Merge pull request #292 from MatrixAI/feature-unix-write

Implementing `secrets write` command

Author: aryanjassal

npmDepsHash

@@ -1 +1 @@
-sha256-lbtIQDruaGlF/lyCqRQLatL6n26VzaF0ezJXn8RgUGg=
+sha256-8rBOwTKsBhskBLbHJJrIwwtiW6FRXD8sOVvaGSW8I48=

package-lock.json

@@ -150,7 +150,7 @@
     "nexpect": "^0.6.0",
     "node-gyp-build": "^4.4.0",
     "nodemon": "^3.0.1",
-    "polykey": "^1.13.0",
+    "polykey": "^1.14.0",
     "prettier": "^3.0.0",
     "shelljs": "^0.8.5",
     "shx": "^0.3.4",

package.json

@@ -12,6 +12,7 @@ class CommandEdit extends CommandPolykey {
   constructor(...args: ConstructorParameters<typeof CommandPolykey>) {
     super(...args);
     this.name('edit');
+    this.alias('ed');
     this.description('Edit a Secret');
     this.argument(
       '<secretPath>',
@@ -62,21 +63,18 @@ class CommandEdit extends CommandPolykey {
         const tmpFile = path.join(tmpDir, path.basename(secretPath[1]));
         const secretExists = await binUtils.retryAuthentication(
           async (auth) => {
-            let exists: boolean = true;
-            const response =
-              await pkClient.rpcClient.methods.vaultsSecretsGet();
-            await (async () => {
-              const writer = response.writable.getWriter();
-              await writer.write({
-                nameOrId: secretPath[0],
-                secretName: secretPath[1],
-                metadata: auth,
-              });
-              await writer.close();
-            })();
+            let exists = true;
+            const res = await pkClient.rpcClient.methods.vaultsSecretsGet();
+            const writer = res.writable.getWriter();
+            await writer.write({
+              nameOrId: secretPath[0],
+              secretName: secretPath[1],
+              metadata: auth,
+            });
+            await writer.close();
             try {
               let rawSecretContent: string = '';
-              for await (const chunk of response.readable) {
+              for await (const chunk of res.readable) {
                 rawSecretContent += chunk.secretContent;
               }
               const secretContent = Buffer.from(rawSecretContent, 'binary');
@@ -99,9 +97,8 @@ class CommandEdit extends CommandPolykey {
         execSync(`${process.env.EDITOR} \"${tmpFile}\"`, { stdio: 'inherit' });
         let content: string;
         try {
-          content = (await this.fs.promises.readFile(tmpFile)).toString(
-            'binary',
-          );
+          const buffer = await this.fs.promises.readFile(tmpFile);
+          content = buffer.toString('binary');
         } catch (e) {
           if (e.code === 'ENOENT') {
             // If the secret exists but the file doesn't, then something went
@@ -125,26 +122,17 @@ class CommandEdit extends CommandPolykey {
           }
           throw e;
         }
-        await binUtils.retryAuthentication(async (auth) => {
-          // This point will never be reached if the temp file doesn't exist.
-          // As such, if the secret didn't exist before, then we want to make it.
-          // Otherwise, if the secret existed before, then we want to edit it.
-          if (secretExists) {
-            await pkClient.rpcClient.methods.vaultsSecretsEdit({
-              metadata: auth,
-              nameOrId: secretPath[0],
-              secretName: secretPath[1],
-              secretContent: content,
-            });
-          } else {
-            await pkClient.rpcClient.methods.vaultsSecretsNew({
+        // We will reach here only when the user wants to write a new secret.
+        await binUtils.retryAuthentication(
+          async (auth) =>
+            await pkClient.rpcClient.methods.vaultsSecretsWriteFile({
               metadata: auth,
               nameOrId: secretPath[0],
               secretName: secretPath[1],
               secretContent: content,
-            });
-          }
-        }, meta);
+            }),
+          meta,
+        );
         // Windows
         // TODO: complete windows impl
       } finally {

src/secrets/CommandEdit.ts

@@ -9,7 +9,7 @@ class CommandList extends CommandPolykey {
   constructor(...args: ConstructorParameters<typeof CommandPolykey>) {
     super(...args);
     this.name('ls');
-    this.aliases(['list']);
+    this.alias('list');
     this.description('List all secrets for a vault within a directory');
     this.argument(
       '<directoryPath>',

src/secrets/CommandList.ts

@@ -5,10 +5,11 @@ import * as binOptions from '../utils/options';
 import * as binParsers from '../utils/parsers';
 import * as binProcessors from '../utils/processors';
 
