github.com/kjdelisle/consul@v1.4.5/command/acl/token/create/token_create.go (about) 1 package tokencreate 2 3 import ( 4 "flag" 5 "fmt" 6 7 "github.com/hashicorp/consul/api" 8 "github.com/hashicorp/consul/command/acl" 9 "github.com/hashicorp/consul/command/flags" 10 "github.com/mitchellh/cli" 11 ) 12 13 func New(ui cli.Ui) *cmd { 14 c := &cmd{UI: ui} 15 c.init() 16 return c 17 } 18 19 type cmd struct { 20 UI cli.Ui 21 flags *flag.FlagSet 22 http *flags.HTTPFlags 23 help string 24 25 policyIDs []string 26 policyNames []string 27 description string 28 local bool 29 showMeta bool 30 } 31 32 func (c *cmd) init() { 33 c.flags = flag.NewFlagSet("", flag.ContinueOnError) 34 c.flags.BoolVar(&c.showMeta, "meta", false, "Indicates that token metadata such "+ 35 "as the content hash and raft indices should be shown for each entry") 36 c.flags.BoolVar(&c.local, "local", false, "Create this as a datacenter local token") 37 c.flags.StringVar(&c.description, "description", "", "A description of the token") 38 c.flags.Var((*flags.AppendSliceValue)(&c.policyIDs), "policy-id", "ID of a "+ 39 "policy to use for this token. May be specified multiple times") 40 c.flags.Var((*flags.AppendSliceValue)(&c.policyNames), "policy-name", "Name of a "+ 41 "policy to use for this token. May be specified multiple times") 42 c.http = &flags.HTTPFlags{} 43 flags.Merge(c.flags, c.http.ClientFlags()) 44 flags.Merge(c.flags, c.http.ServerFlags()) 45 c.help = flags.Usage(help, c.flags) 46 } 47 48 func (c *cmd) Run(args []string) int { 49 if err := c.flags.Parse(args); err != nil { 50 return 1 51 } 52 53 if len(c.policyNames) == 0 && len(c.policyIDs) == 0 { 54 c.UI.Error(fmt.Sprintf("Cannot create a token without specifying -policy-name or -policy-id at least once")) 55 return 1 56 } 57 58 client, err := c.http.APIClient() 59 if err != nil { 60 c.UI.Error(fmt.Sprintf("Error connecting to Consul agent: %s", err)) 61 return 1 62 } 63 64 newToken := &api.ACLToken{ 65 Description: c.description, 66 Local: c.local, 67 } 68 69 for _, policyName := range c.policyNames { 70 // We could resolve names to IDs here but there isn't any reason why its would be better 71 // than allowing the agent to do it. 72 newToken.Policies = append(newToken.Policies, &api.ACLTokenPolicyLink{Name: policyName}) 73 } 74 75 for _, policyID := range c.policyIDs { 76 policyID, err := acl.GetPolicyIDFromPartial(client, policyID) 77 if err != nil { 78 c.UI.Error(fmt.Sprintf("Error resolving policy ID %s: %v", policyID, err)) 79 return 1 80 } 81 newToken.Policies = append(newToken.Policies, &api.ACLTokenPolicyLink{ID: policyID}) 82 } 83 84 token, _, err := client.ACL().TokenCreate(newToken, nil) 85 if err != nil { 86 c.UI.Error(fmt.Sprintf("Failed to create new token: %v", err)) 87 return 1 88 } 89 90 acl.PrintToken(token, c.UI, c.showMeta) 91 return 0 92 } 93 94 func (c *cmd) Synopsis() string { 95 return synopsis 96 } 97 98 func (c *cmd) Help() string { 99 return flags.Usage(c.help, nil) 100 } 101 102 const synopsis = "Create an ACL Token" 103 const help = ` 104 Usage: consul acl token create [options] 105 106 When creating a new token policies may be linked using either the -policy-id 107 or the -policy-name options. When specifying policies by IDs you may use a 108 unique prefix of the UUID as a shortcut for specifying the entire UUID. 109 110 Create a new token: 111 112 $ consul acl token create -description "Replication token" 113 -policy-id b52fc3de-5 114 -policy-name "acl-replication" 115 `