feat(secret_manager): add cli command for AccessSecretVersionByPath (#3766)

scaleway-bot · remyleone · Codelax · web-flow · commit d35917b048e2 · 2024-04-16T14:27:05.000Z
Co-authored-by: Rémy Léone &lt;rleone@scaleway.com&gt;
Co-authored-by: Jules Castéran &lt;jcasteran@scaleway.com&gt;
diff --git a/cmd/scw/testdata/test-all-usage-secret-version-access-by-path-usage.golden b/cmd/scw/testdata/test-all-usage-secret-version-access-by-path-usage.golden
@@ -0,0 +1,22 @@
+🎲🎲🎲 EXIT CODE: 0 🎲🎲🎲
+🟥🟥🟥 STDERR️️ 🟥🟥🟥️
+Access sensitive data in a secret's version specified by the `region`, `secret_name`, `secret_path` and `revision` parameters.
+
+USAGE:
+  scw secret version access-by-path [arg=value ...]
+
+ARGS:
+  [secret-path]     Secret's path
+  [secret-name]     Secret's name
+  revision          Version number
+  [project-id]      Project ID to use. If none is passed the default project ID will be used
+  [region=fr-par]   Region to target. If none is passed will use default region from the config (fr-par | nl-ams | pl-waw)
+
+FLAGS:
+  -h, --help   help for access-by-path
+
+GLOBAL FLAGS:
+  -c, --config string    The path to the config file
+  -D, --debug            Enable debug mode
+  -o, --output string    Output format: json or human, see 'scw help output' for more info (default "human")
+  -p, --profile string   The config profile to use
diff --git a/cmd/scw/testdata/test-all-usage-secret-version-usage.golden b/cmd/scw/testdata/test-all-usage-secret-version-usage.golden
@@ -6,14 +6,15 @@ USAGE:
   scw secret version <command>
 
 AVAILABLE COMMANDS:
-  access      Access a secret's version using the secret's ID
-  create      Create a version
-  delete      Delete a version
-  disable     Disable a version
-  enable      Enable a version
-  get         Get metadata of a secret's version using the secret's ID
-  list        List versions of a secret using the secret's ID
-  update      Update metadata of a version
+  access         Access a secret's version using the secret's ID
+  access-by-path Access a secret's version using the secret's name and path
+  create         Create a version
+  delete         Delete a version
+  disable        Disable a version
+  enable         Enable a version
+  get            Get metadata of a secret's version using the secret's ID
+  list           List versions of a secret using the secret's ID
+  update         Update metadata of a version
 
 FLAGS:
   -h, --help   help for version
diff --git a/docs/commands/secret.md b/docs/commands/secret.md
@@ -13,6 +13,7 @@ This API allows you to conveniently store, access and share sensitive data such
   - [Update metadata of a secret](#update-metadata-of-a-secret)
 - [Secret Version management commands](#secret-version-management-commands)
   - [Access a secret's version using the secret's ID](#access-a-secret's-version-using-the-secret's-id)
+  - [Access a secret's version using the secret's name and path](#access-a-secret's-version-using-the-secret's-name-and-path)
   - [Create a version](#create-a-version)
   - [Delete a version](#delete-a-version)
   - [Disable a version](#disable-a-version)
@@ -289,6 +290,29 @@ scw secret version access 11111111-1111-1111-111111111111 revision=1 field=key r
 
 
 
+### Access a secret's version using the secret's name and path
+
+Access sensitive data in a secret's version specified by the `region`, `secret_name`, `secret_path` and `revision` parameters.
+
+**Usage:**
+
+```
+scw secret version access-by-path [arg=value ...]
+```
+
+
+**Args:**
+
+| Name |   | Description |
+|------|---|-------------|
+| secret-path |  | Secret's path |
+| secret-name |  | Secret's name |
+| revision | Required | Version number |
+| project-id |  | Project ID to use. If none is passed the default project ID will be used |
+| region | Default: `fr-par`<br />One of: `fr-par`, `nl-ams`, `pl-waw` | Region to target. If none is passed will use default region from the config |
+
+
+
 ### Create a version
 
