ceph-csi/vendor/github.com/IBM/keyprotect-go-client/kmip_mgmt_certs.go

137 lines
4.0 KiB
Go
Raw Permalink Normal View History

rebase: bump the github-dependencies group across 1 directory with 9 updates Bumps the github-dependencies group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/IBM/keyprotect-go-client](https://github.com/IBM/keyprotect-go-client) | `0.12.2` | `0.14.1` | | [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) | `1.53.14` | `1.54.6` | | [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) | `1.28.1` | `1.29.1` | | [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) | `1.12.0` | `1.14.0` | | [github.com/kubernetes-csi/csi-lib-utils](https://github.com/kubernetes-csi/csi-lib-utils) | `0.17.0` | `0.18.1` | | [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.17.1` | `2.19.0` | | [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.18.0` | `1.19.1` | | [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) | `1.6.0` | `1.7.0` | Updates `github.com/IBM/keyprotect-go-client` from 0.12.2 to 0.14.1 - [Release notes](https://github.com/IBM/keyprotect-go-client/releases) - [Changelog](https://github.com/IBM/keyprotect-go-client/blob/master/CHANGELOG.md) - [Commits](https://github.com/IBM/keyprotect-go-client/compare/v0.12.2...v0.14.1) Updates `github.com/aws/aws-sdk-go` from 1.53.14 to 1.54.6 - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.53.14...v1.54.6) Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.28.1 to 1.29.1 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ecr/v1.28.1...service/s3/v1.29.1) Updates `github.com/hashicorp/vault/api` from 1.12.0 to 1.14.0 - [Release notes](https://github.com/hashicorp/vault/releases) - [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/vault/compare/v1.12.0...v1.14.0) Updates `github.com/kubernetes-csi/csi-lib-utils` from 0.17.0 to 0.18.1 - [Release notes](https://github.com/kubernetes-csi/csi-lib-utils/releases) - [Commits](https://github.com/kubernetes-csi/csi-lib-utils/compare/v0.17.0...v0.18.1) Updates `github.com/onsi/ginkgo/v2` from 2.17.1 to 2.19.0 - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/ginkgo/compare/v2.17.1...v2.19.0) Updates `github.com/onsi/gomega` from 1.32.0 to 1.33.1 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.32.0...v1.33.1) Updates `github.com/prometheus/client_golang` from 1.18.0 to 1.19.1 - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.18.0...v1.19.1) Updates `github.com/Azure/azure-sdk-for-go/sdk/azidentity` from 1.6.0 to 1.7.0 - [Release notes](https://github.com/Azure/azure-sdk-for-go/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md) - [Commits](https://github.com/Azure/azure-sdk-for-go/compare/sdk/azcore/v1.6.0...sdk/azcore/v1.7.0) --- updated-dependencies: - dependency-name: github.com/IBM/keyprotect-go-client dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/aws/aws-sdk-go-v2/service/sts dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/hashicorp/vault/api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/kubernetes-csi/csi-lib-utils dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
2024-06-24 20:58:34 +00:00
package kp
import (
"context"
"fmt"
"time"
)
const (
kmipClientCertSubPath = "certificates"
kmipClientCertType = "application/vnd.ibm.kms.kmip_client_certificate+json"
)
type KMIPClientCertificate struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Certificate string `json:"certificate,omitempty"`
CreatedBy string `json:"created_by,omitempty"`
CreatedAt *time.Time `json:"created_at,omitempty"`
}
type KMIPClientCertificates struct {
Metadata CollectionMetadata `json:"metadata"`
Certificates []KMIPClientCertificate `json:"resources"`
}
// CreateKMIPClientCertificate registers/creates a KMIP PEM format certificate
// for use with a specific KMIP adapter.
// cert_payload is the string representation of
// the certificate to be associated with the KMIP Adapter in PEM format.
// It should explicitly have the BEGIN CERTIFICATE and END CERTIFICATE tags.
