1 package clients
2
3 import (
4 "context"
5 "encoding/json"
6 "fmt"
7
8 "edge-infra.dev/pkg/edge/bsl"
9 "edge-infra.dev/pkg/lib/gcp/secretmanager"
10 )
11
12 type ForemanSecretManagerClient struct {
13 Client *secretmanager.SecretManager
14 }
15
16 func (f ForemanSecretManagerClient) GetForemanSecret(ctx context.Context, organization string) (*bsl.AccessKey, error) {
17 bits, err := f.Client.GetLatestSecretValue(ctx, organization)
18 if err != nil {
19 return nil, err
20 }
21 return mapToAccessKey(bits)
22 }
23
24 func mapToAccessKey(bits []byte) (*bsl.AccessKey, error) {
25 var keyMap map[string]string
26 err := json.Unmarshal(bits, &keyMap)
27 if err != nil {
28 return nil, err
29 }
30 if err := validateKeys(keyMap); err != nil {
31 return nil, err
32 }
33 return &bsl.AccessKey{
34 SharedKey: keyMap[bsl.SharedKey],
35 SecretKey: keyMap[bsl.SecretKey],
36 }, nil
37 }
38
39 func validateKeys(keyMap map[string]string) error {
40 if _, ok := keyMap[bsl.SharedKey]; !ok {
41 return fmt.Errorf("missing %s", bsl.SharedKey)
42 }
43 if _, ok := keyMap[bsl.SecretKey]; !ok {
44 return fmt.Errorf("missing %s", bsl.SecretKey)
45 }
46 return nil
47 }
48
49 func NewForemanSecretManagerClient(ctx context.Context, projectID string) (ForemanSecretManagerClient, error) {
50 client, err := secretmanager.NewWithOptions(ctx, projectID)
51 if err != nil {
52 return ForemanSecretManagerClient{}, err
53 }
54
55 return ForemanSecretManagerClient{
56 Client: &client,
57 }, nil
58 }
59
View as plain text