OSD-26415: Allow pull-secret to be updated w/o transferring ownership.

.ci-operator.yaml

@@ -1,4 +1,4 @@
 build_root_image:
   name: boilerplate
   namespace: openshift
-  tag: image-v7.2.0
+  tag: image-v8.0.0

OWNERS

@@ -8,6 +8,15 @@ reviewers:
 - devppratik
 - Tafhim
 - joshbranham
+- bergmannf
+- Makdaam
+- Nikokolas3270
+- RaphaelBut
+- MateSaary
+- rolandmkunkel
+- petrkotas
+- zmird-r
+- hectorakemp
 approvers:
 - clcollins
 - dustman9000
@@ -18,6 +27,15 @@ approvers:
 - devppratik
 - Tafhim
 - joshbranham
+- bergmannf
+- Makdaam
+- Nikokolas3270
+- RaphaelBut
+- MateSaary
+- rolandmkunkel
+- petrkotas
+- zmird-r
+- hectorakemp
 maintainers:
 - clcollins
 - fahlmant

cmd/alerts/list_alerts.go

@@ -30,7 +30,7 @@ func NewCmdListAlerts() *cobra.Command {
 			ListAlerts(alertCmd)
 		},
 	}
-	newCmd.Flags().StringVar(&alertCmd.clusterID, "cluster-id", "", "Provide the internal ID of the cluster")
+	newCmd.Flags().StringVarP(&alertCmd.clusterID, "cluster-id", "C", "", "Provide the internal ID of the cluster")
 	_ = newCmd.MarkFlagRequired("cluster-id")
 
 	newCmd.Flags().StringVarP(&alertCmd.alertLevel, "level", "l", "all", "Alert level [warning, critical, firing, pending, all]")

cmd/alerts/silence/add_silence.go

@@ -37,7 +37,7 @@ func NewCmdAddSilence() *cobra.Command {
 		},
 	}
 
-	cmd.Flags().StringVar(&addSilenceCmd.clusterID, "cluster-id", "", "Provide the internal ID of the cluster")
+	cmd.Flags().StringVarP(&addSilenceCmd.clusterID, "cluster-id", "C", "", "Provide the internal ID of the cluster")
 	cmd.Flags().StringSliceVar(&addSilenceCmd.alertID, "alertname", []string{}, "alertname (comma-separated)")
 	cmd.Flags().StringVarP(&addSilenceCmd.comment, "comment", "c", "Adding silence using the osdctl alert command", "add comment about silence")
 	cmd.Flags().StringVarP(&addSilenceCmd.duration, "duration", "d", "15d", "Adding duration for silence as 15 days") //default duration set to 15 days

cmd/alerts/silence/clear_silence.go

@@ -33,7 +33,7 @@ func NewCmdClearSilence() *cobra.Command {
 		},
 	}
 
-	cmd.Flags().StringVar(&silenceCmd.clusterID, "cluster-id", "", "Provide the internal ID of the cluster")
+	cmd.Flags().StringVarP(&silenceCmd.clusterID, "cluster-id", "C", "", "Provide the internal ID of the cluster")
 	cmd.Flags().StringSliceVar(&silenceCmd.silenceIDs, "silence-id", []string{}, "silence id (comma-separated)")
 	cmd.Flags().BoolVarP(&silenceCmd.all, "all", "a", false, "clear all silences")
 	cmd.Flags().StringVar(&silenceCmd.reason, "reason", "", "The reason for this command, which requires elevation, to be run (usualy an OHSS or PD ticket)")

cmd/alerts/silence/list_silence.go

@@ -27,7 +27,7 @@ func NewCmdListSilence() *cobra.Command {
 			ListSilence(listSilenceCmd)
 		},
 	}
-	cmd.Flags().StringVar(&listSilenceCmd.clusterID, "cluster-id", "", "Provide the internal ID of the cluster")
+	cmd.Flags().StringVarP(&listSilenceCmd.clusterID, "cluster-id", "C", "", "Provide the internal ID of the cluster")
 	cmd.Flags().StringVar(&listSilenceCmd.reason, "reason", "", "The reason for this command, which requires elevation, to be run (usualy an OHSS or PD ticket)")
 	_ = cmd.MarkFlagRequired("cluster-id")
 	_ = cmd.MarkFlagRequired("reason")

cmd/cloudtrail/pkg/aws/aws.go → cmd/cloudtrail/aws.go

@@ -1,19 +1,16 @@
-package pkg
+package cloudtrail
 
 import (
 	"context"
 	"encoding/json"
 	"fmt"
 	"time"
 
