feat: assets-11322. add aio-cli console support for public key rotati…

…on (#173) * feat: assets-11322. add aio-cli console support for public key rotation * calculate cert fingerprint and check for existence before upload * ASSETS-11385 add fingerprint logic to aio-cli-plugin-certificate * ASSETS-11322 complete test coverage * ASSETS-11322 renamed arg for delete command to be more readable * ASSETS-11322 cleaned up help strings * ASSETS-11322 update readme using oclif-dev and fix ts exts to js * ASSETS-11322 simplify publickey command help
adobe · Jun 15, 2022 · aae28ca · aae28ca
1 parent 31fe67f
commit aae28ca
Show file tree

Hide file tree

Showing 16 changed files with 1,275 additions and 24 deletions.
diff --git a/README.md b/README.md
@@ -44,6 +44,10 @@ $ aio console --help
 * [`aio console:project`](#aio-consoleproject)
 * [`aio console:project:list`](#aio-consoleprojectlist)
 * [`aio console:project:select [PROJECTIDORNAME]`](#aio-consoleprojectselect-projectidorname)
+* [`aio console:publickey`](#aio-consolepublickey)
+* [`aio console:publickey:delete IDORFINGERPRINT`](#aio-consolepublickeydelete-idorfingerprint)
+* [`aio console:publickey:list`](#aio-consolepublickeylist)
+* [`aio console:publickey:upload FILE`](#aio-consolepublickeyupload-file)
 * [`aio console:where`](#aio-consolewhere)
 * [`aio console:workspace`](#aio-consoleworkspace)
 * [`aio console:workspace:download [DESTINATION]`](#aio-consoleworkspacedownload-destination)
@@ -55,8 +59,6 @@ $ aio console --help
 Console plugin for the Adobe I/O CLI
 
 ```
-Console plugin for the Adobe I/O CLI
-
 USAGE
   $ aio console
 
@@ -71,8 +73,6 @@ _See code: [src/commands/console/index.js](https://github.com/adobe/aio-cli-plug
 Manage your Adobe I/O Console Organizations
 
 ```
-Manage your Adobe I/O Console Organizations
-
 USAGE
   $ aio console:org
 
@@ -87,8 +87,6 @@ _See code: [src/commands/console/org/index.js](https://github.com/adobe/aio-cli-
 List your Organizations
 
 ```
-List your Organizations
-
 USAGE
   $ aio console:org:list
 
@@ -108,8 +106,6 @@ _See code: [src/commands/console/org/list.js](https://github.com/adobe/aio-cli-p
 Select an Organization
 
 ```
-Select an Organization
-
 USAGE
   $ aio console:org:select [ORGCODE]
 
@@ -130,8 +126,6 @@ _See code: [src/commands/console/org/select.js](https://github.com/adobe/aio-cli
 Manage your Adobe I/O Console Projects
 
 ```
-Manage your Adobe I/O Console Projects
-
 USAGE
   $ aio console:project
 
@@ -146,8 +140,6 @@ _See code: [src/commands/console/project/index.js](https://github.com/adobe/aio-
 List your Projects for the selected Organization
 
 ```
-List your Projects for the selected Organization
-
 USAGE
   $ aio console:project:list
 
