Skip to content

Commit e2d70cd

Browse files
karrgovkarrgov
committed
Refactor of related ups methods
LMCROSSITXSADEPLOY-2301
1 parent ad47fc6 commit e2d70cd

2 files changed

Lines changed: 130 additions & 121 deletions

File tree

commands/deploy_command.go

Lines changed: 4 additions & 121 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,6 @@ package commands
22

33
import (
44
"bufio"
5-
"crypto/rand"
65
"encoding/base64"
76
"errors"
87
"flag"
@@ -423,26 +422,6 @@ func (c *DeployCommand) executeInternal(positionalArgs []string, dsHost string,
423422
return executionMonitor.Monitor()
424423
}
425424

426-
func getUpsName(mtaId, namespace string) string {
427-
if strings.TrimSpace(namespace) == "" {
428-
return "__mta-secure-" + mtaId
429-
}
430-
return "__mta-secure-" + mtaId + "-" + namespace
431-
}
432-
433-
func getRandomisedUpsName(mtaId, namespace string) (disposableUpsName string, err error) {
434-
randomisedPart, err := getRandomEncryptionKey()
435-
if err != nil {
436-
return "", err
437-
}
438-
resultSuffix := randomisedPart[:7]
439-
440-
if strings.TrimSpace(namespace) == "" {
441-
return "__mta-secure-" + mtaId + "-" + resultSuffix, nil
442-
}
443-
return "__mta-secure-" + mtaId + "-" + namespace + "-" + resultSuffix, nil
444-
}
445-
446425
func setUpSpecificsForDeploymentUsingSecrets(flags *flag.FlagSet, c *DeployCommand, mtaId, namespace, schemaVersion string, disposableUserProvidedServiceName *string, yamlBytes *[]byte) ExecutionStatus {
447426
// Collect special ENVs: __MTA___<name>, __MTA_JSON___<name>, __MTA_CERT___<name>
448427
parameters, err := secure_parameters.CollectFromEnv("__MTA")
@@ -457,13 +436,13 @@ func setUpSpecificsForDeploymentUsingSecrets(flags *flag.FlagSet, c *DeployComma
457436
}
458437

459438
if GetBoolOpt(disposableUserProvidedServiceOpt, flags) {
460-
disposableUserProvidedServiceNameResult, err := getRandomisedUpsName(mtaId, namespace)
439+
disposableUserProvidedServiceNameResult, err := secure_parameters.GetRandomisedUpsName(mtaId, namespace)
461440
if err != nil {
462441
ui.Failed("Failed to create disposable user-provided service name: %v", err)
463442
return Failure
464443
}
465444

466-
isDisposableUpsCreated, _, err := c.createDisposableUps(disposableUserProvidedServiceNameResult)
445+
isDisposableUpsCreated, _, err := secure_parameters.CreateDisposableUps(disposableUserProvidedServiceNameResult, c.cliConnection, c.CfClient)
467446
if err != nil {
468447
ui.Failed("Could not ensure disposable user-provided service %s: %v", disposableUserProvidedServiceName, err)
469448
return Failure
@@ -474,9 +453,9 @@ func setUpSpecificsForDeploymentUsingSecrets(flags *flag.FlagSet, c *DeployComma
474453
ui.Say("Created disposable user-provided service %s for secure parameters. Will be automatically deleted at the end of the operation!", terminal.EntityNameColor(disposableUserProvidedServiceNameResult))
475454
}
476455
} else {
477-
userProvidedServiceName := getUpsName(mtaId, namespace)
456+
userProvidedServiceName := secure_parameters.GetUpsName(mtaId, namespace)
478457

479-
isUpsCreated, _, err := c.validateUpsExistsOrElseCreateIt(userProvidedServiceName)
458+
isUpsCreated, _, err := secure_parameters.ValidateUpsExistsOrElseCreateIt(userProvidedServiceName, c.cliConnection, c.CfClient)
480459
if err != nil {
481460
ui.Failed("Could not ensure user-provided service %s: %v", userProvidedServiceName, err)
482461
return Failure
@@ -504,102 +483,6 @@ func setUpSpecificsForDeploymentUsingSecrets(flags *flag.FlagSet, c *DeployComma
504483
return Success
505484
}
506485

