refactor: fjern elevation-konseptet fra CLI

- Rename elevation.go til secret.go
- Fjern deprecated CreateElevation og EnsureSecretAccess funksjoner
- Bruk GetSecretValues direkte
- Elevation er nå internt i API

Author: jhrv

internal/naisapi/elevation.go

@@ -0,0 +1,54 @@
+package naisapi
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/nais/cli/internal/naisapi/gql"
+)
+
+// SecretValue represents a key-value pair from a secret
+type SecretValue struct {
+	Name  string
+	Value string
+}
+
+// ViewSecretValues retrieves the values of a secret. This requires team membership
+// and a reason for access. The access is logged for auditing purposes.
+func ViewSecretValues(ctx context.Context, team, environmentName, secretName, reason string) ([]SecretValue, error) {
+	_ = `# @genqlient
+mutation ViewSecretValues($input: ViewSecretValuesInput!) {
+viewSecretValues(input: $input) {
+values {
+name
+value
+}
+}
+}
+`
+
+	client, err := GraphqlClient(ctx)
+	if err != nil {
+		return nil, fmt.Errorf("creating GraphQL client: %w", err)
+	}
+
+	resp, err := gql.ViewSecretValues(ctx, client, gql.ViewSecretValuesInput{
+		Name:        secretName,
+		Environment: environmentName,
+		Team:        team,
+		Reason:      reason,
+	})
+	if err != nil {
+		return nil, fmt.Errorf("viewing secret values: %w", err)
+	}
+
+	values := make([]SecretValue, len(resp.ViewSecretValues.Values))
+	for i, v := range resp.ViewSecretValues.Values {
+		values[i] = SecretValue{
+			Name:  v.Name,
+			Value: v.Value,
+		}
+	}
+
+	return values, nil
+}

internal/naisapi/secret.go

@@ -35,8 +35,8 @@ var (
 )
 
 func PrepareAccess(ctx context.Context, appName string, namespace flag.Namespace, cluster flag.Context, schema string, allPrivs bool, out *naistrix.OutputWriter) error {
-	// Ensure we have elevated access to read the database secret (hardcoded reason for administrative operation)
-	if err := EnsureSecretAccess(ctx, appName, namespace, cluster, ReasonPrepareAccess, out); err != nil {
+	// Get secret values (access is logged for audit purposes)
+	if _, err := GetSecretValues(ctx, appName, namespace, cluster, ReasonPrepareAccess, out); err != nil {
 		return err
 	}
 
@@ -55,8 +55,8 @@ func PrepareAccess(ctx context.Context, appName string, namespace flag.Namespace
 }
 
 func RevokeAccess(ctx context.Context, appName string, namespace flag.Namespace, cluster flag.Context, schema string, out *naistrix.OutputWriter) error {
-	// Ensure we have elevated access to read the database secret (hardcoded reason for administrative operation)
-	if err := EnsureSecretAccess(ctx, appName, namespace, cluster, ReasonRevokeAccess, out); err != nil {
+	// Get secret values (access is logged for audit purposes)
+	if _, err := GetSecretValues(ctx, appName, namespace, cluster, ReasonRevokeAccess, out); err != nil {
 		return err
 	}
 

internal/postgres/access.go

@@ -13,16 +13,16 @@ import (
 )
 
 func EnableAuditLogging(ctx context.Context, appName string, cluster flag.Context, namespace flag.Namespace, out *naistrix.OutputWriter) error {
-	// Ensure we have elevated access to read the database secret (hardcoded reason for administrative operation)
-	if err := EnsureSecretAccess(ctx, appName, namespace, cluster, ReasonEnableAudit, out); err != nil {
+	// Get secret values (access is logged for audit purposes)
+	if _, err := GetSecretValues(ctx, appName, namespace, cluster, ReasonEnableAudit, out); err != nil {
 		return err
 	}
 	return enableAuditAsAppUser(ctx, appName, namespace, cluster, out)
 }
 
 func VerifyAuditLogging(ctx context.Context, appName string, cluster flag.Context, namespace flag.Namespace, out *naistrix.OutputWriter) error {
-	// Ensure we have elevated access to read the database secret (hardcoded reason for administrative operation)
-	if err := EnsureSecretAccess(ctx, appName, namespace, cluster, ReasonVerifyAudit, out); err != nil {
+	// Get secret values (access is logged for audit purposes)
+	if _, err := GetSecretValues(ctx, appName, namespace, cluster, ReasonVerifyAudit, out); err != nil {
 		return err
 	}
 	_, err := verifyAuditAsAppUser(ctx, appName, namespace, cluster, out)

internal/postgres/audit.go

@@ -212,8 +212,8 @@ func formatCondition(expr, title string) string {
 }
 
 func ListUsers(ctx context.Context, appName string, cluster flag.Context, namespace flag.Namespace, out *naistrix.OutputWriter) error {
-	// Ensure we have elevated access to read the database secret (hardcoded reason for administrative operation)
-	if err := EnsureSecretAccess(ctx, appName, namespace, cluster, ReasonListUsers, out); err != nil {
+	// Get secret values (access is logged for audit purposes)
+	if _, err := GetSecretValues(ctx, appName, namespace, cluster, ReasonListUsers, out); err != nil {
 		return err
 	}
 
