From ff44bf86fdeaf0e7b4f4faf463d446d1d0a856d1 Mon Sep 17 00:00:00 2001 From: Tim Newsham Date: Tue, 27 Aug 2024 12:54:58 -1000 Subject: [PATCH 1/4] Add flaps client support for new secrets endpoints --- flaps/actions.go | 3 +++ flaps/flaps_secrets.go | 46 +++++++++++++++++++++++++++++++++++++ flaps/flapsaction_string.go | 29 ++++++++++++----------- secrets_types.go | 28 ++++++++++++++++++++++ secrettype_string.go | 33 ++++++++++++++++++++++++++ 5 files changed, 126 insertions(+), 13 deletions(-) create mode 100644 flaps/flaps_secrets.go create mode 100644 secrets_types.go create mode 100644 secrettype_string.go diff --git a/flaps/actions.go b/flaps/actions.go index 19ea783..3b04e01 100644 --- a/flaps/actions.go +++ b/flaps/actions.go @@ -27,6 +27,9 @@ const ( machineCordon machineUncordon machineSuspend + secretCreate + secretDelete + secretsList volumeList volumeCreate volumetUpdate diff --git a/flaps/flaps_secrets.go b/flaps/flaps_secrets.go new file mode 100644 index 0000000..6157142 --- /dev/null +++ b/flaps/flaps_secrets.go @@ -0,0 +1,46 @@ +package flaps + +import ( + "context" + "fmt" + "net/http" + + fly "github.com/superfly/fly-go" +) + +func (f *Client) sendRequestSecrets(ctx context.Context, method, endpoint string, in, out interface{}, headers map[string][]string) error { + endpoint = fmt.Sprintf("/apps/%s/secrets%s", f.appName, endpoint) + return f._sendRequest(ctx, method, endpoint, in, out, headers) +} + +func (f *Client) ListSecrets(ctx context.Context) ([]fly.ListSecret, error) { + ctx = contextWithAction(ctx, secretsList) + + out := make([]fly.ListSecret, 0) + if err := f.sendRequestSecrets(ctx, http.MethodGet, "", nil, &out, nil); err != nil { + return nil, fmt.Errorf("failed to list secrets: %w", err) + } + + return out, nil +} + +func (f *Client) CreateSecret(ctx context.Context, in fly.CreateSecretRequest) error { + ctx = contextWithAction(ctx, secretCreate) + + if err := f.sendRequestSecrets(ctx, http.MethodPost, "", in, nil, nil); err != nil { + return fmt.Errorf("failed to create secret: %w", err) + } + + return nil +} + +func (f *Client) DeleteSecret(ctx context.Context, label string) error { + ctx = contextWithAction(ctx, secretDelete) + + endpoint := fmt.Sprintf("/%s", label) + if err := f.sendRequestSecrets(ctx, http.MethodDelete, endpoint, nil, nil, nil); err != nil { + return fmt.Errorf("failed to delete secret: %w", err) + } + + return nil +} diff --git a/flaps/flapsaction_string.go b/flaps/flapsaction_string.go index 662079e..59ea420 100644 --- a/flaps/flapsaction_string.go +++ b/flaps/flapsaction_string.go @@ -29,22 +29,25 @@ func _() { _ = x[machineCordon-18] _ = x[machineUncordon-19] _ = x[machineSuspend-20] - _ = x[volumeList-21] - _ = x[volumeCreate-22] - _ = x[volumetUpdate-23] - _ = x[volumeGet-24] - _ = x[volumeSnapshotCreate-25] - _ = x[volumeSnapshotList-26] - _ = x[volumeExtend-27] - _ = x[volumeDelete-28] - _ = x[metadataSet-29] - _ = x[metadataGet-30] - _ = x[metadataDel-31] + _ = x[secretCreate-21] + _ = x[secretDelete-22] + _ = x[secretsList-23] + _ = x[volumeList-24] + _ = x[volumeCreate-25] + _ = x[volumetUpdate-26] + _ = x[volumeGet-27] + _ = x[volumeSnapshotCreate-28] + _ = x[volumeSnapshotList-29] + _ = x[volumeExtend-30] + _ = x[volumeDelete-31] + _ = x[metadataSet-32] + _ = x[metadataGet-33] + _ = x[metadataDel-34] } -const _flapsAction_name = "noneappCreatemachineLaunchmachineUpdatemachineStartmachineWaitmachineStopmachineRestartmachineGetmachineListmachineDestroymachineKillmachineFindLeasemachineAcquireLeasemachineRefreshLeasemachineReleaseLeasemachineExecmachinePsmachineCordonmachineUncordonmachineSuspendvolumeListvolumeCreatevolumetUpdatevolumeGetvolumeSnapshotCreatevolumeSnapshotListvolumeExtendvolumeDeletemetadataSetmetadataGetmetadataDel" +const _flapsAction_name = "noneappCreatemachineLaunchmachineUpdatemachineStartmachineWaitmachineStopmachineRestartmachineGetmachineListmachineDestroymachineKillmachineFindLeasemachineAcquireLeasemachineRefreshLeasemachineReleaseLeasemachineExecmachinePsmachineCordonmachineUncordonmachineSuspendsecretCreatesecretDeletesecretsListvolumeListvolumeCreatevolumetUpdatevolumeGetvolumeSnapshotCreatevolumeSnapshotListvolumeExtendvolumeDeletemetadataSetmetadataGetmetadataDel" -var _flapsAction_index = [...]uint16{0, 4, 13, 26, 39, 51, 62, 73, 87, 97, 108, 122, 133, 149, 168, 187, 206, 217, 226, 239, 254, 268, 278, 290, 303, 312, 332, 350, 362, 374, 385, 396, 407} +var _flapsAction_index = [...]uint16{0, 4, 13, 26, 39, 51, 62, 73, 87, 97, 108, 122, 133, 149, 168, 187, 206, 217, 226, 239, 254, 268, 280, 292, 303, 313, 325, 338, 347, 367, 385, 397, 409, 420, 431, 442} func (i flapsAction) String() string { if i < 0 || i >= flapsAction(len(_flapsAction_index)-1) { diff --git a/secrets_types.go b/secrets_types.go new file mode 100644 index 0000000..7599b45 --- /dev/null +++ b/secrets_types.go @@ -0,0 +1,28 @@ +package fly + +//go:generate go run golang.org/x/tools/cmd/stringer@latest -type=SecretType +type SecretType int32 + +const ( + AppSecret = SecretType(1) + VolumeEncryptionKey = SecretType(2) + SECRET_TYPE_KMS_HS256 = SecretType(3) + SECRET_TYPE_KMS_HS384 = SecretType(4) + SECRET_TYPE_KMS_HS512 = SecretType(5) + SECRET_TYPE_KMS_XAES256GCM = SecretType(6) + SECRET_TYPE_KMS_NACL_AUTH = SecretType(7) + SECRET_TYPE_KMS_NACL_BOX = SecretType(8) + SECRET_TYPE_KMS_NACL_SECRETBOX = SecretType(9) + SECRET_TYPE_KMS_NACL_SIGN = SecretType(10) +) + +type ListSecret struct { + Label string `json:"label"` + Type SecretType `json:"type"` +} + +type CreateSecretRequest struct { + Label string `json:"label"` + Type SecretType `json:"type"` + Value []byte `json:"value,omitempty"` +} diff --git a/secrettype_string.go b/secrettype_string.go new file mode 100644 index 0000000..17dd535 --- /dev/null +++ b/secrettype_string.go @@ -0,0 +1,33 @@ +// Code generated by "stringer -type=SecretType"; DO NOT EDIT. + +package fly + +import "strconv" + +func _() { + // An "invalid array index" compiler error signifies that the constant values have changed. + // Re-run the stringer command to generate them again. + var x [1]struct{} + _ = x[AppSecret-1] + _ = x[VolumeEncryptionKey-2] + _ = x[SECRET_TYPE_KMS_HS256-3] + _ = x[SECRET_TYPE_KMS_HS384-4] + _ = x[SECRET_TYPE_KMS_HS512-5] + _ = x[SECRET_TYPE_KMS_XAES256GCM-6] + _ = x[SECRET_TYPE_KMS_NACL_AUTH-7] + _ = x[SECRET_TYPE_KMS_NACL_BOX-8] + _ = x[SECRET_TYPE_KMS_NACL_SECRETBOX-9] + _ = x[SECRET_TYPE_KMS_NACL_SIGN-10] +} + +const _SecretType_name = "AppSecretVolumeEncryptionKeySECRET_TYPE_KMS_HS256SECRET_TYPE_KMS_HS384SECRET_TYPE_KMS_HS512SECRET_TYPE_KMS_XAES256GCMSECRET_TYPE_KMS_NACL_AUTHSECRET_TYPE_KMS_NACL_BOXSECRET_TYPE_KMS_NACL_SECRETBOXSECRET_TYPE_KMS_NACL_SIGN" + +var _SecretType_index = [...]uint8{0, 9, 28, 49, 70, 91, 117, 142, 166, 196, 221} + +func (i SecretType) String() string { + i -= 1 + if i < 0 || i >= SecretType(len(_SecretType_index)-1) { + return "SecretType(" + strconv.FormatInt(int64(i+1), 10) + ")" + } + return _SecretType_name[_SecretType_index[i]:_SecretType_index[i+1]] +} From 55b266d35a0cd3b11b31b1fd0de12b1b135ea82f Mon Sep 17 00:00:00 2001 From: Tim Newsham Date: Wed, 28 Aug 2024 10:38:11 -1000 Subject: [PATCH 2/4] change secret type repr to strings --- secrets_types.go | 34 ++++++++++++++++------------------ secrettype_string.go | 33 --------------------------------- 2 files changed, 16 insertions(+), 51 deletions(-) delete mode 100644 secrettype_string.go diff --git a/secrets_types.go b/secrets_types.go index 7599b45..87866ee 100644 --- a/secrets_types.go +++ b/secrets_types.go @@ -1,28 +1,26 @@ package fly -//go:generate go run golang.org/x/tools/cmd/stringer@latest -type=SecretType -type SecretType int32 - const ( - AppSecret = SecretType(1) - VolumeEncryptionKey = SecretType(2) - SECRET_TYPE_KMS_HS256 = SecretType(3) - SECRET_TYPE_KMS_HS384 = SecretType(4) - SECRET_TYPE_KMS_HS512 = SecretType(5) - SECRET_TYPE_KMS_XAES256GCM = SecretType(6) - SECRET_TYPE_KMS_NACL_AUTH = SecretType(7) - SECRET_TYPE_KMS_NACL_BOX = SecretType(8) - SECRET_TYPE_KMS_NACL_SECRETBOX = SecretType(9) - SECRET_TYPE_KMS_NACL_SIGN = SecretType(10) + // Secret types + AppSecret = "AppSecret" + VolumeEncryptionKey = "VolumeEncryptionKey" + SECRET_TYPE_KMS_HS256 = "SECRET_TYPE_KMS_HS256" + SECRET_TYPE_KMS_HS384 = "SECRET_TYPE_KMS_HS384" + SECRET_TYPE_KMS_HS512 = "SECRET_TYPE_KMS_HS512" + SECRET_TYPE_KMS_XAES256GCM = "SECRET_TYPE_KMS_XAES256GCM" + SECRET_TYPE_KMS_NACL_AUTH = "SECRET_TYPE_KMS_NACL_AUTH" + SECRET_TYPE_KMS_NACL_BOX = "SECRET_TYPE_KMS_NACL_BOX" + SECRET_TYPE_KMS_NACL_SECRETBOX = "SECRET_TYPE_KMS_NACL_SECRETBOX" + SECRET_TYPE_KMS_NACL_SIGN = "SECRET_TYPE_KMS_NACL_SIGN" ) type ListSecret struct { - Label string `json:"label"` - Type SecretType `json:"type"` + Label string `json:"label"` + Type string `json:"type"` } type CreateSecretRequest struct { - Label string `json:"label"` - Type SecretType `json:"type"` - Value []byte `json:"value,omitempty"` + Label string `json:"label"` + Type string `json:"type"` + Value []byte `json:"value,omitempty"` } diff --git a/secrettype_string.go b/secrettype_string.go deleted file mode 100644 index 17dd535..0000000 --- a/secrettype_string.go +++ /dev/null @@ -1,33 +0,0 @@ -// Code generated by "stringer -type=SecretType"; DO NOT EDIT. - -package fly - -import "strconv" - -func _() { - // An "invalid array index" compiler error signifies that the constant values have changed. - // Re-run the stringer command to