feat(iam): enable CLI for IAM logs (#3519)

scaleway-bot · yfodil · web-flow · commit 89a3c86c15c2 · 2023-12-04T09:31:27.000Z
Co-authored-by: Yacine Fodil &lt;105779815+yfodil@users.noreply.github.com&gt;
diff --git a/cmd/scw/testdata/test-all-usage-iam-log-get-usage.golden b/cmd/scw/testdata/test-all-usage-iam-log-get-usage.golden
@@ -0,0 +1,18 @@
+🎲🎲🎲 EXIT CODE: 0 🎲🎲🎲
+🟥🟥🟥 STDERR️️ 🟥🟥🟥️
+Retrieve information about a log, specified by the `log_id` parameter. The log's full details, including `id`, `ip`, `user_agent`, `action`, `bearer_id`, `resource_type` and `resource_id` are returned in the response.
+
+USAGE:
+  scw iam log get <log-id ...> [arg=value ...]
+
+ARGS:
+  log-id   ID of the log
+
+FLAGS:
+  -h, --help   help for get
+
+GLOBAL FLAGS:
+  -c, --config string    The path to the config file
+  -D, --debug            Enable debug mode
+  -o, --output string    Output format: json or human, see 'scw help output' for more info (default "human")
+  -p, --profile string   The config profile to use
diff --git a/cmd/scw/testdata/test-all-usage-iam-log-list-usage.golden b/cmd/scw/testdata/test-all-usage-iam-log-list-usage.golden
@@ -0,0 +1,24 @@
+🎲🎲🎲 EXIT CODE: 0 🎲🎲🎲
+🟥🟥🟥 STDERR️️ 🟥🟥🟥️
+List logs available for given Organization. You must define the `organization_id` in the query path of your request.
+
+USAGE:
+  scw iam log list [arg=value ...]
+
+ARGS:
+  [order-by=created_at_asc]   Criteria for sorting results (created_at_asc | created_at_desc)
+  [created-after]             Defined whether or not to filter out logs created after this timestamp
+  [created-before]            Defined whether or not to filter out logs created before this timestamp
+  [action]                    Defined whether or not to filter out by a specific action (unknown_action | created | updated | deleted)
+  [resource-type]             Defined whether or not to filter out by a specific type of resource (unknown_resource_type | api_key | user | application | group | policy)
+  [search]                    Defined whether or not to filter out log by bearer ID or resource ID
+  [organization-id]           Organization ID to use. If none is passed the default organization ID will be used
+
+FLAGS:
+  -h, --help   help for list
+
+GLOBAL FLAGS:
+  -c, --config string    The path to the config file
+  -D, --debug            Enable debug mode
+  -o, --output string    Output format: json or human, see 'scw help output' for more info (default "human")
+  -p, --profile string   The config profile to use
diff --git a/cmd/scw/testdata/test-all-usage-iam-log-usage.golden b/cmd/scw/testdata/test-all-usage-iam-log-usage.golden
@@ -0,0 +1,21 @@
+🎲🎲🎲 EXIT CODE: 0 🎲🎲🎲
+🟥🟥🟥 STDERR️️ 🟥🟥🟥️
+Log management commands.
+
+USAGE:
+  scw iam log <command>
+
+AVAILABLE COMMANDS:
+  get         Get a log
+  list        List logs
+
+FLAGS:
+  -h, --help   help for log
+
+GLOBAL FLAGS:
+  -c, --config string    The path to the config file
+  -D, --debug            Enable debug mode
+  -o, --output string    Output format: json or human, see 'scw help output' for more info (default "human")
+  -p, --profile string   The config profile to use
+
+Use "scw iam log [command] --help" for more information about a command.
diff --git a/cmd/scw/testdata/test-all-usage-iam-usage.golden b/cmd/scw/testdata/test-all-usage-iam-usage.golden
@@ -10,6 +10,7 @@ AVAILABLE COMMANDS:
   application    Applications management commands
   group          Groups management commands
   jwt            JWTs management commands
+  log            Log management commands
   permission-set Permission sets management commands
   policy         Policies management commands
   rule           Rules management commands
diff --git a/docs/commands/iam.md b/docs/commands/iam.md
@@ -28,6 +28,9 @@ IAM API.
   - [Delete a JWT](#delete-a-jwt)
   - [Get a JWT](#get-a-jwt)
   - [List JWTs](#list-jwts)
+- [Log management commands](#log-management-commands)
+  - [Get a log](#get-a-log)
+  - [List logs](#list-logs)
 - [Permission sets management commands](#permission-sets-management-commands)
   - [List permission sets](#list-permission-sets)
 - [Policies management commands](#policies-management-commands)
@@ -570,6 +573,55 @@ scw iam jwt list <audience-id ...> [arg=value ...]
 
