From 9b8b250a7dc79abfb5be3cc6d24c68ef86c9c0db Mon Sep 17 00:00:00 2001 From: Tof1973 Date: Mon, 6 May 2024 11:15:09 +0200 Subject: [PATCH] Add --no-reason argument --- README.md | 12 +++++++++--- cmd/ocm-backplane/elevate/elevate.go | 14 ++++++++++++++ 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 1003602c..c6927b73 100644 --- a/README.md +++ b/README.md @@ -272,6 +272,7 @@ ocm backplane session --delete If you need to run some oc command(s) with elevation using backplane-cluster-admin user, you can use the elevate command for this. Backplane elevate takes as first positional argument the reason for this elevation. If the first argument is an empty string, then it will be considered as an empty reason, but you cannot just skip the reason argument if you provide also other positional argument(s). +If you want to not provide an empty string as reason, you can use the -n/--no-reason option and oc command will start at first positional argument. The elevate command requires a none empty reason for the elevation. When a reason is provided it will be used for future usage, in order you do not have to provide a reason for each elevation commands. The reasons are stored in the kubeconfig context, so it is valid only for the cluster for which it has been provided. When a reason is created/used, the last used reason timestamp is updated in the context, and the reason will be kept for 20min after its last usage, in order to avoid bad usage. @@ -290,6 +291,11 @@ If you run the elevate command with an empty reason for the first time (or after $ ocm-backplane elevate '' -- get secret xxx Please enter a reason for elevation, it will be stored in current context for 20 minutes : ``` +or +``` +$ ocm-backplane elevate -n -- get secret xxx +Please enter a reason for elevation, it will be stored in current context for 20 minutes : +``` If then you rerun an elevate command, for the same cluster, before the expiration delay, no prompt will be done and previous reason will be used for elevation. ### Run elevate without command @@ -307,16 +313,16 @@ Please enter a reason for elevation, it will be stored in current context for 20 If a prompt is required but that stdin and/or stderr are redirected to file or output, then an error will be generated. ``` -$ cat patch.json | ocm-backplane elevate '' -- patch -f - +$ cat patch.json | ocm-backplane elevate -n -- patch -f - ERRO[0000] please enter a reason for elevation -$ ocm-backplane elevate '' -- get secret xxx 2> error.txt +$ ocm-backplane elevate -n -- get secret xxx 2> error.txt ERRO[0000] please enter a reason for elevation ``` In order to avoid those errors, you can either run the the elevate without command before or provide a none empty reason. No issue if only stdout is redirected. ``` -$ ocm-backplane elevate '' -- get secret xxx | grep xxx +$ ocm-backplane elevate -n -- get secret xxx | grep xxx Please enter a reason for elevation, it will be stored in current context for 20 minutes : ``` diff --git a/cmd/ocm-backplane/elevate/elevate.go b/cmd/ocm-backplane/elevate/elevate.go index af98f6fd..4e6c0bb7 100644 --- a/cmd/ocm-backplane/elevate/elevate.go +++ b/cmd/ocm-backplane/elevate/elevate.go @@ -5,6 +5,7 @@ import ( "github.com/spf13/cobra" ) +var noReason bool var ElevateCmd = &cobra.Command{ Use: "elevate [ []]", Short: "Give a justification for elevating privileges to backplane-cluster-admin and attach it to your user object", @@ -20,6 +21,19 @@ If no COMMAND (and eventualy also REASON) is/are provided then the command will SilenceUsage: true, } +func init() { + ElevateCmd.Flags().BoolVarP( + &noReason, + "no-reason", + "n", + false, + "Do not take reason as first argument, and prompt for it if needed and possible.", + ) +} + func runElevate(cmd *cobra.Command, argv []string) error { + if noReason { + argv = append([]string{""}, argv...) + } return elevate.RunElevate(argv) }