feat: implement get command

evgeniy-scherbina · evgeniy-scherbina · commit e7398095267d · 2025-07-16T19:20:10.000Z
diff --git a/cli/user_secrets.go b/cli/user_secrets.go
@@ -17,6 +17,7 @@ func (r *RootCmd) secrets() *serpent.Command {
 		Children: []*serpent.Command{
 			r.secretCreate(),
 			r.secretList(),
+			r.secretGet(),
 		},
 	}
 }
@@ -66,7 +67,6 @@ func (r *RootCmd) secretCreate() *serpent.Command {
 
 func (r *RootCmd) secretList() *serpent.Command {
 	client := new(codersdk.Client)
-	//var value string
 	cmd := &serpent.Command{
 		Use:   "list",
 		Short: "List user secrets",
@@ -86,6 +86,32 @@ func (r *RootCmd) secretList() *serpent.Command {
 			return nil
 		},
 	}
+	cmd.Options = serpent.OptionSet{}
+	return cmd
+}
+
+func (r *RootCmd) secretGet() *serpent.Command {
+	client := new(codersdk.Client)
+	//var value string
+	cmd := &serpent.Command{
+		Use:   "get <name>",
+		Short: "Get user secret",
+		Middleware: serpent.Chain(
+			serpent.RequireNArgs(1),
+			r.InitClient(client),
+		),
+		Handler: func(inv *serpent.Invocation) error {
+			secretName := inv.Args[0]
+			secret, err := client.GetUserSecret(inv.Context(), secretName)
+			if err != nil {
+				return err
+			}
+
+			fmt.Fprintf(inv.Stdout, "ID | Name | Description\n")
+			fmt.Fprintf(inv.Stdout, "%v - %v - %v\n", secret.ID, secret.Name, secret.Description)
+			return nil
+		},
+	}
 	cmd.Options = serpent.OptionSet{
 		//{
 		//	Flag:        "value",
diff --git a/coderd/coderd.go b/coderd/coderd.go
@@ -1249,6 +1249,7 @@ func New(options *Options) *API {
 
 					r.Post("/", api.createUserSecret)
 					r.Get("/", api.listUserSecrets)
+					r.Get("/{name}", api.getUserSecret)
 				})
 				r.Route("/{user}", func(r chi.Router) {
 					r.Group(func(r chi.Router) {
diff --git a/coderd/user_secrets.go b/coderd/user_secrets.go
@@ -4,6 +4,7 @@ import (
 	"github.com/coder/coder/v2/coderd/database"
 	"github.com/coder/coder/v2/coderd/database/db2sdk"
 	"github.com/coder/coder/v2/coderd/httpmw"
+	"github.com/go-chi/chi/v5"
 	"github.com/google/uuid"
 	"net/http"
 
@@ -75,3 +76,31 @@ func (api *API) listUserSecrets(rw http.ResponseWriter, r *http.Request) {
 
 	httpapi.Write(ctx, rw, http.StatusOK, response)
 }
+
+// Returns a user secret.
+//
+// @Summary Returns a user secret.
+// @ID get-user-secret
+// @Security CoderSessionToken
+// @Produce json
+// @Tags User-Secrets
+// @Success 200 {object} codersdk.UserSecret
+// @Router /users/secrets/{name} [get]
+func (api *API) getUserSecret(rw http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	apiKey := httpmw.APIKey(r)
+	secretName := chi.URLParam(r, "name")
+
+	userSecret, err := api.Database.GetUserSecret(ctx, database.GetUserSecretParams{
+		UserID: apiKey.UserID,
+		Name:   secretName,
+	})
+	if err != nil {
+		httpapi.InternalServerError(rw, err)
+		return
+	}
+
+	response := db2sdk.UserSecret(userSecret)
+
+	httpapi.Write(ctx, rw, http.StatusOK, response)
+}
diff --git a/coderd/user_secrets_test.go b/coderd/user_secrets_test.go
@@ -1,8 +1,6 @@
 package coderd_test
 
 import (
-	"encoding/json"
-	"fmt"
 	"github.com/coder/coder/v2/codersdk"
 	"github.com/stretchr/testify/require"
 	"testing"
@@ -41,9 +39,9 @@ func TestUserSecrets(t *testing.T) {
 		Value:       "secretkey",
 	})
 	require.NoError(t, err)
-	userSecretInJSON, err := json.Marshal(userSecret)
-	require.NoError(t, err)
-	fmt.Printf("userSecretInJSON: %s\n", userSecretInJSON)
+	//userSecretInJSON, err := json.Marshal(userSecret)
+	//require.NoError(t, err)
+	//fmt.Printf("userSecretInJSON: %s\n", userSecretInJSON)
 
 	require.NotNil(t, userSecret.ID)
 	require.Equal(t, templateAdmin.ID, userSecret.UserID)
@@ -54,12 +52,24 @@ func TestUserSecrets(t *testing.T) {
 	userSecretList, err := templateAdminClient.ListUserSecrets(ctx)
 	require.NoError(t, err)
 	require.Len(t, userSecretList.Secrets, 1)
-	userSecretListInJSON, err := json.Marshal(userSecretList)
-	require.NoError(t, err)
-	fmt.Printf("userSecretListInJSON: %s\n", userSecretListInJSON)
+	//userSecretListInJSON, err := json.Marshal(userSecretList)
+	//require.NoError(t, err)
+	//fmt.Printf("userSecretListInJSON: %s\n", userSecretListInJSON)
 
 	require.NotNil(t, userSecretList.Secrets[0].ID)
 	require.Equal(t, templateAdmin.ID, userSecretList.Secrets[0].UserID)
 	require.Equal(t, userSecretName, userSecretList.Secrets[0].Name)
 	require.Equal(t, userSecretDescription, userSecretList.Secrets[0].Description)
+
+	// test get API
+	userSecret, err = templateAdminClient.GetUserSecret(ctx, userSecretName)
+	require.NoError(t, err)
+	//userSecretInJSON, err := json.Marshal(userSecret)
+	//require.NoError(t, err)
+	//fmt.Printf("userSecretInJSON: %s\n", userSecretInJSON)
+
+	require.NotNil(t, userSecret.ID)
+	require.Equal(t, templateAdmin.ID, userSecret.UserID)
+	require.Equal(t, userSecretName, userSecret.Name)
+	require.Equal(t, userSecretDescription, userSecret.Description)
 }
diff --git a/codersdk/user_secrets.go b/codersdk/user_secrets.go
@@ -3,6 +3,7 @@ package codersdk
 import (
 	"context"
 	"encoding/json"
+	"fmt"
 	"net/http"
 	"time"
 
@@ -77,3 +78,21 @@ func (c *Client) ListUserSecrets(ctx context.Context) (ListUserSecretsResponse,
 	var userSecrets ListUserSecretsResponse
 	return userSecrets, json.NewDecoder(res.Body).Decode(&userSecrets)
 }
+
+func (c *Client) GetUserSecret(ctx context.Context, secretName string) (UserSecret, error) {
+	res, err := c.Request(ctx, http.MethodGet,
+		fmt.Sprintf("/api/v2/users/secrets/%v", secretName),
+		nil,
+	)
+	if err != nil {
+		return UserSecret{}, xerrors.Errorf("execute request: %w", err)
+	}
+	defer res.Body.Close()
+
+	if res.StatusCode != http.StatusOK {
+		return UserSecret{}, ReadBodyAsError(res)
+	}
+
+	var userSecret UserSecret
+	return userSecret, json.NewDecoder(res.Body).Decode(&userSecret)
+}
