From 9c76f0b2e5a4cdc6328555db2a81447d7dae6375 Mon Sep 17 00:00:00 2001 From: Seth Vargo Date: Thu, 21 Sep 2017 12:38:39 -0500 Subject: [PATCH] Use a unified helper for seal output --- command/format.go | 47 +++++++++++++++++++++++++++++ command/operator_unseal.go | 21 +++---------- command/status.go | 62 +++----------------------------------- 3 files changed, 56 insertions(+), 74 deletions(-) diff --git a/command/format.go b/command/format.go index 35dcb482da..a23268e46f 100644 --- a/command/format.go +++ b/command/format.go @@ -206,3 +206,50 @@ func (t TableFormatter) OutputSecret(ui cli.Ui, secret *api.Secret) error { })) return nil } + +func OutputSealStatus(ui cli.Ui, client *api.Client, status *api.SealStatusResponse) int { + out := []string{} + out = append(out, "Key | Value") + out = append(out, fmt.Sprintf("Sealed | %t", status.Sealed)) + out = append(out, fmt.Sprintf("Total Shares | %d", status.N)) + + if status.Sealed { + out = append(out, fmt.Sprintf("Unseal Progress | %d/%d", status.Progress, status.T)) + out = append(out, fmt.Sprintf("Unseal Nonce | %s", status.Nonce)) + } + + out = append(out, fmt.Sprintf("Version | %s", status.Version)) + + if status.ClusterName != "" && status.ClusterID != "" { + out = append(out, fmt.Sprintf("Cluster Name | %s", status.ClusterName)) + out = append(out, fmt.Sprintf("Cluster ID | %s", status.ClusterID)) + } + + // Mask the 'Vault is sealed' error, since this means HA is enabled, but that + // we cannot query for the leader since we are sealed. + leaderStatus, err := client.Sys().Leader() + if err != nil && strings.Contains(err.Error(), "Vault is sealed") { + leaderStatus = &api.LeaderResponse{HAEnabled: true} + } + + // Output if HA is enabled + out = append(out, fmt.Sprintf("HA Enabled | %t", leaderStatus.HAEnabled)) + if leaderStatus.HAEnabled { + mode := "sealed" + if !status.Sealed { + mode = "standby" + if leaderStatus.IsSelf { + mode = "active" + } + } + + out = append(out, fmt.Sprintf("HA Mode | %s", mode)) + + if !status.Sealed { + out = append(out, fmt.Sprintf("HA Cluster | %s", leaderStatus.LeaderClusterAddress)) + } + } + + ui.Output(tableOutput(out, nil)) + return 0 +} diff --git a/command/operator_unseal.go b/command/operator_unseal.go index 86c78005d4..e2957647d1 100644 --- a/command/operator_unseal.go +++ b/command/operator_unseal.go @@ -6,7 +6,6 @@ import ( "os" "strings" - "github.com/hashicorp/vault/api" "github.com/hashicorp/vault/helper/password" "github.com/mitchellh/cli" "github.com/posener/complete" @@ -69,7 +68,7 @@ func (c *OperatorUnsealCommand) Flags() *FlagSets { } func (c *OperatorUnsealCommand) AutocompleteArgs() complete.Predictor { - return c.PredictVaultFiles() + return complete.PredictAnything } func (c *OperatorUnsealCommand) AutocompleteFlags() complete.Flags { @@ -109,8 +108,7 @@ func (c *OperatorUnsealCommand) Run(args []string) int { c.UI.Error(fmt.Sprintf("Error resetting unseal process: %s", err)) return 2 } - c.prettySealStatus(status) - return 0 + return OutputSealStatus(c.UI, client, status) } if unsealKey == "" { @@ -120,7 +118,7 @@ func (c *OperatorUnsealCommand) Run(args []string) int { writer = c.testOutput } - fmt.Fprintf(writer, "Key (will be hidden): ") + fmt.Fprintf(writer, "Unseal Key (will be hidden): ") value, err := password.Read(os.Stdin) fmt.Fprintf(writer, "\n") if err != nil { @@ -143,16 +141,5 @@ func (c *OperatorUnsealCommand) Run(args []string) int { return 2 } - c.prettySealStatus(status) - return 0 -} - -func (c *OperatorUnsealCommand) prettySealStatus(status *api.SealStatusResponse) { - c.UI.Output(fmt.Sprintf("Sealed: %t", status.Sealed)) - c.UI.Output(fmt.Sprintf("Key Shares: %d", status.N)) - c.UI.Output(fmt.Sprintf("Key Threshold: %d", status.T)) - c.UI.Output(fmt.Sprintf("Unseal Progress: %d", status.Progress)) - if status.Nonce != "" { - c.UI.Output(fmt.Sprintf("Unseal Nonce: %s", status.Nonce)) - } + return OutputSealStatus(c.UI, client, status) } diff --git a/command/status.go b/command/status.go index ca81dba105..b31b093c17 100644 --- a/command/status.go +++ b/command/status.go @@ -4,7 +4,6 @@ import ( "fmt" "strings" - "github.com/hashicorp/vault/api" "github.com/mitchellh/cli" "github.com/posener/complete" ) @@ -72,68 +71,17 @@ func (c *StatusCommand) Run(args []string) int { return 1 } - sealStatus, err := client.Sys().SealStatus() + status, err := client.Sys().SealStatus() if err != nil { c.UI.Error(fmt.Sprintf("Error checking seal status: %s", err)) return 1 } - outStr := fmt.Sprintf( - "Sealed: %v\n"+ - "Key Shares: %d\n"+ - "Key Threshold: %d\n"+ - "Unseal Progress: %d\n"+ - "Unseal Nonce: %v\n"+ - "Version: %s", - sealStatus.Sealed, - sealStatus.N, - sealStatus.T, - sealStatus.Progress, - sealStatus.Nonce, - sealStatus.Version) + // Do not return the int here, since we want to return a custom error code + // depending on the seal status. + OutputSealStatus(c.UI, client, status) - if sealStatus.ClusterName != "" && sealStatus.ClusterID != "" { - outStr = fmt.Sprintf("%s\nCluster Name: %s\nCluster ID: %s", outStr, sealStatus.ClusterName, sealStatus.ClusterID) - } - - c.UI.Output(outStr) - - // Mask the 'Vault is sealed' error, since this means HA is enabled, but that - // we cannot query for the leader since we are sealed. - leaderStatus, err := client.Sys().Leader() - if err != nil && strings.Contains(err.Error(), "Vault is sealed") { - leaderStatus = &api.LeaderResponse{HAEnabled: true} - err = nil - } - if err != nil { - c.UI.Error(fmt.Sprintf("Error checking leader status: %s", err)) - return 1 - } - - // Output if HA is enabled - c.UI.Output("") - c.UI.Output(fmt.Sprintf("High-Availability Enabled: %v", leaderStatus.HAEnabled)) - if leaderStatus.HAEnabled { - if sealStatus.Sealed { - c.UI.Output("\tMode: sealed") - } else { - mode := "standby" - if leaderStatus.IsSelf { - mode = "active" - } - c.UI.Output(fmt.Sprintf("\tMode: %s", mode)) - - if leaderStatus.LeaderAddress == "" { - leaderStatus.LeaderAddress = "" - } - if leaderStatus.LeaderClusterAddress == "" { - leaderStatus.LeaderClusterAddress = "" - } - c.UI.Output(fmt.Sprintf("\tLeader Cluster Address: %s", leaderStatus.LeaderClusterAddress)) - } - } - - if sealStatus.Sealed { + if status.Sealed { return 2 }