mirror of
https://github.com/optim-enterprises-bv/vault.git
synced 2025-10-31 10:37:56 +00:00
6ed8b88f5f
@mitchellh suggested we fork `cli` and switch to that. Since we primarily use the interfaces in `cli`, and the new fork has not changed those, this is (mostly) a drop-in replacement. A small fix will be necessary for Vault Enterprise, I believe.
117 lines
2.7 KiB
Go
117 lines
2.7 KiB
Go
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: BUSL-1.1
|
|
|
|
package command
|
|
|
|
import (
|
|
"fmt"
|
|
"io/ioutil"
|
|
"strings"
|
|
|
|
"github.com/hashicorp/cli"
|
|
"github.com/hashicorp/hcl/hcl/printer"
|
|
"github.com/hashicorp/vault/helper/namespace"
|
|
"github.com/hashicorp/vault/vault"
|
|
homedir "github.com/mitchellh/go-homedir"
|
|
"github.com/posener/complete"
|
|
)
|
|
|
|
var (
|
|
_ cli.Command = (*PolicyFmtCommand)(nil)
|
|
_ cli.CommandAutocomplete = (*PolicyFmtCommand)(nil)
|
|
)
|
|
|
|
type PolicyFmtCommand struct {
|
|
*BaseCommand
|
|
}
|
|
|
|
func (c *PolicyFmtCommand) Synopsis() string {
|
|
return "Formats a policy on disk"
|
|
}
|
|
|
|
func (c *PolicyFmtCommand) Help() string {
|
|
helpText := `
|
|
Usage: vault policy fmt [options] PATH
|
|
|
|
Formats a local policy file to the policy specification. This command will
|
|
overwrite the file at the given PATH with the properly-formatted policy
|
|
file contents.
|
|
|
|
Format the local file "my-policy.hcl" as a policy file:
|
|
|
|
$ vault policy fmt my-policy.hcl
|
|
|
|
` + c.Flags().Help()
|
|
|
|
return strings.TrimSpace(helpText)
|
|
}
|
|
|
|
func (c *PolicyFmtCommand) Flags() *FlagSets {
|
|
return c.flagSet(FlagSetNone)
|
|
}
|
|
|
|
func (c *PolicyFmtCommand) AutocompleteArgs() complete.Predictor {
|
|
return complete.PredictFiles("*.hcl")
|
|
}
|
|
|
|
func (c *PolicyFmtCommand) AutocompleteFlags() complete.Flags {
|
|
return c.Flags().Completions()
|
|
}
|
|
|
|
func (c *PolicyFmtCommand) Run(args []string) int {
|
|
f := c.Flags()
|
|
|
|
if err := f.Parse(args); err != nil {
|
|
c.UI.Error(err.Error())
|
|
return 1
|
|
}
|
|
|
|
args = f.Args()
|
|
switch {
|
|
case len(args) < 1:
|
|
c.UI.Error(fmt.Sprintf("Not enough arguments (expected 1, got %d)", len(args)))
|
|
return 1
|
|
case len(args) > 1:
|
|
c.UI.Error(fmt.Sprintf("Too many arguments (expected 1, got %d)", len(args)))
|
|
return 1
|
|
}
|
|
|
|
// Get the filepath, accounting for ~ and stuff
|
|
path, err := homedir.Expand(strings.TrimSpace(args[0]))
|
|
if err != nil {
|
|
c.UI.Error(fmt.Sprintf("Failed to expand path: %s", err))
|
|
return 1
|
|
}
|
|
|
|
// Read the entire contents into memory - it would be nice if we could use
|
|
// a buffer, but hcl wants the full contents.
|
|
b, err := ioutil.ReadFile(path)
|
|
if err != nil {
|
|
c.UI.Error(fmt.Sprintf("Error reading source file: %s", err))
|
|
return 1
|
|
}
|
|
|
|
// Actually parse the policy. We always use the root namespace here because
|
|
// we don't want to modify the results.
|
|
if _, err := vault.ParseACLPolicy(namespace.RootNamespace, string(b)); err != nil {
|
|
c.UI.Error(err.Error())
|
|
return 1
|
|
}
|
|
|
|
// Generate final contents
|
|
result, err := printer.Format(b)
|
|
if err != nil {
|
|
c.UI.Error(fmt.Sprintf("Error printing result: %s", err))
|
|
return 1
|
|
}
|
|
|
|
// Write them back out
|
|
if err := ioutil.WriteFile(path, result, 0o644); err != nil {
|
|
c.UI.Error(fmt.Sprintf("Error writing result: %s", err))
|
|
return 1
|
|
}
|
|
|
|
c.UI.Output(fmt.Sprintf("Success! Formatted policy: %s", path))
|
|
return 0
|
|
}
|