Merge pull request #489 from Venafi/refactor-cloud-provisioning

Refactor cloud provisioning

cmd/vcert/cmdCloudKeystores.go

@@ -9,7 +9,7 @@ import (
 	"github.com/urfave/cli/v2"
 
 	"github.com/Venafi/vcert/v5"
-	"github.com/Venafi/vcert/v5/pkg/endpoint"
+	"github.com/Venafi/vcert/v5/pkg/domain"
 	"github.com/Venafi/vcert/v5/pkg/venafi/cloud"
 )
 
@@ -55,8 +55,8 @@ func doCommandProvisionCloudKeystore(c *cli.Context) error {
 		logf("Successfully connected to %s", cfg.ConnectorType)
 	}
 
-	var req = &endpoint.ProvisioningRequest{}
-	var options *endpoint.ProvisioningOptions
+	var req = &domain.ProvisioningRequest{}
+	var options *domain.ProvisioningOptions
 
 	log.Printf("fetching keystore information for provided keystore information from flags. KeystoreID: %s, KeystoreName: %s, ProviderName: %s", flags.keystoreID, flags.keystoreName, flags.providerName)
 	getKeystoreReq := buildGetCloudKeystoreRequest(flagsP)
@@ -74,19 +74,24 @@ func doCommandProvisionCloudKeystore(c *cli.Context) error {
 	}
 
 	result := ProvisioningResult{
-		ARN:          metadata.GetAWSCertificateMetadata().GetARN(),
-		AzureID:      metadata.GetAzureCertificateMetadata().GetID(),
-		AzureName:    metadata.GetAzureCertificateMetadata().GetName(),
-		AzureVersion: metadata.GetAzureCertificateMetadata().GetVersion(),
-		GcpID:        metadata.GetGCPCertificateMetadata().GetID(),
-		GcpName:      metadata.GetGCPCertificateMetadata().GetName(),
+		MachineIdentityId:         metadata.MachineIdentityID,
+		MachineIdentityActionType: metadata.MachineIdentityActionType,
+	}
+	switch metadata.CloudKeystoreType {
+	case domain.CloudKeystoreTypeACM:
+		result.ARN = metadata.ARN
+	case domain.CloudKeystoreTypeAKV:
+		result.AzureID = metadata.CertificateID
+		result.AzureName = metadata.CertificateName
+		result.AzureVersion = metadata.CertificateVersion
+	case domain.CloudKeystoreTypeGCM:
+		result.GcpID = metadata.CertificateID
+		result.GcpName = metadata.CertificateName
+	default:
+		return fmt.Errorf("unknown keystore metadata type: %s", metadata.CloudKeystoreType)
 	}
-
-	result.MachineIdentityId = metadata.GetMachineIdentityMetadata().GetID()
-	result.MachineIdentityActionType = metadata.GetMachineIdentityMetadata().GetActionType()
 
 	err = result.Flush(flags.provisionFormat, flags.provisionOutputFile)
-
 	if err != nil {
 		return fmt.Errorf("failed to output the results: %s", err)
 	}

cmd/vcert/utils.go

@@ -40,8 +40,6 @@ import (
 	"github.com/Venafi/vcert/v5/pkg/domain"
 	"github.com/Venafi/vcert/v5/pkg/endpoint"
 	"github.com/Venafi/vcert/v5/pkg/util"
-	"github.com/Venafi/vcert/v5/pkg/venafi/cloud"
-	"github.com/Venafi/vcert/v5/pkg/webclient/cloudproviders"
 )
 
 const (
@@ -620,29 +618,20 @@ func randRunes(n int) string {
 }
 
 // fillProvisioningRequest populates the provisioning request payload with values from command flags
-func fillProvisioningRequest(req *endpoint.ProvisioningRequest, keystore domain.CloudKeystore, cf *commandFlags) (*endpoint.ProvisioningRequest, *endpoint.ProvisioningOptions) {
+func fillProvisioningRequest(req *domain.ProvisioningRequest, keystore domain.CloudKeystore, cf *commandFlags) (*domain.ProvisioningRequest, *domain.ProvisioningOptions) {
 	req.CertificateID = cleanEmptyStringPointer(cf.certificateID)
 	req.Keystore = &keystore
 	req.PickupID = &(cf.pickupID)
 