507-
func (c *DeployCommand) validateUpsExistsOrElseCreateIt(userProvidedServiceName string) (upsCreatedByTheCli bool, encryptionKeyResult string, err error) {
508-
doesUpsExist, err := c.doesUpsExist(userProvidedServiceName)
509-
if err != nil {
510-
return false, "", fmt.Errorf("Check if the UPS exists: %w", err)
511-
}
512-
513-
if doesUpsExist {
514-
return false, "", nil
515-
}
516-
517-
encryptionKey, err := getRandomEncryptionKey()
518-
if err != nil {
519-
return false, "", fmt.Errorf("Error while generating AES-256 encryption key: %w", err)
520-
}
521-
522-
space, err := c.cliConnection.GetCurrentSpace()
523-
if err != nil {
524-
return false, "", fmt.Errorf("Failed to get the current space: %w", err)
525-
}
526-
527-
if space.Guid == "" {
528-
return false, "", fmt.Errorf("Failed to get the current space Guid")
529-
}
530-
531-
upsCredentials := map[string]string{
532-
"encryptionKey": encryptionKey,
533-
}
534-
535-
_, err = c.CfClient.CreateUserProvidedServiceInstance(userProvidedServiceName, space.Guid, upsCredentials)
536-
if err != nil {
537-
return false, "", fmt.Errorf("Failed to create user-provided service %s: %w", userProvidedServiceName, err)
538-
}
539-
540-
return true, encryptionKey, nil
541-
}
542-
543-
func (c *DeployCommand) createDisposableUps(userProvidedServiceName string) (upsCreatedByTheCli bool, encryptionKeyResult string, err error) {
544-
encryptionKey, err := getRandomEncryptionKey()
545-
if err != nil {
546-
return false, "", fmt.Errorf("Error while generating AES-256 encryption key: %w", err)
547-
}
548-
549-
space, err := c.cliConnection.GetCurrentSpace()
550-
if err != nil {
551-
return false, "", fmt.Errorf("Failed to get the current space: %w", err)
552-
}
553-
554-
if space.Guid == "" {
555-
return false, "", fmt.Errorf("Failed to get the current space Guid")
556-
}
557-
558-
upsCredentials := map[string]string{
559-
"encryptionKey": encryptionKey,
560-
}
561-
562-
_, err = c.CfClient.CreateUserProvidedServiceInstance(userProvidedServiceName, space.Guid, upsCredentials)
563-
if err != nil {
564-
return false, "", fmt.Errorf("Failed to create user-provided service %s: %w", userProvidedServiceName, err)
565-
}
566-
567-
return true, encryptionKey, nil
568-
}
569-
570-
func getRandomEncryptionKey() (string, error) {
571-
const alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_"
572-
573-
encryptionKeyBytes := make([]byte, 32)
574-
if _, err := rand.Read(encryptionKeyBytes); err != nil {
575-
return "", err
576-
}
577-
578-
for i := range encryptionKeyBytes {
579-
encryptionKeyBytes[i] = alphabet[int(encryptionKeyBytes[i]&63)]
580-
}
581-
582-
return string(encryptionKeyBytes), nil
583-
}
584-
585-
func (c *DeployCommand) doesUpsExist(userProvidedServiceName string) (bool, error) {
586-
space, errSpace := c.cliConnection.GetCurrentSpace()
587-
if errSpace != nil {
588-
return false, fmt.Errorf("Cannot determine the current space")
589-
}
590-
spaceGuid := space.Guid
591-
592-
_, errServiceInstance := c.CfClient.GetServiceInstanceByName(userProvidedServiceName, spaceGuid)
593-
if errServiceInstance != nil {
594-
if errServiceInstance.Error() == "service instance not found" {
595-
return false, nil
596-
}
597-
return false, fmt.Errorf("Error while checking if the UPS for secure encryption exists: %w", errServiceInstance)
598-
}
599-
600-
return true, nil
601-
}
602-
603486
func parseMtaArchiveArgument(rawMtaArchive interface{}) (bool, string) {
604487
switch castedMtaArchive := rawMtaArchive.(type) {
605488
case *url.URL:

