mirror of
https://github.com/ceph/ceph-csi.git
synced 2025-01-08 12:59:30 +00:00
171ba6a65d
Bumps the github-dependencies group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/IBM/keyprotect-go-client](https://github.com/IBM/keyprotect-go-client) | `0.12.2` | `0.14.1` | | [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) | `1.53.14` | `1.54.6` | | [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) | `1.28.1` | `1.29.1` | | [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) | `1.12.0` | `1.14.0` | | [github.com/kubernetes-csi/csi-lib-utils](https://github.com/kubernetes-csi/csi-lib-utils) | `0.17.0` | `0.18.1` | | [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.17.1` | `2.19.0` | | [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.18.0` | `1.19.1` | | [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) | `1.6.0` | `1.7.0` | Updates `github.com/IBM/keyprotect-go-client` from 0.12.2 to 0.14.1 - [Release notes](https://github.com/IBM/keyprotect-go-client/releases) - [Changelog](https://github.com/IBM/keyprotect-go-client/blob/master/CHANGELOG.md) - [Commits](https://github.com/IBM/keyprotect-go-client/compare/v0.12.2...v0.14.1) Updates `github.com/aws/aws-sdk-go` from 1.53.14 to 1.54.6 - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.53.14...v1.54.6) Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.28.1 to 1.29.1 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ecr/v1.28.1...service/s3/v1.29.1) Updates `github.com/hashicorp/vault/api` from 1.12.0 to 1.14.0 - [Release notes](https://github.com/hashicorp/vault/releases) - [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/vault/compare/v1.12.0...v1.14.0) Updates `github.com/kubernetes-csi/csi-lib-utils` from 0.17.0 to 0.18.1 - [Release notes](https://github.com/kubernetes-csi/csi-lib-utils/releases) - [Commits](https://github.com/kubernetes-csi/csi-lib-utils/compare/v0.17.0...v0.18.1) Updates `github.com/onsi/ginkgo/v2` from 2.17.1 to 2.19.0 - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/ginkgo/compare/v2.17.1...v2.19.0) Updates `github.com/onsi/gomega` from 1.32.0 to 1.33.1 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.32.0...v1.33.1) Updates `github.com/prometheus/client_golang` from 1.18.0 to 1.19.1 - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.18.0...v1.19.1) Updates `github.com/Azure/azure-sdk-for-go/sdk/azidentity` from 1.6.0 to 1.7.0 - [Release notes](https://github.com/Azure/azure-sdk-for-go/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md) - [Commits](https://github.com/Azure/azure-sdk-for-go/compare/sdk/azcore/v1.6.0...sdk/azcore/v1.7.0) --- updated-dependencies: - dependency-name: github.com/IBM/keyprotect-go-client dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/aws/aws-sdk-go-v2/service/sts dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/hashicorp/vault/api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/kubernetes-csi/csi-lib-utils dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
137 lines
4.0 KiB
Go
137 lines
4.0 KiB
Go
package kp
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"time"
|
|
)
|
|
|
|
const (
|
|
kmipClientCertSubPath = "certificates"
|
|
kmipClientCertType = "application/vnd.ibm.kms.kmip_client_certificate+json"
|
|
)
|
|
|
|
type KMIPClientCertificate struct {
|
|
ID string `json:"id,omitempty"`
|
|
Name string `json:"name,omitempty"`
|
|
Certificate string `json:"certificate,omitempty"`
|
|
CreatedBy string `json:"created_by,omitempty"`
|
|
CreatedAt *time.Time `json:"created_at,omitempty"`
|
|
}
|
|
|
|
type KMIPClientCertificates struct {
|
|
Metadata CollectionMetadata `json:"metadata"`
|
|
Certificates []KMIPClientCertificate `json:"resources"`
|
|
}
|
|
|
|
// CreateKMIPClientCertificate registers/creates a KMIP PEM format certificate
|
|
// for use with a specific KMIP adapter.
|
|
// cert_payload is the string representation of
|
|
// the certificate to be associated with the KMIP Adapter in PEM format.
|
|
// It should explicitly have the BEGIN CERTIFICATE and END CERTIFICATE tags.