-	var options endpoint.ProvisioningOptions
-	if cf.keystoreCertName != "" {
-		switch keystore.Type {
-		case string(cloudproviders.CloudKeystoreTypeAkv):
-			optionsAkv := &cloud.CloudProvisioningAzureOptions{
-				Name: &cf.keystoreCertName,
-			}
-			options = endpoint.ProvisioningOptions(optionsAkv)
-		case string(cloudproviders.CloudKeystoreTypeGcm):
-			optionsGcp := &cloud.CloudProvisioningGCPOptions{
-				ID: &cf.keystoreCertName,
-			}
-			options = endpoint.ProvisioningOptions(optionsGcp)
-		}
-		return req, &options
+	if cf.keystoreCertName == "" {
+		return req, nil
+	}
+
+	options := &domain.ProvisioningOptions{
+		CloudCertificateName: cf.keystoreCertName,
 	}
+	return req, options
 
-	return req, nil
 }
 
 func buildGetCloudKeystoreRequest(flags *commandFlags) domain.GetCloudKeystoreRequest {

examples/provision/main.go

@@ -5,8 +5,8 @@ import (
 	"os"
 
 	"github.com/Venafi/vcert/v5"
+	"github.com/Venafi/vcert/v5/pkg/domain"
 	"github.com/Venafi/vcert/v5/pkg/endpoint"
-	"github.com/Venafi/vcert/v5/pkg/venafi/cloud"
 )
 
 const (
@@ -44,21 +44,11 @@ func main() {
 	keystoreID := "<insert Keystore ID here>"
 	certName := "<insert google cert name>" // e.g. test2-venafi-com
 
-	// The ID is the Certificate name for Google, hence we send it as name
-	optionsGcp := &cloud.CloudProvisioningGCPOptions{
-		ID: &certName,
+	optionsInput := domain.ProvisioningOptions{
+		CloudCertificateName: certName,
 	}
 
-	optionsInput := endpoint.ProvisioningOptions(optionsGcp)
-
-	// Example for Azure Options
-	//optionsAzure := &cloud.CloudProvisioningAzureOptions{
-	//	Name: &certName,
-	//}
-	//
-	//optionsInput := endpoint.ProvisioningOptions(optionsAzure)
-
-	req := &endpoint.ProvisioningRequest{
+	req := &domain.ProvisioningRequest{
 		CertificateID: &certificateID,
 		KeystoreID:    &keystoreID,
 	}
@@ -69,10 +59,16 @@ func main() {
 	}
 
 	// Example to get values from other keystores machine identities metadata
-	//log.Printf("Certificate AWS Metadata ARN:\n%v", certMetaData.GetAWSCertificateMetadata().GetARN())
-	//log.Printf("Certificate Azure Metadata ID:\n%v", certMetaData.GetAzureCertificateMetadata().GetID())
-	//log.Printf("Certificate Azure Metadata Name:\n%v", certMetaData.GetAzureCertificateMetadata().GetName())
-	//log.Printf("Certificate Azure Metadata Version:\n%v", certMetaData.GetAzureCertificateMetadata().GetVersion())
-	log.Printf("Certificate GCP Metadata ID:\n%v", certMetaData.GetGCPCertificateMetadata().GetID())
-	log.Printf("Certificate GCP Metadata Name:\n%v", certMetaData.GetGCPCertificateMetadata().GetName())
+	if certMetaData.CloudKeystoreType == domain.CloudKeystoreTypeACM {
+		log.Printf("Certificate AWS Metadata ARN:\n%v", certMetaData.ARN)
+	}
+	if certMetaData.CloudKeystoreType == domain.CloudKeystoreTypeAKV {
+		log.Printf("Certificate Azure Metadata ID:\n%v", certMetaData.CertificateID)
+		log.Printf("Certificate Azure Metadata Name:\n%v", certMetaData.CertificateName)
+		log.Printf("Certificate Azure Metadata Version:\n%v", certMetaData.CertificateVersion)
+	}
+	if certMetaData.CloudKeystoreType == domain.CloudKeystoreTypeGCM {
+		log.Printf("Certificate GCP Metadata ID:\n%v", certMetaData.CertificateID)
+		log.Printf("Certificate GCP Metadata Name:\n%v", certMetaData.CertificateName)
+	}
 }

