Merge pull request #170 from britive/develop

v1.8.2

Author: theborch

CHANGELOG.md

@@ -3,6 +3,28 @@
 * As of v1.4.0 release candidates will be published in an effort to get new features out faster while still allowing
 time for full QA testing before moving the release candidate to a full release.
 
+## v1.8.2 [2024-07-26]
+
+__What's New:__
+
+* None
+
+__Enhancements:__
+
+* None
+
+__Bug Fixes:__
+
+* Fixed a bug where checked out `my-resources` profiles weren't included.
+
+__Dependencies:__
+
+* None
+
+__Other:__
+
+* None
+
 ## v1.8.1 [2024-07-11]
 
 __What's New:__

src/pybritive/__init__.py

@@ -1 +1 @@
-__version__ = '1.8.1'
+__version__ = '1.8.2'

src/pybritive/britive_cli.py

@@ -337,11 +337,7 @@ def list_resources(self):
             name = item['resourceName']
             if name not in found_resource_names:
                 resources.append(
-                    {
-                        'resourceId': item['resourceId'],
-                        'resourceName': name,
-                        'resourceLabels': item['resourceLabels']
-                    }
+                    {'resourceId': item['resourceId'], 'resourceName': name, 'resourceLabels': item['resourceLabels']}
                 )
                 found_resource_names.append(name)
         self.print(resources, ignore_silent=True)
@@ -353,11 +349,16 @@ def list_profiles(self, checked_out: bool = False, profile_type: str = None):
         checked_out_profiles = {}
         if checked_out:  # only make this call if we have to
             now = datetime.utcnow()
-            for p in self.b.my_access.list_checked_out_profiles():
-                expiration_str = p['expiration']
+            my_access = not profile_type or profile_type == 'my-access'
+            my_resources = not profile_type or profile_type == 'my-resources'
+            list_checked_out = (self.b.my_access.list_checked_out_profiles() if my_access else []) + (
+                self.b.my_resources.list_checked_out_profiles() if my_resources else []
+            )
+            for p in list_checked_out:
+                expiration_str = p.get('expiration', p.get('expirationDuration'))
                 expiration_timestamp = datetime.fromisoformat(expiration_str.replace('Z', ''))
                 seconds_until_expiration = int((expiration_timestamp - now).total_seconds())
-                key = f'{p["papId"]}-{p["environmentId"]}'
+                key = f'{p.get("papId", p.get("profileId"))}-{p.get("environmentId", p.get("resourceId"))}'
                 checked_out_profiles[key] = {
                     'expiration': expiration_str,
                     'expires_in_seconds': seconds_until_expiration,
@@ -461,15 +462,15 @@ def _set_available_profiles(self, from_cache_command=False, profile_type: str =
                                 'app_description': app['appDescription'],
                                 'env_name': env['environmentName'],
                                 'env_id': env['environmentId'],
-                                'env_short_name':  env['alternateEnvironmentName'],
+                                'env_short_name': env['alternateEnvironmentName'],
                                 'env_description': env['environmentDescription'],
                                 'profile_name': profile['profileName'],
                                 'profile_id': profile['profileId'],
                                 'profile_allows_console': profile['consoleAccess'],
                                 'profile_allows_programmatic': profile['programmaticAccess'],
                                 'profile_description': profile['profileDescription'],
                                 '2_part_profile_format_allowed': app['requiresHierarchicalModel'],
-                                'env_properties': env.get('profileEnvironmentProperties', {})
+                                'env_properties': env.get('profileEnvironmentProperties', {}),
                             }
                             data.append(row)
             if self.b.feature_flags.get('server-access') and (not profile_type or profile_type == 'my-resources'):
@@ -489,7 +490,7 @@ def _set_available_profiles(self, from_cache_command=False, profile_type: str =
                         'profile_allows_programmatic': True,
                         'profile_description': None,
                         '2_part_profile_format_allowed': False,
-                        'env_properties': item.get('resourceLabels', {})
+                        'env_properties': item.get('resourceLabels', {}),
                     }
                     data.append(row)
             self.available_profiles = data
@@ -587,20 +588,10 @@ def __get_cloud_credential_printer(
             )
         if app_type in ['OpenShift']:
             return printer.OpenShiftCredentialPrinter(
-                console=console,
-                mode=mode,
-                profile=profile,
-                credentials=credentials,
-                silent=silent,
-                cli=self
+                console=console, mode=mode, profile=profile, credentials=credentials, silent=silent, cli=self
             )
         if app_type in ['Resources']:
-            return printer.ResourcesCredentialPrinter(
-                profile=profile,
-                credentials=credentials,
-                silent=silent,
-                cli=self
-            )
+            return printer.ResourcesCredentialPrinter(profile=profile, credentials=credentials, silent=silent, cli=self)
         return printer.GenericCloudCredentialPrinter(
             console=console,
             mode=mode,
@@ -609,13 +600,11 @@ def __get_cloud_credential_printer(
             silent=silent,
             cli=self,
         )
+
     def _resource_checkin(self, profile):
         resource_name, profile_name = self._split_resource_profile_into_parts(profile=profile)
         self.login()
-        self.b.my_resources.checkin_by_name(
-            profile_name=profile_name,
-            resource_name=resource_name
-        )
+        self.b.my_resources.checkin_by_name(profile_name=profile_name, resource_name=resource_name)
 
