Add clean command (#1248)

* Add clean command * Refactor * Refactor
2026-02-14 16:39:51 +00:00 · 2025-01-18 22:24:23 +09:00
parent 355d9cf224
commit e31ad59e63
10 changed files with 320 additions and 4 deletions
--- a/pkg/cmd/clean.go
+++ b/pkg/cmd/clean.go
@@ -0,0 +1,56 @@
+package cmd
+
+import (
+	"fmt"
+
+	"github.com/int128/kubelogin/pkg/usecases/clean"
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+)
+
+type cleanOptions struct {
+	tokenCacheOptions tokenCacheOptions
+}
+
+func (o *cleanOptions) addFlags(f *pflag.FlagSet) {
+	o.tokenCacheOptions.addFlags(f)
+}
+
+func (o *cleanOptions) expandHomedir() {
+	o.tokenCacheOptions.expandHomedir()
+}
+
+type Clean struct {
+	Clean clean.Interface
+}
+
+func (cmd *Clean) New() *cobra.Command {
+	var o cleanOptions
+	c := &cobra.Command{
+		Use:   "clean [flags]",
+		Short: "Delete the token cache",
+		Long: `Delete the token cache.
+
+This deletes both the OS keyring and the directory by default.
+If you encounter an error of keyring, try --token-cache-storage=disk.
+`,
+		Args: cobra.NoArgs,
+		RunE: func(c *cobra.Command, _ []string) error {
+			o.expandHomedir()
+			tokenCacheConfig, err := o.tokenCacheOptions.tokenCacheConfig()
+			if err != nil {
+				return fmt.Errorf("clean: %w", err)
+			}
+			in := clean.Input{
+				TokenCacheConfig: tokenCacheConfig,
+			}
+			if err := cmd.Clean.Do(c.Context(), in); err != nil {
+				return fmt.Errorf("clean: %w", err)
+			}
+			return nil
+		},
+	}
+	c.Flags().SortFlags = false
+	o.addFlags(c.Flags())
+	return c
+}
--- a/pkg/cmd/cmd.go
+++ b/pkg/cmd/cmd.go
@@ -16,6 +16,7 @@ var Set = wire.NewSet(
 	wire.Struct(new(Root), "*"),
 	wire.Struct(new(GetToken), "*"),
 	wire.Struct(new(Setup), "*"),
+	wire.Struct(new(Clean), "*"),
 )

 type Interface interface {
@@ -31,6 +32,7 @@ type Cmd struct {
 	Root     *Root
 	GetToken *GetToken
 	Setup    *Setup
+	Clean    *Clean
 	Logger   logger.Interface
 }

@@ -48,6 +50,9 @@ func (cmd *Cmd) Run(ctx context.Context, args []string, version string) int {
 	setupCmd := cmd.Setup.New()
 	rootCmd.AddCommand(setupCmd)

+	cleanCmd := cmd.Clean.New()
+	rootCmd.AddCommand(cleanCmd)
+
 	versionCmd := &cobra.Command{
 		Use:   "version",
 		Short: "Print the version information",
--- a/pkg/di/di.go
+++ b/pkg/di/di.go
@@ -20,6 +20,7 @@ import (
 	"github.com/int128/kubelogin/pkg/tlsclientconfig/loader"
 	"github.com/int128/kubelogin/pkg/tokencache/repository"
 	"github.com/int128/kubelogin/pkg/usecases/authentication"
+	"github.com/int128/kubelogin/pkg/usecases/clean"
 	"github.com/int128/kubelogin/pkg/usecases/credentialplugin"
 	"github.com/int128/kubelogin/pkg/usecases/setup"
 	"github.com/int128/kubelogin/pkg/usecases/standalone"
@@ -47,6 +48,7 @@ func NewCmdForHeadless(clock.Interface, stdio.Stdin, stdio.Stdout, logger.Interf
 		standalone.Set,
 		credentialplugin.Set,
 		setup.Set,
+		clean.Set,

