feat: [#440] Create user and assign roles. (#447)

030 · Feb 4, 2024 · d37fdc5 · d37fdc5
1 parent 2aefee5
commit d37fdc5
Show file tree

Hide file tree

Showing 23 changed files with 801 additions and 54 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -4,12 +4,12 @@ updates:
   - package-ecosystem: 'docker'
     directory: '/'
     schedule:
-      interval: 'weekly'
+      interval: 'daily'
   - package-ecosystem: 'github-actions'
     directory: '/'
     schedule:
-      interval: 'weekly'
+      interval: 'daily'
   - package-ecosystem: 'gomod'
     directory: '/'
     schedule:
-      interval: 'weekly'
+      interval: 'daily'
diff --git a/.github/workflows/dip.yml b/.github/workflows/dip.yml
@@ -23,7 +23,8 @@ jobs:
       - name: Set up Go
         uses: actions/[email protected]
         with:
-          go-version: 1.19.0
+          go-version-file: 'go.mod'
+          cache: false
       - name: Check Golang
         run: |
           ./dip image --name=golang --regex=^1\.[0-9]+\.[0-9]+-alpine3\.[0-9]+$ --updateDockerfile

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
@@ -21,7 +21,8 @@ jobs:
       - name: Set up Go
         uses: actions/[email protected]
         with:
-          go-version: 1.19.0
+          go-version-file: 'go.mod'
+          cache: false
       - name: Unit tests
         run: |
           go test -short -cover -v -coverprofile=coverage.txt \

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
@@ -9,10 +9,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/[email protected]
-      - name: Set up Go
-        uses: actions/[email protected]
+      - uses: actions/[email protected]
         with:
-          go-version: 1.19.0
+          go-version-file: 'go.mod'
+          cache: false
       - name: Install bats
         run: |
           set -x

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -21,7 +21,8 @@ jobs:
       - name: Set up Go
         uses: actions/[email protected]
         with:
-          go-version: 1.19.0
+          go-version-file: 'go.mod'
+          cache: false
       - name: Set N3DR deliverable environment variable
         run: echo "n3dr-deliverable=n3dr-${{ matrix.os }}" >> $GITHUB_ENV
         if: |

diff --git a/.gitignore b/.gitignore
@@ -10,4 +10,6 @@ dip
 test/gpg/my_rsa_key
 test/rproxy-nginx-nexus3.conf.tmp
 
-.vagrant
+.vagrant
+
+coverage*
diff --git a/.golangci.yml b/.golangci.yml
@@ -17,6 +17,10 @@ issues:
         - gochecknoinits
       path: cmd/n3dr/configUser.go
       text: "don't use `init` function"
+    - linters:
+        - gochecknoinits
+      path: cmd/n3dr/configRole.go
+      text: "don't use `init` function"
     - linters:
         - gochecknoinits
       path: cmd/n3dr/count.go

diff --git a/Taskfile.yml b/Taskfile.yml
@@ -0,0 +1,50 @@
+---
+version: '3'
+
+env:
+  GIT_CHGLOG_URL: https://github.com/git-chglog/git-chglog/releases/download
+  GIT_CHGLOG_VERSION: v0.15.1/git-chglog_0.15.1_linux_amd64.tar.gz
+  CHANGELOG_NEXT_TAG: 7.4.0
+
+tasks:
+  changelog:
+    cmds:
+      - |
+        git fetch -p -P
+        curl \
+          -L ${GIT_CHGLOG_URL}/${GIT_CHGLOG_VERSION} \
+          -o /tmp/git-chglog.tar.gz
+        tar -xvf /tmp/git-chglog.tar.gz -C /tmp
+        chmod +x /tmp/git-chglog
+        /tmp/git-chglog \
+          -o docs/CHANGELOG.md \
+          --config configs/chglog/config.yml \
+          --next-tag ${CHANGELOG_NEXT_TAG}
+        sed -i "s|\/\([0-9]\+\.\)\{2\}[0-9]\+|/${CHANGELOG_NEXT_TAG}|g" \
+          ./docs/quickstarts/snippets/n3dr/DOWNLOAD.md
+        sed -i "s|version:.*|version: ${CHANGELOG_NEXT_TAG}|" \
+          ./build/package/snap/snapcraft.yaml
+  integration-tests:
+    cmds:
+      - |
+        go test \
+          -coverprofile=coverage.cov \
+          --tags=integration \
+          -v \
+          -count=1 \
+          --cover \
+          -race \
+          -p=4 \
+          ./...
+        go tool cover -func=coverage.cov > coverage-functions.out
+        go tool cover -html=coverage.cov -o coverage.html
+        open ./coverage.html
+  lint:
+    cmds:
+      - |
+        go install github.com/golangci/golangci-lint/cmd/[email protected]
+        ~/go/bin/golangci-lint --version
+        ~/go/bin/golangci-lint run \
+          -v \
+          --timeout 2m30s \
+          --config .golangci.yml
diff --git a/build/package/snap/snapcraft.yaml b/build/package/snap/snapcraft.yaml
@@ -1,7 +1,7 @@
 ---
 name: n3dr
 base: core20
-version: 7.3.3
+version: 7.4.0
 summary: Nexus3 Disaster Recovery
 description: |
   Download all artifacts at once or migrate automatically from Nexus to Nexus.

