refactor: add functions to get parameters and add constants

pkg/provider/provider_test.go

@@ -20,6 +20,7 @@ import (
 	"github.com/stretchr/testify/assert"
 
 	"github.com/Azure/secrets-store-csi-driver-provider-azure/pkg/auth"
+	"github.com/Azure/secrets-store-csi-driver-provider-azure/pkg/provider/types"
 	"github.com/Azure/secrets-store-csi-driver-provider-azure/pkg/version"
 )
 
@@ -429,19 +430,19 @@ func TestGetContentBytes(t *testing.T) {
 func TestFormatKeyVaultObject(t *testing.T) {
 	cases := []struct {
 		desc                   string
-		keyVaultObject         KeyVaultObject
-		expectedKeyVaultObject KeyVaultObject
+		keyVaultObject         types.KeyVaultObject
+		expectedKeyVaultObject types.KeyVaultObject
 	}{
 		{
 			desc: "leading and trailing whitespace trimmed from all fields",
-			keyVaultObject: KeyVaultObject{
+			keyVaultObject: types.KeyVaultObject{
 				ObjectName:     "secret1     ",
 				ObjectVersion:  "",
 				ObjectEncoding: "base64   ",
 				ObjectType:     "  secret",
 				ObjectAlias:    "",
 			},
-			expectedKeyVaultObject: KeyVaultObject{
+			expectedKeyVaultObject: types.KeyVaultObject{
 				ObjectName:     "secret1",
 				ObjectVersion:  "",
 				ObjectEncoding: "base64",
@@ -451,14 +452,14 @@ func TestFormatKeyVaultObject(t *testing.T) {
 		},
 		{
 			desc: "no data loss for already sanitized object",
-			keyVaultObject: KeyVaultObject{
+			keyVaultObject: types.KeyVaultObject{
 				ObjectName:     "secret1",
 				ObjectVersion:  "version1",
 				ObjectEncoding: "base64",
 				ObjectType:     "secret",
 				ObjectAlias:    "alias",
 			},
-			expectedKeyVaultObject: KeyVaultObject{
+			expectedKeyVaultObject: types.KeyVaultObject{
 				ObjectName:     "secret1",
 				ObjectVersion:  "version1",
 				ObjectEncoding: "base64",

pkg/provider/types/constants.go

@@ -0,0 +1,49 @@
+package types
+
+const (
+	// VaultObjectTypeSecret secret vault object type
+	VaultObjectTypeSecret = "secret"
+	// VaultObjectTypeKey key vault object type
+	VaultObjectTypeKey = "key"
+	// VaultObjectTypeCertificate certificate vault object type
+	VaultObjectTypeCertificate = "cert"
+
+	CertTypePem = "application/x-pem-file"
+	CertTypePfx = "application/x-pkcs12"
+
+	CertificateType = "CERTIFICATE"
+
+	ObjectFormatPEM = "pem"
+	ObjectFormatPFX = "pfx"
+
+	ObjectEncodingHex    = "hex"
+	ObjectEncodingBase64 = "base64"
+	ObjectEncodingUtf8   = "utf-8"
+
+	// pod identity NMI port
+	PodIdentityNMIPort = "2579"
+
+	CSIAttributePodName              = "csi.storage.k8s.io/pod.name"
+	CSIAttributePodNamespace         = "csi.storage.k8s.io/pod.namespace"
+	CSIAttributeServiceAccountTokens = "csi.storage.k8s.io/serviceAccount.tokens" // nolint
+
+	// KeyVaultNameParameter is the name of the key vault name parameter
+	KeyVaultNameParameter = "keyvaultName"
+	// CloudNameParameter is the name of the cloud name parameter
+	CloudNameParameter = "cloudName"
+	// UsePodIdentityParameter is the name of the use pod identity parameter
+	UsePodIdentityParameter = "usePodIdentity"
+	// UseVMManagedIdentityParameter is the name of the use VM managed identity parameter
+	UseVMManagedIdentityParameter = "useVMManagedIdentity"
+	// UserAssignedIdentityIDParameter is the name of the user assigned identity ID parameter
+	UserAssignedIdentityIDParameter = "userAssignedIdentityID"
+	// TenantIDParameter is the name of the tenant ID parameter
+	TenantIDParameter = "tenantId"
+	// CloudEnvFileNameParameter is the name of the cloud env file name parameter
+	CloudEnvFileNameParameter = "cloudEnvFileName"
+	// ClientIDParameter is the name of the client ID parameter
+	// This clientID is used for workload identity
+	ClientIDParameter = "clientID"
+	// ObjectsParameter is the name of the objects parameter
+	ObjectsParameter = "objects"
+)