-	"github.com/aws/aws-sdk-go-v2/aws"
 	"github.com/aws/aws-sdk-go-v2/aws/arn"
-	"github.com/aws/aws-sdk-go-v2/service/cloudtrail"
-	"github.com/aws/aws-sdk-go-v2/service/cloudtrail/types"
 	"github.com/aws/aws-sdk-go-v2/service/sts"
 )
 
-// RawEventDetails struct represents the structure of an AWS raw event
+// RawEventDetails represents the structure of relevant fields extracted from a CloudTrail event JSON.
 type RawEventDetails struct {
 	EventVersion string `json:"eventVersion"`
 	UserIdentity struct {
@@ -31,11 +28,12 @@ type RawEventDetails struct {
 	ErrorCode   string `json:"errorCode"`
 }
 
+// QueryOptions defines the start time for querying CloudTrail events.
 type QueryOptions struct {
 	StartTime time.Time
 }
 
-// Extracts Raw cloudtrailEvent Details
+// ExtractUserDetails parses a CloudTrail event JSON string and extracts user identity details.
 func ExtractUserDetails(cloudTrailEvent *string) (*RawEventDetails, error) {
 	if cloudTrailEvent == nil || *cloudTrailEvent == "" {
 		return &RawEventDetails{}, fmt.Errorf("cannot parse a nil input")
@@ -59,7 +57,8 @@ func ExtractUserDetails(cloudTrailEvent *string) (*RawEventDetails, error) {
 	return &res, nil
 }
 
-// whoami retrieves caller identity information
+// Whoami retrieves the AWS account ARN and account ID for the current caller
+// using the provided STS client.
 func Whoami(stsClient sts.Client) (accountArn string, accountId string, err error) {
 	ctx := context.TODO()
 	callerIdentityOutput, err := stsClient.GetCallerIdentity(ctx, &sts.GetCallerIdentityInput{})
@@ -74,39 +73,3 @@ func Whoami(stsClient sts.Client) (accountArn string, accountId string, err erro
 
 	return userArn.String(), userArn.AccountID, nil
 }
-
-// getWriteEvents retrieves cloudtrail events since the specified time
-// using the provided cloudtrail client and starttime from since flag.
-func GetEvents(cloudtailClient *cloudtrail.Client, startTime time.Time, writeOnly bool) ([]types.Event, error) {
-
-	alllookupEvents := []types.Event{}
-	input := cloudtrail.LookupEventsInput{
-		StartTime: &startTime,
-		EndTime:   aws.Time(time.Now()),
-	}
-
-	if writeOnly {
-		input.LookupAttributes = []types.LookupAttribute{
-			{AttributeKey: "ReadOnly",
-				AttributeValue: aws.String("false")},
-		}
-	}
-
-	paginator := cloudtrail.NewLookupEventsPaginator(cloudtailClient, &input, func(c *cloudtrail.LookupEventsPaginatorOptions) {})
-	for paginator.HasMorePages() {
-
-		lookupOutput, err := paginator.NextPage(context.TODO())
-		if err != nil {
-			return nil, fmt.Errorf("[WARNING] paginator error: \n%w", err)
-		}
-		alllookupEvents = append(alllookupEvents, lookupOutput.Events...)
-
-		input.NextToken = lookupOutput.NextToken
-		if lookupOutput.NextToken == nil {
-			break
-		}
-
-	}
-
-	return alllookupEvents, nil
-}

