/
keymanager_secret_v1.go
114 lines (95 loc) · 2.97 KB
/
keymanager_secret_v1.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
package nhncloud
import (
"encoding/base64"
"fmt"
"log"
"strings"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/gophercloud/gophercloud"
"github.com/gophercloud/gophercloud/openstack/keymanager/v1/secrets"
)
func keyManagerSecretV1WaitForSecretDeletion(kmClient *gophercloud.ServiceClient, id string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
err := secrets.Delete(kmClient, id).Err
if err == nil {
return "", "DELETED", nil
}
if _, ok := err.(gophercloud.ErrDefault404); ok {
return "", "DELETED", nil
}
return nil, "ACTIVE", err
}
}
func keyManagerSecretV1SecretType(v string) secrets.SecretType {
var stype secrets.SecretType
switch v {
case "symmetric":
stype = secrets.SymmetricSecret
case "public":
stype = secrets.PublicSecret
case "private":
stype = secrets.PrivateSecret
case "passphrase":
stype = secrets.PassphraseSecret
case "certificate":
stype = secrets.CertificateSecret
case "opaque":
stype = secrets.OpaqueSecret
}
return stype
}
func keyManagerSecretV1WaitForSecretCreation(kmClient *gophercloud.ServiceClient, id string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
secret, err := secrets.Get(kmClient, id).Extract()
if err != nil {
if _, ok := err.(gophercloud.ErrDefault404); ok {
return "", "NOT_CREATED", nil
}
return "", "NOT_CREATED", err
}
if secret.Status == "ERROR" {
return "", secret.Status, fmt.Errorf("Error creating secret")
}
return secret, secret.Status, nil
}
}
func keyManagerSecretV1GetUUIDfromSecretRef(ref string) string {
// secret ref has form https://{barbican_host}/v1/secrets/{secret_uuid}
// so we are only interested in the last part
refSplit := strings.Split(ref, "/")
uuid := refSplit[len(refSplit)-1]
return uuid
}
func flattenKeyManagerSecretV1Metadata(d *schema.ResourceData) map[string]string {
m := make(map[string]string)
for key, val := range d.Get("metadata").(map[string]interface{}) {
m[key] = val.(string)
}
return m
}
func keyManagerSecretMetadataV1WaitForSecretMetadataCreation(kmClient *gophercloud.ServiceClient, id string) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
metadata, err := secrets.GetMetadata(kmClient, id).Extract()
if err != nil {
if _, ok := err.(gophercloud.ErrDefault404); ok {
return "", "NOT_CREATED", nil
}
return "", "NOT_CREATED", err
}
return metadata, "ACTIVE", nil
}
}
func keyManagerSecretV1GetPayload(kmClient *gophercloud.ServiceClient, id, contentType string) string {
opts := secrets.GetPayloadOpts{
PayloadContentType: contentType,
}
payload, err := secrets.GetPayload(kmClient, id, opts).Extract()
if err != nil {
log.Printf("[DEBUG] Could not retrieve payload for secret with id %s: %s", id, err)
}
if !strings.HasPrefix(contentType, "text/") {
return base64.StdEncoding.EncodeToString(payload)
}
return string(payload)
}