From 1eb4fc6846e7b7e32ca576ab0826d494eaad7785 Mon Sep 17 00:00:00 2001 From: Maartje Eyskens Date: Thu, 6 Feb 2020 11:11:37 +0100 Subject: [PATCH] Create internalvanafiapi to prevent cyclic imports Signed-off-by: Maartje Eyskens --- .../certificaterequests/venafi/venafi.go | 3 ++- .../certificaterequests/venafi/venafi_test.go | 17 +++++++++-------- pkg/internal/venafi/api/api.go | 12 ++++++++++++ pkg/internal/venafi/fake/venafi.go | 6 +++--- pkg/internal/venafi/sign.go | 3 ++- pkg/internal/venafi/sign_test.go | 5 +++-- pkg/internal/venafi/venafi.go | 10 ++-------- 7 files changed, 33 insertions(+), 23 deletions(-) create mode 100644 pkg/internal/venafi/api/api.go diff --git a/pkg/controller/certificaterequests/venafi/venafi.go b/pkg/controller/certificaterequests/venafi/venafi.go index 1850126a6..5aa28563a 100644 --- a/pkg/controller/certificaterequests/venafi/venafi.go +++ b/pkg/controller/certificaterequests/venafi/venafi.go @@ -20,6 +20,7 @@ import ( "context" "encoding/json" "fmt" + internalvanafiapi "github.com/jetstack/cert-manager/pkg/internal/venafi/api" "github.com/Venafi/vcert/pkg/endpoint" k8sErrors "k8s.io/apimachinery/pkg/api/errors" @@ -90,7 +91,7 @@ func (v *Venafi) Sign(ctx context.Context, cr *cmapi.CertificateRequest, issuerO duration := apiutil.DefaultCertDuration(cr.Spec.Duration) - var customFields []venafiinternal.CustomField + var customFields []internalvanafiapi.CustomField if annotation, exists := cr.GetAnnotations()[cmapi.VenafiCustomFieldsAnnotationKey]; exists && annotation != "" { err := json.Unmarshal([]byte(annotation), &customFields) if err != nil { diff --git a/pkg/controller/certificaterequests/venafi/venafi_test.go b/pkg/controller/certificaterequests/venafi/venafi_test.go index ba05febbe..de9854f41 100644 --- a/pkg/controller/certificaterequests/venafi/venafi_test.go +++ b/pkg/controller/certificaterequests/venafi/venafi_test.go @@ -24,6 +24,7 @@ import ( "crypto/x509/pkix" "encoding/pem" "errors" + internalvanafiapi "github.com/jetstack/cert-manager/pkg/internal/venafi/api" "testing" "time" @@ -181,7 +182,7 @@ func TestSign(t *testing.T) { } clientReturnsPending := &internalvenafifake.Venafi{ - SignFn: func([]byte, time.Duration, []internalvenafi.CustomField) ([]byte, error) { + SignFn: func([]byte, time.Duration, []internalvanafiapi.CustomField) ([]byte, error) { return nil, endpoint.ErrCertificatePending{ CertificateID: "test-cert-id", Status: "test-status-pending", @@ -189,25 +190,25 @@ func TestSign(t *testing.T) { }, } clientReturnsTimeout := &internalvenafifake.Venafi{ - SignFn: func([]byte, time.Duration, []internalvenafi.CustomField) ([]byte, error) { + SignFn: func([]byte, time.Duration, []internalvanafiapi.CustomField) ([]byte, error) { return nil, endpoint.ErrRetrieveCertificateTimeout{ CertificateID: "test-cert-id", } }, } clientReturnsGenericError := &internalvenafifake.Venafi{ - SignFn: func([]byte, time.Duration, []internalvenafi.CustomField) ([]byte, error) { + SignFn: func([]byte, time.Duration, []internalvanafiapi.CustomField) ([]byte, error) { return nil, errors.New("this is an error") }, } clientReturnsCert := &internalvenafifake.Venafi{ - SignFn: func([]byte, time.Duration, []internalvenafi.CustomField) ([]byte, error) { + SignFn: func([]byte, time.Duration, []internalvanafiapi.CustomField) ([]byte, error) { return certPEM, nil }, } clientReturnsCertIfCustomField := &internalvenafifake.Venafi{ - SignFn: func(csr []byte, t time.Duration, fields []internalvenafi.CustomField) ([]byte, error) { + SignFn: func(csr []byte, t time.Duration, fields []internalvanafiapi.CustomField) ([]byte, error) { if len(fields) > 0 && fields[0].Name == "cert-manager-test" && fields[0].Value == "test ok" { return certPEM, nil } @@ -622,7 +623,7 @@ func TestSign(t *testing.T) { builder: &controllertest.Builder{ CertManagerObjects: []runtime.Object{tppCRWithInvalidCustomFields.DeepCopy(), tppIssuer.DeepCopy()}, ExpectedEvents: []string{ - `Warning CustomFieldsError Failed to parse venafi.cert-manager.io/custom-fields annotation: invalid character 'c' looking for beginning of value`, + `Warning CustomFieldsError Failed to parse "venafi.cert-manager.io/custom-fields" annotation: invalid character 'c' looking for beginning of value`, }, ExpectedActions: []testpkg.Action{ testpkg.NewAction(coretesting.NewUpdateSubresourceAction( @@ -634,7 +635,7 @@ func TestSign(t *testing.T) { Type: cmapi.CertificateRequestConditionReady, Status: cmmeta.ConditionFalse, Reason: cmapi.CertificateRequestReasonFailed, - Message: "Failed to parse venafi.cert-manager.io/custom-fields annotation: invalid character 'c' looking for beginning of value", + Message: "Failed to parse \"venafi.cert-manager.io/custom-fields\" annotation: invalid character 'c' looking for beginning of value", LastTransitionTime: &metaFixedClockStart, }), gen.SetCertificateRequestFailureTime(metaFixedClockStart), @@ -644,7 +645,7 @@ func TestSign(t *testing.T) { }, fakeSecretLister: failGetSecretLister, fakeClient: clientReturnsPending, - expectedErr: true, + expectedErr: false, }, } diff --git a/pkg/internal/venafi/api/api.go b/pkg/internal/venafi/api/api.go new file mode 100644 index 000000000..c8d0be001 --- /dev/null +++ b/pkg/internal/venafi/api/api.go @@ -0,0 +1,12 @@ +package api + +import ( + "github.com/Venafi/vcert/pkg/certificate" +) + +// CustomField defines a custom field to be passed to Venafi +type CustomField struct { + Type certificate.CustomFieldType `json:"type,omitempty"` + Name string `json:"name"` + Value string `json:"value"` +} diff --git a/pkg/internal/venafi/fake/venafi.go b/pkg/internal/venafi/fake/venafi.go index 1eaaa8b36..ff58615ec 100644 --- a/pkg/internal/venafi/fake/venafi.go +++ b/pkg/internal/venafi/fake/venafi.go @@ -17,15 +17,15 @@ limitations under the License. package fake import ( - "github.com/Venafi/vcert/pkg/certificate" "time" "github.com/Venafi/vcert/pkg/endpoint" + internalvanafiapi "github.com/jetstack/cert-manager/pkg/internal/venafi/api" ) type Venafi struct { PingFn func() error - SignFn func([]byte, time.Duration, []certificate.CustomField) ([]byte, error) + SignFn func([]byte, time.Duration, []internalvanafiapi.CustomField) ([]byte, error) ReadZoneConfigurationFn func() (*endpoint.ZoneConfiguration, error) } @@ -33,7 +33,7 @@ func (v *Venafi) Ping() error { return v.PingFn() } -func (v *Venafi) Sign(b []byte, t time.Duration, f []certificate.CustomField) ([]byte, error) { +func (v *Venafi) Sign(b []byte, t time.Duration, f []internalvanafiapi.CustomField) ([]byte, error) { return