github.com/argoproj/argo-cd/v3@v3.2.1/server/gpgkey/gpgkey.go (about) 1 package gpgkey 2 3 import ( 4 "context" 5 "errors" 6 "fmt" 7 "strings" 8 9 gpgkeypkg "github.com/argoproj/argo-cd/v3/pkg/apiclient/gpgkey" 10 appsv1 "github.com/argoproj/argo-cd/v3/pkg/apis/application/v1alpha1" 11 "github.com/argoproj/argo-cd/v3/util/db" 12 "github.com/argoproj/argo-cd/v3/util/gpg" 13 "github.com/argoproj/argo-cd/v3/util/rbac" 14 ) 15 16 // Server provides a service of type GPGKeyService 17 type Server struct { 18 db db.ArgoDB 19 enf *rbac.Enforcer 20 } 21 22 // NewServer returns a new instance of the service with type GPGKeyService 23 func NewServer(db db.ArgoDB, enf *rbac.Enforcer) *Server { 24 return &Server{ 25 db: db, 26 enf: enf, 27 } 28 } 29 30 // ListGnuPGPublicKeys returns a list of GnuPG public keys in the configuration 31 func (s *Server) List(ctx context.Context, _ *gpgkeypkg.GnuPGPublicKeyQuery) (*appsv1.GnuPGPublicKeyList, error) { 32 if err := s.enf.EnforceErr(ctx.Value("claims"), rbac.ResourceGPGKeys, rbac.ActionGet, ""); err != nil { 33 return nil, err 34 } 35 keys, err := s.db.ListConfiguredGPGPublicKeys(ctx) 36 if err != nil { 37 return nil, err 38 } 39 keyList := &appsv1.GnuPGPublicKeyList{} 40 for _, v := range keys { 41 // Remove key's data from list result to save some bytes 42 v.KeyData = "" 43 keyList.Items = append(keyList.Items, *v) 44 } 45 return keyList, nil 46 } 47 48 // GetGnuPGPublicKey retrieves a single GPG public key from the configuration 49 func (s *Server) Get(ctx context.Context, q *gpgkeypkg.GnuPGPublicKeyQuery) (*appsv1.GnuPGPublicKey, error) { 50 if err := s.enf.EnforceErr(ctx.Value("claims"), rbac.ResourceGPGKeys, rbac.ActionGet, ""); err != nil { 51 return nil, err 52 } 53 54 keyID := gpg.KeyID(q.KeyID) 55 if keyID == "" { 56 return nil, errors.New("KeyID is malformed or empty") 57 } 58 59 keys, err := s.db.ListConfiguredGPGPublicKeys(ctx) 60 if err != nil { 61 return nil, err 62 } 63 64 if key, ok := keys[keyID]; ok { 65 return key, nil 66 } 67 68 return nil, fmt.Errorf("no such key: %s", keyID) 69 } 70 71 // Create adds one or more GPG public keys to the server's configuration 72 func (s *Server) Create(ctx context.Context, q *gpgkeypkg.GnuPGPublicKeyCreateRequest) (*gpgkeypkg.GnuPGPublicKeyCreateResponse, error) { 73 if err := s.enf.EnforceErr(ctx.Value("claims"), rbac.ResourceGPGKeys, rbac.ActionCreate, ""); err != nil { 74 return nil, err 75 } 76 77 keyData := strings.TrimSpace(q.Publickey.KeyData) 78 if keyData == "" { 79 return nil, errors.New("submitted key data is empty") 80 } 81 82 added, skipped, err := s.db.AddGPGPublicKey(ctx, q.Publickey.KeyData) 83 if err != nil { 84 return nil, err 85 } 86 87 items := make([]appsv1.GnuPGPublicKey, 0) 88 for _, k := range added { 89 items = append(items, *k) 90 } 91 92 response := &gpgkeypkg.GnuPGPublicKeyCreateResponse{ 93 Created: &appsv1.GnuPGPublicKeyList{Items: items}, 94 Skipped: skipped, 95 } 96 97 return response, nil 98 } 99 100 // DeleteGnuPGPublicKey removes a single GPG public key from the server's configuration 101 func (s *Server) Delete(ctx context.Context, q *gpgkeypkg.GnuPGPublicKeyQuery) (*gpgkeypkg.GnuPGPublicKeyResponse, error) { 102 if err := s.enf.EnforceErr(ctx.Value("claims"), rbac.ResourceGPGKeys, rbac.ActionDelete, ""); err != nil { 103 return nil, err 104 } 105 106 err := s.db.DeleteGPGPublicKey(ctx, q.KeyID) 107 if err != nil { 108 return nil, err 109 } 110 111 return &gpgkeypkg.GnuPGPublicKeyResponse{}, nil 112 }