add configure command

Author: stang

cmd/git-remote-https+iap/main.go

@@ -21,6 +21,9 @@ const (
 var (
 	version string
 
+	// only used in configureCmd
+	repoURL, helperID, helperSecret, clientID string
+
 	rootCmd = &cobra.Command{
 		Use:   fmt.Sprintf("%s remote url", BinaryName),
 		Short: "git-remote-helper that handles authentication for GCP Identity Aware Proxy",
@@ -39,12 +42,28 @@ var (
 		Short: "Install protocol in Git config",
 		Run:   installGitProtocol,
 	}
+
+	configureCmd = &cobra.Command{
+		Use:   "configure",
+		Short: "Configure IAP for a given repository",
+		Run:   configureIAP,
+	}
 )
 
 func init() {
 	rootCmd.AddCommand(versionCmd)
 	rootCmd.AddCommand(installProtocolCmd)
 
+	configureCmd.Flags().StringVar(&repoURL, "repoURL", "", "URL of the git repository to configure (required)")
+	configureCmd.MarkFlagRequired("repoURL")
+	configureCmd.Flags().StringVar(&helperID, "helperID", "", "OAuth Client ID for the helper (required)")
+	configureCmd.MarkFlagRequired("helperID")
+	configureCmd.Flags().StringVar(&helperSecret, "helperSecret", "", "OAuth Client Secret for the helper (required)")
+	configureCmd.MarkFlagRequired("helperSecret")
+	configureCmd.Flags().StringVar(&clientID, "clientID", "", "OAuth Client ID of the IAP instance (required)")
+	configureCmd.MarkFlagRequired("clientID")
+	rootCmd.AddCommand(configureCmd)
+
 	// set default log level
 	zerolog.SetGlobalLevel(zerolog.DebugLevel)
 }
@@ -74,6 +93,28 @@ func installGitProtocol(cmd *cobra.Command, args []string) {
 	log.Info().Msgf("%s protocol configured in git!", p)
 }
 
+func configureIAP(cmd *cobra.Command, args []string) {
+	repo, err := _url.Parse(repoURL)
+	https := fmt.Sprintf("https://%s", repo.Host)
+	if err != nil {
+		log.Error().Msgf("Could not convert %s in https://: %s", https, err)
+	}
+
+	log.Info().Msgf("Configure IAP for %s", https)
+	git.SetGlobalConfig(https, "iap", "helperID", helperID)
+	git.SetGlobalConfig(https, "iap", "helperSecret", helperSecret)
+	git.SetGlobalConfig(https, "iap", "clientID", clientID)
+
+	// let users manipulate standard 'https://' urls
+	httpsIAP := fmt.Sprintf("https+iap://%s", repo.Host)
+	git.SetGlobalConfig(httpsIAP, "url", "insteadOf", https)
+
+	// set cookie path
+	domainSlug := strings.ReplaceAll(repo.Host, ".", "-")
+	cookiePath := fmt.Sprintf("~/.config/gcp-iap/%s.cookie", domainSlug)
+	git.SetGlobalConfig(https, "http", "cookieFile", cookiePath)
+}
+
 func handleIAPAuthCookieFor(url string) {
 	// All our work will be based on the basedomain of the provided URL
 	// as IAP would be setup for the whole domain.

internal/git/git.go

@@ -33,6 +33,16 @@ func ConfigGetURLMatch(key, url string) string {
 	return strings.TrimSpace(string(stdout.Bytes()))
 }
 
+func SetGlobalConfig(url, section, key, value string) {
+	x := fmt.Sprintf("%s.%s.%s", section, url, key)
+	args := []string{"config", "--global", x, value}
+	cmd := exec.Command(GitBinary, args...)
+
+	if err := cmd.Run(); err != nil {
+		log.Fatal().Msgf("SetGlobalConfig - could not set config '%s': %s", x, err)
+	}
+}
+
 func PassThruRemoteHTTPSHelper(remote, url string) {
 	u, err := _url.Parse(url)
 	if err != nil {