-
Notifications
You must be signed in to change notification settings - Fork 22
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add support to generate API token with
tz api-token create
Signed-off-by: Anuj Chaudhari <[email protected]>
- Loading branch information
Showing
13 changed files
with
414 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
## tanzu api-token | ||
|
||
Manage API Tokens for Tanzu Platform | ||
|
||
### Options | ||
|
||
``` | ||
-h, --help help for api-token | ||
``` | ||
|
||
### SEE ALSO | ||
|
||
* [tanzu](tanzu.md) - The Tanzu CLI | ||
* [tanzu api-token create](tanzu_api-token_create.md) - Create a new API Token for Tanzu Platform | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
## tanzu api-token create | ||
|
||
Create a new API Token for Tanzu Platform | ||
|
||
``` | ||
tanzu api-token create [flags] | ||
``` | ||
|
||
### Examples | ||
|
||
``` | ||
# Create an API Token for the Tanzu Platform | ||
tanzu api-token create | ||
# Note: The retrieved token can be used as the value of TANZU_API_TOKEN | ||
# when running 'tanzu login'. For example: | ||
TANZU_API_TOKEN=<token> tanzu login | ||
``` | ||
|
||
### Options | ||
|
||
``` | ||
-h, --help help for create | ||
``` | ||
|
||
### SEE ALSO | ||
|
||
* [tanzu api-token](tanzu_api-token.md) - Manage API Tokens for Tanzu Platform | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,105 @@ | ||
// Copyright 2024 VMware, Inc. All Rights Reserved. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
package command | ||
|
||
import ( | ||
"fmt" | ||
"net/url" | ||
|
||
"github.com/fatih/color" | ||
"github.com/pkg/errors" | ||
"github.com/spf13/cobra" | ||
|
||
"github.com/vmware-tanzu/tanzu-plugin-runtime/config" | ||
"github.com/vmware-tanzu/tanzu-plugin-runtime/config/types" | ||
"github.com/vmware-tanzu/tanzu-plugin-runtime/plugin" | ||
|
||
commonauth "github.com/vmware-tanzu/tanzu-cli/pkg/auth/common" | ||
"github.com/vmware-tanzu/tanzu-cli/pkg/auth/uaa" | ||
"github.com/vmware-tanzu/tanzu-cli/pkg/cli" | ||
"github.com/vmware-tanzu/tanzu-cli/pkg/constants" | ||
) | ||
|
||
func newAPITokenCmd() *cobra.Command { | ||
apiTokenCmd := &cobra.Command{ | ||
Use: "api-token", | ||
Short: "Manage API Tokens for Tanzu Platform", | ||
Aliases: []string{"apitoken"}, | ||
Annotations: map[string]string{ | ||
"group": string(plugin.SystemCmdGroup), | ||
}, | ||
} | ||
|
||
apiTokenCmd.SetUsageFunc(cli.SubCmdUsageFunc) | ||
apiTokenCmd.AddCommand( | ||
newAPITokenCreateCmd(), | ||
) | ||
|
||
return apiTokenCmd | ||
} | ||
|
||
func newAPITokenCreateCmd() *cobra.Command { | ||
createCmd := &cobra.Command{ | ||
Use: "create", | ||
Short: "Create a new API Token for Tanzu Platform", | ||
Aliases: []string{}, | ||
Example: ` | ||
# Create an API Token for the Tanzu Platform | ||
tanzu api-token create | ||
# Note: The retrieved token can be used as the value of TANZU_API_TOKEN | ||
# when running 'tanzu login'. For example: | ||
TANZU_API_TOKEN=<token> tanzu login`, | ||
RunE: createAPIToken, | ||
ValidArgsFunction: noMoreCompletions, | ||
} | ||
|
||
return createCmd | ||
} | ||
|
||
func createAPIToken(cmd *cobra.Command, _ []string) (err error) { | ||
c, err := config.GetActiveContext(types.ContextTypeTanzu) | ||
if err != nil { | ||
return errors.New("no active context of type `tanzu`. Please login to Tanzu Platform first to generate an API token") | ||
} | ||
if c == nil || c.GlobalOpts == nil || c.GlobalOpts.Auth.Issuer == "" { | ||
return errors.New("invalid active context of type `tanzu`. Please login to Tanzu Platform first to generate an API token") | ||
} | ||
// Make sure it is of type tanzu with tanzuIdpType as `uaa` else return error | ||
if idpType, exist := c.AdditionalMetadata[config.TanzuIdpTypeKey]; !exist || idpType != string(config.UAAIdpType) { | ||
return errors.New("command no supported. Please refer to documentation on how to generate an API token for a public Tanzu Platform endpoint via https://console.tanzu.broadcom.com") | ||
} | ||
|
||
var token *commonauth.Token | ||
// If user chooses to use a specific local listener port, use it | ||
// Also specify the client ID to use for token generation | ||
loginOptions := []commonauth.LoginOption{ | ||
commonauth.WithListenerPortFromEnv(constants.TanzuCLIOAuthLocalListenerPort), | ||
commonauth.WithClientID(uaa.GetAlternateClientID()), | ||
} | ||
|
||
token, err = uaa.TanzuLogin(c.GlobalOpts.Auth.Issuer, loginOptions...) | ||
if err != nil { | ||
return errors.Wrap(err, "unable to login") | ||
} | ||
|
||
// Get tanzu platform endpoint as best effort from the existing context | ||
tpEndpoint := "<tanzu-platform-endpoint>" | ||
if hubEndpoint, exist := c.AdditionalMetadata[config.TanzuHubEndpointKey]; exist && hubEndpoint != nil { | ||
u, err := url.Parse(hubEndpoint.(string)) | ||
if err == nil { | ||
tpEndpoint = fmt.Sprintf("%s://%s", u.Scheme, u.Host) | ||
} | ||
} | ||
|
||
cyanBold := color.New(color.FgCyan).Add(color.Bold) | ||
bold := color.New(color.Bold) | ||
|
||
fmt.Fprint(cmd.OutOrStdout(), bold.Sprint("==\n\n")) | ||
fmt.Fprintf(cmd.OutOrStdout(), "%s Your generated API token is: %s\n\n", bold.Sprint("API Token Generation Successful!"), cyanBold.Sprint(token.RefreshToken)) | ||
fmt.Fprintf(cmd.OutOrStdout(), "For non-interactive login use the API token as follows: %s\n\n", cyanBold.Sprintf("TANZU_API_TOKEN=%s tanzu login --endpoint %s", token.RefreshToken, tpEndpoint)) | ||
fmt.Fprint(cmd.OutOrStdout(), "Please copy and save your token securely. Note that you will need to regenerate a new token before expiration time and login again to continue using the CLI.\n") | ||
|
||
return nil | ||
} |
Oops, something went wrong.