Merge pull request #113 from cyberark/allow-hostfactory-tokens-with-s…

…ubnet

Allow hostfactory to create tokens with a CIDR subnet

CHANGELOG.md

@@ -10,6 +10,12 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Nothing should go in this section, please add to the latest unreleased version
  (and update the corresponding date), or add a new version.
 
+## [8.0.4] - 2023-02-23
+
+### Fixed
+- Allow hostfactory cidrs to specify a subnet
+ [cyberark/conjur-cli-go#113](https://github.com/cyberark/conjur-cli-go/pull/113)
+
 ## [8.0.3] - 2023-02-21
 
 ### Fixed
@@ -44,7 +50,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Added
 - Placeholder version to capture the reset of the repository
 
-[Unreleased]: https://github.com/cyberark/conjur-cli-go/compare/v8.0.3...HEAD
+[Unreleased]: https://github.com/cyberark/conjur-cli-go/compare/v8.0.4...HEAD
+[8.0.4]: https://github.com/cyberark/conjur-cli-go/compare/v8.0.3...v8.0.4
 [8.0.3]: https://github.com/cyberark/conjur-cli-go/compare/v8.0.2...v8.0.3
 [8.0.2]: https://github.com/cyberark/conjur-cli-go/compare/v8.0.1...v8.0.2
 [8.0.1]: https://github.com/cyberark/conjur-cli-go/compare/v8.0.0...v8.0.1

pkg/cmd/hostfactory.go

@@ -4,7 +4,6 @@ import (
  "encoding/json"
  "errors"
  "fmt"
- "net"
 
  "github.com/spf13/cobra"
 
@@ -36,14 +35,6 @@ type createHostClient interface {
  CreateHost(id string, token string) (conjurapi.HostFactoryHostResponse, error)
 }
 
-func iPArrayToStingArray(ipArray []net.IP) []string {
- s := make([]string, 0)
- for _, ip := range ipArray {
- s = append(s, ip.String())
- }
- return s
-}
-
 func newHostsCmd() *cobra.Command {
  return &cobra.Command{
  Use: "hosts",
@@ -110,18 +101,14 @@ func newTokensCreateCmd(clientFactory createTokenClientFactoryFunc) *cobra.Comma
  Short: "Create one or more tokens",
  Long: `Create one or more host factory tokens. Each token can be used to create
 hosts, using hostfactory create hosts.
-Valid time units for the --duration flag are "ns", "us" (or "µs"), "ms", "s", "m", "h".
+Valid time units for the --duration flag are "s", "m", "h".
 
 Examples:
 - conjur hostfactory tokens create --duration 5m -i factory
 - conjur hostfactory tokens create -i cucumber:host_factory:factory
 `,
  SilenceUsage: true,
  RunE: func(cmd *cobra.Command, args []string) error {
- length := len(args)
- if length > 0 {
- // positional args used
- }
 
  duration, err := cmd.Flags().GetString("duration")
  if err != nil {
@@ -180,7 +167,7 @@ Examples:
  }
  // END COMPATIBILITY WITH PYTHON CLI
 
- cidr, err := cmd.Flags().GetIPSlice("cidr")
+ cidr, err := cmd.Flags().GetStringSlice("cidr")
  if err != nil {
  return err
  }
@@ -192,7 +179,7 @@ Examples:
  if err != nil {
  return err
  }
- tokenCreateResponse, err := client.CreateToken(duration, hostfactoryName, iPArrayToStingArray(cidr), count)
+ tokenCreateResponse, err := client.CreateToken(duration, hostfactoryName, cidr, count)
  if err != nil {
  return err
  }
@@ -227,8 +214,8 @@ Examples:
  tokensCreateCmd.Flags().Lookup("hostfactoryid").Hidden = false
  // END COMPATIBILITY WITH PYTHON CLI
 
- ips := []net.IP{}
- tokensCreateCmd.Flags().IPSliceP("cidr", "c", ips, "A comma-delimited list of CIDR addresses to restrict token to")
+ ips := make([]string, 0)
+ tokensCreateCmd.Flags().StringSliceP("cidr", "c", ips, "A comma-delimited list of CIDR addresses to restrict token to")
  tokensCreateCmd.Flags().IntP("count", "n", 1, "Number of tokens to create")
  return tokensCreateCmd
 }

pkg/cmd/hostfactory_test.go

@@ -170,6 +170,28 @@ var hostfactoryCmdTestCases = []struct {
  assert.Contains(t, stdout, "[\n \"0.0.0.0/32\",\n \"1.2.3.4/32\"\n ]")
  },
  },
+ {
+ name: "token create with ip with subnet success",
+ args: []string{"hostfactory", "tokens", "create", "--duration", "5m", "--hostfactory-id", "cucumber_host_factory_factory",
+ "-c", "0.0.0.0/0,1.2.3.0/24"},
+ create: func(t *testing.T, duration string, hostFactory string, cidr []string, count int) ([]conjurapi.HostFactoryTokenResponse, error) {
+ assert.Equal(t, "5m", duration)
+ assert.Equal(t, "cucumber_host_factory_factory", hostFactory)
+ assert.Equal(t, []string{"0.0.0.0/0", "1.2.3.0/24"}, cidr)
+
+ return []conjurapi.HostFactoryTokenResponse{
+ {
+ Expiration: "2022-12-23T20:32:46Z",
+ Cidr: []string{"0.0.0.0/0", "1.2.3.0/24"},
+ Token: "1bfpyr3y41kb039ykpyf2hm87ez2dv9hdc3r5sh1n2h9z7j22mga2da",
+ },
+ }, nil
+ },
+ assert: func(t *testing.T, stdout, stderr string, err error) {
+ assert.Contains(t, stdout, "1bfpyr3y41kb039ykpyf2hm87ez2dv9hdc3r5sh1n2h9z7j22mga2da")
+ assert.Contains(t, stdout, "[\n \"0.0.0.0/0\",\n \"1.2.3.0/24\"\n ]")
+ },
+ },
  {
  name: "token create negative duration flags",
  args: []string{"hostfactory", "tokens", "create", "-i", "cucumber_host_factory_factory", "--duration-hours", "-10"},
@@ -196,14 +218,6 @@ var hostfactoryCmdTestCases = []struct {
  assert.NoError(t, err)
  },
  },
- {
- name: "token create command error",
- args: []string{"hostfactory", "tokens", "create", "--duration", "5m", "--hostfactory-id", "cucumber_host_factory_factory",
- "-c", "0.0.0"},
- assert: func(t *testing.T, stdout, stderr string, err error) {
- assert.Contains(t, stderr, "invalid string being converted")
- },
- },
  {
  name: "token create missing flag",
  args: []string{"hostfactory", "tokens", "create"},