towk/magellan
1
0
Fork 0
mirror of https://github.com/davidallendj/magellan.git synced 2025-12-20 21:47:11 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: add secret store support to update command

Browse source
This commit is contained in:
Devon Bautista 2025-04-16 16:31:23 -06:00 committed by David Allen
parent 93010587c6
commit 0909254550
Signed by: towk
GPG key ID: 0430CDBE22619155
1 changed files with 48 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

56
cmd/update.go
View file

@ -5,6 +5,8 @@ import (
"strings" "strings"
magellan "github.com/OpenCHAMI/magellan/pkg" magellan "github.com/OpenCHAMI/magellan/pkg"
"github.com/OpenCHAMI/magellan/pkg/bmc"
"github.com/OpenCHAMI/magellan/pkg/secrets"
"github.com/rs/zerolog/log" "github.com/rs/zerolog/log"
"github.com/spf13/cobra" "github.com/spf13/cobra"
"github.com/spf13/viper" "github.com/spf13/viper"
@ -41,6 +43,46 @@ var updateCmd = &cobra.Command{
os.Exit(1) os.Exit(1)
} }
// use secret store for BMC credentials, and/or credential CLI flags
var (
store secrets.SecretStore
uri = args[0]
err error
)
if username != "" && password != "" {
// First, try and load credentials from --username and --password if both are set.
log.Debug().Str("id", uri).Msgf("--username and --password specified, using them for BMC credentials")
store = secrets.NewStaticStore(username, password)
} else {
// Alternatively, locate specific credentials (falling back to default) and override those
// with --username or --password if either are passed.
log.Debug().Str("id", uri).Msgf("one or both of --username and --password NOT passed, attempting to obtain missing credentials from secret store at %s", secretsFile)
if store, err = secrets.OpenStore(secretsFile); err != nil {
log.Error().Str("id", uri).Err(err).Msg("failed to open local secrets store")
}
// Either none of the flags were passed or only one of them were; get
// credentials from secrets store to fill in the gaps.
bmcCreds, _ := bmc.GetBMCCredentials(store, uri)
nodeCreds := secrets.StaticStore{
Username: bmcCreds.Username,
Password: bmcCreds.Password,
}
// If either of the flags were passed, override the fetched
// credentials with them.
if username != "" {
log.Info().Str("id", uri).Msg("--username was set, overriding username for this BMC")
nodeCreds.Username = username
}
if password != "" {
log.Info().Str("id", uri).Msg("--password was set, overriding password for this BMC")
nodeCreds.Password = password
}
store = &nodeCreds
}
// get status if flag is set and exit // get status if flag is set and exit
for _, arg := range args { for _, arg := range args {
if showStatus { if showStatus {
@ -49,10 +91,9 @@ var updateCmd = &cobra.Command{
TransferProtocol: transferProtocol, TransferProtocol: transferProtocol,
Insecure: Insecure, Insecure: Insecure,
CollectParams: magellan.CollectParams{ CollectParams: magellan.CollectParams{
URI: arg, URI: arg,
Username: username, SecretStore: store,
Password: password, Timeout: timeout,
Timeout: timeout,
}, },
}) })
if err != nil { if err != nil {
@ -67,10 +108,9 @@ var updateCmd = &cobra.Command{
TransferProtocol: strings.ToUpper(transferProtocol), TransferProtocol: strings.ToUpper(transferProtocol),
Insecure: Insecure, Insecure: Insecure,
CollectParams: magellan.CollectParams{ CollectParams: magellan.CollectParams{
URI: arg, URI: arg,
Username: username, SecretStore: store,
Password: password, Timeout: timeout,
Timeout: timeout,
}, },
}) })
if err != nil { if err != nil {