v.SignFn(b, t, f) } diff --git a/pkg/internal/venafi/sign.go b/pkg/internal/venafi/sign.go index 25fc0447b..abd19b1a8 100644 --- a/pkg/internal/venafi/sign.go +++ b/pkg/internal/venafi/sign.go @@ -24,13 +24,14 @@ import ( "github.com/Venafi/vcert/pkg/certificate" + internalvanafiapi "github.com/jetstack/cert-manager/pkg/internal/venafi/api" "github.com/jetstack/cert-manager/pkg/util/pki" ) // This function sends a request to Venafi to for a signed certificate. // The CSR will be decoded to be validated against the zone configuration policy. // Upon the template being successfully defaulted and validated, the CSR will be sent, as is. -func (v *Venafi) Sign(csrPEM []byte, duration time.Duration, customFields []CustomField) (cert []byte, err error) { +func (v *Venafi) Sign(csrPEM []byte, duration time.Duration, customFields []internalvanafiapi.CustomField) (cert []byte, err error) { // Retrieve a copy of the Venafi zone. // This contains default values and policy control info that we can apply // and check against locally. diff --git a/pkg/internal/venafi/sign_test.go b/pkg/internal/venafi/sign_test.go index f7d07bb2b..f5ed82568 100644 --- a/pkg/internal/venafi/sign_test.go +++ b/pkg/internal/venafi/sign_test.go @@ -23,6 +23,7 @@ import ( "crypto/x509/pkix" "encoding/pem" "errors" + internalvanafiapi "github.com/jetstack/cert-manager/pkg/internal/venafi/api" "testing" "time" @@ -175,7 +176,7 @@ func TestSign(t *testing.T) { }, "obtain a certificate with custom fields specified": { csrPEM: csrPEM, - customFields: []CustomField{{Name: "test", Value: "ok"}}, + customFields: []internalvanafiapi.CustomField{{Name: "test", Value: "ok"}}, client: internalfake.Connector{ RetrieveCertificateFunc: func(r *certificate.Request) (*certificate.PEMCollection, error) { if len(r.CustomFields) == 0 { @@ -205,7 +206,7 @@ type testSignT struct { expectedErr bool - customFields []CustomField + customFields []internalvanafiapi.CustomField checkFn func(*testing.T, []byte, []byte) } diff --git a/pkg/internal/venafi/venafi.go b/pkg/internal/venafi/venafi.go index 75134d242..e5a0994fa 100644 --- a/pkg/internal/venafi/venafi.go +++ b/pkg/internal/venafi/venafi.go @@ -18,6 +18,7 @@ package venafi import ( "fmt" + internalvanafiapi "github.com/jetstack/cert-manager/pkg/internal/venafi/api" "time" "github.com/Venafi/vcert" @@ -39,7 +40,7 @@ type VenafiClientBuilder func(namespace string, secretsLister corelisters.Secret issuer cmapi.GenericIssuer) (Interface, error) type Interface interface { - Sign(csrPEM []byte, duration time.Duration, customFields []CustomField) (cert []byte, err error) + Sign(csrPEM []byte, duration time.Duration, customFields []internalvanafiapi.CustomField) (cert []byte, err error) Ping() error ReadZoneConfiguration() (*endpoint.ZoneConfiguration, error) SetClient(endpoint.Connector) @@ -68,13 +69,6 @@ type connector interface { RenewCertificate(req *certificate.RenewalRequest) (requestID string, err error) } -// CustomField defines a custom field to be passed to Venafi -type CustomField struct { - Type certificate.CustomFieldType `json:"type,omitempty"` - Name string `json:"name"` - Value string `json:"value"` -} - func New(namespace string, secretsLister corelisters.SecretLister, issuer cmapi.GenericIssuer) (Interface, error) {