generate them again. - var x [1]struct{} - _ = x[AppSecret-1] - _ = x[VolumeEncryptionKey-2] - _ = x[SECRET_TYPE_KMS_HS256-3] - _ = x[SECRET_TYPE_KMS_HS384-4] - _ = x[SECRET_TYPE_KMS_HS512-5] - _ = x[SECRET_TYPE_KMS_XAES256GCM-6] - _ = x[SECRET_TYPE_KMS_NACL_AUTH-7] - _ = x[SECRET_TYPE_KMS_NACL_BOX-8] - _ = x[SECRET_TYPE_KMS_NACL_SECRETBOX-9] - _ = x[SECRET_TYPE_KMS_NACL_SIGN-10] -} - -const _SecretType_name = "AppSecretVolumeEncryptionKeySECRET_TYPE_KMS_HS256SECRET_TYPE_KMS_HS384SECRET_TYPE_KMS_HS512SECRET_TYPE_KMS_XAES256GCMSECRET_TYPE_KMS_NACL_AUTHSECRET_TYPE_KMS_NACL_BOXSECRET_TYPE_KMS_NACL_SECRETBOXSECRET_TYPE_KMS_NACL_SIGN" - -var _SecretType_index = [...]uint8{0, 9, 28, 49, 70, 91, 117, 142, 166, 196, 221} - -func (i SecretType) String() string { - i -= 1 - if i < 0 || i >= SecretType(len(_SecretType_index)-1) { - return "SecretType(" + strconv.FormatInt(int64(i+1), 10) + ")" - } - return _SecretType_name[_SecretType_index[i]:_SecretType_index[i+1]] -} From 029aa9ef6cb6ce99048f311340b1cbd395e4f94c Mon Sep 17 00:00:00 2001 From: Tim Newsham Date: Wed, 28 Aug 2024 11:46:41 -1000 Subject: [PATCH 3/4] make flaps secrets interface more RESTful --- flaps/flaps_secrets.go | 16 ++++++++++++++-- secrets_types.go | 2 -- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/flaps/flaps_secrets.go b/flaps/flaps_secrets.go index 6157142..cad4d7d 100644 --- a/flaps/flaps_secrets.go +++ b/flaps/flaps_secrets.go @@ -24,10 +24,22 @@ func (f *Client) ListSecrets(ctx context.Context) ([]fly.ListSecret, error) { return out, nil } -func (f *Client) CreateSecret(ctx context.Context, in fly.CreateSecretRequest) error { +func (f *Client) CreateSecret(ctx context.Context, sLabel, sType string, in fly.CreateSecretRequest) error { ctx = contextWithAction(ctx, secretCreate) - if err := f.sendRequestSecrets(ctx, http.MethodPost, "", in, nil, nil); err != nil { + path := fmt.Sprintf("/%s/type/%s", sLabel, sType) + if err := f.sendRequestSecrets(ctx, http.MethodPost, path, in, nil, nil); err != nil { + return fmt.Errorf("failed to create secret: %w", err) + } + + return nil +} + +func (f *Client) GenerateSecret(ctx context.Context, sLabel, sType string) error { + ctx = contextWithAction(ctx, secretCreate) + + path := fmt.Sprintf("/%s/type/%s/generate", sLabel, sType) + if err := f.sendRequestSecrets(ctx, http.MethodPost, path, nil, nil, nil); err != nil { return fmt.Errorf("failed to create secret: %w", err) } diff --git a/secrets_types.go b/secrets_types.go index 87866ee..ce42b1c 100644 --- a/secrets_types.go +++ b/secrets_types.go @@ -20,7 +20,5 @@ type ListSecret struct { } type CreateSecretRequest struct { - Label string `json:"label"` - Type string `json:"type"` Value []byte `json:"value,omitempty"` } From 2cae91ba8e49d1cc542ae85c09c192168f976c02 Mon Sep 17 00:00:00 2001 From: Tim Newsham Date: Wed, 28 Aug 2024 16:08:26 -1000 Subject: [PATCH 4/4] use different action label for generate secret --- flaps/actions.go | 1 + flaps/flaps_secrets.go | 2 +- flaps/flapsaction_string.go | 29 +++++++++++++++-------------- 3 files changed, 17 insertions(+), 15 deletions(-) diff --git a/flaps/actions.go b/flaps/actions.go index 