Create internalvanafiapi to prevent cyclic imports
Signed-off-by: Maartje Eyskens <maartje@eyskens.me>
This commit is contained in:
Maartje Eyskens
parent
e040d4f284
commit
1eb4fc6846
@ -20,6 +20,7 @@ import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
internalvanafiapi "github.com/jetstack/cert-manager/pkg/internal/venafi/api"
|
||||
|
||||
"github.com/Venafi/vcert/pkg/endpoint"
|
||||
k8sErrors "k8s.io/apimachinery/pkg/api/errors"
|
||||
@ -90,7 +91,7 @@ func (v *Venafi) Sign(ctx context.Context, cr *cmapi.CertificateRequest, issuerO
|
||||
|
||||
duration := apiutil.DefaultCertDuration(cr.Spec.Duration)
|
||||
|
||||
var customFields []venafiinternal.CustomField
|
||||
var customFields []internalvanafiapi.CustomField
|
||||
if annotation, exists := cr.GetAnnotations()[cmapi.VenafiCustomFieldsAnnotationKey]; exists && annotation != "" {
|
||||
err := json.Unmarshal([]byte(annotation), &customFields)
|
||||
if err != nil {
|
||||
|
||||
@ -24,6 +24,7 @@ import (
|
||||
"crypto/x509/pkix"
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
internalvanafiapi "github.com/jetstack/cert-manager/pkg/internal/venafi/api"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
@ -181,7 +182,7 @@ func TestSign(t *testing.T) {
|
||||
}
|
||||
|
||||
clientReturnsPending := &internalvenafifake.Venafi{
|
||||
SignFn: func([]byte, time.Duration, []internalvenafi.CustomField) ([]byte, error) {
|
||||
SignFn: func([]byte, time.Duration, []internalvanafiapi.CustomField) ([]byte, error) {
|
||||
return nil, endpoint.ErrCertificatePending{
|
||||
CertificateID: "test-cert-id",
|
||||
Status: "test-status-pending",
|
||||
@ -189,25 +190,25 @@ func TestSign(t *testing.T) {
|
||||
},
|
||||
}
|
||||
clientReturnsTimeout := &internalvenafifake.Venafi{
|
||||
SignFn: func([]byte, time.Duration, []internalvenafi.CustomField) ([]byte, error) {
|
||||
SignFn: func([]byte, time.Duration, []internalvanafiapi.CustomField) ([]byte, error) {
|
||||
return nil, endpoint.ErrRetrieveCertificateTimeout{
|
||||
CertificateID: "test-cert-id",
|
||||
}
|
||||
},
|
||||
}
|
||||
clientReturnsGenericError := &internalvenafifake.Venafi{
|
||||
SignFn: func([]byte, time.Duration, []internalvenafi.CustomField) ([]byte, error) {
|
||||
SignFn: func([]byte, time.Duration, []internalvanafiapi.CustomField) ([]byte, error) {
|
||||
return nil, errors.New("this is an error")
|
||||
},
|
||||
}
|
||||
clientReturnsCert := &internalvenafifake.Venafi{
|
||||
SignFn: func([]byte, time.Duration, []internalvenafi.CustomField) ([]byte, error) {
|
||||
SignFn: func([]byte, time.Duration, []internalvanafiapi.CustomField) ([]byte, error) {
|
||||
return certPEM, nil
|
||||
},
|
||||
}
|
||||
|
||||
clientReturnsCertIfCustomField := &internalvenafifake.Venafi{
|
||||
SignFn: func(csr []byte, t time.Duration, fields []internalvenafi.CustomField) ([]byte, error) {
|
||||
SignFn: func(csr []byte, t time.Duration, fields []internalvanafiapi.CustomField) ([]byte, error) {
|
||||
if len(fields) > 0 && fields[0].Name == "cert-manager-test" && fields[0].Value == "test ok" {
|
||||
return certPEM, nil
|
||||
}
|
||||
@ -622,7 +623,7 @@ func TestSign(t *testing.T) {
|
||||
builder: &controllertest.Builder{
|
||||
CertManagerObjects: []runtime.Object{tppCRWithInvalidCustomFields.DeepCopy(), tppIssuer.DeepCopy()},
|
||||
ExpectedEvents: []string{
|
||||
`Warning CustomFieldsError Failed to parse venafi.cert-manager.io/custom-fields annotation: invalid character 'c' looking for beginning of value`,
|
||||
`Warning CustomFieldsError Failed to parse "venafi.cert-manager.io/custom-fields" annotation: invalid character 'c' looking for beginning of value`,
|
||||
},
|
||||
ExpectedActions: []testpkg.Action{
|
||||
testpkg.NewAction(coretesting.NewUpdateSubresourceAction(
|
||||
@ -634,7 +635,7 @@ func TestSign(t *testing.T) {
|
||||
Type: cmapi.CertificateRequestConditionReady,
|
||||
Status: cmmeta.ConditionFalse,
|
||||
Reason: cmapi.CertificateRequestReasonFailed,
|
||||
Message: "Failed to parse venafi.cert-manager.io/custom-fields annotation: invalid character 'c' looking for beginning of value",
|
||||
Message: "Failed to parse \"venafi.cert-manager.io/custom-fields\" annotation: invalid character 'c' looking for beginning of value",
|
||||
LastTransitionTime: &metaFixedClockStart,
|
||||
}),
|
||||
gen.SetCertificateRequestFailureTime(metaFixedClockStart),
|
||||
@ -644,7 +645,7 @@ func TestSign(t *testing.T) {
|
||||
},
|
||||
fakeSecretLister: failGetSecretLister,
|
||||
fakeClient: clientReturnsPending,
|
||||
expectedErr: true,
|
||||
expectedErr: false,
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
12
pkg/internal/venafi/api/api.go
Normal file
12
pkg/internal/venafi/api/api.go
Normal file
@ -0,0 +1,12 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
"github.com/Venafi/vcert/pkg/certificate"
|
||||
)
|
||||
|
||||
// CustomField defines a custom field to be passed to Venafi
|
||||
type CustomField struct {
|
||||
Type certificate.CustomFieldType `json:"type,omitempty"`
|
||||
Name string `json:"name"`
|
||||
Value string `json:"value"`
|
||||
}
|
||||
@ -17,15 +17,15 @@ limitations under the License.
