refactor ecs ssl commands to be just flags

synfinatic · Jul 16, 2024 · 84dfcf5 · 84dfcf5
1 parent 81f9b5c
commit 84dfcf5
Show file tree

Hide file tree

Showing 5 changed files with 30 additions and 47 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -11,6 +11,8 @@
    * `config` is now `setup wizard` and `ConfigProfilesUrlAction` config option is no longer used
    * `config-profiles` is now `setup profiles`
    * `completions` is now `setup completions`
+   * Make `--url-action` and `--sts-refresh` command specific options
+   * Refactor `ecs ssl` commands to be just flags.
  * Remove `--open` option from `process` command #291
  * Only the and `cache` command will auto-update the contents of `~/.aws/config` #974
  * `tags` command no longer supports the `--force-update` option

diff --git a/cmd/aws-sso/ecs_cmd.go b/cmd/aws-sso/ecs_cmd.go
@@ -62,54 +62,44 @@ func (cc *EcsAuthCmd) Run(ctx *RunContext) error {
 }
 
 type EcsSSLCmd struct {
-	Delete EcsSSLDeleteCmd `kong:"cmd,help='Delete the current SSL certificate/private key'"`
-	Print  EcsSSLPrintCmd  `kong:"cmd,help='Print the current SSL certificate'"`
-	Save   EcsSSLSaveCmd   `kong:"cmd,help='Save a new SSL certificate/private key'"`
-}
-
-type EcsSSLSaveCmd struct {
-	Certificate string `kong:"short=c,type='existingfile',help='Path to certificate chain PEM file',predictor='allFiles',required"`
-	PrivateKey  string `kong:"short=p,type='existingfile',help='Path to private key file PEM file',predictor='allFiles'"`
+	Delete      bool   `kong:"short=d,help='Disable SSL and delete the current SSL cert/key',xor='flag,cert,key'"`
+	Print       bool   `kong:"short=p,help='Print the current SSL certificate',xor='flag,cert,key'"`
+	Certificate string `kong:"short=c,type='existingfile',help='Path to certificate chain PEM file',predictor='allFiles',group='add-ssl',xor='cert'"`
+	PrivateKey  string `kong:"short=k,type='existingfile',help='Path to private key file PEM file',predictor='allFiles',group='add-ssl',xor='key'"`
 	Force       bool   `kong:"hidden,help='Force loading the certificate'"`
 }
 
-type EcsSSLDeleteCmd struct{}
-
-func (cc *EcsSSLDeleteCmd) Run(ctx *RunContext) error {
-	return ctx.Store.DeleteEcsSslKeyPair()
-}
-
-type EcsSSLPrintCmd struct{}
-
-func (cc *EcsSSLPrintCmd) Run(ctx *RunContext) error {
-	cert, err := ctx.Store.GetEcsSslCert()
-	if err != nil {
-		return err
-	}
-	if cert == "" {
-		return fmt.Errorf("no certificate found")
+func (cc *EcsSSLCmd) Run(ctx *RunContext) error {
+	if ctx.Cli.Ecs.SSL.Delete {
+		return ctx.Store.DeleteEcsSslKeyPair()
+	} else if ctx.Cli.Ecs.SSL.Print {
+		cert, err := ctx.Store.GetEcsSslCert()
+		if err != nil {
+			return err
+		}
+		if cert == "" {
+			return fmt.Errorf("no certificate found")
+		}
+		fmt.Println(cert)
+		return nil
 	}
-	fmt.Println(cert)
-	return nil
-}
 
-func (cc *EcsSSLSaveCmd) Run(ctx *RunContext) error {
 	var privateKey, certChain []byte
 	var err error
 
-	if !ctx.Cli.Ecs.SSL.Save.Force {
+	if !ctx.Cli.Ecs.SSL.Force {
 		log.Warn("This feature is experimental and may not work as expected.")
 		log.Warn("Please read https://github.com/synfinatic/aws-sso-cli/issues/936 before contiuing.")
 		log.Fatal("Use `--force` to continue anyways.")
 	}
 
-	certChain, err = os.ReadFile(ctx.Cli.Ecs.SSL.Save.Certificate)
+	certChain, err = os.ReadFile(ctx.Cli.Ecs.SSL.Certificate)
 	if err != nil {
 		return fmt.Errorf("failed to read certificate chain file: %w", err)
 	}
 
-	if ctx.Cli.Ecs.SSL.Save.PrivateKey != "" {
-		privateKey, err = os.ReadFile(ctx.Cli.Ecs.SSL.Save.PrivateKey)
+	if ctx.Cli.Ecs.SSL.PrivateKey != "" {
+		privateKey, err = os.ReadFile(ctx.Cli.Ecs.SSL.PrivateKey)
 		if err != nil {
 			return fmt.Errorf("failed to read private key file: %w", err)
 		}

diff --git a/cmd/aws-sso/main.go b/cmd/aws-sso/main.go
@@ -264,6 +264,10 @@ func parseArgs(cli *CLI) (*kong.Context, sso.OverrideSettings) {
 			Title: "Commands requiring login:",
 			Key:   "login-required",
 		},
+		{
+			Title: "Add SSL Certificate/Key:",
+			Key:   "add-ssl",
+		},
 	}
 
 	parser := kong.Must(

diff --git a/docs/ecs-commands.md b/docs/ecs-commands.md
@@ -79,7 +79,7 @@ Flags:
 
 ---
 
-### ecs ssl save
+### ecs ssl
 
  Configures the SSL Certificate and Private Key to enable SSL/TLS.  Saves the
  SSL certificate and private key to the SecureStore.
@@ -89,24 +89,13 @@ Flags:
 
  Flags:
 
+  * `--delete` -- Disables SSL and deletes both the SSL certificate and private key from the Secure Store
+  * `--print` -- Prints the SSL certificate
   * `--certificate` -- Path to SSL certificate file in PEM format
   * `--private-key` -- Path to SSL private key in PEM format
 
 ---
 
-### ecs ssl delete
-
-Delete the SSL certificate and private key from the Secure Store and disables
-SSL/TLS for the ECS Server.
-
----
-
-### ecs ssl print
-
-Prints the SSL public certificate stored in the SecureStore.
-
----
-
 ### ecs server
 
 Starts the ECS Server in the foreground.

diff --git a/internal/sso/settings_test.go b/internal/sso/settings_test.go
@@ -323,7 +323,6 @@ func (suite *SettingsTestSuite) TestSetOverrides() {
 		LogLines:   true,
 		Browser:    "my-browser",
 		DefaultSSO: "hello",
-		UrlAction:  url.PrintUrl,
 		Threads:    10,
 	}
 
@@ -333,7 +332,6 @@ func (suite *SettingsTestSuite) TestSetOverrides() {
 	assert.True(t, log.ReportCaller)
 	assert.Equal(t, "my-browser", s.Browser)
 	assert.Equal(t, "hello", s.DefaultSSO)
-	assert.Equal(t, url.PrintUrl, s.UrlAction)
 	assert.Equal(t, 10, s.Threads)
 }