fauna · mwilde345 · Nov 27, 2024 · Nov 22, 2024 · Nov 22, 2024 · Nov 22, 2024
diff --git a/.gitignore b/.gitignore
@@ -15,6 +15,7 @@ experiments
 coverage
 test-results.xml
 .history
+.fauna
 
 # default fauna config file names
 fauna.config.yaml,

@@ -1,34 +1,13 @@
 //@ts-check
 
-import { container } from "../../cli.mjs";
 import { commonQueryOptions } from "../../lib/command-helpers.mjs";
 import createCommand from "./create.mjs";
 import deleteCommand from "./delete.mjs";
 import listCommand from "./list.mjs";
 
-function validateArgs(argv) {
-  const logger = container.resolve("logger");
-
-  if (argv.secret && argv.database) {
-    // Providing a database and secret are conflicting options. If both are provided,
-    // it is not clear which one to use.
-    throw new Error(
-      "Cannot use both the '--secret' and '--database' options together. Please specify only one.",
-    );
-  } else if (argv.role && argv.secret) {
-    // The '--role' option is not supported when using a secret. Secrets have an
-    // implicit role.
-    logger.warn(
-      "The '--role' option is not supported when using a secret. It will be ignored.",
-    );
-  }
-  return true;
-}
-
 function buildDatabase(yargs) {
   return yargs
     .options(commonQueryOptions)
-    .check(validateArgs)
     .command(listCommand)
     .command(createCommand)
     .command(deleteCommand)

@@ -2,27 +2,50 @@ import { asValue, Lifetime } from "awilix";
 
 import { container } from "../../cli.mjs";
 import { FaunaAccountClient } from "../fauna-account-client.mjs";
-import { cleanupSecretsFile } from "../file-util.mjs";
 import { AccountKeys } from "./accountKeys.mjs";
 import { DatabaseKeys } from "./databaseKeys.mjs";
 
 const validateCredentialArgs = (argv) => {
+  const logger = container.resolve("logger");
   if (argv.database && argv.secret) {
     throw new Error(
-      "Cannot provide both a database and a secret. Please provide one or the other.",
+      "Cannot use both the '--secret' and '--database' options together. Please specify only one.",
+    );
+  } else if (argv.role && argv.secret) {
+    // The '--role' option is not supported when using a secret. Secrets have an
+    // implicit role.
+    logger.warn(
+      "The '--role' option is not supported when using a secret. It will be ignored.",
     );
   }
 };
 
 export class Credentials {
   constructor(argv) {
     // Get rid of orphaned database keys in the local storage
-    cleanupSecretsFile();
     // Make sure auth-related arguments from users are legal
     validateCredentialArgs(argv);
-
     this.accountKeys = new AccountKeys(argv);
     this.databaseKeys = new DatabaseKeys(argv, this.accountKeys.key);
+    this.cleanupSecretsFile();
+  }
+
+  /**
+   * Steps through account keys in local filesystem and if they are not found in the secrets file,
+   *   delete the stale entries on the secrets file.
+   */
+  cleanupSecretsFile() {
+    const accountKeyData = this.accountKeys.keyStore.getFile();
+    const accountKeys = Object.values(accountKeyData).map(
+      (value) => value.accountKey,
+    );
+    const secretKeyData = this.databaseKeys.keyStore.getFile();
+    Object.keys(secretKeyData).forEach((accountKey) => {
+      if (!accountKeys.includes(accountKey)) {
+        this.databaseKeys.keyStore.updateAccountKey(accountKey);
+        this.databaseKeys.keyStore.deleteAllDBKeysForAccount();
+      }
+    });
   }
 
   async login(accessToken) {

@@ -315,24 +315,6 @@ export class AccountKeyStorage extends CredentialsStorage {
   }
 }
 
-/**
- * Steps through account keys in local filesystem and if they are not found in the secrets file,
- *   delete the stale entries on the secrets file.
- */
-export function cleanupSecretsFile() {
-  const accountKeyData = new CredentialsStorage("access_keys").getFile();
-  const accountKeys = Object.values(accountKeyData).map(
-    (value) => value.accountKey,
-  );
-  const secretKeyData = new CredentialsStorage("secret_keys").getFile();
-  Object.keys(secretKeyData).forEach((accountKey) => {
-    if (!accountKeys.includes(accountKey)) {
-      const secretKeyStorage = new SecretKeyStorage(accountKey);
-      secretKeyStorage.deleteAllDBKeysForAccount();
-    }
-  });
-}
-
 /**
  * Checks if a value is a valid JSON string.
  *

diff --git a/test/config.mjs b/test/config.mjs
@@ -4,7 +4,6 @@ import path from "node:path";
 
 import * as awilix from "awilix";
 import { expect } from "chai";
-import chalk from "chalk";
 import notAllowed from "not-allowed";
 import sinon from "sinon";
 import stripAnsi from "strip-ansi";

@@ -194,7 +194,8 @@ describe("schema pull", function () {
     expect(logger.stdout).to.have.been.calledWith("Change cancelled");
     expect(fs.writeFile).to.have.not.been.called;
     expect(fsp.unlink).to.have.not.been.called;
-    expect(fs.mkdirSync).to.have.not.been.called;
+    // Called twice during Credentials initialization, but not called during the pull command
+    expect(fs.mkdirSync).to.have.been.calledTwice;
   });
 
   it("can delete extraneous FSL files", async function () {

@@ -98,7 +98,8 @@ describe("shell", function () {
 
       // start the shell
       const runPromise = run(`shell --secret "secret"`, container);
-
+      // Wait for the shell to start (print ">")
+      await stdout.waitForWritten();
       // send our first command
       stdin.push(`${query}\n`);
       await stdout.waitForWritten();
@@ -167,7 +168,8 @@ describe("shell", function () {
 
       // start the shell
       const runPromise = run(`shell --secret "secret" --version 4`, container);
-
+      // Wait for the shell to start (print ">")
+      await stdout.waitForWritten();
       // send our first command
       stdin.push(`${query}\n`);
       await stdout.waitForWritten();