitive configuration.` - - encryptExample = ` -# Encrypt all kubernetes objects in the manifests directory. -airshipctl secret encrypt - -# Encrypt file from src and write to a different dst file -airshipctl secret encrypt \ - --src /tmp/manifests/target/secrets/qualified-secret.yaml \ - --dst /tmp/manifests/target/secrets/encrypted-qualified-secret.yaml -` -) - -// NewEncryptCommand creates a new command for encrypting plain text secrets using sops -func NewEncryptCommand(_ config.Factory) *cobra.Command { - var srcPath, dstPath string - - encryptCmd := &cobra.Command{ - Use: "encrypt", - Short: encryptShort[1:], - Example: encryptExample, - RunE: func(cmd *cobra.Command, args []string) error { - return errors.ErrNotImplemented{What: "secret encryption/decryption"} - }, - } - encryptCmd.Flags().StringVar(&srcPath, "src", "", - `Path to the file or directory that has secrets in plaintext that need to be encrypted. `+ - `Defaults to the manifest location in airship config`) - encryptCmd.Flags().StringVar(&dstPath, "dst", "", - "Path to the file or directory that has encrypted secrets for decryption. Defaults to src if empty.") - - err := encryptCmd.MarkFlagRequired("dst") - if err != nil { - log.Fatalf("marking dst flag required failed: %v", err) - } - - return encryptCmd -} diff --git a/cmd/secret/encrypt/encrypt_test.go b/cmd/secret/encrypt/encrypt_test.go deleted file mode 100644 index 88a6a6a67..000000000 --- a/cmd/secret/encrypt/encrypt_test.go +++ /dev/null @@ -1,36 +0,0 @@ -/* - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - https://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package encrypt_test - -import ( - "testing" - - "opendev.org/airship/airshipctl/cmd/secret/encrypt" - "opendev.org/airship/airshipctl/testutil" -) - -func TestDecrypt(t *testing.T) { - cmdTests := []*testutil.CmdTest{ - { - Name: "encrypt-cmd-cmd-with-help", - CmdLine: "--help", - Cmd: encrypt.NewEncryptCommand(nil), - }, - } - - for _, tt := range cmdTests { - testutil.RunTest(t, tt) - } -} diff --git a/cmd/secret/encrypt/testdata/TestDecryptGoldenOutput/encrypt-cmd-cmd-with-help.golden b/cmd/secret/encrypt/testdata/TestDecryptGoldenOutput/encrypt-cmd-cmd-with-help.golden deleted file mode 100644 index e63f1fcb7..000000000 --- a/cmd/secret/encrypt/testdata/TestDecryptGoldenOutput/encrypt-cmd-cmd-with-help.golden +++ /dev/null @@ -1,20 +0,0 @@ -Encrypt plain text yaml files representing Kubernetes objects consisting of sensitive configuration. - -Usage: - encrypt [flags] - -Examples: - -# Encrypt all kubernetes objects in the manifests directory. -airshipctl secret encrypt - -# Encrypt file from src and write to a different dst file -airshipctl secret encrypt \ - --src /tmp/manifests/target/secrets/qualified-secret.yaml \ - --dst /tmp/manifests/target/secrets/encrypted-qualified-secret.yaml - - -Flags: - --dst string Path to the file or directory that has encrypted secrets for decryption. Defaults to src if empty. - -h, --help help for encrypt - --src string Path to the file or directory that has secrets in plaintext that need to be encrypted. Defaults to the manifest location in airship config diff --git a/cmd/secret/secret.go b/cmd/secret/secret.go index b68ce6f51..967763c1d 100644 --- a/cmd/secret/secret.go +++ b/cmd/secret/secret.go @@ -17,14 +17,11 @@ package secret import ( "github.com/spf13/cobra" - "opendev.org/airship/airshipctl/cmd/secret/decrypt" - "opendev.org/airship/airshipctl/cmd/secret/encrypt" "opendev.org/airship/airshipctl/cmd/secret/generate" - "opendev.org/airship/airshipctl/pkg/config" ) // NewSecretCommand creates a new command for managing airshipctl secrets -func NewSecretCommand(cfgFactory config.Factory) *cobra.Command { +func NewSecretCommand() *cobra.Command { secretRootCmd := &cobra.Command{ Use: "secret", // TODO(howell): Make this more expressive @@ -32,8 +29,6 @@ func NewSecretCommand(cfgFactory config.Factory) *cobra.Command { } secretRootCmd.AddCommand(generate.NewGenerateCommand()) - secretRootCmd.AddCommand(encrypt.NewEncryptCommand(cfgFactory)) - secretRootCmd.AddCommand(decrypt.NewDecryptCommand(cfgFactory)) return secretRootCmd } diff --git a/docs/source/cli/airshipctl_secret.md b/docs/source/cli/airshipctl_secret.md index cc4e33cd7..781dbd6d5 100644 --- a/docs/source/cli/airshipctl_secret.md +++ b/docs/source/cli/airshipctl_secret.md @@ -22,7 +22,5 @@ Manage secrets ### SEE ALSO * [airshipctl](airshipctl.md) - A unified entrypoint to various airship components -* [airshipctl secret decrypt](airshipctl_secret_decrypt.md) - Decrypt encrypted yaml files into plaintext files representing Kubernetes objects consisting of sensitive data. -* [airshipctl secret encrypt](airshipctl_secret_encrypt.md) - Encrypt plain text yaml files representing Kubernetes objects consisting of sensitive configuration. * [airshipctl secret generate](airshipctl_secret_generate.md) - Generate various secrets diff --git a/docs/source/cli/airshipctl_secret_decrypt.md b/docs/source/cli/airshipctl_secret_decrypt.md deleted file mode 100644 index 05025665d..000000000 --- a/docs/source/cli/airshipctl_secret_decrypt.md +++ /dev/null @@ -1,45 +0,0 @@ -## airshipctl secret decrypt - -Decrypt encrypted yaml files into plaintext files representing Kubernetes objects consisting of sensitive data. - -### Synopsis - -Decrypt encrypted yaml files into plaintext files representing Kubernetes objects consisting of sensitive data. - -``` -airshipctl secret decrypt [flags] -``` - -### Examples - -``` - -# Decrypt all encrypted files in the manifests directory. -airshipctl secret decrypt - -# Decrypt encrypted file from src and write the plain text to a different dst file -airshipctl secret decrypt \ - --src /tmp/manifests/target/secrets/encrypted-qualified-secret.yaml \ - --dst /tmp/manifests/target/secrets/qualified-secret.yaml - -``` - -### Options - -``` - --dst string Path to the file or directory to store decrypted secrets. Defaults to src if empty. - -h, --help help for decrypt - --src string Path to the file or directory that has secrets in encrypted text that need to be decrypted. Defaults to the manifest location in airship config -``` - -### Options inherited from parent commands - -``` - --airshipconf string Path to file for airshipctl configuration. (default "$HOME/.airship/config") - --debug enable verbose output -``` - -### SEE ALSO - -* [airshipctl secret](airshipctl_secret.md) - Manage secrets - diff --git a/docs/source/cli/airshipctl_secret_encrypt.md b/docs/source/cli/airshipctl_secret_encrypt.md deleted file mode 100644 index e6b2e3b4f..000000000 --- a/docs/source/cli/airshipctl_secret_encrypt.md +++ /dev/null @@ -1,45 +0,0 @@ -## airshipctl secret encrypt - -Encrypt plain text yaml files representing Kubernetes objects consisting of sensitive configuration. - -### Synopsis - -Encrypt plain text yaml files representing Kubernetes objects consisting of sensitive configuration. - -``` -airshipctl secret encrypt [flags] -``` - -### Examples - -``` - -# Encrypt all kubernetes objects in the manifests directory. -airshipctl secret encrypt - -# Encrypt file from src and write to a different dst file -airshipctl secret encrypt \ - --src /tmp/manifests/target/secrets/qualified-secret.yaml \ - --dst /tmp/manifests/target/secrets/encrypted-qualified-secret.yaml - -``` - -### Options - -``` - --dst string Path to the file or directory that has encrypted secrets for decryption. Defaults to src if empty. - -h, --help help for encrypt - --src string Path to the file or directory that has secrets in plaintext that need to be encrypted. Defaults to the manifest location in airship config -``` - -### Options inherited from parent commands - -``` - --airshipconf string Path to file for airshipctl configuration. (default "$HOME/.airship/config") - --debug enable verbose output -``` - -### SEE ALSO - -* [airshipctl secret](airshipctl_secret.md) - Manage secrets -