Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: delete acl #167

Merged
merged 123 commits into from
Dec 13, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
123 commits
Select commit Hold shift + click to select a range
b86d182
bump kafka-go to include acl apis
petedannemann Aug 11, 2023
f1ec537
add acl interfaces and aclinfo type stub
petedannemann Aug 11, 2023
07a63c7
pull latest kafka-go and use kafka-go aclresource type
petedannemann Aug 11, 2023
474c260
wip
petedannemann Sep 8, 2023
6e0ec36
fix test
petedannemann Sep 8, 2023
7b9454d
fix typos
petedannemann Sep 11, 2023
49f7e19
get acls working
petedannemann Sep 11, 2023
8382e98
getacls working
petedannemann Sep 12, 2023
7b8ee42
upgrade cobra to latest
petedannemann Sep 12, 2023
2a7d2de
finish separating get into separate subcommands
petedannemann Sep 12, 2023
1b84ef3
remove unneeded variables
petedannemann Sep 12, 2023
ff7d81d
Merge branch 'chore/separate-subcmd-for-get' into spike/acls-and-users
petedannemann Sep 12, 2023
ea28ea9
wip
petedannemann Sep 12, 2023
07667dd
pr feedback
petedannemann Sep 12, 2023
dcdd0e8
Revert "upgrade cobra to latest"
petedannemann Sep 13, 2023
d58262c
Merge branch 'chore/separate-subcmd-for-get' into spike/acls-and-users
petedannemann Sep 13, 2023
9f8f550
use getCliRunnerAndCtx in get acls
petedannemann Sep 13, 2023
4a78af2
more consistent variable names
petedannemann Sep 13, 2023
1dbf200
custom cobra type
petedannemann Sep 13, 2023
226ae1c
bring in new kafka-go
petedannemann Sep 13, 2023
acc011f
support resource pattern type
petedannemann Sep 13, 2023
2536e50
add support for acloperationtype and remove options for unknown
petedannemann Sep 14, 2023
62671b0
improve descriptions
petedannemann Sep 14, 2023
3f050ca
support permissiontype and host filters
petedannemann Sep 14, 2023
925670c
add resource name filter and fix permission type formatting
petedannemann Sep 14, 2023
5cff332
support principal filtering
petedannemann Sep 14, 2023
e6e8c63
improve docs
petedannemann Sep 14, 2023
e28cb01
add examples
petedannemann Sep 15, 2023
9735b1b
remove comment
petedannemann Sep 15, 2023
b19a4e1
remove TODOs that are complete
petedannemann Sep 15, 2023
43806c0
remove TODOs that are complete
petedannemann Sep 15, 2023
2fb8c8e
update README
petedannemann Sep 15, 2023
45d403d
fix test
petedannemann Sep 15, 2023
c5e909d
Merge branch 'master' into feat/get-acls
petedannemann Sep 15, 2023
b3a5ef8
wip
petedannemann Sep 15, 2023
6c1f7f1
fix error handling
petedannemann Sep 15, 2023
cd3a1f6
error handling for zk
petedannemann Sep 15, 2023
e0c8c63
more consistent error msg
petedannemann Sep 15, 2023
90147f3
clean up createacl
petedannemann Sep 15, 2023
7534ecf
add TestBrokerClientCreateACLReadOnly
petedannemann Sep 15, 2023
7551ece
improve zk tests
petedannemann Sep 15, 2023
df19f18
run acl tests in ci
petedannemann Sep 15, 2023
e799c40
enable acls for kafka 2.4.1 in ci
petedannemann Sep 15, 2023
cf690ee
fix zk tests
petedannemann Sep 15, 2023
41283c7
skip TestBrokerClientCreateACLReadOnly on old versions of kafka
petedannemann Sep 15, 2023
b553d3d
try to debug
petedannemann Sep 15, 2023
14811f7
handle nested errors from createacls
petedannemann Sep 15, 2023
7cc16a6
operations -> operation
petedannemann Sep 15, 2023
2d12642
operations -> operation
petedannemann Sep 15, 2023
fdb8288
remove setting log level in test
petedannemann Sep 15, 2023
