curben
/
cloudflared-mirror
mirror of https://github.com/cloudflare/cloudflared.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

TUN-3864: Users can choose where credentials file is written after creating a tunnel

This commit is contained in:
Adam Chalmers 2021-02-04 11:57:50 -06:00
parent 7420439ed2
commit dbd90f270e
3 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cmd/cloudflared/tunnel/cmd.go
View File

@ -154,7 +154,7 @@ func TunnelCommand(c *cli.Context) error {
return err return err
} }
if name := c.String("name"); name != "" { // Start a named tunnel if name := c.String("name"); name != "" { // Start a named tunnel
return runAdhocNamedTunnel(sc, name) return runAdhocNamedTunnel(sc, name, c.String(CredFileFlag))
} }
if ref := config.GetConfiguration().TunnelID; ref != "" { if ref := config.GetConfiguration().TunnelID; ref != "" {
return fmt.Errorf("Use `cloudflared tunnel run` to start tunnel %s", ref) return fmt.Errorf("Use `cloudflared tunnel run` to start tunnel %s", ref)
@ -169,10 +169,10 @@ func Init(ver string, gracefulShutdown chan struct{}) {
} }
// runAdhocNamedTunnel create, route and run a named tunnel in one command // runAdhocNamedTunnel create, route and run a named tunnel in one command
func runAdhocNamedTunnel(sc *subcommandContext, name string) error { func runAdhocNamedTunnel(sc *subcommandContext, name, credentialsOutputPath string) error {
tunnel, ok, err := sc.tunnelActive(name) tunnel, ok, err := sc.tunnelActive(name)
if err != nil || !ok { if err != nil || !ok {
tunnel, err = sc.create(name) tunnel, err = sc.create(name, credentialsOutputPath)
if err != nil { if err != nil {
return errors.Wrap(err, "failed to create tunnel") return errors.Wrap(err, "failed to create tunnel")
} }
@ -539,6 +539,7 @@ func tunnelFlags(shouldHide bool) []cli.Flag {
flags = append(flags, configureLoggingFlags(shouldHide)...) flags = append(flags, configureLoggingFlags(shouldHide)...)
flags = append(flags, configureProxyDNSFlags(shouldHide)...) flags = append(flags, configureProxyDNSFlags(shouldHide)...)
flags = append(flags, []cli.Flag{ flags = append(flags, []cli.Flag{
credentialsFileFlag,
altsrc.NewBoolFlag(&cli.BoolFlag{ altsrc.NewBoolFlag(&cli.BoolFlag{
Name: "is-autoupdated", Name: "is-autoupdated",
Usage: "Signal the new process that Argo Tunnel client has been autoupdated", Usage: "Signal the new process that Argo Tunnel client has been autoupdated",

4
cmd/cloudflared/tunnel/subcommand_context.go
View File

@ -147,7 +147,7 @@ func (sc *subcommandContext) readTunnelCredentials(credFinder CredFinder) (conne
return credentials, nil return credentials, nil
} }
func (sc *subcommandContext) create(name string) (*tunnelstore.Tunnel, error) { func (sc *subcommandContext) create(name string, credentialsOutputPath string) (*tunnelstore.Tunnel, error) {
client, err := sc.client() client, err := sc.client()
if err != nil { if err != nil {
return nil, errors.Wrap(err, "couldn't create client to talk to Argo Tunnel backend") return nil, errors.Wrap(err, "couldn't create client to talk to Argo Tunnel backend")
@ -173,7 +173,7 @@ func (sc *subcommandContext) create(name string) (*tunnelstore.Tunnel, error) {
TunnelID: tunnel.ID, TunnelID: tunnel.ID,
TunnelName: name, TunnelName: name,
} }
filePath, writeFileErr := writeTunnelCredentials(credential.certPath, &tunnelCredentials) filePath, writeFileErr := writeTunnelCredentials(credential.certPath, credentialsOutputPath, &tunnelCredentials)
if writeFileErr != nil { if writeFileErr != nil {
var errorLines []string var errorLines []string
errorLines = append(errorLines, fmt.Sprintf("Your tunnel '%v' was created with ID %v. However, cloudflared couldn't write to the tunnel credentials file at %v.json.", tunnel.Name, tunnel.ID, tunnel.ID)) errorLines = append(errorLines, fmt.Sprintf("Your tunnel '%v' was created with ID %v. However, cloudflared couldn't write to the tunnel credentials file at %v.json.", tunnel.Name, tunnel.ID, tunnel.ID))

14
cmd/cloudflared/tunnel/subcommands.go
View File

@ -90,7 +90,7 @@ var (
credentialsFileFlag = altsrc.NewStringFlag(&cli.StringFlag{ credentialsFileFlag = altsrc.NewStringFlag(&cli.StringFlag{
Name: CredFileFlag, Name: CredFileFlag,
Aliases: []string{CredFileFlagAlias}, Aliases: []string{CredFileFlagAlias},
Usage: "File path of tunnel credentials", Usage: "Filepath at which to read/write the tunnel credentials",
EnvVars: []string{"TUNNEL_CRED_FILE"}, EnvVars: []string{"TUNNEL_CRED_FILE"},
}) })
forceDeleteFlag = &cli.BoolFlag{ forceDeleteFlag = &cli.BoolFlag{
@ -121,7 +121,7 @@ func buildCreateCommand() *cli.Command {
For example, to create a tunnel named 'my-tunnel' run: For example, to create a tunnel named 'my-tunnel' run:
$ cloudflared tunnel create my-tunnel`, $ cloudflared tunnel create my-tunnel`,
Flags: []cli.Flag{outputFormatFlag}, Flags: []cli.Flag{outputFormatFlag, credentialsFileFlag},
CustomHelpTemplate: commandHelpTemplate(), CustomHelpTemplate: commandHelpTemplate(),
} }
} }
@ -144,7 +144,7 @@ func createCommand(c *cli.Context) error {
} }
name := c.Args().First() name := c.Args().First()
_, err = sc.create(name) _, err = sc.create(name, c.String(CredFileFlag))
return errors.Wrap(err, "failed to create tunnel") return errors.Wrap(err, "failed to create tunnel")
} }
@ -154,12 +154,18 @@ func tunnelFilePath(tunnelID uuid.UUID, directory string) (string, error) {
return homedir.Expand(filePath) return homedir.Expand(filePath)
} }
// If an `outputFile` is given, write the credentials there.
// Otherwise, write it to the same directory as the originCert,
// with the filename `<tunnel id>.json`.
func writeTunnelCredentials( func writeTunnelCredentials(
originCertPath string, originCertPath, outputFile string,
credentials *connection.Credentials, credentials *connection.Credentials,
) (filePath string, err error) { ) (filePath string, err error) {
filePath = outputFile
if outputFile == "" {
originCertDir := filepath.Dir(originCertPath) originCertDir := filepath.Dir(originCertPath)
filePath, err = tunnelFilePath(credentials.TunnelID, originCertDir) filePath, err = tunnelFilePath(credentials.TunnelID, originCertDir)
}
if err != nil { if err != nil {
return "", err return "", err
} }