/
key_vault.go
120 lines (97 loc) · 3.66 KB
/
key_vault.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
package azure
import (
"context"
"fmt"
"github.com/Azure/azure-sdk-for-go/services/keyvault/mgmt/2018-02-14/keyvault"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
)
func GetKeyVaultBaseUrlFromID(ctx context.Context, client *keyvault.VaultsClient, keyVaultId string) (string, error) {
if keyVaultId == "" {
return "", fmt.Errorf("keyVaultId is empty")
}
id, err := ParseAzureResourceID(keyVaultId)
if err != nil {
return "", err
}
resourceGroup := id.ResourceGroup
vaultName, ok := id.Path["vaults"]
if !ok {
return "", fmt.Errorf("resource id does not contain `vaults`: %q", keyVaultId)
}
resp, err := client.Get(ctx, resourceGroup, vaultName)
if err != nil {
if utils.ResponseWasNotFound(resp.Response) {
return "", fmt.Errorf("Error unable to find KeyVault %q (Resource Group %q): %+v", vaultName, resourceGroup, err)
}
return "", fmt.Errorf("Error making Read request on KeyVault %q (Resource Group %q): %+v", vaultName, resourceGroup, err)
}
if resp.Properties == nil || resp.Properties.VaultURI == nil {
return "", fmt.Errorf("vault (%s) response properties or VaultURI is nil", keyVaultId)
}
return *resp.Properties.VaultURI, nil
}
func GetKeyVaultIDFromBaseUrl(ctx context.Context, client *keyvault.VaultsClient, keyVaultUrl string) (*string, error) {
list, err := client.ListComplete(ctx, utils.Int32(1000))
if err != nil {
return nil, fmt.Errorf("Error GetKeyVaultId unable to list Key Vaults %v", err)
}
for list.NotDone() {
v := list.Value()
if v.ID == nil {
return nil, fmt.Errorf("v.ID was nil")
}
vid, err := ParseAzureResourceID(*v.ID)
if err != nil {
return nil, fmt.Errorf("Error parsing ID for Key Vault URI %q: %s", *v.ID, err)
}
resourceGroup := vid.ResourceGroup
name := vid.Path["vaults"]
//resp does not appear to contain the vault properties, so lets fetch them
get, err := client.Get(ctx, resourceGroup, name)
if err != nil {
if utils.ResponseWasNotFound(get.Response) {
if e := list.NextWithContext(ctx); e != nil {
return nil, fmt.Errorf("Error getting next vault on KeyVault url %q : %+v", keyVaultUrl, err)
}
continue
}
return nil, fmt.Errorf("Error making Read request on KeyVault %q (Resource Group %q): %+v", name, resourceGroup, err)
}
if get.ID == nil || get.Properties == nil || get.Properties.VaultURI == nil {
return nil, fmt.Errorf("KeyVault %q (Resource Group %q) has nil ID, properties or vault URI", name, resourceGroup)
}
if keyVaultUrl == *get.Properties.VaultURI {
return get.ID, nil
}
if e := list.NextWithContext(ctx); e != nil {
return nil, fmt.Errorf("Error getting next vault on KeyVault url %q : %+v", keyVaultUrl, err)
}
}
// we haven't found it, but Data Sources and Resources need to handle this error separately
return nil, nil
}
func KeyVaultExists(ctx context.Context, client *keyvault.VaultsClient, keyVaultId string) (bool, error) {
if keyVaultId == "" {
return false, fmt.Errorf("keyVaultId is empty")
}
id, err := ParseAzureResourceID(keyVaultId)
if err != nil {
return false, err
}
resourceGroup := id.ResourceGroup
vaultName, ok := id.Path["vaults"]
if !ok {
return false, fmt.Errorf("resource id does not contain `vaults`: %q", keyVaultId)
}
resp, err := client.Get(ctx, resourceGroup, vaultName)
if err != nil {
if utils.ResponseWasNotFound(resp.Response) {
return false, nil
}
return false, fmt.Errorf("Error making Read request on KeyVault %q (Resource Group %q): %+v", vaultName, resourceGroup, err)
}
if resp.Properties == nil || resp.Properties.VaultURI == nil {
return false, fmt.Errorf("vault (%s) response properties or VaultURI is nil", keyVaultId)
}
return true, nil
}