github.com/kyma-project/kyma-environment-broker@v0.0.1/common/hyperscaler/account_provider.go (about) 1 package hyperscaler 2 3 import ( 4 "fmt" 5 6 "github.com/kyma-project/kyma-environment-broker/internal" 7 ) 8 9 //go:generate mockery --name=AccountProvider --output=automock --outpkg=automock --case=underscore 10 type AccountProvider interface { 11 GardenerSecretName(hyperscalerType Type, tenantName string, euAccess bool) (string, error) 12 GardenerSharedSecretName(hyperscalerType Type, euAccess bool) (string, error) 13 MarkUnusedGardenerSecretBindingAsDirty(hyperscalerType Type, tenantName string, euAccess bool) error 14 } 15 16 type Credentials struct { 17 Name string 18 HyperscalerType Type 19 CredentialData map[string][]byte 20 } 21 22 type accountProvider struct { 23 gardenerPool AccountPool 24 sharedGardenerPool SharedPool 25 } 26 27 func NewAccountProvider(gardenerPool AccountPool, sharedGardenerPool SharedPool) AccountProvider { 28 return &accountProvider{ 29 gardenerPool: gardenerPool, 30 sharedGardenerPool: sharedGardenerPool, 31 } 32 } 33 34 func FromCloudProvider(cp internal.CloudProvider) (Type, error) { 35 switch cp { 36 case internal.Azure: 37 return Azure, nil 38 case internal.AWS: 39 return AWS, nil 40 case internal.GCP: 41 return GCP, nil 42 case internal.Openstack: 43 return Openstack, nil 44 default: 45 return "", fmt.Errorf("cannot determine the type of Hyperscaler to use for cloud provider %s", cp) 46 } 47 } 48 49 func (p *accountProvider) GardenerSecretName(hyperscalerType Type, tenantName string, euAccess bool) (string, error) { 50 if p.gardenerPool == nil { 51 return "", fmt.Errorf("failed to get Gardener Credentials. Gardener Account pool is not configured for tenant %s", tenantName) 52 } 53 54 secretBinding, err := p.gardenerPool.CredentialsSecretBinding(hyperscalerType, tenantName, euAccess) 55 if err != nil { 56 return "", fmt.Errorf("failed to get Gardener Credentials for tenant %s: %w", tenantName, err) 57 } 58 59 return secretBinding.GetSecretRefName(), nil 60 } 61 62 func (p *accountProvider) GardenerSharedSecretName(hyperscalerType Type, euAccess bool) (string, error) { 63 if p.sharedGardenerPool == nil { 64 return "", fmt.Errorf("failed to get shared Secret Binding name. Gardener Shared Account pool is not configured for hyperscaler type %s", hyperscalerType) 65 } 66 67 secretBinding, err := p.sharedGardenerPool.SharedCredentialsSecretBinding(hyperscalerType, euAccess) 68 if err != nil { 69 return "", fmt.Errorf("getting shared secret binding: %w", err) 70 } 71 72 return secretBinding.GetSecretRefName(), nil 73 } 74 75 func (p *accountProvider) MarkUnusedGardenerSecretBindingAsDirty(hyperscalerType Type, tenantName string, euAccess bool) error { 76 if p.gardenerPool == nil { 77 return fmt.Errorf("failed to release subscription for tenant %s. Gardener Account pool is not configured", tenantName) 78 } 79 80 isInternal, err := p.gardenerPool.IsSecretBindingInternal(hyperscalerType, tenantName, euAccess) 81 if err != nil { 82 return fmt.Errorf("checking if secret binding is internal: %w", err) 83 } 84 if isInternal { 85 return nil 86 } 87 88 isDirty, err := p.gardenerPool.IsSecretBindingDirty(hyperscalerType, tenantName, euAccess) 89 if err != nil { 90 return fmt.Errorf("checking if secret binding is dirty: %w", err) 91 } 92 if isDirty { 93 return nil 94 } 95 96 isUsed, err := p.gardenerPool.IsSecretBindingUsed(hyperscalerType, tenantName, euAccess) 97 if err != nil { 98 return fmt.Errorf("cannot determine whether %s secret binding is used for tenant: %s: %w", hyperscalerType, tenantName, err) 99 } 100 if !isUsed { 101 return p.gardenerPool.MarkSecretBindingAsDirty(hyperscalerType, tenantName, euAccess) 102 } 103 104 return nil 105 }