feat: add default secret to local store

cmd/collect.go

@@ -1,6 +1,7 @@
 package cmd
 
 import (
+	"encoding/json"
 	"fmt"
 	"os/user"
 
@@ -8,6 +9,7 @@ import (
 	urlx "github.com/OpenCHAMI/magellan/internal/url"
 	magellan "github.com/OpenCHAMI/magellan/pkg"
 	"github.com/OpenCHAMI/magellan/pkg/auth"
+	"github.com/OpenCHAMI/magellan/pkg/crawler"
 	"github.com/OpenCHAMI/magellan/pkg/secrets"
 	"github.com/cznic/mathutil"
 	magellan "github.com/davidallendj/magellan/internal"
@@ -86,12 +88,35 @@ var CollectCmd = &cobra.Command{
 		// load the secrets file to get node credentials by ID (i.e. the BMC node's URI)
 		store, err := secrets.OpenStore(params.SecretsFile)
 		if err != nil {
-			// Something went wrong with the store so try using
+			log.Warn().Err(err).Msg("failed to open local store...falling back to default provided arguments")
-			// Create a StaticSecretStore to hold the username and password
+			// try and use the `username` and `password` arguments instead
-			log.Warn().Err(err).Msg("failed to open local store")
 			store = secrets.NewStaticStore(username, password)
 		}
 
+		// found the store so try to load the creds
+		_, err = store.GetSecretByID(host)
+		if err != nil {
+			// if we have CLI flags set, then we want to override default stored creds
+			if username != "" && password != "" {
+				// finally, use the CLI arguments passed instead
+				store = secrets.NewStaticStore(username, password)
+			} else {
+				// try and get a default *stored* username/password
+				secret, err := store.GetSecretByID("default")
+				if err != nil {
+					// no default found, so use CLI arguments
+					log.Warn().Err(err).Msg("no default credentials found")
+				} else {
+					// found default values in local store so use them
+					var creds crawler.BMCUsernamePassword
+					err = json.Unmarshal([]byte(secret), &creds)
+					if err != nil {
+						log.Warn().Err(err).Msg("failed to unmarshal default store credentials")
+					}
+				}
+			}
+		}
+
 		_, err = magellan.CollectInventory(&scannedResults, params, store)
 		if err != nil {
 			log.Error().Err(err).Msg("failed to collect data")

cmd/crawl.go

@@ -51,13 +51,32 @@ var CrawlCmd = &cobra.Command{
 		// found the store so try to load the creds
 		_, err = store.GetSecretByID(uri)
 		if err != nil {
+			// if we have CLI flags set, then we want to override default stored creds
+			if username != "" && password != "" {
+				// finally, use the CLI arguments passed instead
 				store = secrets.NewStaticStore(username, password)
+			} else {
+				// try and get a default *stored* username/password
+				secret, err := store.GetSecretByID(secrets.DEFAULT_KEY)
+				if err != nil {
+					// no default found, so use CLI arguments
+					log.Warn().Err(err).Msg("no default credentials found")
+				} else {
+					// found default values in local store so use them
+					var creds crawler.BMCUsernamePassword
+					err = json.Unmarshal([]byte(secret), &creds)
+					if err != nil {
+						log.Warn().Err(err).Msg("failed to unmarshal default store credentials")
+					}
+				}
+			}
 		}
 
 		systems, err := crawler.CrawlBMCForSystems(crawler.CrawlerConfig{
 			URI:             uri,
 			CredentialStore: store,
 			Insecure:        insecure,
+			UseDefault:      true,
 		})
 		if err != nil {
 			log.Error().Err(err).Msg("failed to crawl BMC")

pkg/collect.go

@@ -127,6 +127,7 @@ func CollectInventory(assets *[]RemoteAsset, params *CollectParams, localStore s
 						URI:             uri,
 						CredentialStore: localStore,
 						Insecure:        true,
+						UseDefault:      true,
 					}
 					err error
 				)
@@ -138,8 +139,13 @@ func CollectInventory(assets *[]RemoteAsset, params *CollectParams, localStore s
 				if localStore != nil {
 					_, err := localStore.GetSecretByID(uri)
 					if err != nil {
-						log.Warn().Err(err).Msgf("could not retrieve secrets for %s...falling back to default provided credentials for user '%s'", uri, params.Username)
+						log.Warn().Err(err).Msgf("could not retrieve secrets for '%s'...falling back to credentials provided with flags -u/-p for user '%s'", uri, params.Username)
+						if params.Username != "" && params.Password != "" {
 							config.CredentialStore = fallbackStore
+						} else if !config.UseDefault {
+							log.Warn().Msgf("no fallback credentials provided for '%s'", params.Username)
+							continue
+						}
 					}
 				} else {
 					log.Warn().Msgf("invalid store for %s...falling back to default provided credentials for user '%s'", uri, params.Username)

pkg/crawler/main.go

@@ -15,6 +15,7 @@ type CrawlerConfig struct {
 	URI             string // URI of the BMC
 	Insecure        bool   // Whether to ignore SSL errors
 	CredentialStore secrets.SecretStore
+	UseDefault      bool
 }
 
 func (cc *CrawlerConfig) GetUserPass() (BMCUsernamePassword, error) {
@@ -382,8 +383,20 @@ func loadBMCCreds(config CrawlerConfig) (BMCUsernamePassword, error) {
 		event := log.Error()
 		event.Err(err)
 		event.Msg("failed to get credentials from secret store")
+		// try to get default if parameter is set
+		if config.UseDefault {
+			creds, err = config.CredentialStore.GetSecretByID(secrets.DEFAULT_KEY)
+			// no default credentials
+			if err != nil {
+				event := log.Error()
+				event.Err(err)
+				event.Msg("failed to get default credentials from secret store")
 				return BMCUsernamePassword{}, err
 			}
+		} else {
+			return BMCUsernamePassword{}, err
+		}
+	}
 	var bmc_creds BMCUsernamePassword
 	err = json.Unmarshal([]byte(creds), &bmc_creds)
 	if err != nil {

pkg/secrets/main.go

@@ -1,5 +1,7 @@
 package secrets
 
+const DEFAULT_KEY = "default"
+
 type SecretStore interface {
 	GetSecretByID(secretID string) (string, error)
 	StoreSecretByID(secretID, secret string) error