From 64701bcb95213f99e88bbb123b4de0cc78d7cafd Mon Sep 17 00:00:00 2001 From: Adithya Kolla Date: Fri, 7 Oct 2022 11:30:14 -0700 Subject: [PATCH 1/3] adding permission boundaries --- internal/pkg/cli/app_show.go | 17 ++++--- internal/pkg/cli/app_show_test.go | 85 ++++++++++++++++++------------- internal/pkg/describe/app.go | 18 ++++--- 3 files changed, 69 insertions(+), 51 deletions(-) diff --git a/internal/pkg/cli/app_show.go b/internal/pkg/cli/app_show.go index a996af17779..19ad5570576 100644 --- a/internal/pkg/cli/app_show.go +++ b/internal/pkg/cli/app_show.go @@ -217,14 +217,15 @@ func (o *showAppOpts) description() (*describe.App, error) { return nil, fmt.Errorf("get version for application %s: %w", o.name, err) } return &describe.App{ - Name: app.Name, - Version: version, - URI: app.Domain, - Envs: trimmedEnvs, - Services: trimmedSvcs, - Jobs: trimmedJobs, - Pipelines: pipelineInfo, - WkldDeployedtoEnvs: wkldDeployedtoEnvs, + Name: app.Name, + Version: version, + URI: app.Domain, + PermissionsBoundary: app.PermissionsBoundary, + Envs: trimmedEnvs, + Services: trimmedSvcs, + Jobs: trimmedJobs, + Pipelines: pipelineInfo, + WkldDeployedtoEnvs: wkldDeployedtoEnvs, }, nil } diff --git a/internal/pkg/cli/app_show_test.go b/internal/pkg/cli/app_show_test.go index b179636e6b9..9019c73cc07 100644 --- a/internal/pkg/cli/app_show_test.go +++ b/internal/pkg/cli/app_show_test.go @@ -188,8 +188,9 @@ func TestShowAppOpts_Execute(t *testing.T) { setupMocks: func(m showAppMocks) { m.storeSvc.EXPECT().GetApplication("my-app").Return(&config.Application{ - Name: "my-app", - Domain: "example.com", + Name: "my-app", + Domain: "example.com", + PermissionsBoundary: "examplePermissionsBoundaryPolicy", }, nil) m.storeSvc.EXPECT().ListServices("my-app").Return([]*config.Workload{ { @@ -231,13 +232,14 @@ func TestShowAppOpts_Execute(t *testing.T) { m.versionGetter.EXPECT().Version().Return("v0.0.0", nil) }, - wantedContent: "{\"name\":\"my-app\",\"version\":\"v0.0.0\",\"uri\":\"example.com\",\"environments\":[{\"app\":\"\",\"name\":\"test\",\"region\":\"us-west-2\",\"accountID\":\"123456789\",\"registryURL\":\"\",\"executionRoleARN\":\"\",\"managerRoleARN\":\"\"},{\"app\":\"\",\"name\":\"prod\",\"region\":\"us-west-1\",\"accountID\":\"123456789\",\"registryURL\":\"\",\"executionRoleARN\":\"\",\"managerRoleARN\":\"\"}],\"services\":[{\"app\":\"\",\"name\":\"my-svc\",\"type\":\"lb-web-svc\"}],\"jobs\":[{\"app\":\"\",\"name\":\"my-job\",\"type\":\"Scheduled Job\"}],\"pipelines\":[{\"pipelineName\":\"my-pipeline-repo\",\"region\":\"\",\"accountId\":\"\",\"stages\":null,\"createdAt\":\"0001-01-01T00:00:00Z\",\"updatedAt\":\"0001-01-01T00:00:00Z\"},{\"pipelineName\":\"bad-goose\",\"region\":\"\",\"accountId\":\"\",\"stages\":null,\"createdAt\":\"0001-01-01T00:00:00Z\",\"updatedAt\":\"0001-01-01T00:00:00Z\"}]}\n", + wantedContent: "{\"name\":\"my-app\",\"version\":\"v0.0.0\",\"uri\":\"example.com\",\"permissionsBoundary\":\"examplePermissionsBoundaryPolicy\",\"environments\":[{\"app\":\"\",\"name\":\"test\",\"region\":\"us-west-2\",\"accountID\":\"123456789\",\"registryURL\":\"\",\"executionRoleARN\":\"\",\"managerRoleARN\":\"\"},{\"app\":\"\",\"name\":\"prod\",\"region\":\"us-west-1\",\"accountID\":\"123456789\",\"registryURL\":\"\",\"executionRoleARN\":\"\",\"managerRoleARN\":\"\"}],\"services\":[{\"app\":\"\",\"name\":\"my-svc\",\"type\":\"lb-web-svc\"}],\"jobs\":[{\"app\":\"\",\"name\":\"my-job\",\"type\":\"Scheduled Job\"}],\"pipelines\":[{\"pipelineName\":\"my-pipeline-repo\",\"region\":\"\",\"accountId\":\"\",\"stages\":null,\"createdAt\":\"0001-01-01T00:00:00Z\",\"updatedAt\":\"0001-01-01T00:00:00Z\"},{\"pipelineName\":\"bad-goose\",\"region\":\"\",\"accountId\":\"\",\"stages\":null,\"createdAt\":\"0001-01-01T00:00:00Z\",\"updatedAt\":\"0001-01-01T00:00:00Z\"}]}\n", }, "correctly shows human output": { setupMocks: func(m showAppMocks) { m.storeSvc.EXPECT().GetApplication("my-app").Return(&config.Application{ - Name: "my-app", - Domain: "example.com", + Name: "my-app", + Domain: "example.com", + PermissionsBoundary: "examplePermissionsBoundaryPolicy", }, nil) m.storeSvc.EXPECT().ListServices("my-app").Return([]*config.Workload{ { @@ -281,9 +283,10 @@ func TestShowAppOpts_Execute(t *testing.T) { wantedContent: `About - Name my-app - Version v0.0.0 (latest available: v1.1.0) - URI example.com + Name my-app + Version v0.0.0 (latest available: v1.1.0) + URI example.com + Permissions Boundary examplePermissionsBoundaryPolicy Environments @@ -310,8 +313,9 @@ Pipelines "correctly shows human output with latest version": { setupMocks: func(m showAppMocks) { m.storeSvc.EXPECT().GetApplication("my-app").Return(&config.Application{ - Name: "my-app", - Domain: "example.com", + Name: "my-app", + Domain: "example.com", + PermissionsBoundary: "examplePermissionsBoundaryPolicy", }, nil) m.storeSvc.EXPECT().ListServices("my-app").Return([]*config.Workload{ { @@ -347,9 +351,10 @@ Pipelines wantedContent: `About - Name my-app - Version v1.1.0 - URI example.com + Name my-app + Version v1.1.0 + URI example.com + Permissions Boundary examplePermissionsBoundaryPolicy Environments @@ -374,8 +379,9 @@ Pipelines "when service/job is not deployed": { setupMocks: func(m showAppMocks) { m.storeSvc.EXPECT().GetApplication("my-app").Return(&config.Application{ - Name: "my-app", - Domain: "example.com", + Name: "my-app", + Domain: "example.com", + PermissionsBoundary: "examplePermissionsBoundaryPolicy", }, nil) m.storeSvc.EXPECT().ListServices("my-app").Return([]*config.Workload{ { @@ -415,9 +421,10 @@ Pipelines wantedContent: `About - Name my-app - Version v1.1.0 - URI example.com + Name my-app + Version v1.1.0 + URI example.com + Permissions Boundary examplePermissionsBoundaryPolicy Environments @@ -442,8 +449,9 @@ Pipelines }, "when multiple services/jobs are deployed": { setupMocks: func(m showAppMocks) { m.storeSvc.EXPECT().GetApplication("my-app").Return(&config.Application{ - Name: "my-app", - Domain: "example.com", + Name: "my-app", + Domain: "example.com", + PermissionsBoundary: "examplePermissionsBoundaryPolicy", }, nil) m.storeSvc.EXPECT().ListServices("my-app").Return([]*config.Workload{ { @@ -504,9 +512,10 @@ Pipelines wantedContent: `About - Name my-app - Version v1.1.0 - URI example.com + Name my-app + Version