     def _access_checkin(self, profile, console):
         self.login()
@@ -743,12 +732,25 @@ def _resource_checkout(self, blocktime, justification, maxpolltime, profile):
             justification=justification,
             wait_time=blocktime,
             max_wait_time=maxpolltime,
-            progress_func=self.checkout_callback_printer  # callback will handle silent, isatty, etc.
+            progress_func=self.checkout_callback_printer,  # callback will handle silent, isatty, etc.
         )
         return response['credentials']
 
-    def _access_checkout(self, alias, blocktime, console, justification, otp, mode, maxpolltime, profile, passphrase,
-                         force_renew, verbose, extend):
+    def _access_checkout(
+        self,
+        alias,
+        blocktime,
+        console,
+        justification,
+        otp,
+        mode,
+        maxpolltime,
+        profile,
+        passphrase,
+        force_renew,
+        verbose,
+        extend,
+    ):
         # handle this special use case and quit
         if extend:
             self._extend_checkout(profile, console)
@@ -834,16 +836,29 @@ def _access_checkout(self, alias, blocktime, console, justification, otp, mode,
             )
         return app_type, credentials, k8s_processor
 
-    def checkout(self, alias, blocktime, console, justification, otp, mode, maxpolltime, profile, passphrase,
-                 force_renew, aws_credentials_file, gcloud_key_file, verbose, extend, profile_type: str = 'my-access'):
+    def checkout(
+        self,
+        alias,
+        blocktime,
+        console,
+        justification,
+        otp,
+        mode,
+        maxpolltime,
+        profile,
+        passphrase,
+        force_renew,
+        aws_credentials_file,
+        gcloud_key_file,
+        verbose,
+        extend,
+        profile_type: str = 'my-access',
+    ):
         if self._profile_is_for_resource(profile=profile, profile_type=profile_type):
             app_type = 'Resources'
             k8s_processor = None
             credentials = self._resource_checkout(
-                blocktime=blocktime,
-                justification=justification,
-                maxpolltime=maxpolltime,
-                profile=profile
+                blocktime=blocktime, justification=justification, maxpolltime=maxpolltime, profile=profile
             )
         else:
             app_type, credentials, k8s_processor = self._access_checkout(
@@ -858,7 +873,7 @@ def checkout(self, alias, blocktime, console, justification, otp, mode, maxpollt
                 passphrase=passphrase,
                 force_renew=force_renew,
                 verbose=verbose,
-                extend=extend
+                extend=extend,
             )
 
         # do this down here, so we know that the profile is valid and a checkout was successful
@@ -1139,7 +1154,8 @@ def _convert_names_to_ids(self, profile_name: str, environment_name: str, applic
 
         # collect relevant profile/environment combinations to which the identity is entitled
         for profile in self.available_profiles:
-            if profile['app_name'] and profile['app_name'].lower() != application_name:  # kick out all the unmatched applications
+            if profile['app_name'] and profile['app_name'].lower() != application_name:
+                # kick out all the unmatched applications
                 continue
             if profile['profile_name'].lower() != profile_name:  # kick out the unmatched profiles
                 continue

src/pybritive/choices/backend.py

@@ -3,8 +3,8 @@
 
 backend_choices = click.Choice(
     [
+        'encrypted-file',
         'file',
-        'encrypted-file'
     ],
     case_sensitive=False
 )

src/pybritive/choices/browser.py

@@ -7,13 +7,13 @@
     [
         c
         for c in [
-            'mozilla',
+            'chrome',
+            'chromium',
             'firefox',
-            'windows-default',
             'macosx',
+            'mozilla',
             'safari',
-            'chrome',
-            'chromium',
+            'windows-default',
             os.getenv('PYBRITIVE_BROWSER'),
         ]
         if c

