From c651ca45b5b51f48f0891b7fcb9744e4f17ddd8b Mon Sep 17 00:00:00 2001 From: Chelsea Holland Komlo Date: Sun, 17 Sep 2017 05:11:32 +0000 Subject: [PATCH 1/5] acl policy info --- command/acl_bootstrap.go | 12 ++++++ command/acl_policy_info.go | 73 +++++++++++++++++++++++++++++++++ command/acl_policy_info_test.go | 58 ++++++++++++++++++++++++++ 3 files changed, 143 insertions(+) create mode 100644 command/acl_policy_info.go create mode 100644 command/acl_policy_info_test.go diff --git a/command/acl_bootstrap.go b/command/acl_bootstrap.go index 985ecc92d..f80418d3b 100644 --- a/command/acl_bootstrap.go +++ b/command/acl_bootstrap.go @@ -72,6 +72,18 @@ func (c *ACLBootstrapCommand) Run(args []string) int { return 0 } +// formatKVPolicy returns a K/V formatted policy +func formatKVPolicy(policy *api.ACLPolicy) string { + output := []string{ + fmt.Sprintf("Name|%s", policy.Name), + fmt.Sprintf("Description|%s", policy.Description), + fmt.Sprintf("Rules|%s", policy.Rules), + fmt.Sprintf("CreateIndex|%s", policy.CreateIndex), + fmt.Sprintf("ModifyIndex|%s", policy.ModifyIndex), + } + return formatKV(output) +} + // formatKVACLToken returns a K/V formatted ACL token func formatKVACLToken(token *api.ACLToken) string { // Add the fixed preamble diff --git a/command/acl_policy_info.go b/command/acl_policy_info.go new file mode 100644 index 000000000..2f6ec864a --- /dev/null +++ b/command/acl_policy_info.go @@ -0,0 +1,73 @@ +package command + +import ( + "fmt" + "strings" + + "github.com/posener/complete" +) + +type ACLPolicyInfoCommand struct { + Meta +} + +func (c *ACLPolicyInfoCommand) Help() string { + helpText := ` +Usage: nomad acl policy info + +Info is used to fetch information on an existing ACL policy. + +General Options: + + ` + generalOptionsUsage() + + return strings.TrimSpace(helpText) +} + +func (c *ACLPolicyInfoCommand) AutocompleteFlags() complete.Flags { + return mergeAutocompleteFlags(c.Meta.AutocompleteFlags(FlagSetClient), + complete.Flags{}) +} + +func (c *ACLPolicyInfoCommand) AutocompleteArgs() complete.Predictor { + return complete.PredictNothing +} + +func (c *ACLPolicyInfoCommand) Synopsis() string { + return "Fetch info on an existing ACL policy" +} + +func (c *ACLPolicyInfoCommand) Run(args []string) int { + flags := c.Meta.FlagSet("acl policy apply", FlagSetClient) + flags.Usage = func() { c.Ui.Output(c.Help()) } + if err := flags.Parse(args); err != nil { + return 1 + } + + // Check that we got exactly one argument + args = flags.Args() + if l := len(args); l != 1 { + c.Ui.Error(c.Help()) + return 1 + } + + // Get the policy name + policyName := args[0] + + // Get the HTTP client + client, err := c.Meta.Client() + if err != nil { + c.Ui.Error(fmt.Sprintf("Error initializing client: %s", err)) + return 1 + } + + // Fetch info on the policy + policy, _, err := client.ACLPolicies().Info(policyName, nil) + if err != nil { + c.Ui.Error(fmt.Sprintf("Error fetching info on ACL policy: %s", err)) + return 1 + } + + c.Ui.Output(formatKVPolicy(policy)) + return 0 +} diff --git a/command/acl_policy_info_test.go b/command/acl_policy_info_test.go new file mode 100644 index 000000000..c1ef07fa8 --- /dev/null +++ b/command/acl_policy_info_test.go @@ -0,0 +1,58 @@ +package command + +import ( + "os" + "strings" + "testing" + + "github.com/hashicorp/nomad/acl" + "github.com/hashicorp/nomad/command/agent" + "github.com/hashicorp/nomad/nomad/mock" + "github.com/hashicorp/nomad/nomad/structs" + "github.com/mitchellh/cli" + "github.com/stretchr/testify/assert" +) + +func TestACLPolicyListCommand(t *testing.T) { + assert := assert.New(t) + t.Parallel() + config := func(c *agent.Config) { + c.ACL.Enabled = true + } + + srv, _, url := testServer(t, true, config) + state := srv.Agent.Server().State() + defer srv.Shutdown() + + // Bootstrap