v1.1.0 + URI example.com + Permissions Boundary examplePermissionsBoundaryPolicy Environments @@ -544,8 +553,9 @@ Pipelines "returns error if fail to list environment": { setupMocks: func(m showAppMocks) { m.storeSvc.EXPECT().GetApplication("my-app").Return(&config.Application{ - Name: "my-app", - Domain: "example.com", + Name: "my-app", + Domain: "example.com", + PermissionsBoundary: "examplePermissionsBoundaryPolicy", }, nil) m.storeSvc.EXPECT().ListEnvironments("my-app").Return(nil, testError) }, @@ -557,8 +567,9 @@ Pipelines setupMocks: func(m showAppMocks) { m.storeSvc.EXPECT().GetApplication("my-app").Return(&config.Application{ - Name: "my-app", - Domain: "example.com", + Name: "my-app", + Domain: "example.com", + PermissionsBoundary: "examplePermissionsBoundaryPolicy", }, nil) m.storeSvc.EXPECT().ListEnvironments("my-app").Return([]*config.Environment{ { @@ -582,8 +593,9 @@ Pipelines setupMocks: func(m showAppMocks) { m.storeSvc.EXPECT().GetApplication("my-app").Return(&config.Application{ - Name: "my-app", - Domain: "example.com", + Name: "my-app", + Domain: "example.com", + PermissionsBoundary: "examplePermissionsBoundaryPolicy", }, nil) m.storeSvc.EXPECT().ListEnvironments("my-app").Return([]*config.Environment{ { @@ -613,8 +625,9 @@ Pipelines setupMocks: func(m showAppMocks) { m.storeSvc.EXPECT().GetApplication("my-app").Return(&config.Application{ - Name: "my-app", - Domain: "example.com", + Name: "my-app", + Domain: "example.com", + PermissionsBoundary: "examplePermissionsBoundaryPolicy", }, nil) m.storeSvc.EXPECT().ListEnvironments("my-app").Return([]*config.Environment{ { @@ -653,8 +666,9 @@ Pipelines setupMocks: func(m showAppMocks) { m.storeSvc.EXPECT().GetApplication("my-app").Return(&config.Application{ - Name: "my-app", - Domain: "example.com", + Name: "my-app", + Domain: "example.com", + PermissionsBoundary: "examplePermissionsBoundaryPolicy", }, nil) m.storeSvc.EXPECT().ListEnvironments("my-app").Return([]*config.Environment{ { @@ -695,8 +709,9 @@ Pipelines setupMocks: func(m showAppMocks) { m.storeSvc.EXPECT().GetApplication("my-app").Return(&config.Application{ - Name: "my-app", - Domain: "example.com", + Name: "my-app", + Domain: "example.com", + PermissionsBoundary: "examplePermissionsBoundaryPolicy", }, nil) m.storeSvc.EXPECT().ListEnvironments("my-app").Return([]*config.Environment{ { diff --git a/internal/pkg/describe/app.go b/internal/pkg/describe/app.go index 60a99dfc274..3b27dbc41c5 100644 --- a/internal/pkg/describe/app.go +++ b/internal/pkg/describe/app.go @@ -23,14 +23,15 @@ import ( // App contains serialized parameters for an application. type App struct { - Name string `json:"name"` - Version string `json:"version"` - URI string `json:"uri"` - Envs []*config.Environment `json:"environments"` - Services []*config.Workload `json:"services"` - Jobs []*config.Workload `json:"jobs"` - Pipelines []*codepipeline.Pipeline `json:"pipelines"` - WkldDeployedtoEnvs map[string][]string `json:"-"` + Name string `json:"name"` + Version string `json:"version"` + URI string `json:"uri"` + PermissionsBoundary string `json:"permissionsBoundary"` + Envs []*config.Environment `json:"environments"` + Services []*config.Workload `json:"services"` + Jobs []*config.Workload `json:"jobs"` + Pipelines []*codepipeline.Pipeline `json:"pipelines"` + WkldDeployedtoEnvs map[string][]string `json:"-"` } // JSONString returns the stringified App struct with json format. @@ -55,6 +56,7 @@ func (a *App) HumanString() string { } fmt.Fprintf(writer, " %s\t%s %s\n", "Version", a.Version, availableVersion) fmt.Fprintf(writer, " %s\t%s\n", "URI", a.URI) + fmt.Fprintf(writer, " %s\t%s\n", "Permissions Boundary", a.PermissionsBoundary) fmt.Fprint(writer, color.Bold.Sprint("\nEnvironments\n\n")) writer.Flush() headers := []string{"Name", "AccountID", "Region"} From 2aad03b20104ebb6210acdfe4c5478fa1f31a693 Mon Sep 17 00:00:00 2001 From: Adithya Kolla Date: Fri, 7 Oct 2022 12:36:29 -0700 Subject: [PATCH 2/3] changes to json field --- internal/pkg/cli/app_show_test.go | 2 +- internal/pkg/describe/app.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/pkg/cli/app_show_test.go b/internal/pkg/cli/app_show_test.go index 9019c73cc07..4e1afdab9df 100644 --- a/internal/pkg/cli/app_show_test.go +++ b/internal/pkg/cli/app_show_test.go @@ -232,7 +232,7 @@ func TestShowAppOpts_Execute(t *testing.T) { m.versionGetter.EXPECT().Version().Return("v0.0.0", nil) }, - wantedContent: "{\"name\":\"my-app\",\"version\":\"v0.0.0\",\"uri\":\"example.com\",\"permissionsBoundary\":\"examplePermissionsBoundaryPolicy\",\"environments\":[{\"app\":\"\",\"name\":\"test\",\"region\":\"us-west-2\",\"accountID\":\"123456789\",\"registryURL\":\"\",\"executionRoleARN\":\"\",\"managerRoleARN\":\"\"},{\"app\":\"\",\"name\":\"prod\",\"region\":\"us-west-1\",\"accountID\":\"123456789\",\"registryURL\":\"\",\"executionRoleARN\":\"\",\"managerRoleARN\":\"\"}],\"services\":[{\"app\":\"\",\"name\":\"my-svc\",\"type\":\"lb-web-svc\"}],\"jobs\":[{\"app\":\"\",\"name\":\"my-job\",\"type\":\"Scheduled Job\"}],\"pipelines\":[{\"pipelineName\":\"my-pipeline-repo\",\"region\":\"\",\"accountId\":\"\",\"stages\":null,\"createdAt\":\"0001-01-01T00:00:00Z\",\"updatedAt\":\"0001-01-01T00:00:00Z\"},{\"pipelineName\":\"bad-goose\",\"region\":\"\",\"accountId\":\"\",\"stages\":null,\"createdAt\":\"0001-01-01T00:00:00Z\",\"updatedAt\":\"0001-01-01T00:00:00Z\"}]}\n", + wantedContent: "{\"name\":\"my-app\",\"version\":\"v0.0.0\",\"uri\":\"example.com\",\"permissionsboundary\":\"examplePermissionsBoundaryPolicy\",\"environments\":[{\"app\":\"\",\"name\":\"test\",\"region\":\"us-west-2\",\"accountID\":\"123456789\",\"registryURL\":\"\",\"executionRoleARN\":\"\",\"managerRoleARN\":\"\"},{\"app\":\"\",\"name\":\"prod\",\"region\":\"us-west-1\",\"accountID\":\"123456789\",\"registryURL\":\"\",\"executionRoleARN\":\"\",\"managerRoleARN\":\"\"}],\"services\":[{\"app\":\"\",\"name\":\"my-svc\",\"type\":\"lb-web-svc\"}],\"jobs\":[{\"app\":\"\",\"name\":\"my-job\",\"type\":\"Scheduled Job\"}],\"pipelines\":[{\"pipelineName\":\"my-pipeline-repo\",\"region\":\"\",\"accountId\":\"\",\"stages\":null,\"createdAt\":\"0001-01-01T00:00:00Z\",\"updatedAt\":\"0001-01-01T00:00:00Z\"},{\"pipelineName\":\"bad-goose\",\"region\":\"\",\"accountId\":\"\",\"stages\":null,\"createdAt\":\"0001-01-01T00:00:00Z\",\"updatedAt\":\"0001-01-01T00:00:00Z\"}]}\n", }, "correctly