refactor: moving consul access and role interface

Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: #3227

Signed-off-by: Rico Chavez-Lopez <rchavezlopez@ucdavis.edu>

go.mod

@@ -7,7 +7,7 @@ require (
 	github.com/edgexfoundry/go-mod-core-contracts/v2 v2.3.0-dev.18
 	github.com/edgexfoundry/go-mod-messaging/v2 v2.3.0-dev.23
 	github.com/edgexfoundry/go-mod-registry/v2 v2.2.0
-	github.com/edgexfoundry/go-mod-secrets/v2 v2.3.0-dev.8
+	github.com/edgexfoundry/go-mod-secrets/v2 v2.3.0-dev.9
 	github.com/fxamacker/cbor/v2 v2.4.0
 	github.com/golang-jwt/jwt/v4 v4.4.2
 	github.com/gomodule/redigo v1.8.9

go.sum

@@ -42,8 +42,8 @@ github.com/edgexfoundry/go-mod-messaging/v2 v2.3.0-dev.23 h1:ye4sot/XmdsOzAtv6NH
 github.com/edgexfoundry/go-mod-messaging/v2 v2.3.0-dev.23/go.mod h1:S78Q/vqwRiu11oJFqB3NoyV1kQ7pGfuzVb41FDWjNsA=
 github.com/edgexfoundry/go-mod-registry/v2 v2.2.0 h1:dk9ul1t7INAiyZXeu/GrpinFE3qOekdy8uZOqEGgIiE=
 github.com/edgexfoundry/go-mod-registry/v2 v2.2.0/go.mod h1:DUQRnAd5fVzoROc5SI+PTFUD/vCNeZmZHBMrLElbmwI=
-github.com/edgexfoundry/go-mod-secrets/v2 v2.3.0-dev.8 h1:1YqPIpkMGPrpUDecpOEJeqtY7pBZe7EFvVhplZ2PIQA=
-github.com/edgexfoundry/go-mod-secrets/v2 v2.3.0-dev.8/go.mod h1:h/FohFNY8xHalioLg1bhjAuEj0z+danSDtixirvaXmQ=
+github.com/edgexfoundry/go-mod-secrets/v2 v2.3.0-dev.9 h1:K6wGLHXASBcCEJrIec4vvTNkuooduOS+9TtjhrBm3Jc=
+github.com/edgexfoundry/go-mod-secrets/v2 v2.3.0-dev.9/go.mod h1:h/FohFNY8xHalioLg1bhjAuEj0z+danSDtixirvaXmQ=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=

internal/security/bootstrapper/command/setupacl/aclbootstrap.go

@@ -25,22 +25,11 @@ import (
 	"path/filepath"
 
 	"github.com/edgexfoundry/go-mod-secrets/v2/pkg/token/fileioperformer"
+	"github.com/edgexfoundry/go-mod-secrets/v2/pkg/types"
 )
 
-// BootStrapACLTokenInfo is the key portion of the response metadata from consulACLBootstrapAPI
-type BootStrapACLTokenInfo struct {
-	SecretID string   `json:"SecretID"`
-	Policies []Policy `json:"Policies"`
-}
-
-// Policy is the metadata for ACL policy
-type Policy struct {
-	ID   string `json:"ID"`
-	Name string `json:"Name"`
-}
-
 // generateBootStrapACLToken should only be called once per Consul agent
-func (c *cmd) generateBootStrapACLToken() (*BootStrapACLTokenInfo, error) {
+func (c *cmd) generateBootStrapACLToken() (*types.BootStrapACLTokenInfo, error) {
 	aclBootstrapURL, err := c.getRegistryApiUrl(consulACLBootstrapAPI)
 	if err != nil {
 		return nil, err
@@ -64,7 +53,7 @@ func (c *cmd) generateBootStrapACLToken() (*BootStrapACLTokenInfo, error) {
 		return nil, fmt.Errorf("Failed to read response body of bootstrap ACL: %w", err)
 	}
 
-	var bootstrapACLToken BootStrapACLTokenInfo
+	var bootstrapACLToken types.BootStrapACLTokenInfo
 	switch resp.StatusCode {
 	case http.StatusOK:
 		if err := json.NewDecoder(bytes.NewReader(responseBody)).Decode(&bootstrapACLToken); err != nil {
@@ -77,7 +66,7 @@ func (c *cmd) generateBootStrapACLToken() (*BootStrapACLTokenInfo, error) {
 	}
 }
 
-func (c *cmd) saveBootstrapACLToken(tokenInfoToBeSaved *BootStrapACLTokenInfo) error {
+func (c *cmd) saveBootstrapACLToken(tokenInfoToBeSaved *types.BootStrapACLTokenInfo) error {
 	// Write the token to the specified file
 	tokenFileAbsPath, err := filepath.Abs(c.configuration.StageGate.Registry.ACL.BootstrapTokenPath)
 	if err != nil {

internal/security/bootstrapper/command/setupacl/aclpolicies.go

@@ -25,6 +25,7 @@ import (
 
 	"github.com/edgexfoundry/edgex-go/internal/security/bootstrapper/command/setupacl/share"
 	"github.com/edgexfoundry/go-mod-core-contracts/v2/common"
+	"github.com/edgexfoundry/go-mod-secrets/v2/pkg/types"
 )
 
 const (
@@ -113,7 +114,7 @@ type PolicyListResponse []struct {
 // getOrCreateRegistryPolicy retrieves or creates a new policy
 // it inserts a new policy if the policy name does not exist and returns a policy
 // it returns the same policy if the policy name already exists
-func (c *cmd) getOrCreateRegistryPolicy(tokenID, policyName, policyRules string) (*Policy, error) {
+func (c *cmd) getOrCreateRegistryPolicy(tokenID, policyName, policyRules string) (*types.Policy, error) {
 	// try to get the policy to see if it exists or not
 	policy, err := c.getPolicyByName(tokenID, policyName)
 	if err != nil {
@@ -170,7 +171,7 @@ func (c *cmd) getOrCreateRegistryPolicy(tokenID, policyName, policyRules string)
 		return nil, fmt.Errorf("Failed to read create a new policy response body: %w", err)
 	}
 
-	var created Policy
+	var created types.Policy
 
 	switch resp.StatusCode {
 	case http.StatusOK:
@@ -188,7 +189,7 @@ func (c *cmd) getOrCreateRegistryPolicy(tokenID, policyName, policyRules string)
 }
 
 // getPolicyByName gets policy by policy name, returns nil if not found
-func (c *cmd) getPolicyByName(tokenID, policyName string) (*Policy, error) {
+func (c *cmd) getPolicyByName(tokenID, policyName string) (*types.Policy, error) {
 	policyExists, err := c.checkPolicyExists(tokenID, policyName)
 	if err != nil {
 		return nil, err
@@ -225,7 +226,7 @@ func (c *cmd) getPolicyByName(tokenID, policyName string) (*Policy, error) {
 
 	switch resp.StatusCode {
 	case http.StatusOK:
-		var existing Policy
+		var existing types.Policy
 		if err := json.NewDecoder(bytes.NewReader(readPolicyResp)).Decode(&existing); err != nil {
 			return nil, fmt.Errorf("failed to decode Policy json data: %v", err)
 		}