pkg/provider/types/parameters.go

@@ -0,0 +1,118 @@
+package types
+
+import (
+	"strconv"
+	"strings"
+
+	"gopkg.in/yaml.v2"
+)
+
+// KeyVaultObject holds keyvault object related config
+type KeyVaultObject struct {
+	// the name of the Azure Key Vault objects
+	ObjectName string `json:"objectName" yaml:"objectName"`
+	// the filename the object will be written to
+	ObjectAlias string `json:"objectAlias" yaml:"objectAlias"`
+	// the version of the Azure Key Vault objects
+	ObjectVersion string `json:"objectVersion" yaml:"objectVersion"`
+	// the type of the Azure Key Vault objects
+	ObjectType string `json:"objectType" yaml:"objectType"`
+	// the format of the Azure Key Vault objects
+	// supported formats are PEM, PFX
+	ObjectFormat string `json:"objectFormat" yaml:"objectFormat"`
+	// The encoding of the object in KeyVault
+	// Supported encodings are Base64, Hex, Utf-8
+	ObjectEncoding string `json:"objectEncoding" yaml:"objectEncoding"`
+	// FilePermission is the file permissions
+	FilePermission string `json:"filePermission" yaml:"filePermission"`
+}
+
+// SecretFile holds content and metadata of a secret file that is sent
+// back to the driver
+type SecretFile struct {
+	Content  []byte
+	Path     string
+	FileMode int32
+	UID      string
+	Version  string
+}
+
+// StringArray holds a list of strings
+type StringArray struct {
+	Array []string `json:"array" yaml:"array"`
+}
+
+// GetKeyVaultName returns the key vault name
+func GetKeyVaultName(parameters map[string]string) string {
+	return strings.TrimSpace(parameters[KeyVaultNameParameter])
+}
+
+// GetCloudName returns the cloud name
+func GetCloudName(parameters map[string]string) string {
+	return strings.TrimSpace(parameters[CloudNameParameter])
+}
+
+// GetUsePodIdentity returns if pod identity is enabled
+func GetUsePodIdentity(parameters map[string]string) (bool, error) {
+	str := strings.TrimSpace(parameters[UsePodIdentityParameter])
+	if str == "" {
+		return false, nil
+	}
+	return strconv.ParseBool(str)
+}
+
+// GetUseVMManagedIdentity returns if VM managed identity is enabled
+func GetUseVMManagedIdentity(parameters map[string]string) (bool, error) {
+	str := strings.TrimSpace(parameters[UseVMManagedIdentityParameter])
+	if str == "" {
+		return false, nil
+	}
+	return strconv.ParseBool(str)
+}
+
+// GetUserAssignedIdentityID returns the user assigned identity ID
+func GetUserAssignedIdentityID(parameters map[string]string) string {
+	return strings.TrimSpace(parameters[UserAssignedIdentityIDParameter])
+}
+
+// GetTenantID returns the tenant ID
+func GetTenantID(parameters map[string]string) string {
+	return strings.TrimSpace(parameters[TenantIDParameter])
+}
+
+// GetCloudEnvFileName returns the cloud env file name
+func GetCloudEnvFileName(parameters map[string]string) string {
+	return strings.TrimSpace(parameters[CloudEnvFileNameParameter])
+}
+
+// GetPodName returns the pod name
+func GetPodName(parameters map[string]string) string {
+	return strings.TrimSpace(parameters[CSIAttributePodName])
+}
+
+// GetPodNamespace returns the pod namespace
+func GetPodNamespace(parameters map[string]string) string {
+	return strings.TrimSpace(parameters[CSIAttributePodNamespace])
+}
+
+// GetClientID returns the client ID
+func GetClientID(parameters map[string]string) string {
+	return strings.TrimSpace(parameters[ClientIDParameter])
+}
+
+// GetServiceAccountTokens returns the service account tokens
+func GetServiceAccountTokens(parameters map[string]string) string {
+	return strings.TrimSpace(parameters[CSIAttributeServiceAccountTokens])
+}
+
+// GetObjects returns the key vault objects
+func GetObjects(parameters map[string]string) string {
+	return strings.TrimSpace(parameters[ObjectsParameter])
+}
+
+// GetObjectsArray returns the key vault objects array
+func GetObjectsArray(objects string) (StringArray, error) {
+	var a StringArray
+	err := yaml.Unmarshal([]byte(objects), &a)
+	return a, err
+}