@@ -168,8 +160,6 @@ _See code: [src/commands/console/project/list.js](https://github.com/adobe/aio-c
 Select a Project for the selected Organization
 
 ```
-Select a Project for the selected Organization
-
 USAGE
   $ aio console:project:select [PROJECTIDORNAME]
 
@@ -186,13 +176,86 @@ ALIASES
 
 _See code: [src/commands/console/project/select.js](https://github.com/adobe/aio-cli-plugin-console/blob/3.4.2/src/commands/console/project/select.js)_
 
-## `aio console:where`
+## `aio console:publickey`
 
-Show the currently selected Organization, Project and Workspace
+Manage Public Key Bindings for your Adobe I/O Console Workspaces
+
+```
+USAGE
+  $ aio console:publickey
+
+OPTIONS
+  --help  Show help
+```
+
+_See code: [src/commands/console/publickey/index.js](https://github.com/adobe/aio-cli-plugin-console/blob/3.4.2/src/commands/console/publickey/index.js)_
+
+## `aio console:publickey:delete IDORFINGERPRINT`
+
+Delete a public key certificate from the selected Workspace
+
+```
+USAGE
+  $ aio console:publickey:delete IDORFINGERPRINT
+
+ARGUMENTS
+  IDORFINGERPRINT  The bindingId or the fingerprint of the public key binding to delete
+
+OPTIONS
+  --help                     Show help
+  --orgId=orgId              Organization id of the Console Workspace to delete the public key certificate from
+  --projectId=projectId      Project id of the Console Workspace to delete the public key certificate from
+  --workspaceId=workspaceId  Workspace id of the Console Workspace to delete the public key certificate from
+```
+
+_See code: [src/commands/console/publickey/delete.js](https://github.com/adobe/aio-cli-plugin-console/blob/3.4.2/src/commands/console/publickey/delete.js)_
+
+## `aio console:publickey:list`
+
+List the public key certificates bound to the selected Workspace
+
+```
+USAGE
+  $ aio console:publickey:list
+
+OPTIONS
+  -j, --json                 Output json
+  -y, --yml                  Output yml
+  --help                     Show help
+  --orgId=orgId              Organization id of the Console Workspace to list the public key certificates for
+  --projectId=projectId      Project id of the Console Workspace to list the public key certificate for
+  --workspaceId=workspaceId  Workspace id of the Console Workspace to list the public key certificate for
+```
+
+_See code: [src/commands/console/publickey/list.js](https://github.com/adobe/aio-cli-plugin-console/blob/3.4.2/src/commands/console/publickey/list.js)_
+
+## `aio console:publickey:upload FILE`
+
+Upload a public key certificate to the selected Workspace
+
+```
+USAGE
+  $ aio console:publickey:upload FILE
 
+ARGUMENTS
+  FILE  Path to public key certificate file in PEM format
+
+OPTIONS
+  -j, --json                 Output json
+  -y, --yml                  Output yml
+  --help                     Show help
+  --orgId=orgId              Organization id of the Console Workspace to upload the public key certificate to
+  --projectId=projectId      Project id of the Console Workspace to upload the public key certificate to
+  --workspaceId=workspaceId  Workspace id of the Console Workspace to upload the public key certificate to
 ```
+
+_See code: [src/commands/console/publickey/upload.js](https://github.com/adobe/aio-cli-plugin-console/blob/3.4.2/src/commands/console/publickey/upload.js)_
+
+## `aio console:where`
+
 Show the currently selected Organization, Project and Workspace
 
+```
 USAGE
   $ aio console:where
 
@@ -212,8 +275,6 @@ _See code: [src/commands/console/where/index.js](https://github.com/adobe/aio-cl
 Manage your Adobe I/O Console Workspaces
 
 ```
-Manage your Adobe I/O Console Workspaces
-
 USAGE
   $ aio console:workspace
 
@@ -231,8 +292,6 @@ _See code: [src/commands/console/workspace/index.js](https://github.com/adobe/ai
 Downloads the configuration for the selected Workspace
 
 ```
-Downloads the configuration for the selected Workspace
-
 USAGE
   $ aio console:workspace:download [DESTINATION]
 
@@ -258,8 +317,6 @@ _See code: [src/commands/console/workspace/download.js](https://github.com/adobe
 List your Workspaces for your selected Project
 
 ```
-List your Workspaces for your selected Project
-
 USAGE
   $ aio console:workspace:list
 
@@ -283,8 +340,6 @@ _See code: [src/commands/console/workspace/list.js](https://github.com/adobe/aio
 Select a Workspace for the selected Project
 
 ```
-Select a Workspace for the selected Project
-
 USAGE
   $ aio console:workspace:select [WORKSPACEIDORNAME]
 

