Update to print skipped entities during IAM import (#5032)

Signed-off-by: Shubhendu Ram Tripathi <shubhendu@minio.io>
minio · Sep 5, 2024 · 25ea063 · 25ea063
1 parent 54268c4
commit 25ea063
Show file tree

Hide file tree

Showing 3 changed files with 130 additions and 9 deletions.
diff --git a/cmd/admin-cluster-iam-import.go b/cmd/admin-cluster-iam-import.go
@@ -23,11 +23,13 @@ import (
 	"io"
 	"os"
 	"path/filepath"
+	"strings"
 
 	"github.com/klauspost/compress/zip"
 	"github.com/minio/cli"
+	json "github.com/minio/colorjson"
+	"github.com/minio/madmin-go/v3"
 	"github.com/minio/mc/pkg/probe"
-	"github.com/minio/pkg/v3/console"
 )
 
 var adminClusterIAMImportCmd = cli.Command{
@@ -54,6 +56,123 @@ EXAMPLES:
 `,
 }
 
+type iamImportInfo madmin.ImportIAMResult
+
+func (i iamImportInfo) JSON() string {
+	bs, e := json.MarshalIndent(madmin.ImportIAMResult(i), "", " ")
+	fatalIf(probe.NewError(e), "Unable to marshal into JSON.")
+	return string(bs)
+}
+
+func (i iamImportInfo) String() string {
+	var messages []string
+	info := madmin.ImportIAMResult(i)
+	messages = append(messages, processIAMEntities(info.Skipped, "Skipped")...)
+	messages = append(messages, processIAMEntities(info.Removed, "Removed")...)
+	messages = append(messages, processIAMEntities(info.Added, "Added")...)
+	messages = append(messages, processErrIAMEntities(info.Failed)...)
+	return strings.Join(messages, "\n")
+}
+
+func processIAMEntities(entities madmin.IAMEntities, action string) []string {
+	var messages []string
+	if len(entities.Policies) > 0 {
+		messages = append(messages, fmt.Sprintf("%s policies: %v", action, strings.Join(entities.Policies, ", ")))
+	}
+	if len(entities.Users) > 0 {
+		messages = append(messages, fmt.Sprintf("%s users: %v", action, strings.Join(entities.Users, ", ")))
+	}
+	if len(entities.Groups) > 0 {
+		messages = append(messages, fmt.Sprintf("%s groups: %v", action, strings.Join(entities.Groups, ", ")))
+	}
+	if len(entities.ServiceAccounts) > 0 {
+		messages = append(messages, fmt.Sprintf("%s service accounts: %v", action, strings.Join(entities.ServiceAccounts, ", ")))
+	}
+	var users []string
+	for _, pol := range entities.UserPolicies {
+		for name := range pol {
+			users = append(users, name)
+		}
+	}
+	if len(users) > 0 {
+		messages = append(messages, fmt.Sprintf("%s policies for users: %v", action, strings.Join(users, ", ")))
+	}
+	var groups []string
+	for _, pol := range entities.GroupPolicies {
+		for name := range pol {
+			groups = append(groups, name)
+		}
+	}
+	if len(groups) > 0 {
+		messages = append(messages, fmt.Sprintf("%s policies for groups: %v", action, strings.Join(groups, ", ")))
+	}
+	var stsarr []string
+	for _, pol := range entities.STSPolicies {
+		for name := range pol {
+			stsarr = append(stsarr, name)
+		}
+	}
+	if len(stsarr) > 0 {
+		messages = append(messages, fmt.Sprintf("%s policies for sts: %v", action, strings.Join(stsarr, ", ")))
+	}
+	return messages
+}
+
+func processErrIAMEntities(entities madmin.IAMErrEntities) []string {
+	var messages []string
+
+	var policies []string
+	for _, entry := range entities.Policies {
+		policies = append(policies, entry.Name)
+	}
+	if len(policies) > 0 {
+		messages = append(messages, fmt.Sprintf("Failed to add policies: %v", strings.Join(policies, ", ")))
+	}
+	var users []string
+	for _, entry := range entities.Users {
+		users = append(users, entry.Name)
+	}
+	if len(users) > 0 {
+		messages = append(messages, fmt.Sprintf("Failed to add users: %v", strings.Join(users, ", ")))
+	}
+	var groups []string
+	for _, entry := range entities.Groups {
+		groups = append(groups, entry.Name)
+	}
+	if len(groups) > 0 {
+		messages = append(messages, fmt.Sprintf("Failed to add groups: %v", strings.Join(groups, ", ")))
+	}
+	var sas []string
+	for _, entry := range entities.ServiceAccounts {
+		sas = append(sas, entry.Name)
+	}
+	if len(sas) > 0 {
+		messages = append(messages, fmt.Sprintf("Failed to add service accounts: %v", strings.Join(sas, ", ")))
+	}
+	var polusers []string
+	for _, pol := range entities.UserPolicies {
+		polusers = append(polusers, pol.Name)
+	}
+	if len(polusers) > 0 {
+		messages = append(messages, fmt.Sprintf("Failed to add policies for users: %v", strings.Join(polusers, ", ")))
+	}
+	var polgroups []string
+	for _, pol := range entities.GroupPolicies {
+		polgroups = append(polgroups, pol.Name)
+	}
+	if len(polgroups) > 0 {
+		messages = append(messages, fmt.Sprintf("Failed to add policies for groups: %v", strings.Join(polgroups, ", ")))
+	}
+	var polsts []string
+	for _, pol := range entities.STSPolicies {
+		polsts = append(polsts, pol.Name)
+	}
+	if len(polsts) > 0 {
+		messages = append(messages, fmt.Sprintf("Failed to add policies for sts: %v", strings.Join(polsts, ", ")))
+	}
+	return messages
+}
+
 func checkIAMImportSyntax(ctx *cli.Context) {
 	if len(ctx.Args()) != 2 {
 		showCommandHelpAndExit(ctx, 1) // last argument is exit code
@@ -95,11 +214,13 @@ func mainClusterIAMImport(ctx *cli.Context) error {
 		return nil
 	}
 
