Allow hostfactory to create tokens with a CIDR subnet

cyberark · Feb 23, 2023 · 974345c · 974345c
1 parent 9769838
commit 974345c
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 21 deletions.
diff --git a/pkg/cmd/hostfactory.go b/pkg/cmd/hostfactory.go
@@ -4,7 +4,6 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"net"
 
 	"github.com/spf13/cobra"
 
@@ -36,14 +35,6 @@ type createHostClient interface {
 	CreateHost(id string, token string) (conjurapi.HostFactoryHostResponse, error)
 }
 
-func iPArrayToStingArray(ipArray []net.IP) []string {
-	s := make([]string, 0)
-	for _, ip := range ipArray {
-		s = append(s, ip.String())
-	}
-	return s
-}
-
 func newHostsCmd() *cobra.Command {
 	return &cobra.Command{
 		Use:   "hosts",
@@ -180,7 +171,7 @@ Examples:
 			}
 			// END COMPATIBILITY WITH PYTHON CLI
 
-			cidr, err := cmd.Flags().GetIPSlice("cidr")
+			cidr, err := cmd.Flags().GetStringSlice("cidr")
 			if err != nil {
 				return err
 			}
@@ -192,7 +183,7 @@ Examples:
 			if err != nil {
 				return err
 			}
-			tokenCreateResponse, err := client.CreateToken(duration, hostfactoryName, iPArrayToStingArray(cidr), count)
+			tokenCreateResponse, err := client.CreateToken(duration, hostfactoryName, cidr, count)
 			if err != nil {
 				return err
 			}
@@ -227,8 +218,8 @@ Examples:
 	tokensCreateCmd.Flags().Lookup("hostfactoryid").Hidden = false
 	// END COMPATIBILITY WITH PYTHON CLI
 
-	ips := []net.IP{}
-	tokensCreateCmd.Flags().IPSliceP("cidr", "c", ips, "A comma-delimited list of CIDR addresses to restrict token to")
+	ips := make([]string, 0)
+	tokensCreateCmd.Flags().StringSliceP("cidr", "c", ips, "A comma-delimited list of CIDR addresses to restrict token to")
 	tokensCreateCmd.Flags().IntP("count", "n", 1, "Number of tokens to create")
 	return tokensCreateCmd
 }

diff --git a/pkg/cmd/hostfactory_test.go b/pkg/cmd/hostfactory_test.go
@@ -170,6 +170,28 @@ var hostfactoryCmdTestCases = []struct {
 			assert.Contains(t, stdout, "[\n      \"0.0.0.0/32\",\n      \"1.2.3.4/32\"\n    ]")
 		},
 	},
+	{
+		name: "token create with ip with subnet success",
+		args: []string{"hostfactory", "tokens", "create", "--duration", "5m", "--hostfactory-id", "cucumber_host_factory_factory",
+			"-c", "0.0.0.0/0,1.2.3.0/24"},
+		create: func(t *testing.T, duration string, hostFactory string, cidr []string, count int) ([]conjurapi.HostFactoryTokenResponse, error) {
+			assert.Equal(t, "5m", duration)
+			assert.Equal(t, "cucumber_host_factory_factory", hostFactory)
+			assert.Equal(t, []string{"0.0.0.0/0", "1.2.3.0/24"}, cidr)
+
+			return []conjurapi.HostFactoryTokenResponse{
+				{
+					Expiration: "2022-12-23T20:32:46Z",
+					Cidr:       []string{"0.0.0.0/0", "1.2.3.0/24"},
+					Token:      "1bfpyr3y41kb039ykpyf2hm87ez2dv9hdc3r5sh1n2h9z7j22mga2da",
+				},
+			}, nil
+		},
+		assert: func(t *testing.T, stdout, stderr string, err error) {
+			assert.Contains(t, stdout, "1bfpyr3y41kb039ykpyf2hm87ez2dv9hdc3r5sh1n2h9z7j22mga2da")
+			assert.Contains(t, stdout, "[\n      \"0.0.0.0/0\",\n      \"1.2.3.0/24\"\n    ]")
+		},
+	},
 	{
 		name: "token create negative duration flags",
 		args: []string{"hostfactory", "tokens", "create", "-i", "cucumber_host_factory_factory", "--duration-hours", "-10"},
@@ -196,14 +218,6 @@ var hostfactoryCmdTestCases = []struct {
 			assert.NoError(t, err)
 		},
 	},
-	{
-		name: "token create command error",
-		args: []string{"hostfactory", "tokens", "create", "--duration", "5m", "--hostfactory-id", "cucumber_host_factory_factory",
-			"-c", "0.0.0"},
-		assert: func(t *testing.T, stdout, stderr string, err error) {
-			assert.Contains(t, stderr, "invalid string being converted")
-		},
-	},
 	{
 		name: "token create missing flag",
 		args: []string{"hostfactory", "tokens", "create"},