src/pybritive/choices/mode.py

@@ -4,30 +4,30 @@
 
 mode_choices = click.Choice(
     [
-        'text',                     # text based output
-        'json',                     # json based output
-        'env',                      # environment variable output (suitable for eval)
-        'integrate',                # stick the credentials into the local CSP credentials file (AWS)
-        'env-nix',                  # environment variable output specifying "export"
-        'env-wincmd',               # environment variable output specifying "set"
-        'env-winps',                # environment variable output specifying "$env:"
         'awscredentialprocess',     # aws credential process output with additional caching to make the credential process more performant
         'azlogin',                  # azure az login command with all fields populated (suitable for eval)
         'azps',                     # azure powershell script
         'browser',                  # checkout console access (without having to specify --console/-c) and open the default browser to the URL provided in the checkout
-        'gcloudauth',               # gcloud auth activate-service-account with all fields populated (suitable for eval)
-        'console',                  # checkout console access (without having to specify --console/-c) and print the URL
-        'browser-mozilla',
+        'browser-chrome',
+        'browser-chromium',
         'browser-firefox',
-        'browser-windows-default',
         'browser-macosx',
+        'browser-mozilla',
         'browser-safari',
-        'browser-chrome',
-        'browser-chromium',
-        'kube-exec',                # bake into kubeconfig with oidc exec output and additional caching to make kubectl more performant
+        'browser-windows-default',
+        'console',                  # checkout console access (without having to specify --console/-c) and print the URL
+        'env',                      # environment variable output (suitable for eval)
+        'env-nix',                  # environment variable output specifying "export"
+        'env-wincmd',               # environment variable output specifying "set"
+        'env-winps',                # environment variable output specifying "$env:"
+        'gcloudauth',               # gcloud auth activate-service-account with all fields populated (suitable for eval)
         'gcloudauthexec',           # will effectively execute results of gcloudauth in a sub-shell
+        'integrate',                # stick the credentials into the local CSP credentials file (AWS)
+        'json',                     # json based output
+        'kube-exec',                # bake into kubeconfig with oidc exec output and additional caching to make kubectl more performant
         'os-oclogin',               # will attempt an oidc authorization code grant flow for generating the `oc login ...` command for OpenShift
         'os-ocloginexec',           # will attempt an oidc authorization code grant flow for generating the `oc login ...` command for OpenShift and exec the result in a subshell
+        'text',                     # text based output
     ],
     case_sensitive=False
 )

src/pybritive/choices/output_format.py

@@ -2,42 +2,42 @@
 
 output_format_choices = click.Choice(
     [
-        'json',
-        'yaml',
         'csv',
-        'table',
+        'json',
         'list',
-        'table-plain',
-        'table-simple',
-        'table-github',
-        'table-grid',
-        'table-simple_grid',
-        'table-rounded_grid',
+        'table',
         'table-double_grid',
-        'table-fancy_grid',
-        'table-outline',
-        'table-simple_outline',
-        'table-rounded_outline',
         'table-double_outline',
+        'table-fancy_grid',
         'table-fancy_outline',
-        'table-pipe',
-        'table-orgtbl',
+        'table-github',
+        'table-grid',
+        'table-html',
         'table-jira',
+        'table-latex',
+        'table-latex_booktabs',
+        'table-latex_longtable',
+        'table-latex_raw',
+        'table-mediawiki',
+        'table-moinmoin',
+        'table-orgtbl',
+        'table-outline',
+        'table-pipe',
+        'table-plain',
         'table-presto',
         'table-pretty',
         'table-psql',
+        'table-rounded_grid',
+        'table-rounded_outline',
         'table-rst',
-        'table-mediawiki',
-        'table-moinmoin',
-        'table-youtrack',
-        'table-html',
-        'table-unsafehtml',
-        'table-latex',
-        'table-latex_raw',
-        'table-latex_booktabs',
-        'table-latex_longtable',
+        'table-simple',
+        'table-simple_grid',
+        'table-simple_outline',
         'table-textile',
-        'table-tsv'
+        'table-tsv',
+        'table-unsafehtml',
+        'table-youtrack',
+        'yaml',
     ],
     case_sensitive=False
 )

src/pybritive/choices/profile_type.py

@@ -5,7 +5,7 @@
 profile_type_choices = click.Choice(
     [
         'my-access',
-        'my-resources'
+        'my-resources',
     ],
     case_sensitive=False
 )

src/pybritive/choices/ssh_push_public_key.py

@@ -4,10 +4,10 @@
 
 ssh_push_public_key_choices = click.Choice(
     [
+        'default',  # used in flag_value to make the option look like a flag - each CSP can determine what default means
         'ec2-instance-connect',
-        'os-login',
         'instance-metadata',
-        'default'  # used in flag_value to make the option look like a flag - each CSP can determine what default means
+        'os-login',
     ],
     case_sensitive=False
 )