 Create a version of a given secret specified by the `region` and `secret_id` parameters.
diff --git a/go.mod b/go.mod
@@ -23,7 +23,7 @@ require (
 	github.com/mattn/go-isatty v0.0.20
 	github.com/moby/buildkit v0.13.1
 	github.com/opencontainers/go-digest v1.0.0
-	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.25.0.20240412091545-9f7b1dea216b
+	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.26
 	github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966
 	github.com/spf13/cobra v1.8.0
 	github.com/spf13/pflag v1.0.5
diff --git a/go.sum b/go.sum
@@ -451,8 +451,8 @@ github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUz
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 h1:OkMGxebDjyw0ULyrTYWeN0UNCCkmCWfjPnIA2W6oviI=
 github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06/go.mod h1:+ePHsJ1keEjQtpvf9HHw0f4ZeJ0TLRsxhunSI2hYJSs=
-github.com/scaleway/scaleway-sdk-go v1.0.0-beta.25.0.20240412091545-9f7b1dea216b h1:LQ/fJt1SC7g1l88/Dgz66KC9QP2SoWbGiR+y3oW7ivo=
-github.com/scaleway/scaleway-sdk-go v1.0.0-beta.25.0.20240412091545-9f7b1dea216b/go.mod h1:fCa7OJZ/9DRTnOKmxvT6pn+LPWUptQAmHF/SBJUGEcg=
+github.com/scaleway/scaleway-sdk-go v1.0.0-beta.26 h1:F+GIVtGqCFxPxO46ujf8cEOP574MBoRm3gNbPXECbxs=
+github.com/scaleway/scaleway-sdk-go v1.0.0-beta.26/go.mod h1:fCa7OJZ/9DRTnOKmxvT6pn+LPWUptQAmHF/SBJUGEcg=
 github.com/sclevine/spec v1.4.0 h1:z/Q9idDcay5m5irkZ28M7PtQM4aOISzOpj4bUPkDee8=
 github.com/sclevine/spec v1.4.0/go.mod h1:LvpgJaFyvQzRvc1kaDs0bulYwzC70PbiYjC4QnFHkOM=
 github.com/secure-systems-lab/go-securesystemslib v0.8.0 h1:mr5An6X45Kb2nddcFlbmfHkLguCE9laoZCUzEEpIZXA=
diff --git a/internal/namespaces/secret/v1beta1/secret_cli.go b/internal/namespaces/secret/v1beta1/secret_cli.go
@@ -36,6 +36,7 @@ func GetGeneratedCommands() *core.Commands {
 		secretVersionDelete(),
 		secretVersionList(),
 		secretVersionAccess(),
+		secretVersionAccessByPath(),
 		secretVersionEnable(),
 		secretVersionDisable(),
 	)
@@ -812,6 +813,51 @@ func secretVersionAccess() *core.Command {
 	}
 }
 
+func secretVersionAccessByPath() *core.Command {
+	return &core.Command{
+		Short:     `Access a secret's version using the secret's name and path`,
+		Long:      `Access sensitive data in a secret's version specified by the ` + "`" + `region` + "`" + `, ` + "`" + `secret_name` + "`" + `, ` + "`" + `secret_path` + "`" + ` and ` + "`" + `revision` + "`" + ` parameters.`,
+		Namespace: "secret",
+		Resource:  "version",
+		Verb:      "access-by-path",
+		// Deprecated:    false,
+		ArgsType: reflect.TypeOf(secret.AccessSecretVersionByPathRequest{}),
+		ArgSpecs: core.ArgSpecs{
+			{
+				Name:       "secret-path",
+				Short:      `Secret's path`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+			},
+			{
+				Name:       "secret-name",
+				Short:      `Secret's name`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+			},
+			{
+				Name:       "revision",
+				Short:      `Version number`,
+				Required:   true,
+				Deprecated: false,
+				Positional: false,
+			},
+			core.ProjectIDArgSpec(),
+			core.RegionArgSpec(scw.RegionFrPar, scw.RegionNlAms, scw.RegionPlWaw),
+		},
+		Run: func(ctx context.Context, args interface{}) (i interface{}, e error) {
+			request := args.(*secret.AccessSecretVersionByPathRequest)
+
+			client := core.ExtractClient(ctx)
+			api := secret.NewAPI(client)
+			return api.AccessSecretVersionByPath(request)
+
+		},
+	}
+}
+
 func secretVersionEnable() *core.Command {
 	return &core.Command{
 		Short:     `Enable a version`,
