[OOM-K8S-CERT-EXTERNAL-PROVIDER] Mock implementaion enhanced (part II)

Rename CertServiceIssuer -> CMPv2Issuer
Checking for Issuer.Kind (has to be CMPv2Issuer)
Introduced exit codes
Refactoring file names and packages
Moved tests to main package (according to GOlang convention)

Issue-ID: OOM-2559
Signed-off-by: Jan Malkiewicz <jan.malkiewicz@nokia.com>
Change-Id: I710d9f6c9bd22318e5152e5215b78d5a9e7b4540

1 files changed, 0 insertions, 164 deletions

diff --git a/certServiceK8sExternalProvider/src/certservice-provisioner/certservice-provisioner.go b/certServiceK8sExternalProvider/src/certservice-provisioner/certservice-provisioner.go
deleted file mode 100644
index 262e708b..00000000
--- a/certServiceK8sExternalProvider/src/certservice-provisioner/certservice-provisioner.go
+++ /dev/null
@@ -1,164 +0,0 @@
-/*
- * ============LICENSE_START=======================================================
- * oom-certservice-k8s-external-provider
- * ================================================================================
- * Copyright (c) 2019 Smallstep Labs, Inc.
- * Modifications copyright (C) 2020 Nokia. All rights reserved.
- * ================================================================================
- * This source code was copied from the following git repository:
- * https://github.com/smallstep/step-issuer
- * The source code was modified for usage in the ONAP project.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package provisioners
-
-import (
-	"bytes"
-	"context"
-	"crypto/x509"
-	"encoding/base64"
-	"encoding/pem"
-	"fmt"
-	certmanager "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
-	"k8s.io/apimachinery/pkg/types"
-	"onap.org/oom-certservice/k8s-external-provider/src/api"
-	ctrl "sigs.k8s.io/controller-runtime"
-	"sync"
-)
-
-var collection = new(sync.Map)
-
-type CertServiceCA struct {
-	name string
-	url  string
-	key  []byte
-}
-
-func New(certServiceIssuer *api.CertServiceIssuer, key []byte) (*CertServiceCA, error) {
-
-	ca := CertServiceCA{}
-	ca.name = certServiceIssuer.Name
-	ca.url = certServiceIssuer.Spec.URL
-	ca.key = key
-
-	log := ctrl.Log.WithName("certservice-provisioner")
-	log.Info("Configuring CA: ", "name", ca.name, "url", ca.url, "key", ca.key)
-
-	return &ca, nil
-}
-
-func Load(namespacedName types.NamespacedName) (*CertServiceCA, bool) {
-	provisioner, ok := collection.Load(namespacedName)
-	if !ok {
-		return nil, ok
-	}
-	certServiceCAprovisioner, ok := provisioner.(*CertServiceCA)
-	return certServiceCAprovisioner, ok
-}
-
-func Store(namespacedName types.NamespacedName, provisioner *CertServiceCA) {
-	collection.Store(namespacedName, provisioner)
-}
-
-func (ca *CertServiceCA) Sign(ctx context.Context, certificateRequest *certmanager.CertificateRequest) ([]byte, []byte, error) {
-	log := ctrl.Log.WithName("certservice-provisioner")
-	log.Info("Signing certificate: ", "cert-name", certificateRequest.Name)
-
-	key, _ := base64.RawStdEncoding.DecodeString(string(ca.key))
-	log.Info("CA: ", "name", ca.name, "url", ca.url, "key", key)
-
-	crPEM := certificateRequest.Spec.Request
-	csrBase64 := crPEM
-	log.Info("Csr PEM: ", "bytes", csrBase64)
-
-	csr, err := decodeCSR(crPEM)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	cert := x509.Certificate{}
-	cert.Raw = csr.Raw
-
-	// TODO
-	// write here code which will call CertServiceCA and sign CSR
-	// END
-
-	encodedPEM, err := encodeX509(&cert)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	signedPEM := encodedPEM
-	trustedCA := encodedPEM
-
-	log.Info("Successfully signed: ", "cert-name", certificateRequest.Name)
-	log.Info("Signed cert PEM: ", "bytes", signedPEM)
-	log.Info("Trusted CA  PEM: ", "bytes", trustedCA)
-
-	return signedPEM, trustedCA, nil
-}
-
-// TODO JM utility methods - will be used in "real" implementation
-
-// decodeCSR decodes a certificate request in PEM format and returns the
-func decodeCSR(data []byte) (*x509.CertificateRequest, error) {
-	block, rest := pem.Decode(data)
-	if block == nil || len(rest) > 0 {
-		return nil, fmt.Errorf("unexpected CSR PEM on sign request")
-	}
-	if block.Type != "CERTIFICATE REQUEST" {
-		return nil, fmt.Errorf("PEM is not a certificate request")
-	}
-	csr, err := x509.ParseCertificateRequest(block.Bytes)
-	if err != nil {
-		return nil, fmt.Errorf("error parsing certificate request: %v", err)
-	}
-	if err := csr.CheckSignature(); err != nil {
-		return nil, fmt.Errorf("error checking certificate request signature: %v", err)
-	}
-	return csr, nil
-}
-
-// encodeX509 will encode a *x509.Certificate into PEM format.
-func encodeX509(cert *x509.Certificate) ([]byte, error) {
-	caPem := bytes.NewBuffer([]byte{})
-	err := pem.Encode(caPem, &pem.Block{Type: "CERTIFICATE", Bytes: cert.Raw})
-	if err != nil {
-		return nil, err
-	}
-	return caPem.Bytes(), nil
-}
-
-// generateSubject returns the first SAN that is not 127.0.0.1 or localhost. The
-// CSRs generated by the Certificate resource have always those SANs. If no SANs
-// are available `certservice-issuer-certificate` will be used as a subject is always
-// required.
-func generateSubject(sans []string) string {
-	if len(sans) == 0 {
-		return "certservice-issuer-certificate"
-	}
-	for _, s := range sans {
-		if s != "127.0.0.1" && s != "localhost" {
-			return s
-		}
-	}
-	return sans[0]
-}
-
-func decode(cert string) []byte {
-	bytes, _ := base64.RawStdEncoding.DecodeString(cert)
-	return bytes
-}