an initial ACL token + token := srv.Token + assert.NotNil(token, "failed to bootstrap ACL token") + + // Create a test ACLPolicy + policy := &structs.ACLPolicy{ + Name: "testPolicy", + Rules: acl.PolicyWrite, + } + policy.SetHash() + assert.Nil(state.UpsertACLPolicies(1000, []*structs.ACLPolicy{policy})) + + ui := new(cli.MockUi) + cmd := &ACLPolicyInfoCommand{Meta: Meta{Ui: ui, flagAddress: url}} + + // Attempt to apply a policy without a valid management token + invalidToken := mock.ACLToken() + os.Setenv("NOMAD_TOKEN", invalidToken.SecretID) + code := cmd.Run([]string{"-address=" + url, policy.Name}) + assert.Equal(1, code) + + // Apply a policy with a valid management token + os.Setenv("NOMAD_TOKEN", token.SecretID) + code = cmd.Run([]string{"-address=" + url, policy.Name}) + assert.Equal(0, code) + + // Check the output + out := ui.OutputWriter.String() + if !strings.Contains(out, policy.Name) { + t.Fatalf("bad: %v", out) + } +} From 94c12630b58a2dbdc6dd0e0eeb9ccc0c1dee7913 Mon Sep 17 00:00:00 2001 From: Chelsea Holland Komlo Date: Sun, 17 Sep 2017 13:36:54 +0000 Subject: [PATCH 2/5] documentation; add to existing commands --- commands.go | 5 +++ website/source/docs/commands/acl.html.md.erb | 2 + .../docs/commands/acl/policy-info.html.md.erb | 43 +++++++++++++++++++ 3 files changed, 50 insertions(+) create mode 100644 website/source/docs/commands/acl/policy-info.html.md.erb diff --git a/commands.go b/commands.go index ed052f0e2..2f9fa6520 100644 --- a/commands.go +++ b/commands.go @@ -46,6 +46,11 @@ func Commands(metaPtr *command.Meta) map[string]cli.CommandFactory { Meta: meta, }, nil }, + "acl policy info": func() (cli.Command, error) { + return &command.ACLPolicyInfoCommand{ + Meta: meta, + }, nil + }, "acl token": func() (cli.Command, error) { return &command.ACLTokenCommand{ Meta: meta, diff --git a/website/source/docs/commands/acl.html.md.erb b/website/source/docs/commands/acl.html.md.erb index 1b8e2b6b7..721c0ebd1 100644 --- a/website/source/docs/commands/acl.html.md.erb +++ b/website/source/docs/commands/acl.html.md.erb @@ -22,12 +22,14 @@ subcommands are available: * [`acl bootstrap`][bootstrap] - Bootstrap the initial ACL token * [`acl policy apply`][policyapply] - Create or update ACL policies * [`acl policy delete`][policydelete] - Delete an existing ACL policies +* [`acl policy info`][policyinfo] - Fetch information on an existing ACL policy * [`acl token create`][tokencreate] - Create new ACL token * [`acl token delete`][tokendelete] - Delete an existing ACL token [bootstrap]: /docs/commands/acl/bootstrap.html [policyapply]: /docs/commands/acl/policy-apply.html [policydelete]: /docs/commands/acl/policy-delete.html +[policyinfo]: /docs/commands/acl/policy-info.html [tokencreate]: /docs/commands/acl/token-create.html [tokendelete]: /docs/commands/acl/token-delete.html diff --git a/website/source/docs/commands/acl/policy-info.html.md.erb b/website/source/docs/commands/acl/policy-info.html.md.erb new file mode 100644 index 000000000..6e8aee298 --- /dev/null +++ b/website/source/docs/commands/acl/policy-info.html.md.erb @@ -0,0 +1,43 @@ +--- +layout: "docs" +page_title: "Commands: acl policy info" +sidebar_current: "docs-commands-acl-policy-info" +description: > +The policy info command is used to fetch information on an existing ACL +policy. +--- + +# Command: acl policy info + +The `acl policy info` command is used to fetch information on an existing ACL +policy. + +## Usage + +``` +nomad acl policy info +``` + +The `acl policy info` command requires the policy name. + +## General Options + +<%= partial "docs/commands/_general_options" %> + +## Examples + +Fetch information on an existing ACL Policy: + +``` +$ nomad acl policy info my-policy +Name = my-name +Description = +Rules = { +"Name": "my-policy", +"Description": "This is a great policy", +"Rules": "" +} +CreateIndex = %!s(uint64=749) +ModifyIndex = %!s(uint64=758) + +``` From 7ee27f99e8420eb1d657c8f359d1c5ec04aea6ca Mon Sep 17 00:00:00 2001 From: Chelsea Holland Komlo Date: Sun, 17 Sep 2017 13:47:18 +0000 Subject: [PATCH 3/5] small fixups --- command/acl_bootstrap.go | 4 ++-- command/acl_policy_info.go | 2 +- website/source/docs/commands/acl/policy-info.html.md.erb | 7 +++---- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/command/acl_bootstrap.go b/command/acl_bootstrap.go index f80418d3b..2b4030003 100644 --- a/command/acl_bootstrap.go +++ b/command/acl_bootstrap.go @@ -78,8 +78,8 @@ func formatKVPolicy(policy *api.ACLPolicy) string { fmt.Sprintf("Name|%s", policy.Name), fmt.Sprintf("Description|%s", policy.Description), fmt.Sprintf("Rules|%s", policy.Rules), - fmt.Sprintf("CreateIndex|%s", policy.CreateIndex), - fmt.Sprintf("ModifyIndex|%s", policy.ModifyIndex), + fmt.Sprintf("CreateIndex|%v", policy.CreateIndex), + fmt.Sprintf("ModifyIndex|%v", policy.ModifyIndex), } return formatKV(output) } diff --git a/command/acl_policy_info.go b/command/acl_policy_info.go index 2f6ec864a..975e3d6c7 100644 --- a/command/acl_policy_info.go +++ b/command/acl_policy_info.go @@ -38,7 +38,7 @@ func (c *ACLPolicyInfoCommand) Synopsis() string { } func (c *ACLPolicyInfoCommand) Run(args []string) int { - flags := c.Meta.FlagSet("acl policy apply", FlagSetClient) + flags := c.Meta.FlagSet("acl policy info", FlagSetClient) flags.Usage = func() { c.Ui.Output(c.Help()) } if err := flags.Parse(args); err != nil { return 1 diff --git a/website/source/docs/commands/acl/policy-info.html.md.erb b/website/source/docs/commands/acl/policy-info.html.md.erb index 6e8aee298..14510bdc9 100644 --- a/website/source/docs/commands/acl/policy-info.html.md.erb +++ b/website/source/docs/commands/acl/policy-info.html.md.erb @@ -30,14 +30,13 @@ Fetch information on an existing ACL Policy: ``` $ nomad acl policy info my-policy -Name = my-name +Name = my-policy Description = Rules = { "Name": "my-policy", "Description": "This is a great policy", "Rules": "" } -CreateIndex = %!s(uint64=749) -ModifyIndex = %!s(uint64=758) - +CreateIndex = 749 +ModifyIndex = 758 ``` From 62823ce7ee80b1b118dfe124c1953934eebbd093 Mon Sep 17 00:00:00 2001 From: Chelsea Holland Komlo Date: Sun, 17 Sep 2017 18:08:54 +0000 Subject: [PATCH 4/5] add policy with rules for documentation --- website/source/docs/commands/acl/policy-info.html.md.erb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/website/source/docs/commands/acl/policy-info.html.md.erb b/website/source/docs/commands/acl/policy-info.html.md.erb index 14510bdc9..b79c8fb63 100644 --- a/website/source/docs/commands/acl/policy-info.html.md.erb +++ b/website/source/docs/commands/acl/policy-info.html.md.erb @@ -33,9 +33,9 @@ $ nomad acl policy info my-policy Name = my-policy Description = Rules = { -"Name": "my-policy", -"Description": "This is a great policy", -"Rules": "" + "Name": "my-policy", + "Description": "This is a great policy", + "Rules": "list_jobs" } CreateIndex = 749 ModifyIndex = 758 From 87f1d1e491b98dcbafd1049054256df807d3b2f7 Mon Sep 17 00:00:00 2001 From: Chelsea Holland Komlo Date: Sun, 17 Sep 2017 18:22:07 +0000 Subject: [PATCH 5/5] add missing command --- commands.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/commands.go b/commands.go index 2f9fa6520..d2599930b 100644 --- a/commands.go +++ b/commands.go @@ -46,6 +46,11 @@ func Commands(metaPtr *command.Meta) map[string]cli.CommandFactory { Meta: meta, }, nil }, + "acl policy delete": func() (cli.Command, error) { + return &command.ACLPolicyDeleteCommand{ + Meta: meta, + }, nil + }, "acl policy info": func() (cli.Command, error) { return &command.ACLPolicyInfoCommand{ Meta: meta,