command/keys: remove key command implemented

10 years ago · 46ce9e936f
4 changed files with 54 additions and 8 deletions
--- a/command/agent/agent.go
+++ b/command/agent/agent.go
@ -796,3 +796,22 @@ func (a *Agent) UseKeyLAN(key string) (*serf.KeyResponse, error) {
 	km := a.client.KeyManagerLAN()
 	return km.UseKey(key)
 }
+
+// RemoveKeyWAN removes a WAN gossip encryption key on server nodes
+func (a *Agent) RemoveKeyWAN(key string) (*serf.KeyResponse, error) {
+	if a.server != nil {
+		km := a.server.KeyManagerWAN()
+		return km.RemoveKey(key)
+	}
+	return nil, fmt.Errorf("WAN keyring not available on client node")
+}
+
+// RemoveKeyLAN removes a LAN gossip encryption key on all nodes
+func (a *Agent) RemoveKeyLAN(key string) (*serf.KeyResponse, error) {
+	if a.server != nil {
+		km := a.server.KeyManagerLAN()
+		return km.RemoveKey(key)
+	}
+	km := a.client.KeyManagerLAN()
+	return km.RemoveKey(key)
+}
--- a/command/agent/rpc.go
+++ b/command/agent/rpc.go
@ -402,13 +402,8 @@ func (i *AgentRPC) handleRequest(client *rpcClient, reqHeader *requestHeader) er
 	case useKeyLANCommand, useKeyWANCommand:
 		return i.handleGossipKeyChange(client, seq, command)

-		/*
-			case removeKeyLANCommand:
-				return i.handleRemoveKeyLAN(client, seq)
-
-			case removeKeyWANCommand:
-				return i.handleRemoveKeyWAN(client, seq)
-		*/
+	case removeKeyLANCommand, removeKeyWANCommand:
+		return i.handleGossipKeyChange(client, seq, command)

 	default:
 		respHeader := responseHeader{Seq: seq, Error: unsupportedCommand}
@ -666,6 +661,10 @@ func (i *AgentRPC) handleGossipKeyChange(client *rpcClient, seq uint64, cmd stri
 		queryResp, err = i.agent.UseKeyWAN(req.Key)
 	case useKeyLANCommand:
 		queryResp, err = i.agent.UseKeyLAN(req.Key)
+	case removeKeyWANCommand:
+		queryResp, err = i.agent.RemoveKeyWAN(req.Key)
+	case removeKeyLANCommand:
+		queryResp, err = i.agent.RemoveKeyLAN(req.Key)
 	}

 	header := responseHeader{
--- a/command/agent/rpc_client.go
+++ b/command/agent/rpc_client.go
@ -214,6 +214,14 @@ func (c *RPCClient) UseKeyLAN(key string) (map[string]string, error) {
 	return c.changeGossipKey(key, useKeyLANCommand)
 }

+func (c *RPCClient) RemoveKeyWAN(key string) (map[string]string, error) {
+	return c.changeGossipKey(key, removeKeyWANCommand)
+}
+
+func (c *RPCClient) RemoveKeyLAN(key string) (map[string]string, error) {
+	return c.changeGossipKey(key, removeKeyLANCommand)
+}
+
 func (c *RPCClient) changeGossipKey(key, cmd string) (map[string]string, error) {
 	header := requestHeader{
 		Command: cmd,
--- a/command/keys.go
+++ b/command/keys.go
@ -149,11 +149,31 @@ func (c *KeysCommand) Run(args []string) int {
 		}

 		c.Ui.Info("Successfully changed primary key!")
-
 		return 0
 	}

 	if removeKey != "" {
+		if wan {
+			c.Ui.Info("Removing key from WAN members...")
+			failures, err = client.RemoveKeyWAN(removeKey)
+		} else {
+			c.Ui.Info("Removing key from LAN members...")
+			failures, err = client.RemoveKeyLAN(removeKey)
+		}
+
+		if err != nil {
+			if len(failures) > 0 {
+				for node, msg := range failures {
+					out = append(out, fmt.Sprintf("failed: %s | %s", node, msg))
+				}
+				c.Ui.Error(columnize.SimpleFormat(out))
+			}
+			c.Ui.Error("")
+			c.Ui.Error(fmt.Sprintf("Error removing key: %s", err))
+			return 1
+		}
+
+		c.Ui.Info("Successfully removed key!")
 		return 0
 	}