diff --git a/aruba/features/provision/cloudkeystore/provision_cloudkeystore.feature b/aruba/features/provision/cloudkeystore/provision_cloudkeystore.feature index e6f56871..a0cb7367 100644 --- a/aruba/features/provision/cloudkeystore/provision_cloudkeystore.feature +++ b/aruba/features/provision/cloudkeystore/provision_cloudkeystore.feature @@ -12,6 +12,21 @@ Feature: provision to cloud keystore And I remember the output And I use previous Pickup ID to provision from VCP a certificate to cloudkeystore "" setting keystore and provider names And I remember the output + And the output should not contain "Warning: --platform not set. Attempting to best-guess platform from connection flags" + And I grab cloud ID from output + Then I clean up previous installed certificate from cloudkeystore + Examples: + | cloudkeystore | + | GOOGLE | + | AWS | + | AZURE | + + Scenario Outline: Enroll certificate and execute provisioning for cloud keystore without Platform flags + Given I enroll a random certificate with defined platform VCP with -csr service -no-prompt + And I remember the output + And I use previous Pickup ID to provision without set Platform flag from VCP a certificate to cloudkeystore "" setting keystore and provider names + And I remember the output + And the output should contain "Warning: --platform not set. Attempting to best-guess platform from connection flags" And I grab cloud ID from output Then I clean up previous installed certificate from cloudkeystore Examples: diff --git a/aruba/features/provision/cloudkeystore/steps_definitions/my_steps.rb b/aruba/features/provision/cloudkeystore/steps_definitions/my_steps.rb index bf6cd87e..fba796a5 100644 --- a/aruba/features/provision/cloudkeystore/steps_definitions/my_steps.rb +++ b/aruba/features/provision/cloudkeystore/steps_definitions/my_steps.rb @@ -1,13 +1,20 @@ And(/^I use previous Pickup ID to provision (?:from|using) (\S+) a certificate to cloudkeystore "(.*)"( setting keystore and provider names)?$/) do |platform, cloudkeystore_type, keystore_provider_names| - cmd = build_provision_cmd(platform, cloudkeystore_type, keystore_provider_names) + cmd = build_provision_cmd(platform, cloudkeystore_type, keystore_provider_names, "",true) + + steps %{Then I try to run `#{cmd}`} +end + +And(/^I use previous Pickup ID to provision without set Platform flag (?:from|using) (\S+) a certificate to cloudkeystore "(.*)"( setting keystore and provider names)?$/) do |platform, cloudkeystore_type, keystore_provider_names| + + cmd = build_provision_cmd(platform, cloudkeystore_type, keystore_provider_names, "",false) steps %{Then I try to run `#{cmd}`} end And(/^I use previous Pickup ID to provision (?:from|using) (\S+) a certificate to cloudkeystore "(.*)"( setting keystore and provider names)? with (.+)?/) do |platform, cloudkeystore_type, keystore_provider_names, flags| - cmd = build_provision_cmd(platform, cloudkeystore_type, keystore_provider_names, flags) + cmd = build_provision_cmd(platform, cloudkeystore_type, keystore_provider_names, flags, true) steps %{Then I try to run `#{cmd}`} end @@ -26,17 +33,20 @@ fail(ArgumentError.new("Unknown cloud type: #{@cloudkeystore_type}")) end flags += @global_set_provision_flags - cmd = build_provision_cmd(PLATFORM_VCP, @cloudkeystore_type, keystore_provider_names, flags) + cmd = build_provision_cmd(PLATFORM_VCP, @cloudkeystore_type, keystore_provider_names, flags, true) steps %{Then I try to run `#{cmd}`} end -def build_provision_cmd(platform, cloudkeystore_type, keystore_provider_names, flags = "") +def build_provision_cmd(platform, cloudkeystore_type, keystore_provider_names, flags = "", set_platform_flag=true) @global_set_provision_flags = flags - platform_flag = " -platform " + platform + cmd = "vcert provision cloudkeystore #{ENDPOINTS[PLATFORM_VCP]} -pickup-id #{@pickup_id}" - cmd = "vcert provision cloudkeystore #{platform_flag} #{ENDPOINTS[PLATFORM_VCP]} -pickup-id #{@pickup_id}" + if set_platform_flag + platform_flag = " -platform " + platform + cmd = cmd + platform_flag + end keystore_name = "" provider_name = "" diff --git a/cmd/vcert/cmdCloudKeystores.go b/cmd/vcert/cmdCloudKeystores.go index 3463fa7d..ee3ecc9b 100644 --- a/cmd/vcert/cmdCloudKeystores.go +++ b/cmd/vcert/cmdCloudKeystores.go @@ -15,9 +15,10 @@ import ( var ( subCommandCloudKeystore = &cli.Command{ - Name: subCommandCloudKeystoreName, - Flags: provisionFlags, - Usage: "provision certificate from Venafi Platform to Cloud Keystore", + Before: runBeforeProvisionCommand, + Name: subCommandCloudKeystoreName, + Flags: provisionFlags, + Usage: "provision certificate from Venafi Platform to Cloud Keystore", UsageText: `vcert provision cloudkeystore vcert provision cloudkeystore --platform vcp -k --certificate-id xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx --keystore-id xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx --format json diff --git a/cmd/vcert/cmdHelper.go b/cmd/vcert/cmdHelper.go index e7b45a84..aba5fa8e 100644 --- a/cmd/vcert/cmdHelper.go +++ b/cmd/vcert/cmdHelper.go @@ -43,7 +43,7 @@ import ( var tlsConfig tls.Config func runBeforeCommand(c *cli.Context) error { - //TODO: move all flag validations here + //TODO: refactor flags to specified command. If command doesn't use it, flag should be ignored. flags.orgUnits = c.StringSlice("ou") flags.dnsSans = c.StringSlice("san-dns") flags.emailSans = c.StringSlice("san-email") @@ -98,6 +98,13 @@ func runBeforeCommand(c *cli.Context) error { return nil } +func runBeforeProvisionCommand(c *cli.Context) error { + if flags.platformString != "" { + flags.platform = venafi.GetPlatformType(flags.platformString) + } + return nil +} + func setTLSConfig() error { //Set RenegotiateFreelyAsClient in case of we're communicating with MTLS TPP server with only user\password if flags.apiKey == "" { diff --git a/cmd/vcert/flags.go b/cmd/vcert/flags.go index fddce627..7f5d850e 100644 --- a/cmd/vcert/flags.go +++ b/cmd/vcert/flags.go @@ -27,8 +27,9 @@ var ( flagPlatform = &cli.StringFlag{ Name: "platform", Usage: "Use to specify the platform VCert will use to execute the given command. Only accepted values are:\n" + - "\t\tFor getcred command: --platform [TPP | VAAS | OIDC]\n" + - "\t\tFor enroll command: --platform [TPP | VAAS | FIREFLY]", + "\t\tFor getcred command: --platform [TPP | VCP | OIDC]\n" + + "\t\tFor enroll command: --platform [TPP | VCP | FIREFLY]\n" + + "\t\tFor provision command: --platform [ VCP ]", Destination: &flags.platformString, Aliases: []string{"p"}, }