 
 
+## Log management commands
+
+Log management commands.
+
+
+### Get a log
+
+Retrieve information about a log, specified by the `log_id` parameter. The log's full details, including `id`, `ip`, `user_agent`, `action`, `bearer_id`, `resource_type` and `resource_id` are returned in the response.
+
+**Usage:**
+
+```
+scw iam log get <log-id ...> [arg=value ...]
+```
+
+
+**Args:**
+
+| Name |   | Description |
+|------|---|-------------|
+| log-id | Required | ID of the log |
+
+
+
+### List logs
+
+List logs available for given Organization. You must define the `organization_id` in the query path of your request.
+
+**Usage:**
+
+```
+scw iam log list [arg=value ...]
+```
+
+
+**Args:**
+
+| Name |   | Description |
+|------|---|-------------|
+| order-by | Default: `created_at_asc`<br />One of: `created_at_asc`, `created_at_desc` | Criteria for sorting results |
+| created-after |  | Defined whether or not to filter out logs created after this timestamp |
+| created-before |  | Defined whether or not to filter out logs created before this timestamp |
+| action | One of: `unknown_action`, `created`, `updated`, `deleted` | Defined whether or not to filter out by a specific action |
+| resource-type | One of: `unknown_resource_type`, `api_key`, `user`, `application`, `group`, `policy` | Defined whether or not to filter out by a specific type of resource |
+| search |  | Defined whether or not to filter out log by bearer ID or resource ID |
+| organization-id |  | Organization ID to use. If none is passed the default organization ID will be used |
+
+
+
 ## Permission sets management commands
 
 Permission sets management commands.
diff --git a/go.mod b/go.mod
@@ -24,7 +24,7 @@ require (
 	github.com/moby/buildkit v0.11.6
 	github.com/opencontainers/go-digest v1.0.0
 	github.com/pkg/errors v0.9.1
-	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.21.0.20231124161744-cd76ffab43fb
+	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.21.0.20231128131307-c646e1e0b2cd
 	github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966
 	github.com/spf13/cobra v1.8.0
 	github.com/spf13/pflag v1.0.5
diff --git a/go.sum b/go.sum
@@ -490,8 +490,8 @@ github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDN
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 h1:OkMGxebDjyw0ULyrTYWeN0UNCCkmCWfjPnIA2W6oviI=
 github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06/go.mod h1:+ePHsJ1keEjQtpvf9HHw0f4ZeJ0TLRsxhunSI2hYJSs=
-github.com/scaleway/scaleway-sdk-go v1.0.0-beta.21.0.20231124161744-cd76ffab43fb h1:2pthrdJYF/LhWQAQQ44w0QVVfSwyGg6AagyUy+pOUP8=
-github.com/scaleway/scaleway-sdk-go v1.0.0-beta.21.0.20231124161744-cd76ffab43fb/go.mod h1:fCa7OJZ/9DRTnOKmxvT6pn+LPWUptQAmHF/SBJUGEcg=
+github.com/scaleway/scaleway-sdk-go v1.0.0-beta.21.0.20231128131307-c646e1e0b2cd h1:6dpfWGj/wJKaSsFXYV2Rx7TlyLrEZkFIzv/zqjwtjSU=
+github.com/scaleway/scaleway-sdk-go v1.0.0-beta.21.0.20231128131307-c646e1e0b2cd/go.mod h1:fCa7OJZ/9DRTnOKmxvT6pn+LPWUptQAmHF/SBJUGEcg=
 github.com/sclevine/spec v1.4.0 h1:z/Q9idDcay5m5irkZ28M7PtQM4aOISzOpj4bUPkDee8=
 github.com/secure-systems-lab/go-securesystemslib v0.4.0 h1:b23VGrQhTA8cN2CbBw7/FulN9fTtqYUdS5+Oxzt+DUE=
 github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
diff --git a/internal/namespaces/iam/v1alpha1/iam_cli.go b/internal/namespaces/iam/v1alpha1/iam_cli.go
@@ -29,6 +29,7 @@ func GetGeneratedCommands() *core.Commands {
 		iamRule(),
 		iamPermissionSet(),
 		iamJwt(),
+		iamLog(),
 		iamSSHKeyList(),
 		iamSSHKeyCreate(),
 		iamSSHKeyGet(),
@@ -69,6 +70,8 @@ func GetGeneratedCommands() *core.Commands {
 		iamJwtList(),
 		iamJwtGet(),
 		iamJwtDelete(),
+		iamLogList(),
+		iamLogGet(),
 	)
 }
 func iamRoot() *core.Command {
@@ -160,6 +163,15 @@ func iamJwt() *core.Command {
 	}
 }
 
