Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement a common interface for the various resource types #24

Merged
merged 1 commit into from
Jan 16, 2020
Merged

Implement a common interface for the various resource types #24

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion akva.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ sinks:
path: /tmp/whatever
frequency: 1m
vaultBaseURL: https://cjohnson-kv.vault.azure.net/
name: password
name: cjohnson-test
postChange: echo goodbye
preChange: echo hello
#version: 1a131058e8934267ae695703367c485d
65 changes: 40 additions & 25 deletions certs/certs.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,18 +2,40 @@ package certs

import (
"context"
"encoding/base64"
"fmt"
"log"
"net/url"
//"reflect"
"regexp"

"github.com/Azure/azure-sdk-for-go/services/keyvault/2016-10-01/keyvault"

"github.com/chrisjohnson/azure-key-vault-agent/config"
"github.com/chrisjohnson/azure-key-vault-agent/iam"
"github.com/chrisjohnson/azure-key-vault-agent/resource"
)

func getClient() keyvault.BaseClient {
type Cert keyvault.CertificateBundle

func (c Cert) Map() map[string]interface{} {
m := make(map[string]interface{})
/*
v := reflect.ValueOf(m)
for i := 0; i < v.NumField(); i++ {
log.Println(v.Field(i))
//m[v.Field(i)] = v.Field(i).Interface()
}
*/

return m
}

func (c Cert) String() string {
return base64.StdEncoding.EncodeToString(*c.Cer)
}

func newClient() keyvault.BaseClient {
client := keyvault.New()
a, err := iam.GetKeyvaultAuthorizer()
if err != nil {
Expand All @@ -24,60 +46,53 @@ func getClient() keyvault.BaseClient {
return client
}

func GetCert(vaultBaseURL string, certName string, certVersion string) (result string, err error) {
client := getClient()

cert, err := client.GetCertificate(context.Background(), vaultBaseURL, certName, certVersion)
func GetCert(vaultBaseURL string, certName string, certVersion string) (resource.Resource, error) {
cert, err := newClient().GetCertificate(context.Background(), vaultBaseURL, certName, certVersion)
if err != nil {
log.Printf("Error getting cert: %v\n", err.Error())
return
return nil, err
}

// TODO: Return bundle?
result = *cert.X509Thumbprint

return
return Cert(cert), nil
}

func GetCertByURL(certURL string) (result string, err error) {
func GetCertByURL(certURL string) (resource.Resource, error) {
u, err := url.Parse(certURL)
if err != nil {
log.Printf("Failed to parse URL for cert: %v\n", err.Error())
return
return nil, err
}
vaultBaseURL := fmt.Sprintf("%v://%v", u.Scheme, u.Host)

regex := *regexp.MustCompile(`/certificates/(.*)(/.*)?`)
res := regex.FindAllStringSubmatch(u.Path, -1)
certName := res[0][1]

result, err = GetCert(vaultBaseURL, certName, "")
result, err := GetCert(vaultBaseURL, certName, "")
if err != nil {
log.Printf("Failed to get cert from parsed values %v and %v: %v\n", vaultBaseURL, certName, err.Error())
return
return nil, err
}

return
return result, nil
}

func GetCerts(vaultBaseURL string) (results []string, err error) {
client := getClient()

func GetCerts(vaultBaseURL string) ([]resource.Resource, error) {
max := int32(25)
pages, err := client.GetCertificates(context.Background(), vaultBaseURL, &max)
pages, err := newClient().GetCertificates(context.Background(), vaultBaseURL, &max)
if err != nil {
log.Printf("Error getting cert: %v\n", err.Error())
return
return nil, err
}

var results []resource.Resource
for {
for _, value := range pages.Values() {
certURL := *value.ID
cert, certErr := GetCertByURL(certURL)
if certErr != nil {
err = certErr
cert, err := GetCertByURL(certURL)
if err != nil {
log.Printf("Error loading cert contents: %v\n", err.Error())
return
return nil, err
}

results = append(results, cert)
Expand All @@ -90,5 +105,5 @@ func GetCerts(vaultBaseURL string) (results []string, err error) {
}
}

return
return results, nil
}
59 changes: 39 additions & 20 deletions keys/keys.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,37 @@ import (
"fmt"
"log"
"net/url"
//"reflect"
"regexp"

"github.com/Azure/azure-sdk-for-go/services/keyvault/2016-10-01/keyvault"

"github.com/chrisjohnson/azure-key-vault-agent/config"
"github.com/chrisjohnson/azure-key-vault-agent/iam"
"github.com/chrisjohnson/azure-key-vault-agent/resource"
)

func getClient() keyvault.BaseClient {
type Key keyvault.KeyBundle

func (k Key) Map() map[string]interface{} {
m := make(map[string]interface{})
/*
v := reflect.ValueOf(m)
for i := 0; i < v.NumField(); i++ {
log.Println(v.Field(i))
//m[v.Field(i)] = v.Field(i).Interface()
}
*/

return m
}

func (k Key) String() string {
//TODO
return *k.Key.Kid
}

func newClient() keyvault.BaseClient {
client := keyvault.New()
a, err := iam.GetKeyvaultAuthorizer()
if err != nil {
Expand All @@ -24,16 +46,14 @@ func getClient() keyvault.BaseClient {
return client
}

func GetKey(vaultBaseURL string, keyName string, keyVersion string) (result keyvault.JSONWebKey, err error) {
client := getClient()

key, err := client.GetKey(context.Background(), vaultBaseURL, keyName, keyVersion)
func GetKey(vaultBaseURL string, keyName string, keyVersion string) (resource.Resource, error) {
key, err := newClient().GetKey(context.Background(), vaultBaseURL, keyName, keyVersion)
if err != nil {
log.Printf("Error getting key: %v\n", err.Error())
return
return nil, err
}