-	e = client.ImportIAM(context.Background(), f)
-	fatalIf(probe.NewError(e).Trace(aliasedURL), "Unable to import IAM info.")
-
-	if !globalJSON {
-		console.Infof("IAM info imported to %s from %s\n", aliasedURL, args.Get(1))
+	iamr, e := client.ImportIAMV2(context.Background(), f)
+	if e != nil {
+		e = client.ImportIAM(context.Background(), f)
+		fatalIf(probe.NewError(e).Trace(aliasedURL), "Unable to import IAM info.")
+	} else {
+		printMsg(iamImportInfo(iamr))
 	}
+
 	return nil
 }
diff --git a/go.mod b/go.mod
@@ -21,7 +21,7 @@ require (
 	github.com/minio/cli v1.24.2
 	github.com/minio/colorjson v1.0.8
 	github.com/minio/filepath v1.0.0
-	github.com/minio/madmin-go/v3 v3.0.64
+	github.com/minio/madmin-go/v3 v3.0.66
 	github.com/minio/minio-go/v7 v7.0.76
 	github.com/minio/pkg/v3 v3.0.13
 	github.com/minio/selfupdate v0.6.0

diff --git a/go.sum b/go.sum
@@ -138,8 +138,8 @@ github.com/minio/colorjson v1.0.8 h1:AS6gEQ1dTRYHmC4xuoodPDRILHP/9Wz5wYUGDQfPLpg
 github.com/minio/colorjson v1.0.8/go.mod h1:wrs39G/4kqNlGjwqHvPlAnXuc2tlPszo6JKdSBCLN8w=
 github.com/minio/filepath v1.0.0 h1:fvkJu1+6X+ECRA6G3+JJETj4QeAYO9sV43I79H8ubDY=
 github.com/minio/filepath v1.0.0/go.mod h1:/nRZA2ldl5z6jT9/KQuvZcQlxZIMQoFFQPvEXx9T/Bw=
-github.com/minio/madmin-go/v3 v3.0.64 h1:Btwgs3CrgSciVaCWv/3clOxuDdUzylo/oTQp0M8GkwE=
-github.com/minio/madmin-go/v3 v3.0.64/go.mod h1:IFAwr0XMrdsLovxAdCcuq/eoL4nRuMVQQv0iubJANQw=
+github.com/minio/madmin-go/v3 v3.0.66 h1:O4w7L3vTxhORqTeyegFdbuO4kKVbAUarJfcmsDXQMTs=
+github.com/minio/madmin-go/v3 v3.0.66/go.mod h1:IFAwr0XMrdsLovxAdCcuq/eoL4nRuMVQQv0iubJANQw=
 github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34=
 github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM=
 github.com/minio/minio-go/v7 v7.0.76 h1:9nxHH2XDai61cT/EFhyIw/wW4vJfpPNvl7lSFpRt+Ng=