diff --git a/cmd/n3dr/configRole.go b/cmd/n3dr/configRole.go
@@ -0,0 +1,85 @@
+package main
+
+import (
+	"github.com/030/n3dr/internal/app/n3dr/config/user"
+	"github.com/030/n3dr/internal/app/n3dr/connection"
+	"github.com/030/n3dr/internal/app/n3dr/goswagger/models"
+	log "github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+)
+
+var downloadRole, uploadRole bool
+
+// configUserCmd represents the configUser command.
+var configRoleCmd = &cobra.Command{
+	Use:   "configRole",
+	Short: "Configure roles.",
+	Long: `Create roles.
+
+Examples:
+  # Create a download role:
+  n3dr configRole --downloadRole
+
+  # Create an upload role:
+  n3dr configRole --uploadRole --https=false --n3drPass X --n3drUser admin --n3drURL localhost:9999
+`,
+	Run: func(cmd *cobra.Command, args []string) {
+		if !downloadRole && !uploadRole {
+			log.Fatal("either the downloadRole or uploadRole is required")
+		}
+
+		acu := models.APICreateUser{
+			EmailAddress: email,
+			FirstName:    firstName,
+			LastName:     lastName,
+			Password:     pass,
+			UserID:       id,
+		}
+		n := connection.Nexus3{
+			FQDN:  n3drURL,
+			HTTPS: &https,
+			Pass:  n3drPass,
+			User:  n3drUser,
+		}
+		u := user.User{APICreateUser: acu, Nexus3: n}
+
+		if downloadRole {
+			u.Roles = []string{"nx-download"}
+			rr := models.RoleXORequest{
+				ID:   "nx-download",
+				Name: "nx-download",
+				Privileges: []string{
+					"nx-repository-view-*-*-browse",
+					"nx-repository-view-*-*-read",
+				},
+			}
+			r := user.Role{RoleXORequest: rr, Nexus3: n}
+			if err := r.CreateRole(); err != nil {
+				log.Fatal(err)
+			}
+		}
+
+		if uploadRole {
+			u.Roles = []string{"nx-upload"}
+			rr := models.RoleXORequest{
+				ID:   "nx-upload",
+				Name: "nx-upload",
+				Privileges: []string{
+					"nx-repository-view-*-*-add",
+					"nx-repository-view-*-*-edit",
+				},
+			}
+			r := user.Role{RoleXORequest: rr, Nexus3: n}
+			if err := r.CreateRole(); err != nil {
+				log.Fatal(err)
+			}
+		}
+	},
+}
+
+func init() {
+	rootCmd.AddCommand(configRoleCmd)
+
+	configRoleCmd.Flags().BoolVar(&downloadRole, "downloadRole", false, "Whether a download role should be created")
+	configRoleCmd.Flags().BoolVar(&uploadRole, "uploadRole", false, "Whether an upload role should be created")
+}
diff --git a/cmd/n3dr/configUser.go b/cmd/n3dr/configUser.go
@@ -9,8 +9,9 @@ import (
 )
 
 var (
-	admin, changePass, downloadUser, uploadUser bool
-	email, firstName, id, lastName, pass        string
+	admin, changePass, custom, downloadUser, uploadUser bool
+	email, firstName, id, lastName, pass                string
+	roles                                               []string
 )
 
 // configUserCmd represents the configUser command.
@@ -20,19 +21,32 @@ var configUserCmd = &cobra.Command{
 	Long: `Create users or change their passwords.
 
 Examples:
+  # Create an admin user:
+  n3dr configUser --pass some-pass --email [email protected] --firstName build --id build --lastName build --admin
+
+  # Create a download user:
+  n3dr configUser --pass some-pass --email [email protected] --firstName build --id build --lastName build --downloadUser
+
+  # Create an upload user:
+  n3dr configUser --pass some-pass --email [email protected] --firstName build --id build --lastName build --uploadUser
+
+  # Create a custom user and assign certain roles:
+  n3dr configUser --pass some-pass --email [email protected] --firstName build --id build --lastName build --roles nx-download,nx-upload --custom
+
   # Change the admin password:
   n3dr configUser --changePass --https=false --n3drUser admin --n3drURL nexus3:8081 --n3drPass initial-pass --pass some-pass --email [email protected] --firstName admin --id admin --lastName admin
 `,
 	Run: func(cmd *cobra.Command, args []string) {
-		if !admin && !downloadUser && !uploadUser && !changePass {
-			log.Fatal("either the admin, changePass, downloadUser or uploadUser is required")
+		if !admin && !custom && !downloadUser && !uploadUser && !changePass {
+			log.Fatal("either the admin, custom, changePass, create, downloadUser or uploadUser is required")
 		}
 