result = *key.Key
result := *key.Key

/*
kb := *key.Key
Expand Down Expand Up @@ -66,47 +86,46 @@ func GetKey(vaultBaseURL string, keyName string, keyVersion string) (result keyv
result = ""
*/

return
return result, err
}

func GetKeyByURL(keyURL string) (result keyvault.JSONWebKey, err error) {
func GetKeyByURL(keyURL string) (resource.Resource, error) {
u, err := url.Parse(keyURL)
if err != nil {
log.Printf("Failed to parse URL for key: %v\n", err.Error())
return
return nil, err
}
vaultBaseURL := fmt.Sprintf("%v://%v", u.Scheme, u.Host)

regex := *regexp.MustCompile(`/keys/(.*)(/.*)?`)
res := regex.FindAllStringSubmatch(u.Path, -1)
keyName := res[0][1]

result, err = GetKey(vaultBaseURL, keyName, "")
result, err := GetKey(vaultBaseURL, keyName, "")
if err != nil {
log.Printf("Failed to get key from parsed values %v and %v: %v\n", vaultBaseURL, keyName, err.Error())
return
return nil, err
}

return
return result, nil
}

func GetKeys(vaultBaseURL string) (results []keyvault.JSONWebKey, err error) {
client := getClient()

func GetKeys(vaultBaseURL string) ([]resource.Resource, error) {
max := int32(25)
pages, err := client.GetKeys(context.Background(), vaultBaseURL, &max)
pages, err := newClient().GetKeys(context.Background(), vaultBaseURL, &max)
if err != nil {
log.Printf("Error getting key: %v\n", err.Error())
return
return nil, err
}

var results []resource.Resource
for {
for _, value := range pages.Values() {
keyURL := *value.Kid
key, err := GetKeyByURL(keyURL)
if err != nil {
log.Printf("Error loading key contents: %v\n", err.Error())
return
return nil, err
}

results = append(results, key)
Expand All @@ -119,5 +138,5 @@ func GetKeys(vaultBaseURL string) (results []keyvault.JSONWebKey, err error) {
}
}

return
return results, nil
}
6 changes: 6 additions & 0 deletions resource/resource.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
package resource

type Resource interface {
Map() map[string]interface{}
String() string
}
61 changes: 38 additions & 23 deletions secrets/secrets.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"fmt"
"log"
"net/url"
//"reflect"
"regexp"

"github.com/Azure/azure-sdk-for-go/services/keyvault/2016-10-01/keyvault"
Expand All @@ -13,7 +14,26 @@ import (
"github.com/chrisjohnson/azure-key-vault-agent/iam"
)

func getClient() keyvault.BaseClient {
type Secret keyvault.SecretBundle

func (s Secret) Map() map[string]interface{} {
m := make(map[string]interface{})
/*
v := reflect.ValueOf(m)
for i := 0; i < v.NumField(); i++ {
log.Println(v.Field(i))
//m[v.Field(i)] = v.Field(i).Interface()
}
*/

return m
}

func (s Secret) String() string {
return *s.Value
}

func newClient() keyvault.BaseClient {
client := keyvault.New()
a, err := iam.GetKeyvaultAuthorizer()
if err != nil {
Expand All @@ -24,59 +44,54 @@ func getClient() keyvault.BaseClient {
return client
}

func GetSecret(vaultBaseURL string, secretName string, secretVersion string) (result string, err error) {
client := getClient()

secret, err := client.GetSecret(context.Background(), vaultBaseURL, secretName, secretVersion)
func GetSecret(vaultBaseURL string, secretName string, secretVersion string) (Secret, error) {
secret, err := newClient().GetSecret(context.Background(), vaultBaseURL, secretName, secretVersion)
if err != nil {
log.Printf("Error getting secret: %v\n", err.Error())
return
return Secret{}, err
}

result = *secret.Value
result := Secret(secret)

return
return result, nil
}

func GetSecretByURL(secretURL string) (result string, err error) {
func GetSecretByURL(secretURL string) (Secret, error) {
u, err := url.Parse(secretURL)
if err != nil {
log.Printf("Failed to parse URL for secret: %v\n", err.Error())
return
return Secret{}, err
}
vaultBaseURL := fmt.Sprintf("%v://%v", u.Scheme, u.Host)

regex := *regexp.MustCompile(`/secrets/(.*)(/.*)?`)
res := regex.FindAllStringSubmatch(u.Path, -1)
secretName := res[0][1]

result, err = GetSecret(vaultBaseURL, secretName, "")
result, err := GetSecret(vaultBaseURL, secretName, "")
if err != nil {
log.Printf("Failed to get secret from parsed values %v and %v: %v\n", vaultBaseURL, secretName, err.Error())
return
return Secret{}, err
}

return
return result, nil
}

func GetSecrets(vaultBaseURL string) (results []string, err error) {
client := getClient()

func GetSecrets(vaultBaseURL string) (results []Secret, err error) {
max := int32(25)
pages, err := client.GetSecrets(context.Background(), vaultBaseURL, &max)
pages, err := newClient().GetSecrets(context.Background(), vaultBaseURL, &max)
if err != nil {
log.Printf("Error getting secret: %v\n", err.Error())
return
return []Secret{}, err
}

for {
for _, value := range pages.Values() {
secretURL := *value.ID
secret, secretErr := GetSecretByURL(secretURL)
if secretErr != nil {
err = secretErr
secret, err := GetSecretByURL(secretURL)
if err != nil {
log.Printf("Error loading secret contents: %v\n", err.Error())
return
return nil, err
}

results = append(results, secret)
Expand All @@ -89,5 +104,5 @@ func GetSecrets(vaultBaseURL string) (results []string, err error) {
}
}

return
return results, nil
}
Loading