3b04e01..00388d1 100644 --- a/flaps/actions.go +++ b/flaps/actions.go @@ -29,6 +29,7 @@ const ( machineSuspend secretCreate secretDelete + secretGenerate secretsList volumeList volumeCreate diff --git a/flaps/flaps_secrets.go b/flaps/flaps_secrets.go index cad4d7d..1d387b4 100644 --- a/flaps/flaps_secrets.go +++ b/flaps/flaps_secrets.go @@ -36,7 +36,7 @@ func (f *Client) CreateSecret(ctx context.Context, sLabel, sType string, in fly. } func (f *Client) GenerateSecret(ctx context.Context, sLabel, sType string) error { - ctx = contextWithAction(ctx, secretCreate) + ctx = contextWithAction(ctx, secretGenerate) path := fmt.Sprintf("/%s/type/%s/generate", sLabel, sType) if err := f.sendRequestSecrets(ctx, http.MethodPost, path, nil, nil, nil); err != nil { diff --git a/flaps/flapsaction_string.go b/flaps/flapsaction_string.go index 59ea420..7d55cae 100644 --- a/flaps/flapsaction_string.go +++ b/flaps/flapsaction_string.go @@ -31,23 +31,24 @@ func _() { _ = x[machineSuspend-20] _ = x[secretCreate-21] _ = x[secretDelete-22] - _ = x[secretsList-23] - _ = x[volumeList-24] - _ = x[volumeCreate-25] - _ = x[volumetUpdate-26] - _ = x[volumeGet-27] - _ = x[volumeSnapshotCreate-28] - _ = x[volumeSnapshotList-29] - _ = x[volumeExtend-30] - _ = x[volumeDelete-31] - _ = x[metadataSet-32] - _ = x[metadataGet-33] - _ = x[metadataDel-34] + _ = x[secretGenerate-23] + _ = x[secretsList-24] + _ = x[volumeList-25] + _ = x[volumeCreate-26] + _ = x[volumetUpdate-27] + _ = x[volumeGet-28] + _ = x[volumeSnapshotCreate-29] + _ = x[volumeSnapshotList-30] + _ = x[volumeExtend-31] + _ = x[volumeDelete-32] + _ = x[metadataSet-33] + _ = x[metadataGet-34] + _ = x[metadataDel-35] } -const _flapsAction_name = "noneappCreatemachineLaunchmachineUpdatemachineStartmachineWaitmachineStopmachineRestartmachineGetmachineListmachineDestroymachineKillmachineFindLeasemachineAcquireLeasemachineRefreshLeasemachineReleaseLeasemachineExecmachinePsmachineCordonmachineUncordonmachineSuspendsecretCreatesecretDeletesecretsListvolumeListvolumeCreatevolumetUpdatevolumeGetvolumeSnapshotCreatevolumeSnapshotListvolumeExtendvolumeDeletemetadataSetmetadataGetmetadataDel" +const _flapsAction_name = "noneappCreatemachineLaunchmachineUpdatemachineStartmachineWaitmachineStopmachineRestartmachineGetmachineListmachineDestroymachineKillmachineFindLeasemachineAcquireLeasemachineRefreshLeasemachineReleaseLeasemachineExecmachinePsmachineCordonmachineUncordonmachineSuspendsecretCreatesecretDeletesecretGeneratesecretsListvolumeListvolumeCreatevolumetUpdatevolumeGetvolumeSnapshotCreatevolumeSnapshotListvolumeExtendvolumeDeletemetadataSetmetadataGetmetadataDel" -var _flapsAction_index = [...]uint16{0, 4, 13, 26, 39, 51, 62, 73, 87, 97, 108, 122, 133, 149, 168, 187, 206, 217, 226, 239, 254, 268, 280, 292, 303, 313, 325, 338, 347, 367, 385, 397, 409, 420, 431, 442} +var _flapsAction_index = [...]uint16{0, 4, 13, 26, 39, 51, 62, 73, 87, 97, 108, 122, 133, 149, 168, 187, 206, 217, 226, 239, 254, 268, 280, 292, 306, 317, 327, 339, 352, 361, 381, 399, 411, 423, 434, 445, 456} func (i flapsAction) String() string { if i < 0 || i >= flapsAction(len(_flapsAction_index)-1) {