feat(cloud-provisioning): Adds function to retrieve machine identity …

…by ID
Venafi · May 23, 2024 · f777f4c · f777f4c
1 parent a03a6d9
commit f777f4c
Show file tree

Hide file tree

Showing 7 changed files with 1,302 additions and 143 deletions.
diff --git a/pkg/domain/cloudproviders.go b/pkg/domain/cloudproviders.go
@@ -1,5 +1,7 @@
 package domain
 
+import "github.com/google/uuid"
+
 type CloudProvider struct {
 	ID             string
 	Name           string
@@ -27,3 +29,133 @@ type GetCloudKeystoreRequest struct {
 	CloudKeystoreID   *string
 	CloudKeystoreName *string
 }
+
+type MachineIdentityStatus int
+
+const (
+	MachineIdentityStatusUnknown MachineIdentityStatus = iota
+	MachineIdentityStatusNew
+	MachineIdentityStatusPending
+	MachineIdentityStatusInstalled
+	MachineIdentityStatusDiscovered
+	MachineIdentityStatusValidated
+	MachineIdentityStatusMissing
+	MachineIdentityStatusFailed
+
+	MachineIdentityStatusUnknownStr    = "UNKNOWN"
+	MachineIdentityStatusNewStr        = "NEW"
+	MachineIdentityStatusPendingStr    = "PENDING"
+	MachineIdentityStatusInstalledStr  = "INSTALLED"
+	MachineIdentityStatusDiscoveredStr = "DISCOVERED"
+	MachineIdentityStatusValidatedStr  = "VALIDATED"
+	MachineIdentityStatusMissingStr    = "MISSING"
+	MachineIdentityStatusFailedStr     = "FAILED"
+
+	CloudMetadataACM     = "AWS"
+	CloudMetadataGCM     = "GCM"
+	CloudMetadataAKV     = "AKV"
+	CloudMetadataUnknown = "UNKNOWN"
+)
+
+func (mis MachineIdentityStatus) String() string {
+	switch mis {
+	case MachineIdentityStatusNew:
+		return MachineIdentityStatusNewStr
+	case MachineIdentityStatusPending:
+		return MachineIdentityStatusPendingStr
+	case MachineIdentityStatusInstalled:
+		return MachineIdentityStatusInstalledStr
+	case MachineIdentityStatusDiscovered:
+		return MachineIdentityStatusDiscoveredStr
+	case MachineIdentityStatusValidated:
+		return MachineIdentityStatusValidatedStr
+	case MachineIdentityStatusMissing:
+		return MachineIdentityStatusMissingStr
+	case MachineIdentityStatusFailed:
+		return MachineIdentityStatusFailedStr
+	default:
+		return MachineIdentityStatusUnknownStr
+	}
+}
+
+func GetMachineIdentityStatus(status string) MachineIdentityStatus {
+	switch status {
+	case MachineIdentityStatusNewStr:
+		return MachineIdentityStatusNew
+	case MachineIdentityStatusPendingStr:
+		return MachineIdentityStatusPending
+	case MachineIdentityStatusInstalledStr:
+		return MachineIdentityStatusInstalled
+	case MachineIdentityStatusDiscoveredStr:
+		return MachineIdentityStatusDiscovered
+	case MachineIdentityStatusValidatedStr:
+		return MachineIdentityStatusValidated
+	case MachineIdentityStatusMissingStr:
+		return MachineIdentityStatusMissing
+	case MachineIdentityStatusFailedStr:
+		return MachineIdentityStatusFailed
+	default:
+		return MachineIdentityStatusUnknown
+	}
+}
+
+type CertificateCloudMetadata struct {
+	values map[string]interface{}
+}
+
+func NewCertificateCloudMetadata(values map[string]interface{}) CertificateCloudMetadata {
+	return CertificateCloudMetadata{
+		values: values,
+	}
+}
+
+func (ccm *CertificateCloudMetadata) GetType() string {
+	typ := ccm.GetValue("__typename")
+	if typ == nil {
+		return CloudMetadataUnknown
+	}
+	switch typ {
+	case "AWSCertificateMetadata":
+		return CloudMetadataACM
+	case "AzureCertificateMetadata":
+		return CloudMetadataGCM
+	case "GCPCertificateMetadata":
+		return CloudMetadataAKV
+	default:
+		return CloudMetadataUnknown
+	}
+}
+
+func (ccm *CertificateCloudMetadata) GetMetadata() map[string]interface{} {
+	return ccm.values
+}
+
+func (ccm *CertificateCloudMetadata) GetValue(key string) interface{} {
+	if key == "" {
+		return nil
+	}
+	if ccm.values == nil {
+		return nil
+	}
+	return ccm.values[key]
+}
+
+type CloudMachineIdentity struct {
+	ID                uuid.UUID
+	CloudKeystoreID   uuid.UUID
+	CloudKeystoreName string
+	CloudProviderID   uuid.UUID
+	CloudProviderName string
+	CertificateID     uuid.UUID
+	Metadata          *CertificateCloudMetadata
+	Status            MachineIdentityStatus
+	StatusDetails     string
+}
+
+type GetCloudMachineIdentityRequest struct {
+	KeystoreID        *string
+	MachineIdentityID *string
+	Fingerprints      []string
+	NewlyDiscovered   *bool
+	Metadata          *string
+}
diff --git a/pkg/venafi/cloud/cloudproviders.go b/pkg/venafi/cloud/cloudproviders.go
@@ -225,8 +225,6 @@ func (c *Connector) GetCloudKeystoreByName(cloudProviderID string, cloudKeystore
 
 	request := domain.GetCloudKeystoreRequest{
 		CloudProviderID:   &cloudProviderID,
-		CloudProviderName: nil,
-		CloudKeystoreID:   nil,
 		CloudKeystoreName: &cloudKeystoreName,
 	}
 
@@ -240,6 +238,23 @@ func (c *Connector) GetCloudKeystoreByName(cloudProviderID string, cloudKeystore
 	return cloudKeystore, nil
 }
 
+func (c *Connector) GetMachineIdentityByID(machineIdentityID string) (*domain.CloudMachineIdentity, error) {
+	if machineIdentityID == "" {
+		return nil, fmt.Errorf("machine identity ID cannot be empty")
+	}
+	request := domain.GetCloudMachineIdentityRequest{
+		MachineIdentityID: &machineIdentityID,
+	}
+	machineIdentity, err := c.cloudProvidersClient.GetMachineIdentity(context.Background(), request)
+	if err != nil {
+		return nil, fmt.Errorf("failed to retrieve Cloud Machine Identity with ID %s: %w", machineIdentityID, err)
+	}
+	if machineIdentity == nil {
+		return nil, fmt.Errorf("could not find Cloud Machine Identity with ID %s", machineIdentityID)
+	}
+	return machineIdentity, nil
+}
+
 func getCloudMetadataFromWebsocketResponse(respMap interface{}, keystoreType string, keystoreId string) (*CloudProvisioningMetadata, error) {
 
 	val := CloudKeystoreProvisioningResult{}