@@ -261,8 +261,8 @@ func AddUser(ctx context.Context, appName, username, password string, cluster fl
 		return err
 	}
 
-	// Ensure we have elevated access to read the database secret (hardcoded reason for administrative operation)
-	if err := EnsureSecretAccess(ctx, appName, namespace, cluster, ReasonAddUser, out); err != nil {
+	// Get secret values (access is logged for audit purposes)
+	if _, err := GetSecretValues(ctx, appName, namespace, cluster, ReasonAddUser, out); err != nil {
 		return err
 	}
 
@@ -301,8 +301,8 @@ func AddUser(ctx context.Context, appName, username, password string, cluster fl
 }
 
 func DropUser(ctx context.Context, appName string, username string, cluster flag.Context, namespace flag.Namespace, out *naistrix.OutputWriter) error {
-	// Ensure we have elevated access to read the database secret (hardcoded reason for administrative operation)
-	if err := EnsureSecretAccess(ctx, appName, namespace, cluster, ReasonDropUser, out); err != nil {
+	// Get secret values (access is logged for audit purposes)
+	if _, err := GetSecretValues(ctx, appName, namespace, cluster, ReasonDropUser, out); err != nil {
 		return err
 	}
 

internal/postgres/iam.go

@@ -18,8 +18,8 @@ import (
 )
 
 func RotatePassword(ctx context.Context, appName string, cluster flag.Context, namespace flag.Namespace, out *naistrix.OutputWriter) error {
-	// Ensure we have elevated access to read the database secret (hardcoded reason for administrative operation)
-	if err := EnsureSecretAccess(ctx, appName, namespace, cluster, ReasonPasswordRotate, out); err != nil {
+	// Get secret values (access is logged for audit purposes)
+	if _, err := GetSecretValues(ctx, appName, namespace, cluster, ReasonPasswordRotate, out); err != nil {
 		return err
 	}
 

internal/postgres/password.go

@@ -12,8 +12,8 @@ import (
 )
 
 func RunProxy(ctx context.Context, appName string, cluster flag.Context, namespace flag.Namespace, host string, port uint, verbose bool, reason string, out *naistrix.OutputWriter) error {
-	// Ensure we have elevated access to read the database secret (user must provide reason)
-	if err := EnsureSecretAccessWithUserReason(ctx, appName, namespace, cluster, reason, out); err != nil {
+	// Get secret values with user-provided reason (access is logged for audit purposes)
+	if _, err := GetSecretValuesWithUserReason(ctx, appName, namespace, cluster, reason, out); err != nil {
 		return err
 	}
 

internal/postgres/proxy.go

@@ -12,8 +12,8 @@ import (
 )
 
 func RunPSQL(ctx context.Context, appName string, cluster flag.Context, namespace flag.Namespace, reason string, out *naistrix.OutputWriter) error {
-	// Ensure we have elevated access to read the database secret (user must provide reason)
-	if err := EnsureSecretAccessWithUserReason(ctx, appName, namespace, cluster, reason, out); err != nil {
+	// Get secret values with user-provided reason (access is logged for audit purposes)
+	if _, err := GetSecretValuesWithUserReason(ctx, appName, namespace, cluster, reason, out); err != nil {
 		return err
 	}
 

internal/postgres/psql.go

@@ -141,18 +141,3 @@ func GetSecretValuesWithUserReason(ctx context.Context, appName string, namespac
 
 	return GetSecretValues(ctx, appName, namespace, cluster, reason, out)
 }
-
-// EnsureSecretAccess is deprecated. Use GetSecretValues instead.
-// This function is kept for backward compatibility and now calls ViewSecretValues internally.
-// Deprecated: Use GetSecretValues instead which returns the secret values directly.
-func EnsureSecretAccess(ctx context.Context, appName string, namespace flag.Namespace, cluster flag.Context, reason string, out *naistrix.OutputWriter) error {
-	_, err := GetSecretValues(ctx, appName, namespace, cluster, reason, out)
-	return err
-}
-
-// EnsureSecretAccessWithUserReason is deprecated. Use GetSecretValuesWithUserReason instead.
-// Deprecated: Use GetSecretValuesWithUserReason instead which returns the secret values directly.
-func EnsureSecretAccessWithUserReason(ctx context.Context, appName string, namespace flag.Namespace, cluster flag.Context, reason string, out *naistrix.OutputWriter) error {
-	_, err := GetSecretValuesWithUserReason(ctx, appName, namespace, cluster, reason, out)
-	return err
-}