4f4be70
Merge branch 'master' into feat/get-acls
petedannemann Sep 18, 2023
96dedfd
clean up allowed types in help command
petedannemann Sep 18, 2023
d65759d
fix merge conflict
petedannemann Sep 18, 2023
36d3de9
fix test
petedannemann Sep 19, 2023
9b1262a
add json annotations
petedannemann Sep 19, 2023
e960c37
bump kafka-go to version on main
petedannemann Sep 18, 2023
47650f9
wip
petedannemann Sep 19, 2023
8d9ab94
basic tests
petedannemann Sep 19, 2023
561eb2a
start on getusers cmd
petedannemann Sep 19, 2023
ead5d31
add json annotations
petedannemann Sep 19, 2023
5dcb773
get users working
petedannemann Sep 19, 2023
46a50ef
wip
petedannemann Sep 19, 2023
6800114
add todos and fix type annotaitons
petedannemann Sep 19, 2023
2b0d87c
improve test
petedannemann Sep 19, 2023
128be0d
use CanTestBrokerAdminSecurity to feature flag test
petedannemann Sep 19, 2023
a69e71f
update README
petedannemann Sep 19, 2023
5efedaa
remove duplicate test from merge conflicts
petedannemann Sep 20, 2023
83eca68
fix more merge conflicts
petedannemann Sep 20, 2023
a5dbb56
create user working
petedannemann Sep 26, 2023
5d46ebe
add uncommitted files
petedannemann Oct 3, 2023
0f8d283
start adding validation
petedannemann Oct 4, 2023
f7cd4f8
meta validation for users
petedannemann Oct 4, 2023
01efe00
wip
petedannemann Oct 10, 2023
ba844d0
Merge branch 'master' into feat/apply-acls
petedannemann Oct 12, 2023
79d9d3b
support dry run and skip confirm
petedannemann Oct 18, 2023
a335872
wip
petedannemann Oct 30, 2023
107751e
wip
petedannemann Nov 9, 2023
aa72764
add more files
petedannemann Nov 9, 2023
61e6925
resourcemta
petedannemann Nov 15, 2023
72fbe94
consistency checking for acls
petedannemann Nov 15, 2023
c1f10df
remove emacs backups
petedannemann Nov 15, 2023
a2d4686
remove user stuff
petedannemann Nov 15, 2023
a7c130c
remove diff from cluster.yaml file
petedannemann Nov 15, 2023
23b544a
remove diff from topic file
petedannemann Nov 15, 2023
7c57063
remove debug log
petedannemann Nov 15, 2023
5931b92
smaller diff
petedannemann Nov 15, 2023
3d52f5a
remove completed todos
petedannemann Nov 15, 2023
d0f0ec9
remove unused error helper
petedannemann Nov 15, 2023
8400a73
add missing meta file
petedannemann Nov 15, 2023
9b3b13c
Merge branch 'master' into feat/create-acls
petedannemann Nov 15, 2023
1e7cc3b
skip ACL tests when ACLs cannot be used due to kafka version limitations
petedannemann Nov 15, 2023
24fffd0
fix loadacls test
petedannemann Nov 15, 2023
32a9490
add more todos
petedannemann Nov 15, 2023
39349ad
add validation and set defaults
petedannemann Nov 16, 2023
0cd4dcf
don't use ioutil
petedannemann Nov 16, 2023
41981eb
move confirm to util package
petedannemann Nov 16, 2023
a6d7a5e
move confirm to util package
petedannemann Nov 16, 2023
3b4fd43
add create to README
petedannemann Nov 16, 2023
b1b5f21
use validation and setdefaults
petedannemann Nov 16, 2023
d749523
add example acl
petedannemann Nov 16, 2023
67f7178
fix formatting in readme
petedannemann Nov 16, 2023
3ae74de
use released version of kafka-go
petedannemann Nov 16, 2023
c7db718
fix spelling
petedannemann Nov 16, 2023
1f8d7b4
make invalid field more obvious
petedannemann Nov 16, 2023
23f7979
fix dryrun and skip confirm
petedannemann Nov 16, 2023
3924172
stub out delete cli and implement admin
petedannemann Nov 21, 2023
4692583
integrate cli and add docs
petedannemann Nov 21, 2023