secure_parameters/secure_ups_util.go

Lines changed: 126 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,126 @@
1+
package secure_parameters
2+
3+
import (
4+
"crypto/rand"
5+
"fmt"
6+
"strings"
7+
8+
"code.cloudfoundry.org/cli/v8/plugin"
9+
"github.com/cloudfoundry-incubator/multiapps-cli-plugin/clients/cfrestclient"
10+
)
11+
12+
func ValidateUpsExistsOrElseCreateIt(userProvidedServiceName string, cliConnection plugin.CliConnection, cfClient cfrestclient.CloudFoundryOperationsExtended) (upsCreatedByTheCli bool, encryptionKeyResult string, err error) {
13+
doesUpsExist, err := doesUpsExist(userProvidedServiceName, cliConnection, cfClient)
14+
if err != nil {
15+
return false, "", fmt.Errorf("Check if the UPS exists: %w", err)
16+
}
17+
18+
if doesUpsExist {
19+
return false, "", nil
20+
}
21+
22+
encryptionKey, err := getRandomEncryptionKey()
23+
if err != nil {
24+
return false, "", fmt.Errorf("Error while generating AES-256 encryption key: %w", err)
25+
}
26+
27+
space, err := cliConnection.GetCurrentSpace()
28+
if err != nil {
29+
return false, "", fmt.Errorf("Failed to get the current space: %w", err)
30+
}
31+
32+
if space.Guid == "" {
33+
return false, "", fmt.Errorf("Failed to get the current space Guid")
34+
}
35+
36+
upsCredentials := map[string]string{
37+
"encryptionKey": encryptionKey,
38+
}
39+
40+
_, err = cfClient.CreateUserProvidedServiceInstance(userProvidedServiceName, space.Guid, upsCredentials)
41+
if err != nil {
42+
return false, "", fmt.Errorf("Failed to create user-provided service %s: %w", userProvidedServiceName, err)
43+
}
44+
45+
return true, encryptionKey, nil
46+
}
47+
48+
func CreateDisposableUps(userProvidedServiceName string, cliConnection plugin.CliConnection, cfClient cfrestclient.CloudFoundryOperationsExtended) (upsCreatedByTheCli bool, encryptionKeyResult string, err error) {
49+
encryptionKey, err := getRandomEncryptionKey()
50+
if err != nil {
51+
return false, "", fmt.Errorf("Error while generating AES-256 encryption key: %w", err)
52+
}
53+
54+
space, err := cliConnection.GetCurrentSpace()
55+
if err != nil {
56+
return false, "", fmt.Errorf("Failed to get the current space: %w", err)
57+
}
58+
59+
if space.Guid == "" {
60+
return false, "", fmt.Errorf("Failed to get the current space Guid")
61+
}
62+
63+
upsCredentials := map[string]string{
64+
"encryptionKey": encryptionKey,
65+
}
66+
67+
_, err = cfClient.CreateUserProvidedServiceInstance(userProvidedServiceName, space.Guid, upsCredentials)
68+
if err != nil {
69+
return false, "", fmt.Errorf("Failed to create user-provided service %s: %w", userProvidedServiceName, err)
70+
}
71+
72+
return true, encryptionKey, nil
73+
}
74+
75+
func getRandomEncryptionKey() (string, error) {
76+
const alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_"
77+
78+
encryptionKeyBytes := make([]byte, 32)
79+
if _, err := rand.Read(encryptionKeyBytes); err != nil {
80+
return "", err
81+
}
82+
83+
for i := range encryptionKeyBytes {
84+
encryptionKeyBytes[i] = alphabet[int(encryptionKeyBytes[i]&63)]
85+
}
86+
87+
return string(encryptionKeyBytes), nil
88+
}
89+
90+
func doesUpsExist(userProvidedServiceName string, cliConnection plugin.CliConnection, cfClient cfrestclient.CloudFoundryOperationsExtended) (bool, error) {
91+
space, errSpace := cliConnection.GetCurrentSpace()
92+
if errSpace != nil {
93+
return false, fmt.Errorf("Cannot determine the current space")
94+
}
95+
spaceGuid := space.Guid
96+
97+
_, errServiceInstance := cfClient.GetServiceInstanceByName(userProvidedServiceName, spaceGuid)
98+
if errServiceInstance != nil {
99+
if errServiceInstance.Error() == "service instance not found" {
100+
return false, nil
101+
}
102+
return false, fmt.Errorf("Error while checking if the UPS for secure encryption exists: %w", errServiceInstance)
103+
}
104+
105+
return true, nil
106+
}
107+
108+
func GetUpsName(mtaId, namespace string) string {
109+
if strings.TrimSpace(namespace) == "" {
110+
return "__mta-secure-" + mtaId
111+
}
112+
return "__mta-secure-" + mtaId + "-" + namespace
113+
}
114+
115+
func GetRandomisedUpsName(mtaId, namespace string) (disposableUpsName string, err error) {
116+
randomisedPart, err := getRandomEncryptionKey()
117+
if err != nil {
118+
return "", err
119+
}
120+
resultSuffix := randomisedPart[:7]
121+
122+
if strings.TrimSpace(namespace) == "" {
123+
return "__mta-secure-" + mtaId + "-" + resultSuffix, nil
124+
}
125+
return "__mta-secure-" + mtaId + "-" + namespace + "-" + resultSuffix, nil
126+
}

0 commit comments

Comments
 (0)