mirror of
https://github.com/kemko/nomad.git
synced 2026-01-02 16:35:44 +03:00
d6757609dc
The meta client looks for both an environment variable and a CLI flag when generating a client. The CLI UUID checker needs to do this also, so we account for users using both env vars and CLI flag tokens.
106 lines
2.6 KiB
Go
106 lines
2.6 KiB
Go
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: BUSL-1.1
|
|
|
|
package command
|
|
|
|
import (
|
|
"fmt"
|
|
"os"
|
|
"strings"
|
|
|
|
"github.com/hashicorp/nomad/helper"
|
|
"github.com/posener/complete"
|
|
)
|
|
|
|
type ACLTokenSelfCommand struct {
|
|
Meta
|
|
}
|
|
|
|
func (c *ACLTokenSelfCommand) Help() string {
|
|
helpText := `
|
|
Usage: nomad acl token self
|
|
|
|
Self is used to fetch information about the currently set ACL token.
|
|
|
|
General Options:
|
|
|
|
` + generalOptionsUsage(usageOptsDefault|usageOptsNoNamespace)
|
|
|
|
return strings.TrimSpace(helpText)
|
|
}
|
|
|
|
func (c *ACLTokenSelfCommand) AutocompleteFlags() complete.Flags {
|
|
return c.Meta.AutocompleteFlags(FlagSetClient)
|
|
}
|
|
|
|
func (c *ACLTokenSelfCommand) AutocompleteArgs() complete.Predictor {
|
|
return complete.PredictNothing
|
|
}
|
|
|
|
func (c *ACLTokenSelfCommand) Synopsis() string {
|
|
return "Lookup self ACL token"
|
|
}
|
|
|
|
func (c *ACLTokenSelfCommand) Name() string { return "acl token self" }
|
|
|
|
func (c *ACLTokenSelfCommand) Run(args []string) int {
|
|
flags := c.Meta.FlagSet(c.Name(), FlagSetClient)
|
|
flags.Usage = func() { c.Ui.Output(c.Help()) }
|
|
if err := flags.Parse(args); err != nil {
|
|
return 1
|
|
}
|
|
|
|
// Check that we have no arguments
|
|
args = flags.Args()
|
|
if l := len(args); l != 0 {
|
|
c.Ui.Error("This command takes no arguments")
|
|
c.Ui.Error(commandErrorText(c))
|
|
return 1
|
|
}
|
|
|
|
// Get the HTTP client
|
|
client, err := c.Meta.Client()
|
|
if err != nil {
|
|
c.Ui.Error(fmt.Sprintf("Error initializing client: %s", err))
|
|
return 1
|
|
}
|
|
|
|
// To get the authentication token, we must perform the same steps as the
|
|
// command meta and API client perform. This is because the token may be set
|
|
// as an environment variable or as a CLI flag.
|
|
//
|
|
// The environment variable is grabbed first. If this is not set, the
|
|
// resulting string is empty.
|
|
authToken := os.Getenv("NOMAD_TOKEN")
|
|
|
|
// If the CLI flag is set, it will override the environment variable.
|
|
if c.token != "" {
|
|
authToken = c.token
|
|
}
|
|
|
|
if authToken == "" {
|
|
c.Ui.Error("No token present in the environment or set via the CLI flag")
|
|
return 1
|
|
}
|
|
|
|
// Does this look like a Nomad ACL token?
|
|
if helper.IsUUID(authToken) {
|
|
token, _, err := client.ACLTokens().Self(nil)
|
|
if err != nil {
|
|
c.Ui.Error(fmt.Sprintf("Error fetching self token: %s", err))
|
|
return 1
|
|
}
|
|
// Format the output
|
|
outputACLToken(c.Ui, token)
|
|
return 0
|
|
}
|
|
|
|
policies, _, err := client.ACLPolicies().Self(nil)
|
|
if err == nil && len(policies) > 0 {
|
|
c.Ui.Info("No ACL token found but there are ACL policies attached to this workload identity. You can query them with acl policy self command.")
|
|
return 0
|
|
}
|
|
c.Ui.Error("No ACL tokens, nor ACL policies attached to a workload identity found.")
|
|
return 1
|
|
}
|