shows human output": { setupMocks: func(m showAppMocks) { diff --git a/internal/pkg/describe/app.go b/internal/pkg/describe/app.go index 3b27dbc41c5..2e2b4bc4a6e 100644 --- a/internal/pkg/describe/app.go +++ b/internal/pkg/describe/app.go @@ -26,7 +26,7 @@ type App struct { Name string `json:"name"` Version string `json:"version"` URI string `json:"uri"` - PermissionsBoundary string `json:"permissionsBoundary"` + PermissionsBoundary string `json:"permissionsboundary"` Envs []*config.Environment `json:"environments"` Services []*config.Workload `json:"services"` Jobs []*config.Workload `json:"jobs"` From b2e29fe11a8deee523e3a00c672803a97258dfdb Mon Sep 17 00:00:00 2001 From: Adithya Kolla Date: Mon, 10 Oct 2022 09:13:02 -0700 Subject: [PATCH 3/3] addressing feedback --- internal/pkg/cli/app_show_test.go | 69 ++++++++++++++++++++++++++++++- internal/pkg/describe/app.go | 8 +++- 2 files changed, 75 insertions(+), 2 deletions(-) diff --git a/internal/pkg/cli/app_show_test.go b/internal/pkg/cli/app_show_test.go index 4e1afdab9df..03e4b4d454d 100644 --- a/internal/pkg/cli/app_show_test.go +++ b/internal/pkg/cli/app_show_test.go @@ -232,7 +232,7 @@ func TestShowAppOpts_Execute(t *testing.T) { m.versionGetter.EXPECT().Version().Return("v0.0.0", nil) }, - wantedContent: "{\"name\":\"my-app\",\"version\":\"v0.0.0\",\"uri\":\"example.com\",\"permissionsboundary\":\"examplePermissionsBoundaryPolicy\",\"environments\":[{\"app\":\"\",\"name\":\"test\",\"region\":\"us-west-2\",\"accountID\":\"123456789\",\"registryURL\":\"\",\"executionRoleARN\":\"\",\"managerRoleARN\":\"\"},{\"app\":\"\",\"name\":\"prod\",\"region\":\"us-west-1\",\"accountID\":\"123456789\",\"registryURL\":\"\",\"executionRoleARN\":\"\",\"managerRoleARN\":\"\"}],\"services\":[{\"app\":\"\",\"name\":\"my-svc\",\"type\":\"lb-web-svc\"}],\"jobs\":[{\"app\":\"\",\"name\":\"my-job\",\"type\":\"Scheduled Job\"}],\"pipelines\":[{\"pipelineName\":\"my-pipeline-repo\",\"region\":\"\",\"accountId\":\"\",\"stages\":null,\"createdAt\":\"0001-01-01T00:00:00Z\",\"updatedAt\":\"0001-01-01T00:00:00Z\"},{\"pipelineName\":\"bad-goose\",\"region\":\"\",\"accountId\":\"\",\"stages\":null,\"createdAt\":\"0001-01-01T00:00:00Z\",\"updatedAt\":\"0001-01-01T00:00:00Z\"}]}\n", + wantedContent: "{\"name\":\"my-app\",\"version\":\"v0.0.0\",\"uri\":\"example.com\",\"permissionsBoundary\":\"examplePermissionsBoundaryPolicy\",\"environments\":[{\"app\":\"\",\"name\":\"test\",\"region\":\"us-west-2\",\"accountID\":\"123456789\",\"registryURL\":\"\",\"executionRoleARN\":\"\",\"managerRoleARN\":\"\"},{\"app\":\"\",\"name\":\"prod\",\"region\":\"us-west-1\",\"accountID\":\"123456789\",\"registryURL\":\"\",\"executionRoleARN\":\"\",\"managerRoleARN\":\"\"}],\"services\":[{\"app\":\"\",\"name\":\"my-svc\",\"type\":\"lb-web-svc\"}],\"jobs\":[{\"app\":\"\",\"name\":\"my-job\",\"type\":\"Scheduled