diff --git a/cmd/crawl.go b/cmd/crawl.go index 68f01cc..9b44285 100644 --- a/cmd/crawl.go +++ b/cmd/crawl.go @@ -40,39 +40,67 @@ var CrawlCmd = &cobra.Command{ store secrets.SecretStore err error ) - // try and load credentials from local store first - store, err = secrets.OpenStore(secretsFile) - if err != nil { - log.Warn().Err(err).Msg("failed to open local store...falling back to provided arguments") - // try and use the `username` and `password` arguments instead - store = secrets.NewStaticStore(username, password) - } - // found the store so try to load the creds - _, err = store.GetSecretByID(uri) - if err != nil { - log.Warn().Err(err).Msgf("failed to get secrets for '%s'...", uri) - // if we have CLI flags set, then we want to override default stored creds - if username != "" && password != "" { - // finally, use the CLI arguments passed instead - log.Info().Msg("...using provided arguments for credentials") - store = secrets.NewStaticStore(username, password) - } else { - // try and get a default *stored* username/password - log.Info().Msg("...using default stored secrets for credentials") - secret, err := store.GetSecretByID(secrets.DEFAULT_KEY) + if username != "" && password != "" { + // First, try and load credentials from --username and --password if both are set. + log.Debug().Str("uri", uri).Msgf("--username and --password specified, using them for BMC credentials") + store = secrets.NewStaticStore(username, password) + } else { + // Alternatively, locate specific credentials (falling back to default) and override those + // with --username or --password if either are passed. + log.Debug().Str("uri", uri).Msgf("one or both of --username and --password NOT passed, attempting to obtain missing credentials from secret store at %s", secretsFile) + if store, err = secrets.OpenStore(secretsFile); err != nil { + log.Error().Str("uri", uri).Err(err).Msg("failed to open local secrets store") + } + + // Either none of the flags were passed or only one of them were; get + // credentials from secrets store to fill in the gaps. + // + // Attempt to get URI-specific credentials. + var nodeCreds secrets.StaticStore + if uriCreds, err := store.GetSecretByID(uri); err != nil { + // Specific credentials for URI not found, fetch default. + log.Warn().Str("uri", uri).Msg("specific credentials not found, falling back to default") + defaultSecret, err := store.GetSecretByID(secrets.DEFAULT_KEY) if err != nil { - // no default found, so use CLI arguments - log.Warn().Err(err).Msg("no default credentials found") + // We've exhausted all options, the credentials will be blank unless + // overridden by a CLI flag. + log.Warn().Str("uri", uri).Err(err).Msg("no default credentials were set, they will be blank unless overridden by CLI flags") } else { - // found default values in local store so use them + // Default credentials found, use them. var creds crawler.BMCUsernamePassword - err = json.Unmarshal([]byte(secret), &creds) - if err != nil { - log.Warn().Err(err).Msg("failed to unmarshal default store credentials") + if err = json.Unmarshal([]byte(defaultSecret), &creds); err != nil { + log.Warn().Str("uri", uri).Err(err).Msg("failed to unmarshal default secrets store credentials") + } else { + log.Info().Str("uri", uri).Msg("default credentials found, using") + nodeCreds.Username = creds.Username + nodeCreds.Password = creds.Password } } + } else { + // Specific URI credentials found, use them. + var creds crawler.BMCUsernamePassword + if err = json.Unmarshal([]byte(uriCreds), &creds); err != nil { + log.Warn().Str("uri", uri).Err(err).Msg("failed to unmarshal uri credentials") + } else { + nodeCreds.Username = creds.Username + nodeCreds.Password = creds.Password + log.Info().Str("uri", uri).Msg("specific credentials found, using") + } } + + // If either of the flags were passed, override the fetched + // credentials with them. + if username != "" { + log.Info().Str("uri", uri).Msg("--username was set, overriding username for this BMC") + nodeCreds.Username = username + } + if password != "" { + log.Info().Str("uri", uri).Msg("--password was set, overriding password for this BMC") + nodeCreds.Password = password + } + + store = &nodeCreds } systems, err := crawler.CrawlBMCForSystems(crawler.CrawlerConfig{