// Regex: ^\s*-----BEGIN CERTIFICATE-----[A-Za-z0-9+\/\=\r\n]+-----END CERTIFICATE-----\s*$
func (c *Client) CreateKMIPClientCertificate(ctx context.Context, adapter_nameOrID, cert_payload string, opts ...CreateKMIPClientCertOption) (*KMIPClientCertificate, error) {
newCert := &KMIPClientCertificate{
Certificate: cert_payload,
}
for _, opt := range opts {
opt(newCert)
}
req, err := c.newRequest("POST", fmt.Sprintf("%s/%s/%s", kmipAdapterPath, adapter_nameOrID, kmipClientCertSubPath), wrapKMIPClientCert(*newCert))
if err != nil {
return nil, err
}
certResp := &KMIPClientCertificates{}
_, err = c.do(ctx, req, certResp)
if err != nil {
return nil, err
}
return unwrapKMIPClientCert(certResp), nil
}
type CreateKMIPClientCertOption func(*KMIPClientCertificate)
func WithKMIPClientCertName(name string) CreateKMIPClientCertOption {
return func(cert *KMIPClientCertificate) {
cert.Name = name
}
}
// GetKMIPClientCertificates lists all certificates associated with a KMIP adapter
func (c *Client) GetKMIPClientCertificates(ctx context.Context, adapter_nameOrID string, listOpts *ListOptions) (*KMIPClientCertificates, error) {
certs := KMIPClientCertificates{}
req, err := c.newRequest("GET", fmt.Sprintf("%s/%s/%s", kmipAdapterPath, adapter_nameOrID, kmipClientCertSubPath), nil)
if err != nil {
return nil, err
}
if listOpts != nil {
values := req.URL.Query()
if listOpts.Limit != nil {
values.Set("limit", fmt.Sprint(*listOpts.Limit))
}
if listOpts.Offset != nil {
values.Set("offset", fmt.Sprint(*listOpts.Offset))
}
if listOpts.TotalCount != nil {
values.Set("totalCount", fmt.Sprint(*listOpts.TotalCount))
}
req.URL.RawQuery = values.Encode()
}
_, err = c.do(ctx, req, &certs)
if err != nil {
return nil, err
}
return &certs, nil
}
// GetKMIPClientCertificate gets a single certificate associated with a KMIP adapter
func (c *Client) GetKMIPClientCertificate(ctx context.Context, adapter_nameOrID, cert_nameOrID string) (*KMIPClientCertificate, error) {
certs := &KMIPClientCertificates{}
req, err := c.newRequest("GET", fmt.Sprintf("%s/%s/%s/%s",
kmipAdapterPath, adapter_nameOrID, kmipClientCertSubPath, cert_nameOrID), nil)
if err != nil {
return nil, err
}
_, err = c.do(ctx, req, certs)
if err != nil {
return nil, err
}
return unwrapKMIPClientCert(certs), nil
}
// DeleteKMIPClientCertificate deletes a single certificate
func (c *Client) DeleteKMIPClientCertificate(ctx context.Context, adapter_nameOrID, cert_nameOrID string) error {
req, err := c.newRequest("DELETE", fmt.Sprintf("%s/%s/%s/%s",
kmipAdapterPath, adapter_nameOrID, kmipClientCertSubPath, cert_nameOrID), nil)
if err != nil {
return err
}
_, err = c.do(ctx, req, nil)
if err != nil {
return err
}
return nil
}
func wrapKMIPClientCert(cert KMIPClientCertificate) KMIPClientCertificates {
return KMIPClientCertificates{
Metadata: CollectionMetadata{
CollectionType: kmipClientCertType,
CollectionTotal: 1,
},
Certificates: []KMIPClientCertificate{cert},
}
}
func unwrapKMIPClientCert(certs *KMIPClientCertificates) *KMIPClientCertificate {
return &certs.Certificates[0]
}