diff --git a/cmd/collect.go b/cmd/collect.go index 9978ae0..ef3390c 100644 --- a/cmd/collect.go +++ b/cmd/collect.go @@ -1,6 +1,7 @@ package cmd import ( + "encoding/json" "fmt" "os/user" @@ -8,6 +9,7 @@ import ( urlx "github.com/OpenCHAMI/magellan/internal/url" magellan "github.com/OpenCHAMI/magellan/pkg" "github.com/OpenCHAMI/magellan/pkg/auth" + "github.com/OpenCHAMI/magellan/pkg/crawler" "github.com/OpenCHAMI/magellan/pkg/secrets" "github.com/cznic/mathutil" "github.com/rs/zerolog/log" @@ -82,12 +84,35 @@ var CollectCmd = &cobra.Command{ // load the secrets file to get node credentials by ID (i.e. the BMC node's URI) store, err := secrets.OpenStore(params.SecretsFile) if err != nil { - // Something went wrong with the store so try using - // Create a StaticSecretStore to hold the username and password - log.Warn().Err(err).Msg("failed to open local store") + log.Warn().Err(err).Msg("failed to open local store...falling back to default provided arguments") + // try and use the `username` and `password` arguments instead store = secrets.NewStaticStore(username, password) } + // found the store so try to load the creds + _, err = store.GetSecretByID(host) + if err != nil { + // if we have CLI flags set, then we want to override default stored creds + if username != "" && password != "" { + // finally, use the CLI arguments passed instead + store = secrets.NewStaticStore(username, password) + } else { + // try and get a default *stored* username/password + secret, err := store.GetSecretByID("default") + if err != nil { + // no default found, so use CLI arguments + log.Warn().Err(err).Msg("no default credentials found") + } else { + // found default values in local store so use them + var creds crawler.BMCUsernamePassword + err = json.Unmarshal([]byte(secret), &creds) + if err != nil { + log.Warn().Err(err).Msg("failed to unmarshal default store credentials") + } + } + } + } + _, err = magellan.CollectInventory(&scannedResults, params, store) if err != nil { log.Error().Err(err).Msg("failed to collect data") diff --git a/cmd/crawl.go b/cmd/crawl.go index e059663..558f372 100644 --- a/cmd/crawl.go +++ b/cmd/crawl.go @@ -51,13 +51,32 @@ var CrawlCmd = &cobra.Command{ // found the store so try to load the creds _, err = store.GetSecretByID(uri) if err != nil { - store = secrets.NewStaticStore(username, password) + // if we have CLI flags set, then we want to override default stored creds + if username != "" && password != "" { + // finally, use the CLI arguments passed instead + store = secrets.NewStaticStore(username, password) + } else { + // try and get a default *stored* username/password + secret, err := store.GetSecretByID(secrets.DEFAULT_KEY) + if err != nil { + // no default found, so use CLI arguments + log.Warn().Err(err).Msg("no default credentials found") + } else { + // found default values in local store so use them + var creds crawler.BMCUsernamePassword + err = json.Unmarshal([]byte(secret), &creds) + if err != nil { + log.Warn().Err(err).Msg("failed to unmarshal default store credentials") + } + } + } } systems, err := crawler.CrawlBMCForSystems(crawler.CrawlerConfig{ URI: uri, CredentialStore: store, Insecure: insecure, + UseDefault: true, }) if err != nil { log.Error().Err(err).Msg("failed to crawl BMC") diff --git a/pkg/collect.go b/pkg/collect.go index 40ec851..ec980ba 100644 --- a/pkg/collect.go +++ b/pkg/collect.go @@ -127,6 +127,7 @@ func CollectInventory(assets *[]RemoteAsset, params *CollectParams, localStore s URI: uri, CredentialStore: localStore, Insecure: true, + UseDefault: true, } err error ) @@ -138,8 +139,13 @@ func CollectInventory(assets *[]RemoteAsset, params *CollectParams, localStore s if localStore != nil { _, err := localStore.GetSecretByID(uri) if err != nil { - log.Warn().Err(err).Msgf("could not retrieve secrets for %s...falling back to default provided credentials for user '%s'", uri, params.Username) - config.CredentialStore = fallbackStore + log.Warn().Err(err).Msgf("could not retrieve secrets for '%s'...falling back to credentials provided with flags -u/-p for user '%s'", uri, params.Username) + if params.Username != "" && params.Password != "" { + config.CredentialStore = fallbackStore + } else if !config.UseDefault { + log.Warn().Msgf("no fallback credentials provided for '%s'", params.Username) + continue + } } } else { log.Warn().Msgf("invalid store for %s...falling back to default provided credentials for user '%s'", uri, params.Username) diff --git a/pkg/crawler/main.go b/pkg/crawler/main.go index bd29fcb..2eb9932 100644 --- a/pkg/crawler/main.go +++ b/pkg/crawler/main.go @@ -15,6 +15,7 @@ type CrawlerConfig struct { URI string // URI of the BMC Insecure bool // Whether to ignore SSL errors CredentialStore secrets.SecretStore + UseDefault bool } func (cc *CrawlerConfig) GetUserPass() (BMCUsernamePassword, error) { @@ -382,7 +383,19 @@ func loadBMCCreds(config CrawlerConfig) (BMCUsernamePassword, error) { event := log.Error() event.Err(err) event.Msg("failed to get credentials from secret store") - return BMCUsernamePassword{}, err + // try to get default if parameter is set + if config.UseDefault { + creds, err = config.CredentialStore.GetSecretByID(secrets.DEFAULT_KEY) + // no default credentials + if err != nil { + event := log.Error() + event.Err(err) + event.Msg("failed to get default credentials from secret store") + return BMCUsernamePassword{}, err + } + } else { + return BMCUsernamePassword{}, err + } } var bmc_creds BMCUsernamePassword err = json.Unmarshal([]byte(creds), &bmc_creds) diff --git a/pkg/secrets/main.go b/pkg/secrets/main.go index 5cb7f95..983f159 100644 --- a/pkg/secrets/main.go +++ b/pkg/secrets/main.go @@ -1,5 +1,7 @@ package secrets +const DEFAULT_KEY = "default" + type SecretStore interface { GetSecretByID(secretID string) (string, error) StoreSecretByID(secretID, secret string) error