cmd/cloudtrail/cmd.go

@@ -9,8 +9,8 @@ func NewCloudtrailCmd() *cobra.Command {
 	cloudtrailCmd := &cobra.Command{
 		Use:   "cloudtrail",
 		Short: "AWS CloudTrail related utilities",
-		RunE: func(cmd *cobra.Command, args []string) error {
-			return cmd.Help()
+		Run: func(cmd *cobra.Command, args []string) {
+			cmd.Help()
 		},
 	}
 

cmd/cloudtrail/event.go

@@ -0,0 +1,188 @@
+package cloudtrail
+
+import (
+	"context"
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/service/cloudtrail"
+	"github.com/aws/aws-sdk-go-v2/service/cloudtrail/types"
+)
+
+// GetEvents etrieve CloudTrail events using the provided client and time range.
+// It paginates through all available events, and returns all.
+func GetEvents(cloudtailClient *cloudtrail.Client, startTime time.Time, endTime time.Time, writeOnly bool) ([]types.Event, error) {
+
+	alllookupEvents := []types.Event{}
+	input := cloudtrail.LookupEventsInput{
+		StartTime: &startTime,
+		EndTime:   &endTime,
+	}
+
+	if writeOnly {
+		input.LookupAttributes = []types.LookupAttribute{
+			{AttributeKey: "ReadOnly",
+				AttributeValue: aws.String("false")},
+		}
+	}
+
+	paginator := cloudtrail.NewLookupEventsPaginator(cloudtailClient, &input, func(c *cloudtrail.LookupEventsPaginatorOptions) {})
+	for paginator.HasMorePages() {
+		lookupOutput, err := paginator.NextPage(context.TODO())
+		if err != nil {
+			return nil, fmt.Errorf("[WARNING] paginator error: \n%w", err)
+		}
+		alllookupEvents = append(alllookupEvents, lookupOutput.Events...)
+
+		input.NextToken = lookupOutput.NextToken
+		if lookupOutput.NextToken == nil {
+			break
+		}
+
+	}
+
+	return alllookupEvents, nil
+}
+
+// PrintEvents prints the filtered CloudTrail events in a human-readable format.
+// Allows to print cloudtrail event url link or its raw JSON format.
+// Allows to print cloutrail event resource name & type.
+func PrintEvents(filterEvents []types.Event, printUrl bool, printRaw bool) {
+	var eventStringBuilder = strings.Builder{}
+
+	for i := len(filterEvents) - 1; i >= 0; i-- {
+		if printRaw {
+			if filterEvents[i].CloudTrailEvent != nil {
+				fmt.Printf("%v \n", *filterEvents[i].CloudTrailEvent)
+				return
+			}
+		}
+		rawEventDetails, err := ExtractUserDetails(filterEvents[i].CloudTrailEvent)
+		if err != nil {
+			fmt.Printf("[Error] Error extracting event details: %v", err)
+		}
+		sessionIssuer := rawEventDetails.UserIdentity.SessionContext.SessionIssuer.UserName
+		if filterEvents[i].EventName != nil {
+			eventStringBuilder.WriteString(fmt.Sprintf("\n%v", *filterEvents[i].EventName))
+		}
+		if filterEvents[i].EventTime != nil {
+			eventStringBuilder.WriteString(fmt.Sprintf(" | %v", filterEvents[i].EventTime.String()))
+		}
+		if filterEvents[i].Username != nil {
+			eventStringBuilder.WriteString(fmt.Sprintf(" | Username: %v", *filterEvents[i].Username))
+		}
+		if sessionIssuer != "" {
+			eventStringBuilder.WriteString(fmt.Sprintf(" | ARN: %v", sessionIssuer))
+		}
+
+		for _, resource := range filterEvents[i].Resources {
+			if resource.ResourceName != nil {
+				eventStringBuilder.WriteString(fmt.Sprintf("| Resource Name: %v", *resource.ResourceName))
+			}
+			if resource.ResourceType != nil {
+				eventStringBuilder.WriteString(fmt.Sprintf(" | Resource Type: %v", *resource.ResourceType))
+			}
+		}
+
+		if printUrl && filterEvents[i].CloudTrailEvent != nil {