|
|
// Regex: ^\s*-----BEGIN CERTIFICATE-----[A-Za-z0-9+\/\=\r\n]+-----END CERTIFICATE-----\s*$
|
|
func (c *Client) CreateKMIPClientCertificate(ctx context.Context, adapter_nameOrID, cert_payload string, opts ...CreateKMIPClientCertOption) (*KMIPClientCertificate, error) {
|
|
newCert := &KMIPClientCertificate{
|
|
Certificate: cert_payload,
|
|
}
|
|
for _, opt := range opts {
|
|
opt(newCert)
|
|
}
|
|
req, err := c.newRequest("POST", fmt.Sprintf("%s/%s/%s", kmipAdapterPath, adapter_nameOrID, kmipClientCertSubPath), wrapKMIPClientCert(*newCert))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
certResp := &KMIPClientCertificates{}
|
|
_, err = c.do(ctx, req, certResp)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return unwrapKMIPClientCert(certResp), nil
|
|
}
|
|
|
|
type CreateKMIPClientCertOption func(*KMIPClientCertificate)
|
|
|
|
func WithKMIPClientCertName(name string) CreateKMIPClientCertOption {
|
|
return func(cert *KMIPClientCertificate) {
|
|
cert.Name = name
|
|
}
|
|
}
|
|
|
|
// GetKMIPClientCertificates lists all certificates associated with a KMIP adapter
|
|
func (c *Client) GetKMIPClientCertificates(ctx context.Context, adapter_nameOrID string, listOpts *ListOptions) (*KMIPClientCertificates, error) {
|
|
certs := KMIPClientCertificates{}
|
|
req, err := c.newRequest("GET", fmt.Sprintf("%s/%s/%s", kmipAdapterPath, adapter_nameOrID, kmipClientCertSubPath), nil)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if listOpts != nil {
|
|
values := req.URL.Query()
|
|
if listOpts.Limit != nil {
|
|
values.Set("limit", fmt.Sprint(*listOpts.Limit))
|
|
}
|
|
if listOpts.Offset != nil {
|
|
values.Set("offset", fmt.Sprint(*listOpts.Offset))
|
|
}
|
|
if listOpts.TotalCount != nil {
|
|
values.Set("totalCount", fmt.Sprint(*listOpts.TotalCount))
|
|
}
|
|
req.URL.RawQuery = values.Encode()
|
|
}
|
|
|
|
_, err = c.do(ctx, req, &certs)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &certs, nil
|
|
}
|
|
|
|
// GetKMIPClientCertificate gets a single certificate associated with a KMIP adapter
|
|
func (c *Client) GetKMIPClientCertificate(ctx context.Context, adapter_nameOrID, cert_nameOrID string) (*KMIPClientCertificate, error) {
|
|
certs := &KMIPClientCertificates{}
|
|
req, err := c.newRequest("GET", fmt.Sprintf("%s/%s/%s/%s",
|
|
kmipAdapterPath, adapter_nameOrID, kmipClientCertSubPath, cert_nameOrID), nil)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
_, err = c.do(ctx, req, certs)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return unwrapKMIPClientCert(certs), nil
|
|
}
|
|
|
|
// DeleteKMIPClientCertificate deletes a single certificate
|
|
func (c *Client) DeleteKMIPClientCertificate(ctx context.Context, adapter_nameOrID, cert_nameOrID string) error {
|
|
req, err := c.newRequest("DELETE", fmt.Sprintf("%s/%s/%s/%s",
|
|
kmipAdapterPath, adapter_nameOrID, kmipClientCertSubPath, cert_nameOrID), nil)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
_, err = c.do(ctx, req, nil)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func wrapKMIPClientCert(cert KMIPClientCertificate) KMIPClientCertificates {
|
|
return KMIPClientCertificates{
|
|
Metadata: CollectionMetadata{
|
|
CollectionType: kmipClientCertType,
|
|
CollectionTotal: 1,
|
|
},
|
|
Certificates: []KMIPClientCertificate{cert},
|
|
}
|
|
}
|
|
|
|
func unwrapKMIPClientCert(certs *KMIPClientCertificates) *KMIPClientCertificate {
|
|
return &certs.Certificates[0]
|
|
}
|