 		// infrastructure
 		cmd.Set,
--- a/pkg/di/wire_gen.go
+++ b/pkg/di/wire_gen.go
@@ -24,6 +24,7 @@ import (
 	"github.com/int128/kubelogin/pkg/usecases/authentication/authcode"
 	"github.com/int128/kubelogin/pkg/usecases/authentication/devicecode"
 	"github.com/int128/kubelogin/pkg/usecases/authentication/ropc"
+	"github.com/int128/kubelogin/pkg/usecases/clean"
 	"github.com/int128/kubelogin/pkg/usecases/credentialplugin"
 	"github.com/int128/kubelogin/pkg/usecases/setup"
 	"github.com/int128/kubelogin/pkg/usecases/standalone"
@@ -96,7 +97,9 @@ func NewCmdForHeadless(clockInterface clock.Interface, stdin stdio.Stdin, stdout
 		Standalone: standaloneStandalone,
 		Logger:     loggerInterface,
 	}
-	repositoryRepository := &repository.Repository{}
+	repositoryRepository := &repository.Repository{
+		Logger: loggerInterface,
+	}
 	reader3 := &reader2.Reader{}
 	writer3 := &writer2.Writer{
 		Stdout: stdout,
@@ -120,10 +123,18 @@ func NewCmdForHeadless(clockInterface clock.Interface, stdin stdio.Stdin, stdout
 	cmdSetup := &cmd.Setup{
 		Setup: setupSetup,
 	}
+	cleanClean := &clean.Clean{
+		TokenCacheRepository: repositoryRepository,
+		Logger:               loggerInterface,
+	}
+	cmdClean := &cmd.Clean{
+		Clean: cleanClean,
+	}
 	cmdCmd := &cmd.Cmd{
 		Root:     root,
 		GetToken: cmdGetToken,
 		Setup:    cmdSetup,
+		Clean:    cmdClean,
 		Logger:   loggerInterface,
 	}
 	return cmdCmd
--- a/pkg/tokencache/repository/repository.go
+++ b/pkg/tokencache/repository/repository.go
@@ -13,6 +13,7 @@ import (

 	"github.com/gofrs/flock"
 	"github.com/google/wire"
+	"github.com/int128/kubelogin/pkg/infrastructure/logger"
 	"github.com/int128/kubelogin/pkg/oidc"
 	"github.com/int128/kubelogin/pkg/tokencache"
 	"github.com/zalando/go-keyring"
@@ -28,6 +29,7 @@ type Interface interface {
 	FindByKey(config tokencache.Config, key tokencache.Key) (*oidc.TokenSet, error)
 	Save(config tokencache.Config, key tokencache.Key, tokenSet oidc.TokenSet) error
 	Lock(config tokencache.Config, key tokencache.Key) (io.Closer, error)
+	DeleteAll(config tokencache.Config) error
 }

 type entity struct {
@@ -37,7 +39,9 @@ type entity struct {

 // Repository provides access to the token cache on the local filesystem.
 // Filename of a token cache is sha256 digest of the issuer, zero-character and client ID.
-type Repository struct{}
+type Repository struct {
+	Logger logger.Interface
+}

 // keyringService is used to namespace the keyring access.
 // Some implementations may also display this string when prompting the user
@@ -180,6 +184,39 @@ func (r *Repository) Lock(config tokencache.Config, key tokencache.Key) (io.Clos
 	return lockFile, nil
 }

+func (r *Repository) DeleteAll(config tokencache.Config) error {
+	return errors.Join(
+		func() error {
+			if err := os.RemoveAll(config.Directory); err != nil {
+				return fmt.Errorf("remove the directory %s: %w", config.Directory, err)
+			}
+			r.Logger.Printf("Deleted the token cache at %s", config.Directory)
+			return nil
+		}(),
+		func() error {
+			switch config.Storage {
+			case tokencache.StorageAuto:
+				if err := keyring.DeleteAll(keyringService); err != nil {
+					if errors.Is(err, keyring.ErrUnsupportedPlatform) {
+						return nil
+					}
+					return fmt.Errorf("keyring delete: %w", err)
+				}
+				r.Logger.Printf("Deleted the token cache in the keyring")
+				return nil
+			case tokencache.StorageKeyring:
+				if err := keyring.DeleteAll(keyringService); err != nil {
+					return fmt.Errorf("keyring delete: %w", err)
+				}
+				r.Logger.Printf("Deleted the token cache in the keyring")
+				return nil
+			default:
+				return nil
+			}
+		}(),
+	)
+}
+
 func encodeKey(tokenSet oidc.TokenSet) ([]byte, error) {
 	e := entity{
 		IDToken:      tokenSet.IDToken,
--- a/pkg/usecases/clean/clean.go
+++ b/pkg/usecases/clean/clean.go
@@ -0,0 +1,38 @@
+package clean
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/google/wire"
+	"github.com/int128/kubelogin/pkg/infrastructure/logger"
+	"github.com/int128/kubelogin/pkg/tokencache"
+	"github.com/int128/kubelogin/pkg/tokencache/repository"
+)
+
+var Set = wire.NewSet(
+	wire.Struct(new(Clean), "*"),
+	wire.Bind(new(Interface), new(*Clean)),
+)
+
+type Interface interface {
+	Do(ctx context.Context, in Input) error
+}
+
+// Input represents an input of the Clean use-case.
+type Input struct {
+	TokenCacheConfig tokencache.Config
+}
+
+type Clean struct {
+	TokenCacheRepository repository.Interface
+	Logger               logger.Interface
+}
+
+func (u *Clean) Do(ctx context.Context, in Input) error {
+	u.Logger.V(1).Infof("Deleting the token cache")
+	if err := u.TokenCacheRepository.DeleteAll(in.TokenCacheConfig); err != nil {
+		return fmt.Errorf("delete the token cache: %w", err)
+	}
+	return nil
+}