434d602
improve formatting
petedannemann Nov 21, 2023
2f593fa
add read only test
petedannemann Nov 21, 2023
cc4eb74
improve documentation
petedannemann Nov 21, 2023
f0c3f09
fix docstring and error message
petedannemann Nov 22, 2023
bd60184
move things into new acl package and start on dry run
petedannemann Nov 27, 2023
6f9ba6d
finish dry run
petedannemann Dec 1, 2023
4545a24
support deleting multiple acls
petedannemann Dec 1, 2023
a32a02c
add test for multiple deletes
petedannemann Dec 1, 2023
42f0d2f
allow deleting multiple acls
petedannemann Dec 12, 2023
9557166
remove starting deletion log
petedannemann Dec 12, 2023
ebf1cdc
harden test
petedannemann Dec 12, 2023
6843aa6
remove unused highlighter
petedannemann Dec 12, 2023
aadd135
rearrange plan for deletion
petedannemann Dec 12, 2023
aa79335
fix grammar
petedannemann Dec 12, 2023
95d73d6
Merge branch 'master' into feat/delete-acl
petedannemann Dec 13, 2023
d648e28
fix merge conflict
petedannemann Dec 13, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -164,6 +164,17 @@ The `create` command creates resources in the cluster from a configuration file.
Currently, only ACLs are supported. The create command is separate from the apply
command as it is intended for usage with immutable resources managed by topicctl.

#### delete
```
topicctl delete [flags] [operation]
```

The `delete` subcommand deletes a particular resource type in the cluster.
Currently, the following operations are supported:
| Subcommand | Description |
| --------- | ----------- |
| `delete acl [flags]` | Deletes a single ACL in the cluster matching the provided flags |

#### get

```
Expand Down
6 changes: 3 additions & 3 deletions cmd/topicctl/subcmd/create.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,10 @@ import (
"path/filepath"
"syscall"

"github.com/segmentio/topicctl/pkg/acl"
"github.com/segmentio/topicctl/pkg/admin"
"github.com/segmentio/topicctl/pkg/cli"
"github.com/segmentio/topicctl/pkg/config"
"github.com/segmentio/topicctl/pkg/create"
log "github.com/sirupsen/logrus"
"github.com/spf13/cobra"
)
Expand Down Expand Up @@ -171,14 +171,14 @@ func createACL(
clusterConfigPath,
)

creatorConfig := create.ACLCreatorConfig{
aclAdminConfig := acl.ACLAdminConfig{
DryRun: createConfig.dryRun,
SkipConfirm: createConfig.skipConfirm,
ACLConfig: aclConfig,
ClusterConfig: clusterConfig,
}

if err := cliRunner.CreateACL(ctx, creatorConfig); err != nil {
if err := cliRunner.CreateACL(ctx, aclAdminConfig); err != nil {
return err
}
}
Expand Down
147 changes: 147 additions & 0 deletions cmd/topicctl/subcmd/delete.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,147 @@
package subcmd

import (
"context"
"strings"

"github.com/aws/aws-sdk-go/aws/session"
"github.com/segmentio/kafka-go"
"github.com/segmentio/topicctl/pkg/acl"
"github.com/segmentio/topicctl/pkg/cli"
log "github.com/sirupsen/logrus"
"github.com/spf13/cobra"
)

var deleteCmd = &cobra.Command{
Use: "delete [resource type]",
Short: "delete instances of a particular type",
Long: strings.Join(
[]string{
"Deletes instances of a particular type.",
},
"\n",
),
PersistentPreRunE: deletePreRun,
}

type deleteCmdConfig struct {
dryRun bool

shared sharedOptions
}

var deleteConfig deleteCmdConfig

func init() {
deleteCmd.PersistentFlags().BoolVar(
&deleteConfig.dryRun,
"dry-run",
false,
"Do a dry-run",
)

addSharedFlags(deleteCmd, &deleteConfig.shared)