-class CommandDelete extends CommandPolykey {
+class CommandRemove extends CommandPolykey {
   constructor(...args: ConstructorParameters<typeof CommandPolykey>) {
     super(...args);
     this.name('rm');
+    this.alias('remove');
     this.description('Delete a Secret from a specified Vault');
     this.argument(
       '<secretPaths...>',
@@ -78,4 +79,4 @@ class CommandDelete extends CommandPolykey {
   }
 }
 
-export default CommandDelete;
+export default CommandRemove;

src/secrets/CommandRemove.ts

@@ -7,8 +7,8 @@ import CommandList from './CommandList';
 import CommandMkdir from './CommandMkdir';
 import CommandRename from './CommandRename';
 import CommandRemove from './CommandRemove';
-import CommandUpdate from './CommandUpdate';
 import CommandStat from './CommandStat';
+import CommandWrite from './CommandWrite';
 import CommandPolykey from '../CommandPolykey';
 
 class CommandSecrets extends CommandPolykey {
@@ -25,8 +25,8 @@ class CommandSecrets extends CommandPolykey {
     this.addCommand(new CommandMkdir(...args));
     this.addCommand(new CommandRename(...args));
     this.addCommand(new CommandRemove(...args));
-    this.addCommand(new CommandUpdate(...args));
     this.addCommand(new CommandStat(...args));
+    this.addCommand(new CommandWrite(...args));
   }
 }
 

src/secrets/CommandSecrets.ts

@@ -1,29 +1,24 @@
 import type PolykeyClient from 'polykey/dist/PolykeyClient';
-import * as errors from '../errors';
 import CommandPolykey from '../CommandPolykey';
+import * as binProcessors from '../utils/processors';
+import * as binParsers from '../utils/parsers';
 import * as binUtils from '../utils';
 import * as binOptions from '../utils/options';
-import * as binParsers from '../utils/parsers';
-import * as binProcessors from '../utils/processors';
 
-class CommandUpdate extends CommandPolykey {
+class CommandWrite extends CommandPolykey {
   constructor(...args: ConstructorParameters<typeof CommandPolykey>) {
     super(...args);
-    this.name('update');
-    this.description('Update a Secret');
-    this.argument(
-      '<directoryPath>',
-      'On disk path to the secret file with the contents of the updated secret',
-    );
+    this.name('write');
+    this.description('Write data into a secret from standard in');
     this.argument(
       '<secretPath>',
-      'Path to where the secret to be updated, specified as <vaultName>:<directoryPath>',
+      'Path to the secret, specified as <vaultName>:<directoryPath>',
       binParsers.parseSecretPathValue,
     );
     this.addOption(binOptions.nodeId);
     this.addOption(binOptions.clientHost);
     this.addOption(binOptions.clientPort);
-    this.action(async (directoryPath, secretPath, options) => {
+    this.action(async (secretPath, options) => {
       const { default: PolykeyClient } = await import(
         'polykey/dist/PolykeyClient'
       );
@@ -54,27 +49,36 @@ class CommandUpdate extends CommandPolykey {
           },
           logger: this.logger.getChild(PolykeyClient.name),
         });
-        let content: Buffer;
-        try {
-          content = await this.fs.promises.readFile(directoryPath);
-        } catch (e) {
-          throw new errors.ErrorPolykeyCLIFileRead(e.message, {
-            data: {
-              errno: e.errno,
-              syscall: e.syscall,
-              code: e.code,
-              path: e.path,
-            },
-            cause: e,
-          });
-        }
+
+        let stdin: string = '';
+        await new Promise<void>((resolve, reject) => {
+          const cleanup = () => {
+            process.stdin.removeListener('data', dataHandler);
+            process.stdin.removeListener('error', errorHandler);
+            process.stdin.removeListener('end', endHandler);
+          };
+          const dataHandler = (data: Buffer) => {
+            stdin += data.toString();
+          };
+          const errorHandler = (err: Error) => {
+            cleanup();
+            reject(err);
+          };
+          const endHandler = () => {
+            cleanup();
+            resolve();
+          };
+          process.stdin.on('data', dataHandler);
+          process.stdin.once('error', errorHandler);
+          process.stdin.once('end', endHandler);
+        });
         await binUtils.retryAuthentication(
-          (auth) =>
-            pkClient.rpcClient.methods.vaultsSecretsEdit({
+          async (auth) =>
+            await pkClient.rpcClient.methods.vaultsSecretsWriteFile({
               metadata: auth,
               nameOrId: secretPath[0],
               secretName: secretPath[1],
-              secretContent: content.toString('binary'),
+              secretContent: stdin,
             }),
           meta,
         );
@@ -85,4 +89,4 @@ class CommandUpdate extends CommandPolykey {
   }
 }
 
-export default CommandUpdate;
+export default CommandWrite;