 		acu := models.APICreateUser{
 			EmailAddress: email,
 			FirstName:    firstName,
 			LastName:     lastName,
 			Password:     pass,
+			Roles:        roles,
 			UserID:       id,
 		}
 		n := connection.Nexus3{
@@ -50,6 +64,15 @@ Examples:
 			}
 		}
 
+		if custom {
+			u.Roles = roles
+			log.Info("roles:", u)
+
+			if err := u.Create(); err != nil {
+				log.Fatal(err)
+			}
+		}
+
 		if downloadUser {
 			u.Roles = []string{"nx-download"}
 			rr := models.RoleXORequest{
@@ -125,7 +148,10 @@ func init() {
 	}
 
 	configUserCmd.Flags().BoolVar(&admin, "admin", false, "Whether a user should be admin")
+	configUserCmd.Flags().BoolVar(&custom, "custom", false, "Create a user and assign certain roles")
 	configUserCmd.Flags().BoolVar(&downloadUser, "downloadUser", false, "Whether a user should be able to download")
 	configUserCmd.Flags().BoolVar(&uploadUser, "uploadUser", false, "Whether a user should be able to upload")
 	configUserCmd.Flags().BoolVar(&changePass, "changePass", false, "Whether a pass should be changed")
+
+	configUserCmd.Flags().StringSliceVar(&roles, "roles", nil, "Which roles have to be assigned to the custom user")
 }
diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
@@ -2,10 +2,51 @@
 ## [Unreleased]
 
 
+<a name="7.4.0"></a>
+## [7.4.0] - 2024-02-03
+### Build
+- [[#423](https://github.com/030/n3dr/issues/423)] Add golang action. ([#424](https://github.com/030/n3dr/issues/424))
+- Replace separate hadolint, dockle and trivy by one workflow. ([#417](https://github.com/030/n3dr/issues/417))
+- **deps:** bump github.com/spf13/viper from 1.17.0 to 1.18.2 ([#426](https://github.com/030/n3dr/issues/426))
+- **deps:** bump github.com/go-openapi/swag from 0.22.4 to 0.22.9 ([#454](https://github.com/030/n3dr/issues/454))
+- **deps:** bump github.com/aws/aws-sdk-go from 1.48.16 to 1.50.5 ([#453](https://github.com/030/n3dr/issues/453))
+- **deps:** bump golang.org/x/crypto from 0.14.0 to 0.17.0 ([#416](https://github.com/030/n3dr/issues/416))
+- **deps:** bump alpine from 3.19.0 to 3.19.1 ([#455](https://github.com/030/n3dr/issues/455))
+- **deps:** bump schubergphilis/mcvs-golang-action from 0.2.2 to 0.2.3 ([#457](https://github.com/030/n3dr/issues/457))
+- **deps:** bump EndBug/add-and-commit from 9.1.3 to 9.1.4 ([#458](https://github.com/030/n3dr/issues/458))
+- **deps:** bump schubergphilis/mcvs-golang-action from 0.1.1 to 0.2.2 ([#448](https://github.com/030/n3dr/issues/448))
+- **deps:** bump schubergphilis/mcvs-docker-action from 0.2.1 to 0.3.2 ([#449](https://github.com/030/n3dr/issues/449))
+- **deps:** bump github.com/go-playground/validator/v10 ([#444](https://github.com/030/n3dr/issues/444))
+- **deps:** bump golang from 1.21.5-alpine3.18 to 1.21.6-alpine3.18 ([#445](https://github.com/030/n3dr/issues/445))
+- **deps:** bump alpine from 3.18.5 to 3.19.0 ([#413](https://github.com/030/n3dr/issues/413))
+- **deps:** bump github.com/go-openapi/strfmt from 0.21.7 to 0.22.0 ([#434](https://github.com/030/n3dr/issues/434))
+- **deps:** bump schubergphilis/mcvs-docker-action from 0.2.0 to 0.2.1 ([#427](https://github.com/030/n3dr/issues/427))
+- **deps:** bump codecov/codecov-action from 3.1.4 to 4.0.1 ([#463](https://github.com/030/n3dr/issues/463))
+- **deps:** bump github.com/go-openapi/runtime from 0.26.0 to 0.27.1 ([#452](https://github.com/030/n3dr/issues/452))
+- **deps:** bump github.com/samber/lo from 1.38.1 to 1.39.0 ([#389](https://github.com/030/n3dr/issues/389))
+- **deps:** bump github.com/hashicorp/go-retryablehttp ([#392](https://github.com/030/n3dr/issues/392))
+- **deps:** bump github.com/spf13/cobra from 1.7.0 to 1.8.0 ([#393](https://github.com/030/n3dr/issues/393))
+- **deps:** bump github.com/aws/aws-sdk-go from 1.45.25 to 1.48.16 ([#406](https://github.com/030/n3dr/issues/406))
+- **deps:** bump golang from 1.21.0-alpine3.18 to 1.21.5-alpine3.18 ([#405](https://github.com/030/n3dr/issues/405))
+- **deps:** bump github.com/go-openapi/validate from 0.22.1 to 0.22.3 ([#388](https://github.com/030/n3dr/issues/388))
+- **deps:** bump alpine from 3.18.4 to 3.18.5 ([#387](https://github.com/030/n3dr/issues/387))
+
+### Feat
+- [[#440](https://github.com/030/n3dr/issues/440)] Create user and assign roles.
+
+### Fix
+- [[#428](https://github.com/030/n3dr/issues/428)] Resolve race condition. ([#435](https://github.com/030/n3dr/issues/435))
+- [[#430](https://github.com/030/n3dr/issues/430)] Use semantic version. ([#432](https://github.com/030/n3dr/issues/432))
+- [[#430](https://github.com/030/n3dr/issues/430)] Do not run Sonar if dependabot branch. ([#431](https://github.com/030/n3dr/issues/431))
+- [[#428](https://github.com/030/n3dr/issues/428)] Resolve data race condition in upload. ([#429](https://github.com/030/n3dr/issues/429))
+- Ensure that integration tests are skipped on dep updates. ([#420](https://github.com/030/n3dr/issues/420))
+
+
 <a name="7.3.3"></a>
 ## [7.3.3] - 2023-12-09
 ### Build
-- **deps:** [[#399](https://github.com/030/n3dr/issues/399)] Use semantic versioning for plugins in github actions.
+- **deps:** [[#399](https://github.com/030/n3dr/issues/399)] V is omitted in upload-release-action. ([#404](https://github.com/030/n3dr/issues/404))
+- **deps:** [[#399](https://github.com/030/n3dr/issues/399)] Use semantic versioning for plugins in github actions. ([#403](https://github.com/030/n3dr/issues/403))
 - **deps:** bump actions/checkout from 3 to 4 ([#394](https://github.com/030/n3dr/issues/394))
 
