Source file src/edge-infra.dev/pkg/edge/api/services/clustersecrets/service.go

Documentation: edge-infra.dev/pkg/edge/api/services/clustersecrets

     1  package clustersecrets
     2  
     3  import (
     4  	"context"
     5  	"database/sql"
     6  
     7  	"edge-infra.dev/pkg/edge/api/types"
     8  
     9  	"edge-infra.dev/pkg/edge/api/graph/model"
    10  	"edge-infra.dev/pkg/edge/api/services"
    11  	cc "edge-infra.dev/pkg/sds/clustersecrets/common"
    12  )
    13  
    14  //go:generate mockgen -destination=../../mocks/mock_cluster_secret_service.go -package=mocks edge-infra.dev/pkg/edge/api/services/clustersecrets ClusterSecretService
    15  type ClusterSecretService interface {
    16  	VerifySecretAndLeaseExist(ctx context.Context, clusterEdgeID string, secret cc.Secret) error
    17  	// Cluster Secret Leases
    18  	ObtainLease(ctx context.Context, clusterEdgeID string) (bool, error)
    19  	ReleaseLease(ctx context.Context, clusterEdgeID string) error
    20  	RevokeLease(ctx context.Context, clusterEdgeID string, username string) error
    21  	RemoveUserFromLease(ctx context.Context, clusterSecretLeaseEdgeID string) error
    22  	FetchLease(ctx context.Context, clusterEdgeID string) (model.ClusterSecretLease, error)
    23  	FetchLeaseID(ctx context.Context, clusterEdgeID string) (string, error)
    24  	CreateLease(ctx context.Context, clusterEdgeID string) (string, error)
    25  	VerifyLeaseExists(ctx context.Context, clusterEdgeID string) (string, error)
    26  	// Cluster Secrets
    27  	AddClusterSecret(ctx context.Context, secret cc.ClusterSecret) error
    28  	UpdateClusterSecret(ctx context.Context, clusterSecretEdgeID string, clusterSecretType model.ClusterSecretType, version string) error
    29  	FetchClusterSecret(ctx context.Context, clusterEdgeID string, secretType model.ClusterSecretType) (cc.ClusterSecret, error)
    30  	ExpireClusterSecrets(ctx context.Context, clusterSecretLeaseEdgeID string) error
    31  	FetchClusterSecretVersions(ctx context.Context, clusterEdgeID string, secretType model.ClusterSecretType) ([]*model.ClusterSecretVersionInfo, error)
    32  	VerifyClusterSecretExists(ctx context.Context, clusterEdgeID string, secret cc.Secret, leaseID string) error
    33  	CheckSecretIsExpired(ctx context.Context, clusterEdgeID string, clusterSecretType model.ClusterSecretType) (bool, error)
    34  	// Terminal Cluster Secrets
    35  	FetchLatestTerminalClusterSecrets(ctx context.Context, clusterEdgeID string) ([]cc.TerminalClusterSecret, error)
    36  }
    37  
    38  type clusterSecretService struct {
    39  	SQLDB      *sql.DB
    40  	GCPService services.GCPService
    41  	*types.Config
    42  }
    43  
    44  type SecuritySettings struct {
    45  	EdgeSecurityCompliance  bool
    46  	MaxLeasePeriod          string
    47  	MaxSecretValidityPeriod string
    48  }
    49  
    50  // NewClusterSecretService returns a new cluster secret service
    51  func NewClusterSecretService(sqlDB *sql.DB, gcpService services.GCPService, cfg *types.Config) *clusterSecretService { //nolint:revive
    52  	return &clusterSecretService{
    53  		SQLDB:      sqlDB,
    54  		GCPService: gcpService,
    55  		Config:     cfg,
    56  	}
    57  }
    58  
    59  // VerifySecretAndLeaseExist checks that the cluster secret and lease exist in the db
    60  func (s *clusterSecretService) VerifySecretAndLeaseExist(ctx context.Context, clusterEdgeID string, secret cc.Secret) error {
    61  	leaseID, err := s.VerifyLeaseExists(ctx, clusterEdgeID)
    62  	if err != nil {
    63  		return err
    64  	}
    65  	return s.VerifyClusterSecretExists(ctx, clusterEdgeID, secret, leaseID)
    66  }
    67  

View as plain text