2 * ============LICENSE_START=======================================================
3 * oom-certservice-k8s-external-provider
4 * ================================================================================
5 * Copyright (C) 2020 Nokia. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
29 cmapi "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
31 "onap.org/oom-certservice/k8s-external-provider/src/leveledlogger"
35 CertServiceName = "Cert Service API"
36 CMPv2ServerName = "CMPv2 Server"
39 func LogCertRequestProperties(log leveledlogger.Logger, request *cmapi.CertificateRequest, csr *x509.CertificateRequest) {
40 logSupportedProperties(log, csr)
41 logPropertiesNotSupportedByCertService(log, request, csr)
42 logPropertiesOverriddenByCMPv2Server(log, request)
45 func logSupportedProperties(log leveledlogger.Logger, csr *x509.CertificateRequest) {
46 logSupportedSingleValueProperty(log, csr.Subject.CommonName, "common name")
47 logSupportedMultiValueProperty(log, csr.Subject.Organization, "organization")
48 logSupportedMultiValueProperty(log, csr.Subject.OrganizationalUnit, "organization unit")
49 logSupportedMultiValueProperty(log, csr.Subject.Country, "country")
50 logSupportedMultiValueProperty(log, csr.Subject.Province, "state")
51 logSupportedMultiValueProperty(log, csr.Subject.Locality, "location")
52 logSupportedMultiValueProperty(log, csr.DNSNames, "dns names")
53 logSupportedMultiValueProperty(log, csr.EmailAddresses, "email addresses")
54 logSupportedMultiValueProperty(log, mapIpAddressesToText(csr.IPAddresses), "ipAddresses")
55 logSupportedMultiValueProperty(log, mapUrisToText(csr.URIs), "uris")
58 func logSupportedMultiValueProperty(log leveledlogger.Logger, values []string, propertyName string) {
60 log.Info(getSupportedMessage(propertyName, extractStringArray(values)))
64 func logSupportedSingleValueProperty(log leveledlogger.Logger, value string, propertyName string) {
65 log.Info(getSupportedMessage(propertyName, value))
68 func logPropertiesOverriddenByCMPv2Server(log leveledlogger.Logger, request *cmapi.CertificateRequest) {
69 if request.Spec.Duration != nil && len(request.Spec.Duration.String()) > 0 {
70 log.Info(getOverriddenMessage("duration", request.Spec.Duration.Duration.String()))
72 if request.Spec.Usages != nil && len(request.Spec.Usages) > 0 {
73 log.Info(getOverriddenMessage("usages", extractUsages(request.Spec.Usages)))
77 func extractUsages(usages []cmapi.KeyUsage) string {
79 for _, usage := range usages {
80 values = values + string(usage) + ", "
85 func logPropertiesNotSupportedByCertService(log leveledlogger.Logger, request *cmapi.CertificateRequest, csr *x509.CertificateRequest) {
86 if request.Spec.IsCA == true {
87 log.Warning(getNotSupportedMessage("isCA", strconv.FormatBool(request.Spec.IsCA)))
90 if len(csr.Subject.StreetAddress) > 0 {
91 log.Warning(getNotSupportedMessage("subject.streetAddress", extractStringArray(csr.Subject.StreetAddress)))
94 if len(csr.Subject.PostalCode) > 0 {
95 log.Warning(getNotSupportedMessage("subject.postalCodes", extractStringArray(csr.Subject.PostalCode)))
98 if len(csr.Subject.SerialNumber) > 0 {
99 log.Warning(getNotSupportedMessage("subject.serialNumber", csr.Subject.SerialNumber))
104 func extractStringArray(strArray []string) string {
106 for _, val := range strArray {
107 values = values + val + ", "
112 func mapUrisToText(uris []*url.URL) []string {
113 urisAsText := make([]string, len(uris))
114 for i, ipAddress := range uris {
115 urisAsText[i] = ipAddress.String()
120 func mapIpAddressesToText(addresses []net.IP) []string {
121 ipsAsText := make([]string, len(addresses))
122 for i, ipAddress := range addresses {
123 ipsAsText[i] = ipAddress.String()
128 func getSupportedMessage(property string, value string) string {
129 return "+ property '" + property + "' with value '" + value + "' will be sent in certificate signing request to " + CMPv2ServerName
132 func getNotSupportedMessage(property string, value string) string {
133 return "- property '" + property + "' with value '" + value + "' is not supported by " + CertServiceName
136 func getOverriddenMessage(property string, values string) string {
137 return "* property '" + property + "' with value '" + values + "' will be overridden by " + CMPv2ServerName