 ### Fix
@@ -413,7 +454,8 @@ The `backup`, `upload` and `repositories` commands have been removed.
 <a name="1.0.0"></a>
 ## 1.0.0 - 2019-05-12
 
-[Unreleased]: https://github.com/030/n3dr/compare/7.3.3...HEAD
+[Unreleased]: https://github.com/030/n3dr/compare/7.4.0...HEAD
+[7.4.0]: https://github.com/030/n3dr/compare/7.3.3...7.4.0
 [7.3.3]: https://github.com/030/n3dr/compare/7.3.2...7.3.3
 [7.3.2]: https://github.com/030/n3dr/compare/7.3.1...7.3.2
 [7.3.1]: https://github.com/030/n3dr/compare/7.3.0...7.3.1

diff --git a/docs/instructions/task.md b/docs/instructions/task.md
@@ -0,0 +1,6 @@
+# task
+
+```bash
+go install github.com/go-task/task/v3/cmd/[email protected]
+~/go/bin/task integration-tests
+```
diff --git a/docs/quickstarts/snippets/n3dr/DOWNLOAD.md b/docs/quickstarts/snippets/n3dr/DOWNLOAD.md
@@ -1,12 +1,12 @@
 # Download
 
-Download the [latest N3DR binary](https://github.com/030/n3dr/releases/tag/7.3.3):
+Download the [latest N3DR binary](https://github.com/030/n3dr/releases/tag/7.4.0):
 
 ```bash
 cd /tmp && \
-curl -L https://github.com/030/n3dr/releases/download/7.3.3/n3dr-ubuntu-latest \
+curl -L https://github.com/030/n3dr/releases/download/7.4.0/n3dr-ubuntu-latest \
   -o n3dr-ubuntu-latest && \
-curl -L https://github.com/030/n3dr/releases/download/7.3.3/\
+curl -L https://github.com/030/n3dr/releases/download/7.4.0/\
 n3dr-ubuntu-latest.sha512.txt \
   -o n3dr-ubuntu-latest.sha512.txt && \
 sha512sum -c n3dr-ubuntu-latest.sha512.txt && \