[OOM-K8S-CERT-EXTERNAL-PROVIDER] Add send update request functionality

[oom/platform/cert-service.git] / certServiceK8sExternalProvider / src / cmpv2provisioner / cmpv2_provisioner.go

diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go b/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go
index ee65b3c..dc2824c 100644 (file)
--- a/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go
+++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go
@@ -3,7 +3,7 @@
  * oom-certservice-k8s-external-provider
  * ================================================================================
  * Copyright (c) 2019 Smallstep Labs, Inc.
- * Modifications copyright (C) 2020 Nokia. All rights reserved.
+ * Copyright (C) 2020-2021 Nokia. All rights reserved.
  * ================================================================================
  * This source code was copied from the following git repository:
  * https://github.com/smallstep/step-issuer
@@ -29,13 +29,13 @@ import (
        "context"
        "sync"
 
-       certmanager "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
        "k8s.io/apimachinery/pkg/types"
 
        "onap.org/oom-certservice/k8s-external-provider/src/certserviceclient"
        "onap.org/oom-certservice/k8s-external-provider/src/cmpv2api"
        "onap.org/oom-certservice/k8s-external-provider/src/cmpv2provisioner/csr"
        "onap.org/oom-certservice/k8s-external-provider/src/leveledlogger"
+       "onap.org/oom-certservice/k8s-external-provider/src/model"
 )
 
 var collection = new(sync.Map)
@@ -86,10 +86,17 @@ func Store(namespacedName types.NamespacedName, provisioner *CertServiceCA) {
 
 func (ca *CertServiceCA) Sign(
        ctx context.Context,
-       certificateRequest *certmanager.CertificateRequest,
-       privateKeyBytes []byte,
+       signCertificateModel model.SignCertificateModel,
 ) (signedCertificateChain []byte, trustedCertificates []byte, err error) {
        log := leveledlogger.GetLoggerWithName("certservice-provisioner")
+
+       if signCertificateModel.IsUpdateRevision {
+               log.Debug("Certificate will be updated.", "old-certificate", signCertificateModel.OldCertificate,
+                       "old-private-key", signCertificateModel.OldPrivateKey)
+       }
+
+       certificateRequest := signCertificateModel.CertificateRequest
+       privateKeyBytes := signCertificateModel.PrivateKeyBytes
        log.Info("Signing certificate: ", "cert-name", certificateRequest.Name)
 
        log.Info("CA: ", "name", ca.name, "url", ca.url)
@@ -103,9 +110,19 @@ func (ca *CertServiceCA) Sign(
        }
        log.Debug("Filtered out CSR PEM: ", "bytes", filteredCsrBytes)
 
-       response, err := ca.certServiceClient.GetCertificates(filteredCsrBytes, privateKeyBytes)
-       if err != nil {
-               return nil, nil, err
+       var response *certserviceclient.CertificatesResponse
+       var errAPI error
+
+       if signCertificateModel.IsUpdateRevision {
+               log.Info("Attempt to send certificate update request")
+               response, errAPI = ca.certServiceClient.UpdateCertificate(filteredCsrBytes, privateKeyBytes, signCertificateModel)
+       } else {
+               log.Info("Attempt to send certificate request")
+               response, errAPI = ca.certServiceClient.GetCertificates(filteredCsrBytes, privateKeyBytes)
+       }
+
+       if errAPI != nil {
+               return nil, nil, errAPI
        }
        log.Info("Successfully received response from CertService API")
        log.Debug("Certificate Chain", "cert-chain", response.CertificateChain)