Skip to content

Commit

Permalink
fix: changes kms-region flag to aws-region and gcpkms-credentials-fil…
Browse files Browse the repository at this point in the history 
…e flag to gcp-credentials-file.

Signed-off-by: ianhundere <[email protected]>
  • Loading branch information
@ianhundere
ianhundere committed Dec 12, 2024
1 parent 064b7f9 commit bc6e5ae
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 14 deletions.
6 changes: 3 additions & 3 deletions cmd/certificate_maker/certificate_maker.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,10 +85,10 @@ func init() {
rootCmd.AddCommand(createCmd)

createCmd.Flags().StringVar(&kmsType, "kms-type", "", "KMS provider type (awskms, gcpkms, azurekms)")
createCmd.Flags().StringVar(&kmsRegion, "kms-region", "", "KMS region")
createCmd.Flags().StringVar(&kmsRegion, "aws-region", "", "AWS KMS region")
createCmd.Flags().StringVar(&kmsKeyID, "kms-key-id", "", "KMS key identifier")
createCmd.Flags().StringVar(&kmsTenantID, "azure-tenant-id", "", "Azure KMS tenant ID")
createCmd.Flags().StringVar(&kmsCredsFile, "gcpkms-credentials-file", "", "Path to credentials file for GCP KMS")
createCmd.Flags().StringVar(&kmsCredsFile, "gcp-credentials-file", "", "Path to credentials file for GCP KMS")
createCmd.Flags().StringVar(&rootTemplatePath, "root-template",
"pkg/certmaker/templates/root-template.json", "Path to root certificate template")
createCmd.Flags().StringVar(&leafTemplatePath, "leaf-template",
Expand All @@ -109,7 +109,7 @@ func runCreate(_ *cobra.Command, _ []string) error {
// Build KMS config from flags and environment
config := certmaker.KMSConfig{
Type: getConfigValue(kmsType, "KMS_TYPE"),
Region: getConfigValue(kmsRegion, "KMS_REGION"),
Region: getConfigValue(kmsRegion, "AWS_REGION"),
RootKeyID: getConfigValue(rootKeyID, "KMS_ROOT_KEY_ID"),
IntermediateKeyID: getConfigValue(intermediateKeyID, "KMS_INTERMEDIATE_KEY_ID"),
LeafKeyID: getConfigValue(leafKeyID, "KMS_LEAF_KEY_ID"),
Expand Down
29 changes: 18 additions & 11 deletions cmd/certificate_maker/certificate_maker_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,13 @@ func TestGetConfigValue(t *testing.T) {
envValue: "tenant-123",
want: "tenant-123",
},
{
name: "AWS KMS region from env",
flagValue: "",
envVar: "AWS_REGION",
envValue: "us-west-2",
want: "us-west-2",
},
}