+func iamLog() *core.Command {
+	return &core.Command{
+		Short:     `Log management commands`,
+		Long:      `Log management commands.`,
+		Namespace: "iam",
+		Resource:  "log",
+	}
+}
+
 func iamSSHKeyList() *core.Command {
 	return &core.Command{
 		Short:     `List SSH keys`,
@@ -2175,3 +2187,106 @@ func iamJwtDelete() *core.Command {
 		},
 	}
 }
+
+func iamLogList() *core.Command {
+	return &core.Command{
+		Short:     `List logs`,
+		Long:      `List logs available for given Organization. You must define the ` + "`" + `organization_id` + "`" + ` in the query path of your request.`,
+		Namespace: "iam",
+		Resource:  "log",
+		Verb:      "list",
+		// Deprecated:    false,
+		ArgsType: reflect.TypeOf(iam.ListLogsRequest{}),
+		ArgSpecs: core.ArgSpecs{
+			{
+				Name:       "order-by",
+				Short:      `Criteria for sorting results`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+				Default:    core.DefaultValueSetter("created_at_asc"),
+				EnumValues: []string{"created_at_asc", "created_at_desc"},
+			},
+			{
+				Name:       "created-after",
+				Short:      `Defined whether or not to filter out logs created after this timestamp`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+			},
+			{
+				Name:       "created-before",
+				Short:      `Defined whether or not to filter out logs created before this timestamp`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+			},
+			{
+				Name:       "action",
+				Short:      `Defined whether or not to filter out by a specific action`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+				EnumValues: []string{"unknown_action", "created", "updated", "deleted"},
+			},
+			{
+				Name:       "resource-type",
+				Short:      `Defined whether or not to filter out by a specific type of resource`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+				EnumValues: []string{"unknown_resource_type", "api_key", "user", "application", "group", "policy"},
+			},
+			{
+				Name:       "search",
+				Short:      `Defined whether or not to filter out log by bearer ID or resource ID`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+			},
+			core.OrganizationIDArgSpec(),
+		},
+		Run: func(ctx context.Context, args interface{}) (i interface{}, e error) {
+			request := args.(*iam.ListLogsRequest)
+
+			client := core.ExtractClient(ctx)
+			api := iam.NewAPI(client)
+			opts := []scw.RequestOption{scw.WithAllPages()}
+			resp, err := api.ListLogs(request, opts...)
+			if err != nil {
+				return nil, err
+			}
+			return resp.Logs, nil
+
+		},
+	}
+}
+
+func iamLogGet() *core.Command {
+	return &core.Command{
+		Short:     `Get a log`,
+		Long:      `Retrieve information about a log, specified by the ` + "`" + `log_id` + "`" + ` parameter. The log's full details, including ` + "`" + `id` + "`" + `, ` + "`" + `ip` + "`" + `, ` + "`" + `user_agent` + "`" + `, ` + "`" + `action` + "`" + `, ` + "`" + `bearer_id` + "`" + `, ` + "`" + `resource_type` + "`" + ` and ` + "`" + `resource_id` + "`" + ` are returned in the response.`,
+		Namespace: "iam",
+		Resource:  "log",
+		Verb:      "get",
+		// Deprecated:    false,
+		ArgsType: reflect.TypeOf(iam.GetLogRequest{}),
+		ArgSpecs: core.ArgSpecs{
+			{
+				Name:       "log-id",
+				Short:      `ID of the log`,
+				Required:   true,
+				Deprecated: false,
+				Positional: true,
+			},
+		},
+		Run: func(ctx context.Context, args interface{}) (i interface{}, e error) {
+			request := args.(*iam.GetLogRequest)
+
+			client := core.ExtractClient(ctx)
+			api := iam.NewAPI(client)
+			return api.GetLog(request)
+
+		},
+	}
+}
