mirror of
https://github.com/GlueOps/autoglue.git
synced 2026-02-13 12:50:05 +01:00
86 lines
2.0 KiB
Go
86 lines
2.0 KiB
Go
package cli
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"encoding/base64"
|
|
"fmt"
|
|
"io"
|
|
|
|
"github.com/glueops/autoglue/internal/db"
|
|
"github.com/glueops/autoglue/internal/db/models"
|
|
"github.com/spf13/cobra"
|
|
)
|
|
|
|
var rotateMasterCmd = &cobra.Command{
|
|
Use: "rotate-master",
|
|
Short: "Generate and activate a new master encryption key",
|
|
Args: cobra.NoArgs,
|
|
RunE: func(cmd *cobra.Command, args []string) error {
|
|
key := make([]byte, 32)
|
|
if _, err := io.ReadFull(rand.Reader, key); err != nil {
|
|
return fmt.Errorf("generating random key: %w", err)
|
|
}
|
|
|
|
encoded := base64.StdEncoding.EncodeToString(key)
|
|
|
|
if err := db.DB.Model(&models.MasterKey{}).
|
|
Where("is_active = ?", true).
|
|
Update("is_active", false).Error; err != nil {
|
|
return fmt.Errorf("deactivating previous key: %w", err)
|
|
}
|
|
|
|
if err := db.DB.Create(&models.MasterKey{
|
|
Key: encoded,
|
|
IsActive: true,
|
|
}).Error; err != nil {
|
|
return fmt.Errorf("creating new master key: %w", err)
|
|
}
|
|
|
|
fmt.Println("Master key rotated successfully")
|
|
return nil
|
|
},
|
|
}
|
|
|
|
var createMasterCmd = &cobra.Command{
|
|
Use: "create-master",
|
|
Short: "Generate and activate a new master encryption key",
|
|
Args: cobra.NoArgs,
|
|
RunE: func(cmd *cobra.Command, args []string) error {
|
|
key := make([]byte, 32)
|
|
if _, err := io.ReadFull(rand.Reader, key); err != nil {
|
|
return fmt.Errorf("generating random key: %w", err)
|
|
}
|
|
|
|
encoded := base64.StdEncoding.EncodeToString(key)
|
|
|
|
if err := db.DB.Create(&models.MasterKey{
|
|
Key: encoded,
|
|
IsActive: true,
|
|
}).Error; err != nil {
|
|
return fmt.Errorf("creating master key: %w", err)
|
|
}
|
|
|
|
fmt.Println("Master key created successfully")
|
|
return nil
|
|
},
|
|
}
|
|
|
|
var keysCmd = &cobra.Command{
|
|
Use: "keys",
|
|
Short: "Manage autoglue encryption keys",
|
|
Long: "Manage autoglue master encryption keys used for securing data.",
|
|
PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
|
|
if db.DB != nil {
|
|
return nil
|
|
}
|
|
db.Connect()
|
|
return nil
|
|
},
|
|
}
|
|
|
|
func init() {
|
|
keysCmd.AddCommand(rotateMasterCmd)
|
|
keysCmd.AddCommand(createMasterCmd)
|
|
rootCmd.AddCommand(keysCmd)
|
|
}
|