diff --git a/appcreds/appcreds.go b/appcreds/appcreds.go index 22e1754..648bd54 100644 --- a/appcreds/appcreds.go +++ b/appcreds/appcreds.go @@ -28,32 +28,35 @@ func New(ctx context.Context, m manipulate.Manipulator, namespace string, name s creds := gaia.NewAppCredential() creds.Name = name creds.Roles = roles - creds.Namespace = namespace creds.AuthorizedSubnets = subnets - return NewWithAppCredential(ctx, m, creds) + if err := Create(ctx, m, namespace, creds); err != nil { + return nil, err + } + + return creds, nil } // Create generates a new CSR for the provided app credential and calls the upstream service using the supplied // manipulator to provision the app credential. The returned credential will have the private key used to generate the CSR // added back as an attribute. An error and a nil app cred reference is returned if CSR generation or the API call to the // upstream service failed. -func Create(ctx context.Context, m manipulate.Manipulator, ac *gaia.AppCredential) (*gaia.AppCredential, error) { +func Create(ctx context.Context, m manipulate.Manipulator, namespace string, ac *gaia.AppCredential) error { csr, pk, err := makeCSR() if err != nil { - return nil, err + return err } ac.CSR = string(csr) - if err := m.Create(manipulate.NewContext(ctx, manipulate.ContextOptionNamespace(ac.Namespace)), ac); err != nil { - return nil, err + if err := m.Create(manipulate.NewContext(ctx, manipulate.ContextOptionNamespace(namespace)), ac); err != nil { + return err } ac.Credentials.CertificateKey = base64.StdEncoding.EncodeToString(pk) - return ac, nil + return nil } // NewWithAppCredential creates a new *gaia.AppCredential from an *AppCredential diff --git a/appcreds/appcreds_test.go b/appcreds/appcreds_test.go index 6a1ff62..95a9213 100644 --- a/appcreds/appcreds_test.go +++ b/appcreds/appcreds_test.go @@ -138,33 +138,22 @@ func TestCreate(t *testing.T) { template.Protected = true template.Metadata = []string{"random=tag"} template.Roles = []string{"role=test"} - template.Namespace = "/ns" template.Annotations = map[string][]string{ "SomeKey1": {"SomeValue1"}, "SomeKey2": {"SomeValue2"}, } - c, err := Create(context.Background(), m, template) - - Convey("Then credential should have template information", func() { - So(c.Name, ShouldEqual, template.Name) - So(c.Description, ShouldEqual, template.Description) - So(c.Protected, ShouldEqual, template.Protected) - So(c.Metadata, ShouldResemble, template.Metadata) - So(c.Roles, ShouldResemble, template.Roles) - So(c.Namespace, ShouldEqual, template.Namespace) - So(c.Annotations, ShouldResemble, template.Annotations) - }) + err := Create(context.Background(), m, "/ns", template) Convey("Then err should be nil", func() { So(err, ShouldBeNil) }) Convey("Then the cred should be correct", func() { - So(c.Name, ShouldEqual, "name") - So(c.ID, ShouldEqual, "ID") - So(c.Namespace, ShouldEqual, "/ns") - So(c.Credentials.CertificateKey, ShouldNotBeEmpty) + So(template.Name, ShouldEqual, "name") + So(template.ID, ShouldEqual, "ID") + So(template.Namespace, ShouldEqual, "/ns") + So(template.Credentials.CertificateKey, ShouldNotBeEmpty) }) Convey("When I verify the csr", func() { @@ -199,18 +188,13 @@ func TestCreate(t *testing.T) { template.Protected = true template.Metadata = []string{"random=tag"} template.Roles = []string{"role=test"} - template.Namespace = "/ns" - c, err := Create(context.Background(), m, template) + err := Create(context.Background(), m, "/ns", template) Convey("Then err should not be nil", func() { So(err, ShouldNotBeNil) So(err.Error(), ShouldEqual, "boom") }) - - Convey("Then the cred should be nilt", func() { - So(c, ShouldBeNil) - }) }) }) }