+			if err == nil {
+				eventStringBuilder.WriteString(fmt.Sprintf("\n%v |", generateLink(*rawEventDetails)))
+			} else {
+				fmt.Println("EventLink: <not available>")
+			}
+		}
+
+	}
+	fmt.Println(eventStringBuilder.String())
+}
+
+// PrintFormat allows the user to specify which fields to print.
+// Allows to print cloudtrail event url link
+func PrintFormat(filterEvents []types.Event, printUrl bool, printRaw bool, table []string) {
+	var eventStringBuilder = strings.Builder{}
+	tableFilter := map[string]struct{}{}
+
+	for _, field := range table {
+		tableFilter[field] = struct{}{}
+	}
+
+	for i := len(filterEvents) - 1; i >= 0; i-- {
+
+		rawEventDetails, err := ExtractUserDetails(filterEvents[i].CloudTrailEvent)
+		if err != nil {
+			fmt.Printf("[Error] Error extracting event details: %v", err)
+		}
+		sessionIssuer := rawEventDetails.UserIdentity.SessionContext.SessionIssuer.UserName
+		eventStringBuilder.WriteString("\n")
+		if _, ok := tableFilter["event"]; ok && filterEvents[i].EventName != nil {
+			eventStringBuilder.WriteString(fmt.Sprintf("%v | ", *filterEvents[i].EventName))
+		}
+		if _, ok := tableFilter["time"]; ok && filterEvents[i].EventTime != nil {
+			eventStringBuilder.WriteString(fmt.Sprintf("%v | ", filterEvents[i].EventTime.String()))
+		}
+		if _, ok := tableFilter["username"]; ok && filterEvents[i].Username != nil {
+			eventStringBuilder.WriteString(fmt.Sprintf("Username: %v | ", *filterEvents[i].Username))
+		}
+		if _, ok := tableFilter["arn"]; ok && sessionIssuer != "" {
+			eventStringBuilder.WriteString(fmt.Sprintf("ARN: %v | ", sessionIssuer))
+		}
+
+		for _, resource := range filterEvents[i].Resources {
+			if _, ok := tableFilter["resource-name"]; ok && resource.ResourceName != nil {
+				eventStringBuilder.WriteString(fmt.Sprintf("Resource Name: %v | ", *resource.ResourceName))
+			}
+			if _, ok := tableFilter["resource-type"]; ok && resource.ResourceType != nil {
+				eventStringBuilder.WriteString(fmt.Sprintf("Resource Type: %v | ", *resource.ResourceType))
+			}
+		}
+
+		if printUrl && filterEvents[i].CloudTrailEvent != nil {
+			if err == nil {
+				eventStringBuilder.WriteString(fmt.Sprintf("%v", generateLink(*rawEventDetails)))
+			} else {
+				fmt.Println("EventLink: <not available>")
+			}
+		}
+
+	}
+	fmt.Println(eventStringBuilder.String())
+}
+
+// generateLink generates a hyperlink to aws cloudTrail event
+// based on the provided RawEventDetails.
+func generateLink(raw RawEventDetails) (url_link string) {
+	str1 := "https://"
+	str2 := ".console.aws.amazon.com/cloudtrailv2/home?region="
+	str3 := "#/events/"
+
+	eventRegion := raw.EventRegion
+	eventId := raw.EventId
+
+	var url = str1 + eventRegion + str2 + eventRegion + str3 + eventId
+	url_link = url
+
+	return url_link
+}
+
+// ValidateTable checks for the string list given and returns error
+// if it does not match.
+func ValidateFormat(table []string) error {
+	allowedKeys := map[string]struct{}{
+		"username":      {},
+		"event":         {},
+		"resource-name": {},
+		"resource-type": {},
+		"arn":           {},
+		"time":          {},
+	}
+
+	for _, column := range table {
+		if _, ok := allowedKeys[strings.ToLower(column)]; !ok {
+			return fmt.Errorf("invalid table column: %s (allowed: username, event, resource-name, resource-type, arn, time, url, region)", column)
+		}
+	}
+
+	return nil
+}