diff --git a/src/commands/console/publickey/delete.js b/src/commands/console/publickey/delete.js
@@ -0,0 +1,96 @@
+/*
+Copyright 2022 Adobe Inc. All rights reserved.
+This file is licensed to you under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License. You may obtain a copy
+of the License at http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software distributed under
+the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS
+OF ANY KIND, either express or implied. See the License for the specific language
+governing permissions and limitations under the License.
+*/
+
+const aioConsoleLogger = require('@adobe/aio-lib-core-logging')('@adobe/aio-cli-plugin-console:publickey:list', { provider: 'debug' })
+const { flags } = require('@oclif/command')
+const { CONFIG_KEYS } = require('../../../config')
+const ConsoleCommand = require('../index')
+
+class DeleteCommand extends ConsoleCommand {
+  async run () {
+    const { args, flags } = this.parse(DeleteCommand)
+
+    const orgId = flags.orgId || this.getConfig(`${CONFIG_KEYS.ORG}.id`)
+    if (!orgId) {
+      this.log('You have not selected an Organization. Please select first.')
+      this.printConsoleConfig()
+      this.exit(1)
+    }
+
+    const projectId = flags.projectId || this.getConfig(`${CONFIG_KEYS.PROJECT}.id`)
+    if (!projectId) {
+      this.log('You have not selected a Project. Please select first.')
+      this.printConsoleConfig()
+      this.exit(1)
+    }
+
+    const workspaceId = flags.workspaceId || this.getConfig(`${CONFIG_KEYS.WORKSPACE}.id`)
+    if (!workspaceId) {
+      this.log('You have not selected a Workspace. Please select first.')
+      this.printConsoleConfig()
+      this.exit(1)
+    }
+    await this.initSdk()
+
+    try {
+      const consoleConfig = await this.consoleCLI.getWorkspaceConfig(orgId, projectId, workspaceId)
+
+      const project = consoleConfig.project
+      const workspace = project.workspace
+
+      const bindings = await this.consoleCLI.getBindingsForWorkspace(orgId, project, workspace)
+
+      const found = bindings.find((value) => value.bindingId === args.idOrFingerprint || value.certificateFingerprint === args.idOrFingerprint)
+      if (found) {
+        const deleted = await this.consoleCLI.deleteBindingFromWorkspace(orgId, project, workspace, found)
+        if (deleted) {
+          this.log(`Deleted binding ${found.bindingId} from workspace ${workspace.name}`)
+        } else {
+          this.error(`Failed to delete binding ${found.bindingId} from workspace ${workspace.name}`)
+        }
+      } else {
+        this.error(`No binding found with bindingId or fingerprint ${args.idOrFingerprint}`)
+      }
+    } catch (err) {
+      aioConsoleLogger.debug(err)
+      this.error(err.message)
+    } finally {
+      this.cleanOutput()
+    }
+  }
+}
+
+DeleteCommand.description = 'Delete a public key certificate from the selected Workspace'
+
+DeleteCommand.flags = {
+  ...ConsoleCommand.flags,
+  orgId: flags.string({
+    description: 'Organization id of the Console Workspace to delete the public key certificate from'
+  }),
+  projectId: flags.string({
+    description: 'Project id of the Console Workspace to delete the public key certificate from'
+  }),
+  workspaceId: flags.string({
+    description: 'Workspace id of the Console Workspace to delete the public key certificate from'
+  })
+}
+
+DeleteCommand.args = [
+  {
+    name: 'idOrFingerprint',
+    required: true,
+    description: 'The bindingId or the fingerprint of the public key binding to delete'
+  }
+]
+
+DeleteCommand.aliases = []
+
+module.exports = DeleteCommand
diff --git a/src/commands/console/publickey/index.js b/src/commands/console/publickey/index.js
@@ -0,0 +1,71 @@
+/*
+Copyright 2022 Adobe Inc. All rights reserved.
+This file is licensed to you under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License. You may obtain a copy
+of the License at http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software distributed under
+the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS
+OF ANY KIND, either express or implied. See the License for the specific language
+governing permissions and limitations under the License.
+*/
+
+const Help = require('@oclif/plugin-help').default
+const ConsoleCommand = require('..')
+const { cli } = require('cli-ux')
+
+class IndexCommand extends ConsoleCommand {
+  async run () {
+    const help = new Help(this.config)
+    help.showHelp(['console:publickey', '--help'])
+  }
+}
+
+/**
+ * Pretty-print a table of public key certificate bindings.
+ *
+ * @param {{ bindingId: string,
+ *           orgId: string,
+ *           technicalAccountId: string,
+ *           certificateFingerprint: string,
+ *           notAfter: number }[]} bindings array of bindings results
+ */
+IndexCommand.printBindings = function (bindings) {
+  const columns = {
+    bindingId: {
+      header: 'ID'
+    },
+    certificateFingerprint: {
+      header: 'Fingerprint'
+    },
+    expiresString: {
+      header: 'Expires'
+    }
+  }
+  const decorateds = []
+  bindings.forEach(binding => {
+    const decorated = {}
+    Object.assign(decorated, binding)
+    decorated.expiresString = binding.notAfter ? this.formatExpiry(binding.notAfter) : ''
+    decorateds.push(decorated)
+  })
+  cli.table(decorateds, columns)
+}
+
+/**
+ * Format the notAfter field for readability into YYYY-MM-DD. Make result a
+ * little early by subtracting 1 day before truncating the time fields to
+ * provide a small grace period to users with time zone differences or time blindness.
+ *
+ * @param {number} notAfter GMT epoch in nanoseconds
+ * @returns {string} readable date
+ */
+IndexCommand.formatExpiry = function (notAfter) {
+  const realDate = new Date(notAfter - (24 * 60 * 60 * 1000))
+  return realDate.toISOString().substring(0, 10)
+}
+
+IndexCommand.description = 'Manage Public Key Bindings for your Adobe I/O Console Workspaces'
+
+IndexCommand.aliases = []
+
+module.exports = IndexCommand