mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-22 13:45:38 +00:00
tools: virsh: Add --interactive flag for secret-set-value command
Simplify human usage of secret-set-value by adding --interactive which will read the value of the secret from the terminal. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
parent
ff5f75f561
commit
70c7453895
@ -6563,14 +6563,17 @@ secret-set-value
|
||||
|
||||
.. code-block::
|
||||
|
||||
secret-set-value secret (--file filename [--plain] | base64)
|
||||
secret-set-value secret (--file filename [--plain] | --interactive | base64)
|
||||
|
||||
Set the value associated with *secret* (specified by its UUID) to the value
|
||||
Base64-encoded value *base64* or Base-64-encoded contents of file named
|
||||
*filename*. Using the *--plain* flag is together with *--file* allows to use
|
||||
the file contents directly as the secret value.
|
||||
|
||||
Note that *--file* and *base64* options are mutually exclusive.
|
||||
If *--interactive* flag is used the secret value is read as a password from the
|
||||
terminal.
|
||||
|
||||
Note that *--file*, *--interactive* and *base64* options are mutually exclusive.
|
||||
|
||||
Passing secrets via the *base64* option on command line is INSECURE and
|
||||
deprecated. Use the *--file* option instead.
|
||||
|
@ -186,6 +186,10 @@ static const vshCmdOptDef opts_secret_set_value[] = {
|
||||
.type = VSH_OT_BOOL,
|
||||
.help = N_("read the secret from file without converting from base64")
|
||||
},
|
||||
{.name = "interactive",
|
||||
.type = VSH_OT_BOOL,
|
||||
.help = N_("read the secret from the terminal")
|
||||
},
|
||||
{.name = "base64",
|
||||
.type = VSH_OT_STRING,
|
||||
.help = N_("base64-encoded secret value")
|
||||
@ -204,10 +208,14 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd)
|
||||
unsigned char *value;
|
||||
size_t value_size;
|
||||
bool plain = vshCommandOptBool(cmd, "plain");
|
||||
bool interactive = vshCommandOptBool(cmd, "interactive");
|
||||
int res;
|
||||
|
||||
VSH_EXCLUSIVE_OPTIONS("file", "base64");
|
||||
VSH_EXCLUSIVE_OPTIONS("plain", "base64");
|
||||
VSH_EXCLUSIVE_OPTIONS("interactive", "base64");
|
||||
VSH_EXCLUSIVE_OPTIONS("interactive", "plain");
|
||||
VSH_EXCLUSIVE_OPTIONS("interactive", "file");
|
||||
|
||||
if (!(secret = virshCommandOptSecret(ctl, cmd, NULL)))
|
||||
return false;
|
||||
@ -218,7 +226,7 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd)
|
||||
if (vshCommandOptStringReq(ctl, cmd, "file", &filename) < 0)
|
||||
return false;
|
||||
|
||||
if (!base64 && !filename) {
|
||||
if (!base64 && !filename && !interactive) {
|
||||
vshError(ctl, _("Input secret value is missing"));
|
||||
return false;
|
||||
}
|
||||
@ -238,6 +246,18 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd)
|
||||
base64 = file_buf;
|
||||
}
|
||||
|
||||
if (interactive) {
|
||||
vshPrint(ctl, "%s", _("Enter new value for secret:"));
|
||||
fflush(stdout);
|
||||
|
||||
if (!(file_buf = getpass(""))) {
|
||||
vshError(ctl, "%s", _("Failed to read secret"));
|
||||
return false;
|
||||
}
|
||||
file_len = strlen(file_buf);
|
||||
plain = true;
|
||||
}
|
||||
|
||||
if (plain) {
|
||||
value = g_steal_pointer(&file_buf);
|
||||
value_size = file_len;
|
||||
|
Loading…
Reference in New Issue
Block a user