Extract command for policies

Signed-off-by: David Gageot <[email protected]>

Author: dgageot

cmd/docker-mcp/commands/policy.go

@@ -0,0 +1,58 @@
+package commands
+
+import (
+	"os"
+	"strings"
+
+	"github.com/spf13/cobra"
+
+	"github.com/docker/mcp-gateway/cmd/docker-mcp/internal/tui"
+	"github.com/docker/mcp-gateway/cmd/docker-mcp/secret-management/policy"
+)
+
+const setPolicyExample = `
+# Backup the current policy to a file
+docker mcp policy dump > policy.conf
+
+# Set a new policy
+docker mcp policy set "my-secret allows postgres"
+
+# Restore the previous policy
+cat policy.conf | docker mcp policy set
+`
+
+func policyCommand() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:     "policy",
+		Aliases: []string{"policies"},
+		Short:   "Manage secret policies",
+	}
+
+	cmd.AddCommand(&cobra.Command{
+		Use:   "set <content>",
+		Short: "Set a policy for secret management in Docker Desktop",
+		Args:  cobra.MaximumNArgs(1),
+		RunE: func(cmd *cobra.Command, args []string) error {
+			if len(args) == 0 {
+				bytes, err := tui.ReadAllWithContext(cmd.Context(), os.Stdin)
+				if err != nil {
+					return err
+				}
+				args = append(args, string(bytes))
+			}
+			return policy.Set(cmd.Context(), args[0])
+		},
+		Example: strings.Trim(setPolicyExample, "\n"),
+	})
+
+	cmd.AddCommand(&cobra.Command{
+		Use:   "dump",
+		Short: "Dump the policy content",
+		Args:  cobra.NoArgs,
+		RunE: func(cmd *cobra.Command, _ []string) error {
+			return policy.Dump(cmd.Context())
+		},
+	})
+
+	return cmd
+}

cmd/docker-mcp/commands/root.go

@@ -13,7 +13,6 @@ import (
 	"github.com/docker/mcp-gateway/cmd/docker-mcp/internal/desktop"
 	"github.com/docker/mcp-gateway/cmd/docker-mcp/internal/docker"
 	"github.com/docker/mcp-gateway/cmd/docker-mcp/oauth"
-	"github.com/docker/mcp-gateway/cmd/docker-mcp/secret-management/policy"
 	"github.com/docker/mcp-gateway/cmd/docker-mcp/version"
 )
 
@@ -74,7 +73,7 @@ func Root(ctx context.Context, cwd string, dockerCli command.Cli) *cobra.Command
 	dockerClient := docker.NewClient(dockerCli)
 
 	cmd.AddCommand(secretCommand(dockerClient))
-	cmd.AddCommand(policy.NewPolicyCmd())
+	cmd.AddCommand(policyCommand())
 	cmd.AddCommand(oauth.NewOAuthCmd())
 	cmd.AddCommand(client.NewClientCmd(cwd))
 	cmd.AddCommand(catalog.NewCatalogCmd())

cmd/docker-mcp/commands/secret.go

@@ -11,7 +11,7 @@ import (
 	"github.com/docker/mcp-gateway/cmd/docker-mcp/secret-management/secret"
 )
 
-const setExample = `
+const setSecretExample = `
 # Using secrets for postgres password with default policy:
 docker mcp secret set POSTGRES_PASSWORD=my-secret-password
 docker run -d -l x-secret:POSTGRES_PASSWORD=/pwd.txt -e POSTGRES_PASSWORD_FILE=/pwd.txt -p 5432 postgres
@@ -25,16 +25,16 @@ func secretCommand(docker docker.Client) *cobra.Command {
 	cmd := &cobra.Command{
 		Use:     "secret",
 		Short:   "Manage secrets",
-		Example: strings.Trim(setExample, "\n"),
+		Example: strings.Trim(setSecretExample, "\n"),
 	}
-	cmd.AddCommand(rmCommand())
-	cmd.AddCommand(listCommand())
-	cmd.AddCommand(setCommand())
-	cmd.AddCommand(exportCommand(docker))
+	cmd.AddCommand(rmSecretCommand())
+	cmd.AddCommand(listSecretCommand())
+	cmd.AddCommand(setSecretCommand())
+	cmd.AddCommand(exportSecretCommand(docker))
 	return cmd
 }
 