examples/provisionWithRequest/main.go → examples/provisionWithCertificateRequest/main.go

@@ -7,8 +7,8 @@ import (
 
 	"github.com/Venafi/vcert/v5"
 	"github.com/Venafi/vcert/v5/pkg/certificate"
+	"github.com/Venafi/vcert/v5/pkg/domain"
 	"github.com/Venafi/vcert/v5/pkg/endpoint"
-	"github.com/Venafi/vcert/v5/pkg/venafi/cloud"
 )
 
 const (
@@ -72,21 +72,11 @@ func main() {
 	providerName := "<insert Provider Name here>"
 	certName := "<insert cert name>" // e.g. test2-venafi-com
 
-	// The ID is the Certificate name for Google, hence we send it as name
-	optionsGcp := &cloud.CloudProvisioningGCPOptions{
-		ID: &certName,
+	optionsInput := domain.ProvisioningOptions{
+		CloudCertificateName: certName,
 	}
 
-	// Example for Azure Options
-	// optionsAzure := &cloud.CloudProvisioningAzureOptions{
-	//   Name: &certName,
-	// }
-	//
-	// optionsInput := endpoint.ProvisioningOptions(optionsAzure)
-
-	optionsInput := endpoint.ProvisioningOptions(optionsGcp)
-
-	req := &endpoint.ProvisioningRequest{
+	req := &domain.ProvisioningRequest{
 		KeystoreName: &keystoreName,
 		ProviderName: &providerName,
 		PickupID:     &requestID,
@@ -98,12 +88,16 @@ func main() {
 	}
 
 	// Example to get values from other keystores machine identities metadata
-	//log.Printf("Certificate AWS Metadata ARN:\n%v", certMetaData.GetAWSCertificateMetadata().GetARN())
-	//log.Printf("Certificate Azure Metadata ID:\n%v", certMetaData.GetAzureCertificateMetadata().GetID())
-	//log.Printf("Certificate Azure Metadata Name:\n%v", certMetaData.GetAzureCertificateMetadata().GetName())
-	//log.Printf("Certificate Azure Metadata Version:\n%v", certMetaData.GetAzureCertificateMetadata().GetVersion())
-	log.Printf("Certificate GCP Metadata ID:\n%v", certMetaData.GetGCPCertificateMetadata().GetID())
-	log.Printf("Certificate GCP Metadata Name:\n%v", certMetaData.GetGCPCertificateMetadata().GetName())
-	log.Printf("Certificate Machine Identity Metadata ID:\n%v", certMetaData.GetMachineIdentityMetadata().GetID())
-	log.Printf("Certificate Machine Identity Action Type:\n%v", certMetaData.GetMachineIdentityMetadata().GetActionType())
+	if certMetaData.CloudKeystoreType == domain.CloudKeystoreTypeACM {
+		log.Printf("Certificate AWS Metadata ARN:\n%v", certMetaData.ARN)
+	}
+	if certMetaData.CloudKeystoreType == domain.CloudKeystoreTypeAKV {
+		log.Printf("Certificate Azure Metadata ID:\n%v", certMetaData.CertificateID)
+		log.Printf("Certificate Azure Metadata Name:\n%v", certMetaData.CertificateName)
+		log.Printf("Certificate Azure Metadata Version:\n%v", certMetaData.CertificateVersion)
+	}
+	if certMetaData.CloudKeystoreType == domain.CloudKeystoreTypeGCM {
+		log.Printf("Certificate GCP Metadata ID:\n%v", certMetaData.CertificateID)
+		log.Printf("Certificate GCP Metadata Name:\n%v", certMetaData.CertificateName)
+	}
 }

