-
Notifications
You must be signed in to change notification settings - Fork 61
/
validatorsCloud.go
46 lines (35 loc) · 1.56 KB
/
validatorsCloud.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
package main
import "fmt"
func validateConnectionFlagsCloud(commandName string) error {
//sshgetconfig command
//This is not supported for VaaS as of now, but when (if) it does, it is going to be an unauthenticated endpoint, just like TPP
if commandName == commandSshGetConfigName {
return nil
}
//getcred command
if commandName == commandGetCredName {
tenantIDPresent := flags.vaasTenantID != "" || getPropertyFromEnvironment(vCertTenantID) != ""
externalJWTPresent := flags.externalJWT != "" || getPropertyFromEnvironment(vCertExternalJWT) != ""
svcAccountPresent := tenantIDPresent && externalJWTPresent
emailPresent := flags.email != ""
if tenantIDPresent && !externalJWTPresent {
return fmt.Errorf("missing jwt for service account authentication. Set the jwt using --external-jwt flag")
}
advice := "Use --tenant-id/--external-jwt for authentication or --email for registration"
if !svcAccountPresent && !emailPresent {
return fmt.Errorf("missing flags for Venafi as a Service authentication. %s", advice)
}
return nil
}
//Any other command
apiKeyPresent := flags.apiKey != "" || getPropertyFromEnvironment(vCertApiKey) != ""
tokenPresent := flags.token != "" || getPropertyFromEnvironment(vCertToken) != ""
advice := "Use only one of --apiKey (-k) or --token (-t)"
if !apiKeyPresent && !tokenPresent {
return fmt.Errorf("missing flags for Venafi as a Service authentication. %s", advice)
}
if apiKeyPresent && tokenPresent {
return fmt.Errorf("multiple methods set for Venafi as a Service authentication. %s", advice)
}
return nil
}