-func rmCommand() *cobra.Command {
+func rmSecretCommand() *cobra.Command {
 	var opts secret.RmOpts
 	cmd := &cobra.Command{
 		Use:   "rm name1 name2 ...",
@@ -58,7 +58,7 @@ func validateRmArgs(args []string, opts secret.RmOpts) error {
 	return nil
 }
 
-func listCommand() *cobra.Command {
+func listSecretCommand() *cobra.Command {
 	var opts secret.ListOptions
 	cmd := &cobra.Command{
 		Use:   "ls",
@@ -73,12 +73,12 @@ func listCommand() *cobra.Command {
 	return cmd
 }
 
-func setCommand() *cobra.Command {
+func setSecretCommand() *cobra.Command {
 	opts := &secret.SetOpts{}
 	cmd := &cobra.Command{
 		Use:     "set key[=value]",
 		Short:   "Set a secret in Docker Desktop's secret store",
-		Example: strings.Trim(setExample, "\n"),
+		Example: strings.Trim(setSecretExample, "\n"),
 		Args:    cobra.ExactArgs(1),
 		RunE: func(cmd *cobra.Command, args []string) error {
 			if !secret.IsValidProvider(opts.Provider) {
@@ -110,7 +110,7 @@ func isNotImplicitReadFromStdinSyntax(args []string, opts secret.SetOpts) bool {
 	return strings.Contains(args[0], "=") || len(args) > 1 || opts.Provider != ""
 }
 
-func exportCommand(docker docker.Client) *cobra.Command {
+func exportSecretCommand(docker docker.Client) *cobra.Command {
 	return &cobra.Command{
 		Use:    "export [server1] [server2] ...",
 		Short:  "Export secrets for the specified servers",

cmd/docker-mcp/secret-management/policy/dump.go

@@ -4,29 +4,15 @@ import (
 	"context"
 	"fmt"
 
-	"github.com/spf13/cobra"
-
 	"github.com/docker/mcp-gateway/cmd/docker-mcp/internal/desktop"
 )
 
-func DumpCommand() *cobra.Command {
-	return &cobra.Command{
-		Use:   "dump",
-		Short: "Dump the policy content",
-		Args:  cobra.NoArgs,
-		RunE: func(cmd *cobra.Command, _ []string) error {
-			return runDump(cmd.Context())
-		},
-	}
-}
-
-func runDump(ctx context.Context) error {
+func Dump(ctx context.Context) error {
 	l, err := desktop.NewSecretsClient().GetJfsPolicy(ctx)
 	if err != nil {
 		return err
 	}
 
 	fmt.Println(l)
-
 	return nil
 }

cmd/docker-mcp/secret-management/policy/root.go

@@ -2,46 +2,10 @@ package policy
 
 import (
 	"context"
-	"os"
-	"strings"
-
-	"github.com/spf13/cobra"
 
 	"github.com/docker/mcp-gateway/cmd/docker-mcp/internal/desktop"
-	"github.com/docker/mcp-gateway/cmd/docker-mcp/internal/tui"
 )
 
-const setExample = `
-# Backup the current policy to a file
-docker mcp policy dump > policy.conf
-
-# Set a new policy
-docker mcp policy set "my-secret allows postgres"
-
-# Restore the previous policy
-cat policy.conf | docker mcp policy set
-`
-
-func SetCommand() *cobra.Command {
-	cmd := &cobra.Command{
-		Use:   "set <content>",
-		Short: "Set a policy for secret management in Docker Desktop",
-		Args:  cobra.MaximumNArgs(1),
-		RunE: func(cmd *cobra.Command, args []string) error {
-			if len(args) == 0 {
-				bytes, err := tui.ReadAllWithContext(cmd.Context(), os.Stdin)
-				if err != nil {
-					return err
-				}
-				args = append(args, string(bytes))
-			}
-			return runSet(cmd.Context(), args[0])
-		},
-		Example: strings.Trim(setExample, "\n"),
-	}
-	return cmd
-}
-
-func runSet(ctx context.Context, data string) error {
+func Set(ctx context.Context, data string) error {
 	return desktop.NewSecretsClient().SetJfsPolicy(ctx, data)
 }