examples/provisionWithServiceAccount/main.go

@@ -7,8 +7,8 @@ import (
 
 	"github.com/Venafi/vcert/v5"
 	"github.com/Venafi/vcert/v5/pkg/certificate"
+	"github.com/Venafi/vcert/v5/pkg/domain"
 	"github.com/Venafi/vcert/v5/pkg/endpoint"
-	"github.com/Venafi/vcert/v5/pkg/venafi/cloud"
 )
 
 const (
@@ -86,21 +86,11 @@ func main() {
 	providerName := "<insert Provider Name here>"
 	certName := "<insert cert name>" // e.g. test2-venafi-com
 
-	// The ID is the Certificate name for Google, hence we send it as name
-	optionsGcp := &cloud.CloudProvisioningGCPOptions{
-		ID: &certName,
+	optionsInput := domain.ProvisioningOptions{
+		CloudCertificateName: certName,
 	}
 
-	// Example for Azure Options
-	// optionsAzure := &cloud.CloudProvisioningAzureOptions{
-	//   Name: &certName,
-	// }
-	//
-	// optionsInput := endpoint.ProvisioningOptions(optionsAzure)
-
-	optionsInput := endpoint.ProvisioningOptions(optionsGcp)
-
-	req := &endpoint.ProvisioningRequest{
+	req := &domain.ProvisioningRequest{
 		KeystoreName: &keystoreName,
 		ProviderName: &providerName,
 		PickupID:     &requestID,
@@ -112,10 +102,16 @@ func main() {
 	}
 
 	// Example to get values from other keystores machine identities metadata
-	//log.Printf("Certificate AWS Metadata ARN:\n%v", certMetaData.GetAWSCertificateMetadata().GetARN())
-	//log.Printf("Certificate Azure Metadata ID:\n%v", certMetaData.GetAzureCertificateMetadata().GetID())
-	//log.Printf("Certificate Azure Metadata Name:\n%v", certMetaData.GetAzureCertificateMetadata().GetName())
-	//log.Printf("Certificate Azure Metadata Version:\n%v", certMetaData.GetAzureCertificateMetadata().GetVersion())
-	log.Printf("Certificate GCP Metadata ID:\n%v", certMetaData.GetGCPCertificateMetadata().GetID())
-	log.Printf("Certificate GCP Metadata Name:\n%v", certMetaData.GetGCPCertificateMetadata().GetName())
+	if certMetaData.CloudKeystoreType == domain.CloudKeystoreTypeACM {
+		log.Printf("Certificate AWS Metadata ARN:\n%v", certMetaData.ARN)
+	}
+	if certMetaData.CloudKeystoreType == domain.CloudKeystoreTypeAKV {
+		log.Printf("Certificate Azure Metadata ID:\n%v", certMetaData.CertificateID)
+		log.Printf("Certificate Azure Metadata Name:\n%v", certMetaData.CertificateName)
+		log.Printf("Certificate Azure Metadata Version:\n%v", certMetaData.CertificateVersion)
+	}
+	if certMetaData.CloudKeystoreType == domain.CloudKeystoreTypeGCM {
+		log.Printf("Certificate GCP Metadata ID:\n%v", certMetaData.CertificateID)
+		log.Printf("Certificate GCP Metadata Name:\n%v", certMetaData.CertificateName)
+	}
 }