added allowed set flag (#169)

60533a95 · RoyUP9 · GitHub · 90f0f603 · 60533a95 · 60533a95
Unverified Commit 60533a95 authored 3 years ago by RoyUP9 Committed by GitHub 3 years ago
Hide whitespace changes
Inline Side-by-side

Showing

with 47 additions and 9 deletions
+47 -9
--- a/cli/cmd/tap.go
+++ b/cli/cmd/tap.go
@@ -70,5 +70,5 @@ func init() {
 	tapCmd.Flags().String(configStructs.HumanMaxEntriesDBSizeTapName, defaultTapConfig.HumanMaxEntriesDBSize, "override the default max entries db size of 200mb")
 	tapCmd.Flags().String(configStructs.DirectionTapName, defaultTapConfig.Direction, "Record traffic that goes in this direction (relative to the tapped pod): in/any")
 	tapCmd.Flags().Bool(configStructs.DryRunTapName, defaultTapConfig.DryRun, "Preview of all pods matching the regex, without tapping them")
-	tapCmd.Flags().String(configStructs.EnforcePolicyFile, "", "Yaml file with policy rules")
+	tapCmd.Flags().String(configStructs.EnforcePolicyFile, defaultTapConfig.EnforcePolicyFile, "Yaml file with policy rules")
 }
--- a/cli/errormessage/errormessage.go
+++ b/cli/errormessage/errormessage.go
@@ -3,6 +3,9 @@ package errormessage
 import (
 	"errors"
 	"fmt"
+
+	"github.com/up9inc/mizu/cli/mizu"
+
 	regexpsyntax "regexp/syntax"

 	k8serrors "k8s.io/apimachinery/pkg/api/errors"
@@ -13,11 +16,11 @@ import (
 func FormatError(err error) error {
 	var errorNew error
 	if k8serrors.IsForbidden(err) {
-		errorNew = fmt.Errorf("Insufficient permissions: %w. "+
-			"Supply the required permission or control Mizu's access to namespaces by setting MizuResourcesNamespace "+
-			"in the config file or setting the tapped namespace with --set mizu-resources-namespace=<NAMEPSACE>.", err)
+		errorNew = fmt.Errorf("insufficient permissions: %w. "+
+			"supply the required permission or control Mizu's access to namespaces by setting MizuResourcesNamespace "+
+			"in the config file or setting the tapped namespace with --%s %s=<NAMEPSACE>", err, mizu.SetCommandName, mizu.MizuResourcesNamespaceConfigName)
 	} else if syntaxError, isSyntaxError := asRegexSyntaxError(err); isSyntaxError {
-		errorNew = fmt.Errorf("Regex %s is invalid: %w", syntaxError.Expr, err)
+		errorNew = fmt.Errorf("regex %s is invalid: %w", syntaxError.Expr, err)
 	} else {
 		errorNew = err
 	}

--- a/cli/mizu/config.go
+++ b/cli/mizu/config.go
@@ -13,6 +13,7 @@ import (
 	"github.com/creasty/defaults"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
+	"github.com/up9inc/mizu/cli/mizu/configStructs"
 	"github.com/up9inc/mizu/cli/uiUtils"
 	"gopkg.in/yaml.v3"
 )
@@ -22,13 +23,22 @@ const (
 	SetCommandName = "set"
 )

+var allowedSetFlags = []string{
+	AgentImageConfigName,
+	MizuResourcesNamespaceConfigName,
+	TelemetryConfigName,
+	DumpLogsConfigName,
+	configStructs.AnalysisDestinationTapName,
+	configStructs.SleepIntervalSecTapName,
+}
+
 var Config = ConfigStruct{}

 func (config *ConfigStruct) Validate() error {
 	if config.IsNsRestrictedMode() {
 		if config.Tap.AllNamespaces || len(config.Tap.Namespaces) != 1 || config.Tap.Namespaces[0] != config.MizuResourcesNamespace {
 			return fmt.Errorf("Not supported mode. Mizu can't resolve IPs in other namespaces when running in namespace restricted mode.\n" +
-				"You can use the same namespace for --namespace and --mizu-resources-namespace")
+				"You can use the same namespace for --%s and --%s", configStructs.NamespacesTapName, MizuResourcesNamespaceConfigName)
 		}
 	}