deleteCmd.AddCommand(
deleteACLCmd(),
)
RootCmd.AddCommand(deleteCmd)
}

func deletePreRun(cmd *cobra.Command, args []string) error {
return deleteConfig.shared.validate()
}

var deleteACLsConfig = aclsCmdConfig{}

func deleteACLCmd() *cobra.Command {
cmd := &cobra.Command{
Use: "acls [flags]",
Short: "Delete ACLs. Requires providing flags to target ACLs for deletion.",
Args: cobra.NoArgs,
Example: `Delete read acls for topic my-topic, user 'User:default', and host '*'
$ topicctl delete acls --resource-type topic --resource-pattern-type literal --resource-name my-topic --principal 'User:default' --host '*' --operation read --permission-type allow
`,
RunE: func(cmd *cobra.Command, args []string) error {
ctx := context.Background()
sess := session.Must(session.NewSession())

adminClient, err := deleteConfig.shared.getAdminClient(ctx, sess, deleteConfig.dryRun)
if err != nil {
return err
}
defer adminClient.Close()

cliRunner := cli.NewCLIRunner(adminClient, log.Infof, !noSpinner)

filter := kafka.DeleteACLsFilter{
ResourceTypeFilter: kafka.ResourceType(deleteACLsConfig.resourceType),
ResourceNameFilter: deleteACLsConfig.resourceNameFilter,
ResourcePatternTypeFilter: kafka.PatternType(deleteACLsConfig.resourcePatternType),
PrincipalFilter: deleteACLsConfig.principalFilter,
HostFilter: deleteACLsConfig.hostFilter,
Operation: kafka.ACLOperationType(deleteACLsConfig.operationType),
PermissionType: kafka.ACLPermissionType(deleteACLsConfig.permissionType),
}

aclAdminConfig := acl.ACLAdminConfig{
// Omit fields we don't need for deletes
DryRun: deleteConfig.dryRun,
// Deletes cannot be skipped
SkipConfirm: false,
}

return cliRunner.DeleteACL(ctx, aclAdminConfig, filter)
},
}
cmd.Flags().StringVar(
&deleteACLsConfig.hostFilter,
"host",
"",
`The host to filter on. (e.g. 198.51.100.0) (Required)`,
)
cmd.MarkFlagRequired("host")

cmd.Flags().Var(
&deleteACLsConfig.operationType,
"operation",
`The operation that is being allowed or denied to filter on. allowed: [any, all, read, write, create, delete, alter, describe, clusteraction, describeconfigs, alterconfigs, idempotentwrite] (Required)`,
)
cmd.MarkFlagRequired("operation")

cmd.Flags().Var(
&deleteACLsConfig.permissionType,
"permission-type",
`The permission type to filter on. allowed: [any, allow, deny] (Required)`,
)
cmd.MarkFlagRequired("permission-type")

cmd.Flags().StringVar(
&deleteACLsConfig.principalFilter,
"principal",
"",
`The principal to filter on in principalType:name format (e.g. User:alice). (Required)`,
)
cmd.MarkFlagRequired("principal")

cmd.Flags().StringVar(
&deleteACLsConfig.resourceNameFilter,
"resource-name",
"",
`The resource name to filter on. (e.g. my-topic) (Required)`,
)
cmd.MarkFlagRequired("resource-name")

cmd.Flags().Var(
&deleteACLsConfig.resourcePatternType,
"resource-pattern-type",
`The type of the resource pattern or filter. allowed: [any, match, literal, prefixed]. "any" will match any pattern type (literal or prefixed), but will match the resource name exactly, where as "match" will perform pattern matching to list all acls that affect the supplied resource(s).`,
)

cmd.Flags().Var(
&deleteACLsConfig.resourceType,
"resource-type",
`The type of resource to filter on. allowed: [any, topic, group, cluster, transactionalid, delegationtoken] (Required)`,
)
cmd.MarkFlagRequired("resource-type")
return cmd
}
Loading
Loading