From 8627b061605311c961fb2aec1b8dbf86553eeb0a Mon Sep 17 00:00:00 2001 From: Russel Vela Date: Thu, 29 Oct 2020 11:00:29 -0600 Subject: [PATCH 1/2] Updated the way readZoneConfiguration method works for CloudConnector. Instead of getting all the projects and iterating them, now it directly calls an api method to get the zone filtered by Id. This update only works when the zone id is passed as argument. When the project_name\zone_name is passed as argument, the method still retrieves all projects and iterates over them to match the project name and zone name. --- .../vcert/sdk/connectors/cloud/Cloud.java | 5 ++ .../sdk/connectors/cloud/CloudConnector.java | 55 +++++++++++-------- .../cloud/domain/TagProjectZone.java | 19 +++++++ .../connectors/cloud/CloudConnectorAT.java | 17 ++++-- 4 files changed, 68 insertions(+), 28 deletions(-) create mode 100644 src/main/java/com/venafi/vcert/sdk/connectors/cloud/domain/TagProjectZone.java diff --git a/src/main/java/com/venafi/vcert/sdk/connectors/cloud/Cloud.java b/src/main/java/com/venafi/vcert/sdk/connectors/cloud/Cloud.java index ee003fd..b9fef0c 100644 --- a/src/main/java/com/venafi/vcert/sdk/connectors/cloud/Cloud.java +++ b/src/main/java/com/venafi/vcert/sdk/connectors/cloud/Cloud.java @@ -20,6 +20,7 @@ import com.venafi.vcert.sdk.connectors.cloud.domain.Project; import com.venafi.vcert.sdk.connectors.cloud.domain.ProjectZone; import com.venafi.vcert.sdk.connectors.cloud.domain.Projects; +import com.venafi.vcert.sdk.connectors.cloud.domain.TagProjectZone; import com.venafi.vcert.sdk.connectors.cloud.domain.UserDetails; import com.venafi.vcert.sdk.utils.FeignUtils; @@ -44,6 +45,10 @@ public interface Cloud { @RequestLine("GET /devopsprojects/{projectId}?zoneDetails=true") Project projectById(@Param("projectId") String projectId, @Param("apiKey") String apiKey); + @Headers("tppl-api-key: {apiKey}") + @RequestLine("GET /zones/tag/{tag}") + TagProjectZone zoneByTag(@Param("tag") String tag, @Param("apiKey") String apiKey); + @Headers("tppl-api-key: {apiKey}") @RequestLine("GET /certificateissuingtemplates/{certificateIssuingTemplateId}") CertificateIssuingTemplate certificateIssuingTemplateById( diff --git a/src/main/java/com/venafi/vcert/sdk/connectors/cloud/CloudConnector.java b/src/main/java/com/venafi/vcert/sdk/connectors/cloud/CloudConnector.java index 010e17a..39e5f44 100644 --- a/src/main/java/com/venafi/vcert/sdk/connectors/cloud/CloudConnector.java +++ b/src/main/java/com/venafi/vcert/sdk/connectors/cloud/CloudConnector.java @@ -36,9 +36,11 @@ import com.venafi.vcert.sdk.connectors.Connector; import com.venafi.vcert.sdk.connectors.Policy; import com.venafi.vcert.sdk.connectors.ZoneConfiguration; +import com.venafi.vcert.sdk.connectors.cloud.domain.CertificateIssuingTemplate; import com.venafi.vcert.sdk.connectors.cloud.domain.Project; import com.venafi.vcert.sdk.connectors.cloud.domain.ProjectZone; import com.venafi.vcert.sdk.connectors.cloud.domain.Projects; +import com.venafi.vcert.sdk.connectors.cloud.domain.TagProjectZone; import com.venafi.vcert.sdk.connectors.cloud.domain.UserDetails; import com.venafi.vcert.sdk.endpoint.Authentication; import com.venafi.vcert.sdk.endpoint.ConnectorType; @@ -105,32 +107,34 @@ public void authenticate(Authentication auth) throws VCertException { @Override public ZoneConfiguration readZoneConfiguration(String zone) throws VCertException { - ProjectZone projectZone = null; String[] zoneIdentifiers = parseZoneIdentifiers(zone); - - Projects projects = cloud.projects(auth.apiKey()); - if (projects.projects().isEmpty()) { - throw new VCertException("No projects present."); - } + CertificateIssuingTemplate cit = null; + String zoneId = null; if (zoneIdentifiers[0] != null) { - // Find zone by ID - String zoneId = zoneIdentifiers[0]; - - for (Project project : projects.projects()) { - for (ProjectZone projZone : project.zones()) { - if (zoneId.equals(projZone.id())) { - projectZone = projZone; - break; - } - } + // Find zone by tag + String zoneTag = zoneIdentifiers[0]; + TagProjectZone tpz = cloud.zoneByTag(zone, auth.apiKey()); + if (tpz == null) { + throw new VCertException(format("No zone with Id '%s'.", zoneTag)); } - if (projectZone == null) { - throw new VCertException(format("No zone with ID '%s'.", zoneId)); + zoneId = tpz.id(); + cit = cloud.certificateIssuingTemplateById(tpz.certificateIssuingTemplateId(), auth.apiKey()); + + if (cit == null){ + throw new VCertException(format("Certificate issue template not found. Id provided = [%s] ", + tpz.certificateIssuingTemplateId())); } + } else { // Find zone by project name and zone name + ProjectZone projectZone = null; + Projects projects = cloud.projects(auth.apiKey()); + if (projects.projects().isEmpty()) { + throw new VCertException("No projects present."); + } + String projectName = zoneIdentifiers[1]; String zoneName = zoneIdentifiers[2]; @@ -149,15 +153,18 @@ public ZoneConfiguration readZoneConfiguration(String zone) throws VCertExceptio throw new VCertException( format("No zone with name '%s' in '%s' project.", zoneName, projectName)); } - } - if (projectZone.cit() == null) { - throw new VCertException(format("No certificate issuing template ID for '%s' zone.", zone)); + zoneId = projectZone.id(); + cit = projectZone.cit(); + + if (cit == null) { + throw new VCertException(format("No certificate issuing template ID for '%s' zone.", zone)); + } } - ZoneConfiguration zoneConfig = projectZone.cit().toZoneConfig(); - zoneConfig.policy(projectZone.cit().toPolicy()); - zoneConfig.zoneId(projectZone.id()); + ZoneConfiguration zoneConfig = cit.toZoneConfig(); + zoneConfig.policy(cit.toPolicy()); + zoneConfig.zoneId(zoneId); return zoneConfig; } diff --git a/src/main/java/com/venafi/vcert/sdk/connectors/cloud/domain/TagProjectZone.java b/src/main/java/com/venafi/vcert/sdk/connectors/cloud/domain/TagProjectZone.java new file mode 100644 index 0000000..22967b7 --- /dev/null +++ b/src/main/java/com/venafi/vcert/sdk/connectors/cloud/domain/TagProjectZone.java @@ -0,0 +1,19 @@ +package com.venafi.vcert.sdk.connectors.cloud.domain; + +import java.time.OffsetDateTime; + +import lombok.AllArgsConstructor; +import lombok.Data; +import lombok.NoArgsConstructor; + +@Data +@NoArgsConstructor +@AllArgsConstructor +public class TagProjectZone { + private String id; + private String companyId; + private String devopsProjectId; + private String name; + private String certificateIssuingTemplateId; + private OffsetDateTime creationDate; +} diff --git a/src/test/java/com/venafi/vcert/sdk/connectors/cloud/CloudConnectorAT.java b/src/test/java/com/venafi/vcert/sdk/connectors/cloud/CloudConnectorAT.java index 9b51636..d35bdd5 100644 --- a/src/test/java/com/venafi/vcert/sdk/connectors/cloud/CloudConnectorAT.java +++ b/src/test/java/com/venafi/vcert/sdk/connectors/cloud/CloudConnectorAT.java @@ -54,6 +54,15 @@ void readZoneConfiguration() throws VCertException { } } + @Test + void readZoneConfigurationById() throws VCertException { + try{ + classUnderTest.readZoneConfiguration(System.getenv("CLOUDZONEID")); + }catch (FeignException fe){ + throw VCertException.fromFeignException(fe); + } + } + @Test void generateRequest() throws VCertException, IOException { String zoneName = System.getenv("CLOUDZONE"); @@ -85,7 +94,7 @@ void generateRequest() throws VCertException, IOException { } @Test - void requestCertificate() throws VCertException, SocketException, UnknownHostException { + void requestCertificate() throws VCertException, UnknownHostException { String zoneName = System.getenv("CLOUDZONE"); ZoneConfiguration zoneConfiguration = classUnderTest.readZoneConfiguration(zoneName); CertificateRequest certificateRequest = new CertificateRequest() @@ -102,7 +111,7 @@ void requestCertificate() throws VCertException, SocketException, UnknownHostExc } @Test - void retrieveCertificate() throws VCertException, SocketException, UnknownHostException { + void retrieveCertificate() throws VCertException, UnknownHostException { String zoneName = System.getenv("CLOUDZONE"); ZoneConfiguration zoneConfiguration = classUnderTest.readZoneConfiguration(zoneName); CertificateRequest certificateRequest = new CertificateRequest() @@ -134,8 +143,8 @@ void revokeCertificate() throws VCertException { } @Test - void renewCertificate() throws VCertException, UnknownHostException, SocketException, - CertificateException, NoSuchAlgorithmException { + void renewCertificate() throws VCertException, UnknownHostException, + CertificateException { String zoneName = System.getenv("CLOUDZONE"); String commonName = TestUtils.randomCN(); ZoneConfiguration zoneConfiguration = classUnderTest.readZoneConfiguration(zoneName); From 5d0a88a40e895ef438b4522b29b7b2228df1d8cd Mon Sep 17 00:00:00 2001 From: Russel Vela Date: Thu, 29 Oct 2020 11:27:09 -0600 Subject: [PATCH 2/2] Updated the way readZoneConfiguration method works for CloudConnector. Instead of getting all the projects and iterating them, now it directly calls an api method to get the zone filtered by Id. This update only works when the zone id is passed as argument. When the project_name\zone_name is passed as argument, the method still retrieves all projects and iterates over them to match the project name and zone name. --- .../vcert/sdk/connectors/cloud/CloudConnectorAT.java | 9 --------- 1 file changed, 9 deletions(-) diff --git a/src/test/java/com/venafi/vcert/sdk/connectors/cloud/CloudConnectorAT.java b/src/test/java/com/venafi/vcert/sdk/connectors/cloud/CloudConnectorAT.java index d35bdd5..bf28ffb 100644 --- a/src/test/java/com/venafi/vcert/sdk/connectors/cloud/CloudConnectorAT.java +++ b/src/test/java/com/venafi/vcert/sdk/connectors/cloud/CloudConnectorAT.java @@ -54,15 +54,6 @@ void readZoneConfiguration() throws VCertException { } } - @Test - void readZoneConfigurationById() throws VCertException { - try{ - classUnderTest.readZoneConfiguration(System.getenv("CLOUDZONEID")); - }catch (FeignException fe){ - throw VCertException.fromFeignException(fe); - } - } - @Test void generateRequest() throws VCertException, IOException { String zoneName = System.getenv("CLOUDZONE");