feat: implement core CLI packages and Phase 3 commands

- config: resolve binary dir, load/save .hf-config.json - mode: detect padded-cell vs manual mode via pass_mgr - client: HTTP client wrapper with auth header support - passmgr: pass_mgr integration (get-secret, set, generate) - output: human-readable + JSON output formatting with tables - help: help and help-brief renderer for groups/commands - commands: version, health, config (--url, --acc-mgr-token, show) - auth: token resolution helper (padded-cell auto / manual explicit) - main: command dispatcher with --json global flag support - README: updated with current package layout and status
2026-03-21 13:50:29 +00:00
parent cb0b7669b3
commit 7d3cff7d95
24 changed files with 810 additions and 52 deletions
--- a/internal/passmgr/.gitkeep
+++ b/internal/passmgr/.gitkeep
--- a/internal/passmgr/doc.go
+++ b/internal/passmgr/doc.go
@@ -1,3 +0,0 @@
-package passmgr
-
-// Package passmgr will integrate with pass_mgr when available.
--- a/internal/passmgr/passmgr.go
+++ b/internal/passmgr/passmgr.go
@@ -0,0 +1,60 @@
+// Package passmgr wraps calls to the pass_mgr binary for secret resolution.
+package passmgr
+
+import (
+	"fmt"
+	"os/exec"
+	"strings"
+)
+
+// GetSecret calls: pass_mgr get-secret [--public] --key <key>
+func GetSecret(key string, public bool) (string, error) {
+	args := []string{"get-secret"}
+	if public {
+		args = append(args, "--public")
+	}
+	args = append(args, "--key", key)
+	out, err := exec.Command("pass_mgr", args...).Output()
+	if err != nil {
+		return "", fmt.Errorf("pass_mgr get-secret --key %s failed: %w", key, err)
+	}
+	return strings.TrimSpace(string(out)), nil
+}
+
+// SetSecret calls: pass_mgr set [--public] --key <key> --secret <secret>
+func SetSecret(key, secret string, public bool) error {
+	args := []string{"set"}
+	if public {
+		args = append(args, "--public")
+	}
+	args = append(args, "--key", key, "--secret", secret)
+	if err := exec.Command("pass_mgr", args...).Run(); err != nil {
+		return fmt.Errorf("pass_mgr set --key %s failed: %w", key, err)
+	}
+	return nil
+}
+
+// GeneratePassword calls: pass_mgr generate --key <key> --username <username>
+func GeneratePassword(key, username string) (string, error) {
+	args := []string{"generate", "--key", key, "--username", username}
+	out, err := exec.Command("pass_mgr", args...).Output()
+	if err != nil {
+		return "", fmt.Errorf("pass_mgr generate failed: %w", err)
+	}
+	return strings.TrimSpace(string(out)), nil
+}
+
+// GetToken retrieves the normal hf-token via pass_mgr.
+func GetToken() (string, error) {
+	return GetSecret("hf-token", false)
+}
+
+// GetAccountManagerToken retrieves the public hf-acc-mgr-token via pass_mgr.
+func GetAccountManagerToken() (string, error) {
+	return GetSecret("hf-acc-mgr-token", true)
+}
+
+// SetAccountManagerToken stores the acc-mgr-token as a public secret.
+func SetAccountManagerToken(token string) error {
+	return SetSecret("hf-acc-mgr-token", token, true)
+}