Job\"}],\"pipelines\":[{\"pipelineName\":\"my-pipeline-repo\",\"region\":\"\",\"accountId\":\"\",\"stages\":null,\"createdAt\":\"0001-01-01T00:00:00Z\",\"updatedAt\":\"0001-01-01T00:00:00Z\"},{\"pipelineName\":\"bad-goose\",\"region\":\"\",\"accountId\":\"\",\"stages\":null,\"createdAt\":\"0001-01-01T00:00:00Z\",\"updatedAt\":\"0001-01-01T00:00:00Z\"}]}\n", }, "correctly shows human output": { setupMocks: func(m showAppMocks) { @@ -370,6 +370,73 @@ Workloads my-svc lb-web-svc prod, test my-job Scheduled Job prod, test +Pipelines + + Name + ---- +`, + }, + "correctly shows human output when URI and Permissions Boundary are empty": { + setupMocks: func(m showAppMocks) { + m.storeSvc.EXPECT().GetApplication("my-app").Return(&config.Application{ + Name: "my-app", + Domain: "", + PermissionsBoundary: "", + }, nil) + m.storeSvc.EXPECT().ListServices("my-app").Return([]*config.Workload{ + { + Name: "my-svc", + Type: "lb-web-svc", + }, + }, nil) + m.storeSvc.EXPECT().ListJobs("my-app").Return([]*config.Workload{ + { + Name: "my-job", + Type: "Scheduled Job", + }, + }, nil) + m.storeSvc.EXPECT().ListEnvironments("my-app").Return([]*config.Environment{ + { + Name: "test", + Region: "us-west-2", + AccountID: "123456789", + }, + { + Name: "prod", + AccountID: "123456789", + Region: "us-west-1", + }, + }, nil) + m.deployStore.EXPECT().ListDeployedJobs("my-app", "test").Return([]string{"my-job"}, nil) + m.deployStore.EXPECT().ListDeployedJobs("my-app", "prod").Return([]string{"my-job"}, nil) + m.deployStore.EXPECT().ListDeployedServices("my-app", "test").Return([]string{"my-svc"}, nil) + m.deployStore.EXPECT().ListDeployedServices("my-app", "prod").Return([]string{"my-svc"}, nil) + m.pipelineLister.EXPECT().ListDeployedPipelines(mockAppName).Return([]deploy.Pipeline{}, nil) + m.versionGetter.EXPECT().Version().Return(deploy.LatestAppTemplateVersion, nil) + + }, + + wantedContent: `About + + Name my-app + Version v1.1.0 + URI N/A + Permissions Boundary N/A + +Environments + + Name AccountID Region + ---- --------- ------ + test 123456789 us-west-2 + prod 123456789 us-west-1 + +Workloads + + Name Type Environments + ---- ---- ------------ + my-svc lb-web-svc prod, test + my-job Scheduled Job prod, test + Pipelines Name diff --git a/internal/pkg/describe/app.go b/internal/pkg/describe/app.go index 2e2b4bc4a6e..14265be48a4 100644 --- a/internal/pkg/describe/app.go +++ b/internal/pkg/describe/app.go @@ -26,7 +26,7 @@ type App struct { Name string `json:"name"` Version string `json:"version"` URI string `json:"uri"` - PermissionsBoundary string `json:"permissionsboundary"` + PermissionsBoundary string `json:"permissionsBoundary"` Envs []*config.Environment `json:"environments"` Services []*config.Workload `json:"services"` Jobs []*config.Workload `json:"jobs"` @@ -54,6 +54,12 @@ func (a *App) HumanString() string { if deploy.LatestAppTemplateVersion != a.Version { availableVersion = color.Yellow.Sprintf("(latest available: %s)", deploy.LatestAppTemplateVersion) } + if a.URI == "" { + a.URI = "N/A" + } + if a.PermissionsBoundary == "" { + a.PermissionsBoundary = "N/A" + } fmt.Fprintf(writer, " %s\t%s %s\n", "Version", a.Version, availableVersion) fmt.Fprintf(writer, " %s\t%s\n", "URI", a.URI) fmt.Fprintf(writer, " %s\t%s\n", "Permissions Boundary", a.PermissionsBoundary)