mindersec · blkt · Oct 17, 2024 · Sep 11, 2024
@@ -20,6 +20,7 @@ import (
 
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
+	"google.golang.org/grpc"
 
 	"github.com/mindersec/minder/internal/config"
 	clientconfig "github.com/mindersec/minder/internal/config/client"
@@ -33,13 +34,11 @@ var loginCmd = &cobra.Command{
 	Short: "Login to Minder",
 	Long: `The login command allows for logging in to Minder. Upon successful login, credentials will be saved to
 $XDG_CONFIG_HOME/minder/credentials.json`,
-	RunE: LoginCommand,
+	RunE: cli.GRPCClientWrapRunE(LoginCommand),
 }
 
 // LoginCommand is the login subcommand
-func LoginCommand(cmd *cobra.Command, _ []string) error {
-	ctx := context.Background()
-
+func LoginCommand(ctx context.Context, cmd *cobra.Command, _ []string, conn *grpc.ClientConn) error {
 	clientConfig, err := config.ReadConfigFromViper[clientconfig.Config](viper.GetViper())
 	if err != nil {
 		return cli.MessageAndError("Unable to read config", err)
@@ -53,11 +52,6 @@ func LoginCommand(cmd *cobra.Command, _ []string) error {
 		return cli.MessageAndError("Error ensuring credentials", err)
 	}
 
-	conn, err := cli.GrpcForCommand(viper.GetViper())
-	if err != nil {
-		return cli.MessageAndError("Error getting grpc connection", err)
-	}
-	defer conn.Close()
 	client := minderv1.NewUserServiceClient(conn)
 
 	// check if the user already exists in the local database

@@ -153,7 +153,12 @@ var cmd = &cobra.Command{
 // quickstartCommand is the quickstart command
 //
 //nolint:gocyclo
-func quickstartCommand(_ context.Context, cmd *cobra.Command, _ []string, conn *grpc.ClientConn) error {
+func quickstartCommand(
+	ctx context.Context,
+	cmd *cobra.Command,
+	_ []string,
+	conn *grpc.ClientConn,
+) error {
 	var err error
 	repoClient := minderv1.NewRepositoryServiceClient(conn)
 	profileClient := minderv1.NewProfileServiceClient(conn)
@@ -180,13 +185,13 @@ func quickstartCommand(_ context.Context, cmd *cobra.Command, _ []string, conn *
 	userClient := minderv1.NewUserServiceClient(conn)
 	_, err = userClient.GetUser(cmd.Context(), &minderv1.GetUserRequest{})
 	if err != nil {
-		err = loginPromptErrWrapper(cmd, err)
+		err = loginPromptErrWrapper(ctx, cmd, conn, err)
 		if err != nil {
 			return cli.MessageAndError("", err)
 		}
 		// User logged in successfully
 		// We now have to re-create the gRPC connection
-		newConn, err := cli.GrpcForCommand(viper.GetViper())
+		newConn, err := cli.GrpcForCommand(cmd, viper.GetViper())
 		if err != nil {
 			return err
 		}
@@ -399,7 +404,12 @@ func getQuickstartContext(ctx context.Context, v *viper.Viper) (context.Context,
 	return cli.GetAppContextWithTimeoutDuration(ctx, v, 30)
 }
 
-func loginPromptErrWrapper(cmnd *cobra.Command, inErr error) error {
+func loginPromptErrWrapper(
+	ctx context.Context,
+	cmnd *cobra.Command,
+	conn *grpc.ClientConn,
+	inErr error,
+) error {
 	// Check if the error is unauthenticated, if so, prompt the user to log in
 	if rpcStatus, ok := status.FromError(inErr); ok {
 		if rpcStatus.Code() == codes.Unauthenticated {
@@ -411,7 +421,7 @@ func loginPromptErrWrapper(cmnd *cobra.Command, inErr error) error {
 				true)
 			if yes {
 				// Run the login command
-				err := auth.LoginCommand(cmnd, []string{})
+				err := auth.LoginCommand(ctx, cmnd, []string{}, conn)
 				if err != nil {
 					return err
 				}

@@ -108,6 +108,7 @@ func init() {
 		RootCmd.Printf("error: %s", err)
 		os.Exit(1)
 	}
+	RootCmd.PersistentFlags().BoolP("verbose", "v", false, "Output additional messages to STDERR")
 	viper.AutomaticEnv()
 }
 

@@ -99,7 +99,7 @@ func GRPCClientWrapRunE(
 		ctx, cancel := GetAppContext(cmd.Context(), viper.GetViper())
 		defer cancel()
 
-		c, err := GrpcForCommand(viper.GetViper())
+		c, err := GrpcForCommand(cmd, viper.GetViper())
 		if err != nil {
 			return err
 		}

@@ -34,6 +34,7 @@ import (
 	httphelper "github.com/zitadel/oidc/v3/pkg/http"
 	"github.com/zitadel/oidc/v3/pkg/oidc"
 	"google.golang.org/grpc"
+	"google.golang.org/grpc/metadata"
 
 	"github.com/mindersec/minder/internal/config"
 	clientconfig "github.com/mindersec/minder/internal/config/client"
@@ -52,8 +53,28 @@ var accessDeniedHtml []byte
 //go:embed html/generic_failure.html
 var genericAuthFailure []byte
 
+func requestIDInterceptor(printer func(string, ...interface{})) grpc.UnaryClientInterceptor {
+	return func(
+		ctx context.Context,
+		method string,
+		req any,
+		reply any,
+		cc *grpc.ClientConn,
+		invoker grpc.UnaryInvoker,
+		opts ...grpc.CallOption,
+	) error {
+		var header metadata.MD
+		opts = append(opts, grpc.Header(&header))
+		err := invoker(ctx, method, req, reply, cc, opts...)
+		if len(header.Get("request-id")) != 0 {
+			printer("Request ID: %s\n", header.Get("request-id")[0])
+		}
+		return err
+	}
+}
+
 // GrpcForCommand is a helper for getting a testing connection from cobra flags
-func GrpcForCommand(v *viper.Viper) (*grpc.ClientConn, error) {
+func GrpcForCommand(cmd *cobra.Command, v *viper.Viper) (*grpc.ClientConn, error) {
 	clientConfig, err := config.ReadConfigFromViper[clientconfig.Config](v)
 	if err != nil {
 		return nil, fmt.Errorf("unable to read config: %w", err)
@@ -67,8 +88,21 @@ func GrpcForCommand(v *viper.Viper) (*grpc.ClientConn, error) {
 	issuerUrl := clientConfig.Identity.CLI.IssuerUrl
 	clientId := clientConfig.Identity.CLI.ClientId
 
+	opts := []grpc.DialOption{}
+	opts = append(opts, grpc.WithUserAgent(useragent.GetUserAgent()))
+
+	if viper.GetBool("verbose") {
+		opts = append(opts, grpc.WithUnaryInterceptor(requestIDInterceptor(cmd.PrintErrf)))
+	}
+
 	return util.GetGrpcConnection(
-		grpcHost, grpcPort, allowInsecure, issuerUrl, clientId, grpc.WithUserAgent(useragent.GetUserAgent()))
+		grpcHost,
+		grpcPort,
+		allowInsecure,
+		issuerUrl,
+		clientId,
+		opts...,
+	)
 }
 
 // EnsureCredentials is a PreRunE function to ensure that the user