@@ -95,7 +105,7 @@ func initFlag(f *pflag.Flag) {

 	if f.Name == SetCommandName {
 		if setError := mergeSetFlag(sliceValue.GetSlice()); setError != nil {
-			Log.Infof(uiUtils.Red, "Invalid set argument")
+			Log.Warningf(uiUtils.Red, fmt.Sprintf("%v", setError))
 		}
 		return
 	}
@@ -117,6 +127,11 @@ func mergeSetFlag(setValues []string) error {
 		}

 		argumentKey, argumentValue := split[0], split[1]
+
+		if !Contains(allowedSetFlags, argumentKey) {
+			return errors.New(fmt.Sprintf("invalid set flag name %s, allowed set flag names: \"%s\"", argumentKey, strings.Join(allowedSetFlags, "\", \"")))
+		}
+
 		mergeFlagValue(configElem, argumentKey, argumentValue)
 	}

@@ -141,7 +156,7 @@ func mergeFlagValue(currentElem reflect.Value, flagKey string, flagValue string)

 		parsedValue, err := getParsedValue(flagValueKind, flagValue)
 		if err != nil {
-			Log.Warningf(uiUtils.Red, fmt.Sprintf("Invalid value %v for key %s, expected %s", flagValue, flagKey, flagValueKind))
+			Log.Warningf(uiUtils.Red, fmt.Sprintf("Invalid value %v for flag name %s, expected %s", flagValue, flagKey, flagValueKind))
 			return
 		}

@@ -169,7 +184,7 @@ func mergeFlagValues(currentElem reflect.Value, flagKey string, flagValues []str
 		for _, flagValue := range flagValues {
 			parsedValue, err := getParsedValue(flagValueKind, flagValue)
 			if err != nil {
-				Log.Warningf(uiUtils.Red, fmt.Sprintf("Invalid value %v for key %s, expected %s", flagValue, flagKey, flagValueKind))
+				Log.Warningf(uiUtils.Red, fmt.Sprintf("Invalid value %v for flag name %s, expected %s", flagValue, flagKey, flagValueKind))
 				return
 			}


--- a/cli/mizu/configStruct.go
+++ b/cli/mizu/configStruct.go
@@ -6,6 +6,13 @@ import (
 	"github.com/up9inc/mizu/cli/mizu/configStructs"
 )

+const (
+	AgentImageConfigName             = "agent-image"
+	MizuResourcesNamespaceConfigName = "mizu-resources-namespace"
+	TelemetryConfigName              = "telemetry"
+	DumpLogsConfigName               = "dump-logs"
+)
+
 type ConfigStruct struct {
 	Tap                    configStructs.TapConfig     `yaml:"tap"`
 	Fetch                  configStructs.FetchConfig   `yaml:"fetch"`

--- a/cli/mizu/configStructs/tapConfig.go
+++ b/cli/mizu/configStructs/tapConfig.go
@@ -10,6 +10,8 @@ import (
 )

 const (
+	AnalysisDestinationTapName    = "dest"
+	SleepIntervalSecTapName       = "upload-interval"
 	GuiPortTapName                = "gui-port"
 	NamespacesTapName             = "namespaces"
 	AnalysisTapName               = "analysis"

--- a/cli/mizu/sliceUtils.go
+++ b/cli/mizu/sliceUtils.go
+package mizu
+
+func Contains(slice []string, containsValue string) bool {
+	for _, sliceValue := range slice {
+		if sliceValue == containsValue {
+			return true
+		}
+	}
+
+	return false
+}