|
||||
package fake
|
||||
|
||||
import (
|
||||
"github.com/Venafi/vcert/pkg/certificate"
|
||||
"time"
|
||||
|
||||
"github.com/Venafi/vcert/pkg/endpoint"
|
||||
internalvanafiapi "github.com/jetstack/cert-manager/pkg/internal/venafi/api"
|
||||
)
|
||||
|
||||
type Venafi struct {
|
||||
PingFn func() error
|
||||
SignFn func([]byte, time.Duration, []certificate.CustomField) ([]byte, error)
|
||||
SignFn func([]byte, time.Duration, []internalvanafiapi.CustomField) ([]byte, error)
|
||||
ReadZoneConfigurationFn func() (*endpoint.ZoneConfiguration, error)
|
||||
}
|
||||
|
||||
@ -33,7 +33,7 @@ func (v *Venafi) Ping() error {
|
||||
return v.PingFn()
|
||||
}
|
||||
|
||||
func (v *Venafi) Sign(b []byte, t time.Duration, f []certificate.CustomField) ([]byte, error) {
|
||||
func (v *Venafi) Sign(b []byte, t time.Duration, f []internalvanafiapi.CustomField) ([]byte, error) {
|
||||
return v.SignFn(b, t, f)
|
||||
}
|
||||
|
||||
|
||||
@ -24,13 +24,14 @@ import (
|
||||
|
||||
"github.com/Venafi/vcert/pkg/certificate"
|
||||
|
||||
internalvanafiapi "github.com/jetstack/cert-manager/pkg/internal/venafi/api"
|
||||
"github.com/jetstack/cert-manager/pkg/util/pki"
|
||||
)
|
||||
|
||||
// This function sends a request to Venafi to for a signed certificate.
|
||||
// The CSR will be decoded to be validated against the zone configuration policy.
|
||||
// Upon the template being successfully defaulted and validated, the CSR will be sent, as is.
|
||||
func (v *Venafi) Sign(csrPEM []byte, duration time.Duration, customFields []CustomField) (cert []byte, err error) {
|
||||
func (v *Venafi) Sign(csrPEM []byte, duration time.Duration, customFields []internalvanafiapi.CustomField) (cert []byte, err error) {
|
||||
// Retrieve a copy of the Venafi zone.
|
||||
// This contains default values and policy control info that we can apply
|
||||
// and check against locally.
|
||||
|
||||
@ -23,6 +23,7 @@ import (
|
||||
"crypto/x509/pkix"
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
internalvanafiapi "github.com/jetstack/cert-manager/pkg/internal/venafi/api"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
@ -175,7 +176,7 @@ func TestSign(t *testing.T) {
|
||||
},
|
||||
"obtain a certificate with custom fields specified": {
|
||||
csrPEM: csrPEM,
|
||||
customFields: []CustomField{{Name: "test", Value: "ok"}},
|
||||
customFields: []internalvanafiapi.CustomField{{Name: "test", Value: "ok"}},
|
||||
client: internalfake.Connector{
|
||||
RetrieveCertificateFunc: func(r *certificate.Request) (*certificate.PEMCollection, error) {
|
||||
if len(r.CustomFields) == 0 {
|
||||
@ -205,7 +206,7 @@ type testSignT struct {
|
||||
|
||||
expectedErr bool
|
||||
|
||||
customFields []CustomField
|
||||
customFields []internalvanafiapi.CustomField
|
||||
|
||||
checkFn func(*testing.T, []byte, []byte)
|
||||
}
|
||||
|
||||
@ -18,6 +18,7 @@ package venafi
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
internalvanafiapi "github.com/jetstack/cert-manager/pkg/internal/venafi/api"
|
||||
"time"
|
||||
|
||||
"github.com/Venafi/vcert"
|
||||
@ -39,7 +40,7 @@ type VenafiClientBuilder func(namespace string, secretsLister corelisters.Secret
|
||||
issuer cmapi.GenericIssuer) (Interface, error)
|
||||
|
||||
type Interface interface {
|
||||
Sign(csrPEM []byte, duration time.Duration, customFields []CustomField) (cert []byte, err error)
|
||||
Sign(csrPEM []byte, duration time.Duration, customFields []internalvanafiapi.CustomField) (cert []byte, err error)
|
||||
Ping() error
|
||||
ReadZoneConfiguration() (*endpoint.ZoneConfiguration, error)
|
||||
SetClient(endpoint.Connector)
|
||||
@ -68,13 +69,6 @@ type connector interface {
|
||||
RenewCertificate(req *certificate.RenewalRequest) (requestID string, err error)
|
||||
}
|
||||
|
||||
// CustomField defines a custom field to be passed to Venafi
|
||||
type CustomField struct {
|
||||
Type certificate.CustomFieldType `json:"type,omitempty"`
|
||||
Name string `json:"name"`
|
||||
Value string `json:"value"`
|
||||
}
|
||||
|
||||
func New(namespace string, secretsLister corelisters.SecretLister,
|
||||
issuer cmapi.GenericIssuer) (Interface, error) {
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user