for _, tt := range tests {
Expand Down Expand Up @@ -139,7 +146,7 @@ func TestRunCreate(t *testing.T) {
{
name: "missing KMS type",
args: []string{
"--kms-region", "us-west-2",
"--aws-region", "us-west-2",
"--root-key-id", "test-root-key",
"--leaf-key-id", "test-leaf-key",
"--root-template", rootTmplPath,
Expand All @@ -152,9 +159,9 @@ func TestRunCreate(t *testing.T) {
name: "invalid KMS type",
args: []string{
"--kms-type", "invalid",
"--kms-region", "us-west-2",
"--root-key-id", "arn:aws:kms:us-west-2:123456789012:key/test-key",
"--leaf-key-id", "arn:aws:kms:us-west-2:123456789012:key/test-key",
"--aws-region", "us-west-2",
"--root-key-id", "test-root-key",
"--leaf-key-id", "test-leaf-key",
"--root-template", rootTmplPath,
"--leaf-template", leafTmplPath,
},
Expand All @@ -165,7 +172,7 @@ func TestRunCreate(t *testing.T) {
name: "missing root template",
args: []string{
"--kms-type", "awskms",
"--kms-region", "us-west-2",
"--aws-region", "us-west-2",
"--root-key-id", "arn:aws:kms:us-west-2:123456789012:key/test-key",
"--leaf-key-id", "arn:aws:kms:us-west-2:123456789012:key/test-key",
"--root-template", "nonexistent.json",
Expand All @@ -178,7 +185,7 @@ func TestRunCreate(t *testing.T) {
name: "missing leaf template",
args: []string{
"--kms-type", "awskms",
"--kms-region", "us-west-2",
"--aws-region", "us-west-2",
"--root-key-id", "arn:aws:kms:us-west-2:123456789012:key/test-key",
"--leaf-key-id", "arn:aws:kms:us-west-2:123456789012:key/test-key",
"--root-template", rootTmplPath,
Expand All @@ -193,7 +200,7 @@ func TestRunCreate(t *testing.T) {
"--kms-type", "gcpkms",
"--root-key-id", "projects/test-project/locations/global/keyRings/test-ring/cryptoKeys/test-key/cryptoKeyVersions/1",
"--leaf-key-id", "projects/test-project/locations/global/keyRings/test-ring/cryptoKeys/leaf-key/cryptoKeyVersions/1",
"--gcpkms-credentials-file", "/nonexistent/credentials.json",
"--gcp-credentials-file", "/nonexistent/credentials.json",
"--root-template", rootTmplPath,
"--leaf-template", leafTmplPath,
},
Expand Down Expand Up @@ -229,10 +236,10 @@ func TestRunCreate(t *testing.T) {

// Add all flags that runCreate expects
cmd.Flags().StringVar(&kmsType, "kms-type", "", "KMS provider type (awskms, gcpkms, azurekms)")
cmd.Flags().StringVar(&kmsRegion, "kms-region", "", "KMS region")
cmd.Flags().StringVar(&kmsRegion, "aws-region", "", "AWS KMS region")
cmd.Flags().StringVar(&kmsKeyID, "kms-key-id", "", "KMS key identifier")
cmd.Flags().StringVar(&kmsTenantID, "azure-tenant-id", "", "Azure KMS tenant ID")
cmd.Flags().StringVar(&kmsCredsFile, "gcpkms-credentials-file", "", "Path to credentials file for GCP KMS")
cmd.Flags().StringVar(&kmsCredsFile, "gcp-credentials-file", "", "Path to credentials file for GCP KMS")
cmd.Flags().StringVar(&rootKeyID, "root-key-id", "", "KMS key identifier for root certificate")
cmd.Flags().StringVar(&leafKeyID, "leaf-key-id", "", "KMS key identifier for leaf certificate")
cmd.Flags().StringVar(&rootTemplatePath, "root-template", "", "Path to root certificate template")
Expand Down Expand Up @@ -267,7 +274,7 @@ func TestCreateCommand(t *testing.T) {

// Add flags
cmd.Flags().StringVar(&kmsType, "kms-type", "", "KMS type")
cmd.Flags().StringVar(&kmsRegion, "kms-region", "", "KMS region")
cmd.Flags().StringVar(&kmsRegion, "aws-region", "", "AWS KMS region")
cmd.Flags().StringVar(&rootKeyID, "root-key-id", "", "Root key ID")
cmd.Flags().StringVar(&leafKeyID, "leaf-key-id", "", "Leaf key ID")

Expand All @@ -278,7 +285,7 @@ func TestCreateCommand(t *testing.T) {
// Test flag parsing
err = cmd.ParseFlags([]string{
"--kms-type", "awskms",
"--kms-region", "us-west-2",
"--aws-region", "us-west-2",
"--root-key-id", "arn:aws:kms:us-west-2:123456789012:key/1234abcd-12ab-34cd-56ef-1234567890ab",
"--leaf-key-id", "arn:aws:kms:us-west-2:123456789012:key/9876fedc-ba98-7654-3210-fedcba987654",
})
Expand Down

0 comments on commit bc6e5ae

Please sign in to comment.