The secrets mv command is a pretty important one. It will be the main way of moving secrets in and out of vaults. Moving into or between vaults would be very useful. Moving out of a vault will be less so I think but supported all the same.
mv has the following features we want to support.
Move a file or directory to a destination directory.
Multiple source paths can be specified. the last argument is the destination.
Globing and wildcards are supported for sources.
Globing is supported for the destination. but only the last of the list is the destination. I say we don't support it.
This one will be pretty complex to implement. A lot of the useful functionality will be from the wildcards and globing so we need to support that well. On top of that we need a way to serialise all the found files and directories over the RPC.
So we need the following.
A generic fs walker that translates wildcards and globing into a fs tree and their contents. It needs to work on the fs and efs.
Transformers that convert the file trees and contents into a raw binary stream and back. We'll need to design it as parser/generator using the standards we've used before.
One thing to note, moving a file generally is atomic and doesn't modify the file. The Inode is unchanged when moving. However when moving in, out and between vaults are essentially different file systems. So moving between them is functionally a copy and delete operation. I believe this is how mv works between drives. Within the same drive the mv operation preserves the file while moving it. Akin to a link to new path and unlink from old path.
Additional context
Related #32
Tasks
Implement a secrets mv command
Supports moving a file from source path to destination.
And take a variable number of source paths with the last path being the destination.
Supports globing and wild cards.
Supports moving directories with contents.
Between filesystems will copy and remove old file. Within a filesystem the Inode should be preserved.
linear[bot]
commented
1 month ago
Specification
The
secrets mvcommand is a pretty important one. It will be the main way of moving secrets in and out of vaults. Moving into or between vaults would be very useful. Moving out of a vault will be less so I think but supported all the same.mvhas the following features we want to support.This one will be pretty complex to implement. A lot of the useful functionality will be from the wildcards and globing so we need to support that well. On top of that we need a way to serialise all the found files and directories over the RPC.
So we need the following.
One thing to note, moving a file generally is atomic and doesn't modify the file. The Inode is unchanged when moving. However when moving in, out and between vaults are essentially different file systems. So moving between them is functionally a copy and delete operation. I believe this is how mv works between drives. Within the same drive the
mvoperation preserves the file while moving it. Akin to alinkto new path andunlinkfrom old path.Additional context
Related #32
Tasks
secrets mvcommand