diff --git a/src/access_handlers/docker.rs b/src/access_handlers/docker.rs index 5073c36..0d1da94 100644 --- a/src/access_handlers/docker.rs +++ b/src/access_handlers/docker.rs @@ -9,15 +9,17 @@ use itertools::Itertools; use simplelog::*; use tokio; -use crate::configparser::{config, get_config}; +use crate::configparser::{get_config, get_profile_config}; /// container registry / daemon access checks #[tokio::main(flavor = "current_thread")] // make this a sync function -pub async fn check(profile: &config::ProfileConfig) -> Result<()> { +pub async fn check(profile_name: &str) -> Result<()> { // docker / podman does not keep track of whether registry credentials are // valid or not. to check if we do have valid creds, we need to do something // to present creds, like pulling an image. + let profile = get_profile_config(profile_name)?; + let client = client() .await // truncate error chain with new error (returned error is way too verbose) diff --git a/src/access_handlers/frontend.rs b/src/access_handlers/frontend.rs index 1e11815..2228b55 100644 --- a/src/access_handlers/frontend.rs +++ b/src/access_handlers/frontend.rs @@ -1,8 +1,9 @@ use anyhow::{Error, Result}; -use crate::configparser::{config, CONFIG}; +use crate::configparser::{get_config, get_profile_config}; /// frontend dashbard access checks -pub fn check(profile: &config::ProfileConfig) -> Result<()> { +pub fn check(profile_name: &str) -> Result<()> { + let profile = get_profile_config(profile_name)?; Ok(()) } diff --git a/src/access_handlers/kube.rs b/src/access_handlers/kube.rs index f29c911..05c7d04 100644 --- a/src/access_handlers/kube.rs +++ b/src/access_handlers/kube.rs @@ -7,11 +7,13 @@ use kube; use simplelog::*; use tokio; -use crate::configparser::{config, CONFIG}; +use crate::configparser::{config, get_config, get_profile_config}; /// kubernetes access checks #[tokio::main(flavor = "current_thread")] // make this a sync function -pub async fn check(profile: &config::ProfileConfig) -> Result<()> { +pub async fn check(profile_name: &str) -> Result<()> { + let profile = get_profile_config(profile_name)?; + // we need to make sure that: // a) can talk to the cluster // b) have the right permissions (a la `kubectl auth can-i`) diff --git a/src/access_handlers/s3.rs b/src/access_handlers/s3.rs index 568ecce..5976ce9 100644 --- a/src/access_handlers/s3.rs +++ b/src/access_handlers/s3.rs @@ -1,8 +1,9 @@ use anyhow::{Error, Result}; -use crate::configparser::{config, CONFIG}; +use crate::configparser::{get_config, get_profile_config}; /// s3 bucket access checks -pub fn check(profile: &config::ProfileConfig) -> Result<()> { +pub fn check(profile_name: &str) -> Result<()> { + let profile = get_profile_config(profile_name)?; Ok(()) } diff --git a/src/commands/check_access.rs b/src/commands/check_access.rs index e9a837f..17571c0 100644 --- a/src/commands/check_access.rs +++ b/src/commands/check_access.rs @@ -38,31 +38,25 @@ pub fn run(profile: &str, kubernetes: &bool, frontend: &bool, registry: &bool) { } /// checks a single profile (`profile`) for the given accesses -fn check_profile( - profile_name: &str, - kubernetes: bool, - frontend: bool, - registry: bool, -) -> Result<()> { - let profile = get_profile_config(profile_name)?; - info!("checking profile {profile_name}..."); +fn check_profile(name: &str, kubernetes: bool, frontend: bool, registry: bool) -> Result<()> { + info!("checking profile {name}..."); // todo: this works but ehhh let mut results = vec![]; if kubernetes { - results.push(access::kube::check(profile)); + results.push(access::kube::check(name)); } if frontend { - results.push(access::frontend::check(profile)); + results.push(access::frontend::check(name)); } if registry { - results.push(access::docker::check(profile)); + results.push(access::docker::check(name)); } // takes first Err in vec as Result() return results .into_iter() .collect::>() - .with_context(|| format!("Error in profile '{profile_name}'")) + .with_context(|| format!("Error in profile '{name}'")) }