2 * ============LICENSE_START=======================================================
3 * oom-certservice-k8s-external-provider
4 * ================================================================================
5 * Copyright (C) 2020 Nokia. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
30 cmapi "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
32 "onap.org/oom-certservice/k8s-external-provider/src/leveledlogger"
36 CertServiceName = "Cert Service API"
37 CMPv2ServerName = "CMPv2 Server"
40 func LogCertRequestProperties(log leveledlogger.Logger, request *cmapi.CertificateRequest, csr *x509.CertificateRequest) {
41 logSupportedProperties(log, csr)
42 logPropertiesNotSupportedByCertService(log, request, csr)
43 logPropertiesOverriddenByCMPv2Server(log, request)
46 func logSupportedProperties(log leveledlogger.Logger, csr *x509.CertificateRequest) {
47 logSupportedSingleValueProperty(log, csr.Subject.CommonName, "common name")
48 logSupportedMultiValueProperty(log, csr.Subject.Organization, "organization")
49 logSupportedMultiValueProperty(log, csr.Subject.OrganizationalUnit, "organization unit")
50 logSupportedMultiValueProperty(log, csr.Subject.Country, "country")
51 logSupportedMultiValueProperty(log, csr.Subject.Province, "state")
52 logSupportedMultiValueProperty(log, csr.Subject.Locality, "location")
53 logSupportedMultiValueProperty(log, csr.DNSNames, "dns names")
54 logSupportedMultiValueProperty(log, csr.EmailAddresses, "email addresses")
55 logSupportedMultiValueProperty(log, mapIpAddressesToText(csr.IPAddresses), "ipAddresses")
56 logSupportedMultiValueProperty(log, mapUrisToText(csr.URIs), "uris")
59 func logSupportedMultiValueProperty(log leveledlogger.Logger, values []string, propertyName string) {
61 log.Info(getSupportedMessage(propertyName, extractStringArray(values)))
65 func logSupportedSingleValueProperty(log leveledlogger.Logger, value string, propertyName string) {
66 log.Info(getSupportedMessage(propertyName, value))
69 func logPropertiesOverriddenByCMPv2Server(log leveledlogger.Logger, request *cmapi.CertificateRequest) {
70 if request.Spec.Duration != nil && len(request.Spec.Duration.String()) > 0 {
71 log.Info(getOverriddenMessage("duration", request.Spec.Duration.Duration.String()))
73 if request.Spec.Usages != nil && len(request.Spec.Usages) > 0 {
74 log.Info(getOverriddenMessage("usages", extractUsages(request.Spec.Usages)))
78 func extractUsages(usages []cmapi.KeyUsage) string {
80 for _, usage := range usages {
81 values = values + string(usage) + ", "
86 func logPropertiesNotSupportedByCertService(log leveledlogger.Logger, request *cmapi.CertificateRequest, csr *x509.CertificateRequest) {
87 if request.Spec.IsCA == true {
88 log.Warning(getNotSupportedMessage("isCA", strconv.FormatBool(request.Spec.IsCA)))
91 if len(csr.Subject.StreetAddress) > 0 {
92 log.Warning(getNotSupportedMessage("subject.streetAddress", extractStringArray(csr.Subject.StreetAddress)))
95 if len(csr.Subject.PostalCode) > 0 {
96 log.Warning(getNotSupportedMessage("subject.postalCodes", extractStringArray(csr.Subject.PostalCode)))
99 if len(csr.Subject.SerialNumber) > 0 {
100 log.Warning(getNotSupportedMessage("subject.serialNumber", csr.Subject.SerialNumber))
105 func extractStringArray(strArray []string) string {
107 return strings.Join(strArray, separator)
110 func mapUrisToText(uris []*url.URL) []string {
111 urisAsText := make([]string, len(uris))
112 for i, ipAddress := range uris {
113 urisAsText[i] = ipAddress.String()
118 func mapIpAddressesToText(addresses []net.IP) []string {
119 ipsAsText := make([]string, len(addresses))
120 for i, ipAddress := range addresses {
121 ipsAsText[i] = ipAddress.String()
126 func getSupportedMessage(property string, value string) string {
127 return "+ property '" + property + "' with value '" + value + "' will be sent in certificate signing request to " + CMPv2ServerName
130 func getNotSupportedMessage(property string, value string) string {
131 return "- property '" + property + "' with value '" + value + "' is not supported by " + CertServiceName
134 func getOverriddenMessage(property string, values string) string {
135 return "* property '" + property + "' with value '" + values + "' will be overridden by " + CMPv2ServerName