From 9c666e510c2ab49a741c4555bf63b7cfe7d35acd Mon Sep 17 00:00:00 2001 From: Aditya Kajla Date: Tue, 10 Oct 2023 19:31:27 -0700 Subject: [PATCH 1/7] Add golangci + more detailed output to assign, object and remove cmds --- .github/workflows/build.yaml | 28 ++++++++++- .golangci.yaml | 94 ++++++++++++++++++++++++++++++++++++ internal/cmd/assign.go | 15 +++++- internal/cmd/init.go | 4 +- internal/cmd/object.go | 21 ++++++-- internal/cmd/remove.go | 2 +- 6 files changed, 155 insertions(+), 9 deletions(-) create mode 100644 .golangci.yaml diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 1402950..96ac529 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -5,8 +5,11 @@ on: branches: [master] pull_request: branches: [master] +permissions: + contents: read + pull-requests: read jobs: - build: + ci: runs-on: ubuntu-latest steps: - name: Setup Go Env @@ -17,6 +20,10 @@ jobs: uses: actions/checkout@v3 with: fetch-depth: 2 + - name: Verify Go dependencies + run: go mod verify + - name: Run unit tests + run: go test -v ./... - name: Build CLI run: make build working-directory: cmd/warrant @@ -26,3 +33,22 @@ jobs: distribution: goreleaser version: latest args: check + golangci: + runs-on: ubuntu-latest + steps: + - name: Setup Go env + uses: actions/setup-go@v4 + with: + go-version: "^1.21.0" + cache: false + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Run golangci-lint + uses: golangci/golangci-lint-action@v3 + with: + version: latest + args: -v --timeout=5m + only-new-issues: false + install-mode: "binary" diff --git a/.golangci.yaml b/.golangci.yaml new file mode 100644 index 0000000..8632436 --- /dev/null +++ b/.golangci.yaml @@ -0,0 +1,94 @@ +run: + skip-dirs: + - migrations + - tests +linters: + enable-all: true + disable: + # Deprecated: + - deadcode + - exhaustivestruct + - golint + - ifshort + - interfacer + - maligned + - nosnakecase + - scopelint + - structcheck + - varcheck + + # Should review/fix: + # - cyclop + - depguard + - dupl + - dupword + # - errorlint + # - exhaustive + - exhaustruct + # - forcetypeassert + - funlen + - gci + - gochecknoglobals + # - gochecknoinits + # - gocognit + # - gocritic + # - gocyclo + # - godot + - godox + - goerr113 + - gofumpt + - gomnd + # - gosec + - interfacebloat + - ireturn + # - mirror + # - nestif + # - nilerr + # - nilnil + - nlreturn + # - noctx + # - nonamedreturns + # - paralleltest + # - reassign + # Revive needs config: + - revive + - stylecheck + # - tagalign + # - testpackage + # - unconvert + - unparam + - varnamelen + - wrapcheck + - wsl +linters-settings: + goheader: + template: |- + Copyright {{YEAR-RANGE}} Forerunner Labs, Inc. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + lll: + line-length: 270 + nestif: + min-complexity: 40 + cyclop: + max-complexity: 100 + gocognit: + min-complexity: 150 + gocyclo: + min-complexity: 80 + maintidx: + under: 10 +issues: + new-from-rev: 3f04848d5a946826ab51f00361d6793761ca6616 + max-issues-per-linter: 0 + max-same-issues: 0 diff --git a/internal/cmd/assign.go b/internal/cmd/assign.go index e62ead8..3683b84 100644 --- a/internal/cmd/assign.go +++ b/internal/cmd/assign.go @@ -46,8 +46,21 @@ warrant assign user:56 member role:admin 'domain == warrant.dev'`, if err != nil { return err } - fmt.Println("Created warrant") + fmt.Printf("assigned %s\n", warrantAsString(warrantSpec)) return nil }, } + +func warrantAsString(w *warrant.WarrantParams) string { + subject := fmt.Sprintf("%s:%s", w.Subject.ObjectType, w.Subject.ObjectId) + if w.Subject.Relation != "" { + subject = fmt.Sprintf("%s#%s", subject, w.Subject.Relation) + } + s := fmt.Sprintf("%s %s %s:%s", subject, w.Relation, w.ObjectType, w.ObjectId) + if w.Policy != "" { + s = fmt.Sprintf("%s %s", s, w.Policy) + } + + return s +} diff --git a/internal/cmd/init.go b/internal/cmd/init.go index 6d7c184..51aaefb 100644 --- a/internal/cmd/init.go +++ b/internal/cmd/init.go @@ -39,7 +39,7 @@ warrant init`, return err } - fmt.Println("Creating ~/.warrant.json") + fmt.Println("creating ~/.warrant.json") envMap := make(map[string]config.Environment) envMap[envName] = *env newConfig := config.Config{ @@ -50,7 +50,7 @@ warrant init`, if err != nil { return err } - fmt.Println("Setup complete") + fmt.Println("setup complete") return nil }, diff --git a/internal/cmd/object.go b/internal/cmd/object.go index c9ff5c7..c0c9718 100644 --- a/internal/cmd/object.go +++ b/internal/cmd/object.go @@ -83,7 +83,11 @@ warrant object create permission:edit-users '{"name": "Edit Users"}'`, if err != nil { return err } - printer.PrintJson(newObj) + + fmt.Printf("created %s:%s\n", newObj.ObjectType, newObj.ObjectId) + if len(newObj.Meta) > 0 { + printer.PrintJson(newObj.Meta) + } return nil }, @@ -108,7 +112,11 @@ warrant object get role:123`, if err != nil { return err } - printer.PrintJson(obj) + + fmt.Printf("%s:%s\n", obj.ObjectType, obj.ObjectId) + if len(obj.Meta) > 0 { + printer.PrintJson(obj.Meta) + } return nil }, @@ -140,7 +148,11 @@ warrant object update role:123 '{"name": "New name"}'`, if err != nil { return err } - printer.PrintJson(updatedObj) + + fmt.Printf("updated %s:%s\n", updatedObj.ObjectType, updatedObj.ObjectId) + if len(updatedObj.Meta) > 0 { + printer.PrintJson(updatedObj.Meta) + } return nil }, @@ -165,7 +177,8 @@ warrant object delete role:admin`, if err != nil { return err } - fmt.Printf("Deleted object\n") + + fmt.Printf("deleted %s:%s\n", objectType, objectId) return nil }, diff --git a/internal/cmd/remove.go b/internal/cmd/remove.go index dd2e0ee..2b2e81e 100644 --- a/internal/cmd/remove.go +++ b/internal/cmd/remove.go @@ -46,7 +46,7 @@ warrant remove user:56 member role:admin 'domain == warrant.dev'`, if err != nil { return err } - fmt.Println("Deleted warrant") + fmt.Printf("removed %s\n", warrantAsString(warrantSpec)) return nil }, From 901ad2aea00584b405b8621203dd3548cf9225a7 Mon Sep 17 00:00:00 2001 From: Aditya Kajla Date: Tue, 10 Oct 2023 20:02:35 -0700 Subject: [PATCH 2/7] Update check cmd output --- .github/workflows/build.yaml | 2 +- .github/workflows/release.yaml | 2 +- internal/cmd/check.go | 35 ++++++++++++++++++++++++++++++---- 3 files changed, 33 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 96ac529..0595444 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -1,4 +1,4 @@ -name: Build Warrant CLI +name: Build on: push: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 4807b21..58e10b1 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,4 +1,4 @@ -name: Release Warrant CLI +name: Release on: push: diff --git a/internal/cmd/check.go b/internal/cmd/check.go index eaaa9e1..5774f05 100644 --- a/internal/cmd/check.go +++ b/internal/cmd/check.go @@ -15,6 +15,7 @@ package cmd import ( + "encoding/json" "fmt" "os" "strconv" @@ -75,23 +76,49 @@ warrant check user:56 member role:admin --assert true`, return err } + checkSpecString, err := checkSpecAsString(&checkSpec.WarrantCheck) + if err != nil { + return err + } + if assertFlagVal != "" { // Assert if checkResult == assertVal { - fmt.Println(termenv.String(printer.Checkmark + " passed").Foreground(printer.Green)) + fmt.Printf("%s %s\n", termenv.String(printer.Checkmark, fmt.Sprintf("assert %t", assertVal)).Foreground(printer.Green), checkSpecString) } else { - fmt.Println(termenv.String(printer.Cross + " failed").Foreground(printer.Red)) + fmt.Printf("%s %s\n", termenv.String(printer.Cross, fmt.Sprintf("assert %t", assertVal)).Foreground(printer.Red), checkSpecString) os.Exit(1) } } else { // Check if checkResult { - fmt.Println(termenv.String(printer.Checkmark + " true").Foreground(printer.Green)) + fmt.Printf("%s %s\n", termenv.String(printer.Checkmark, "true").Foreground(printer.Green), checkSpecString) } else { - fmt.Println(termenv.String(printer.Cross + " false").Foreground(printer.Red)) + fmt.Printf("%s %s\n", termenv.String(printer.Cross, "false").Foreground(printer.Red), checkSpecString) } } return nil }, } + +func checkSpecAsString(w *warrant.WarrantCheck) (string, error) { + // TODO: should also handle subject relation if present + s := fmt.Sprintf( + "%s:%s %s %s:%s", + w.Subject.GetObjectType(), + w.Subject.GetObjectId(), + w.Relation, + w.Object.GetObjectType(), + w.Object.GetObjectId(), + ) + if len(w.Context) > 0 { + bytes, err := json.Marshal(w.Context) + if err != nil { + return "", err + } + s = fmt.Sprintf("%s '%s'", s, string(bytes)) + } + + return s, nil +} From 3527ca45b8acdcce9b68130fcdb23e8e7fc2b34f Mon Sep 17 00:00:00 2001 From: Aditya Kajla Date: Tue, 10 Oct 2023 20:09:17 -0700 Subject: [PATCH 3/7] Update golangci config --- .golangci.yaml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index 8632436..3588f1b 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -1,7 +1,3 @@ -run: - skip-dirs: - - migrations - - tests linters: enable-all: true disable: @@ -26,6 +22,7 @@ linters: # - exhaustive - exhaustruct # - forcetypeassert + - forbidigo - funlen - gci - gochecknoglobals @@ -89,6 +86,6 @@ linters-settings: maintidx: under: 10 issues: - new-from-rev: 3f04848d5a946826ab51f00361d6793761ca6616 + new-from-rev: 46ca9cb0f3fb283113388fcabd762b8c55eda2be max-issues-per-linter: 0 max-same-issues: 0 From 51dac7b83aa44f6e6637f4757b6df64ca04aeaea Mon Sep 17 00:00:00 2001 From: Aditya Kajla Date: Tue, 10 Oct 2023 21:36:46 -0700 Subject: [PATCH 4/7] Simplify env cmd --- internal/cmd/env.go | 63 +++++++++++++++++++++------------------------ 1 file changed, 29 insertions(+), 34 deletions(-) diff --git a/internal/cmd/env.go b/internal/cmd/env.go index f4e0b85..3a15356 100644 --- a/internal/cmd/env.go +++ b/internal/cmd/env.go @@ -24,57 +24,52 @@ import ( "github.com/warrant-dev/warrant-cli/internal/reader" ) +var listEnvs bool + func init() { - envCmd.AddCommand(listEnvCmd) + envCmd.Flags().BoolVarP(&listEnvs, "list", "l", false, "list all configured environments") + envCmd.AddCommand(addEnvCmd) envCmd.AddCommand(removeEnvCmd) envCmd.AddCommand(switchEnvCmd) + rootCmd.AddCommand(envCmd) } var envCmd = &cobra.Command{ Use: "env", - Short: "Get the name of the current active environment", - Long: "Get the name of the current active environment.", + Short: "List configured environment(s)", + Long: "List configured environment(s), including the current active environment.", Example: ` -warrant env`, +warrant env +warrant env --list`, Args: cobra.NoArgs, RunE: func(cmd *cobra.Command, args []string) error { config := GetConfigOrExit() - fmt.Println(config.ActiveEnvironment) - return nil - }, -} + if listEnvs { + if len(config.Environments) == 1 { + fmt.Println(config.ActiveEnvironment) + return nil + } -var listEnvCmd = &cobra.Command{ - Use: "list", - Short: "List all configured environments", - Long: "List all configured environments, including the current active environment denoted by a * prefix.", - Example: ` -warrant list`, - Args: cobra.NoArgs, - RunE: func(cmd *cobra.Command, args []string) error { - config := GetConfigOrExit() + envs := make([]string, 0, len(config.Environments)) + for k := range config.Environments { + envs = append(envs, k) + } + sort.Strings(envs) + for _, env := range envs { + if env == config.ActiveEnvironment { + fmt.Println(termenv.String("* " + env).Bold()) + } else { + fmt.Println(" " + env) + } + } - if len(config.Environments) == 1 { - fmt.Println(config.ActiveEnvironment) return nil } - envs := make([]string, 0, len(config.Environments)) - for k := range config.Environments { - envs = append(envs, k) - } - sort.Strings(envs) - for _, env := range envs { - if env == config.ActiveEnvironment { - fmt.Println(termenv.String("* " + env).Bold()) - } else { - fmt.Println(" " + env) - } - } - + fmt.Println(config.ActiveEnvironment) return nil }, } @@ -132,8 +127,8 @@ warrant remove test`, var switchEnvCmd = &cobra.Command{ Use: "switch ", - Short: "Switch to the given environment", - Long: "Switch to the given environment, provided it exists in config.", + Short: "Switch to a given environment", + Long: "Switch to a given environment, provided it exists in config.", Example: ` warrant switch prod`, Args: cobra.ExactArgs(1), From 70c9980e83e1484085f0988b36db6a960bbceb0b Mon Sep 17 00:00:00 2001 From: Aditya Kajla Date: Tue, 10 Oct 2023 21:56:47 -0700 Subject: [PATCH 5/7] Implement objecttype apply cmd --- internal/cmd/objecttype.go | 53 +++++++++++++++++++++++++++++++++----- 1 file changed, 47 insertions(+), 6 deletions(-) diff --git a/internal/cmd/objecttype.go b/internal/cmd/objecttype.go index acac24a..213a00c 100644 --- a/internal/cmd/objecttype.go +++ b/internal/cmd/objecttype.go @@ -15,18 +15,24 @@ package cmd import ( + "bufio" + "encoding/json" + "fmt" + "io" + "os" + "github.com/spf13/cobra" "github.com/warrant-dev/warrant-cli/internal/printer" "github.com/warrant-dev/warrant-go/v5" "github.com/warrant-dev/warrant-go/v5/objecttype" ) -var typesFile string var listObjecttypeWarrantToken string +var typesFile string func init() { - applyObjecttypeCmd.Flags().StringVarP(&typesFile, "file", "f", "", "file containing object type definitions") listObjecttypeCmd.Flags().StringVarP(&listObjecttypeWarrantToken, "warrant-token", "w", "", "optional warrant token header value to include in list objecttypes request") + applyObjecttypeCmd.Flags().StringVarP(&typesFile, "file", "f", "", "file containing object type definitions") objecttypeCmd.AddCommand(listObjecttypeCmd) objecttypeCmd.AddCommand(applyObjecttypeCmd) @@ -44,8 +50,8 @@ warrant objecttype apply -f types.json`, var listObjecttypeCmd = &cobra.Command{ Use: "list", - Short: "List all object types in environment", - Long: "List all object types in environment.", + Short: "List all object types in active environment", + Long: "List all object types in active environment.", Example: ` warrant objecttype list`, Args: cobra.NoArgs, @@ -70,14 +76,49 @@ warrant objecttype list`, var applyObjecttypeCmd = &cobra.Command{ Use: "apply", - Short: "Apply updated object types configuration", - Long: "Apply updated object types configuration. New object type definitions can be provided via file (-f) or stdin.", + Short: "Apply updated object types configuration to active environment", + Long: "Apply updated object types configuration to active environment. New object type definitions can be provided via file (-f) or stdin.", Example: ` warrant objecttype apply -f types.json`, Args: cobra.NoArgs, RunE: func(cmd *cobra.Command, args []string) error { GetConfigOrExit() + var bytes []byte + var err error + if typesFile != "" { + // Read from file if filename provided + jsonFile, err := os.Open(typesFile) + if err != nil { + return err + } + defer jsonFile.Close() + + bytes, err = io.ReadAll(jsonFile) + if err != nil { + return err + } + } else { + // Else read from stdin + bytes, err = io.ReadAll(bufio.NewReader(os.Stdin)) + if err != nil { + return err + } + } + + var objectTypes []warrant.ObjectTypeParams + err = json.Unmarshal(bytes, &objectTypes) + if err != nil { + return err + } + + _, err = objecttype.BatchUpdate(objectTypes) + if err != nil { + return err + } + + fmt.Println("objecttypes updated") + return nil }, } From 33cd8f2b7ac8b5fa9da86ac3513648f39ff2b37d Mon Sep 17 00:00:00 2001 From: Aditya Kajla Date: Wed, 11 Oct 2023 09:57:20 -0700 Subject: [PATCH 6/7] Update to warrant-go v5.3.0 --- .github/workflows/build.yaml | 2 +- .github/workflows/release.yaml | 2 +- go.mod | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 0595444..02132ae 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -1,4 +1,4 @@ -name: Build +name: Warrant CLI on: push: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 58e10b1..c8e8445 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,4 +1,4 @@ -name: Release +name: Warrant CLI on: push: diff --git a/go.mod b/go.mod index ad55a41..b337e79 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/pkg/errors v0.9.1 github.com/spf13/cobra v1.7.0 github.com/spf13/viper v1.17.0 - github.com/warrant-dev/warrant-go/v5 v5.2.0 + github.com/warrant-dev/warrant-go/v5 v5.3.0 ) require ( From 9df6f6bb43041d5afd7261a06b9c33ef0434f330 Mon Sep 17 00:00:00 2001 From: Aditya Kajla Date: Wed, 11 Oct 2023 10:00:00 -0700 Subject: [PATCH 7/7] Rebase with master --- go.sum | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/go.sum b/go.sum index a6bd411..3aa5a08 100644 --- a/go.sum +++ b/go.sum @@ -199,8 +199,8 @@ github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcU github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= -github.com/warrant-dev/warrant-go/v5 v5.2.0 h1:5khdIdGhKLN8JeDg5jDj3oGcSpSoh9Q8kWMgD2FL7I8= -github.com/warrant-dev/warrant-go/v5 v5.2.0/go.mod h1:00jaOr9wwpFFqPf8Ol19d38eXNyuDJMMdvyO8lINdIY= +github.com/warrant-dev/warrant-go/v5 v5.3.0 h1:7DipZOCw7EpLffBOzNg+VVoO9klUQTd+zEvpP056XII= +github.com/warrant-dev/warrant-go/v5 v5.3.0/go.mod h1:00jaOr9wwpFFqPf8Ol19d38eXNyuDJMMdvyO8lINdIY= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=