github.com/mponton/terratest@v0.44.0/modules/gcp/oslogin.go

github.com/mponton/terratest@v0.44.0/modules/gcp/oslogin.go (about)

     1  package gcp
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  
     7  	"github.com/mponton/terratest/modules/logger"
     8  	"github.com/mponton/terratest/modules/testing"
     9  	"github.com/stretchr/testify/require"
    10  	"golang.org/x/oauth2/google"
    11  	"google.golang.org/api/compute/v1"
    12  	"google.golang.org/api/oslogin/v1"
    13  )
    14  
    15  // ImportSSHKey will import an SSH key to GCP under the provided user identity.
    16  // The `user` parameter should be the email address of the user.
    17  // The `key` parameter should be the public key of the SSH key being uploaded.
    18  // This will fail the test if there is an error.
    19  func ImportSSHKey(t testing.TestingT, user, key string) {
    20  	require.NoErrorf(t, ImportSSHKeyE(t, user, key), "Could not add SSH Key to user %s", user)
    21  }
    22  
    23  // ImportSSHKeyE will import an SSH key to GCP under the provided user identity.
    24  // The `user` parameter should be the email address of the user.
    25  // The `key` parameter should be the public key of the SSH key being uploaded.
    26  func ImportSSHKeyE(t testing.TestingT, user, key string) error {
    27  	logger.Logf(t, "Importing SSH key for user %s", user)
    28  
    29  	ctx := context.Background()
    30  	service, err := NewOSLoginServiceE(t)
    31  	if err != nil {
    32  		return err
    33  	}
    34  
    35  	parent := fmt.Sprintf("users/%s", user)
    36  
    37  	sshPublicKey := &oslogin.SshPublicKey{
    38  		Key: key,
    39  	}
    40  
    41  	_, err = service.Users.ImportSshPublicKey(parent, sshPublicKey).Context(ctx).Do()
    42  	if err != nil {
    43  		return err
    44  	}
    45  
    46  	return nil
    47  }
    48  
    49  // DeleteSSHKey will delete an SSH key attached to the provided user identity.
    50  // The `user` parameter should be the email address of the user.
    51  // The `key` parameter should be the public key of the SSH key that was uploaded.
    52  // This will fail the test if there is an error.
    53  func DeleteSSHKey(t testing.TestingT, user, key string) {
    54  	require.NoErrorf(t, DeleteSSHKeyE(t, user, key), "Could not delete SSH Key for user %s", user)
    55  }
    56  
    57  // DeleteSSHKeyE will delete an SSH key attached to the provided user identity.
    58  // The `user` parameter should be the email address of the user.
    59  // The `key` parameter should be the public key of the SSH key that was uploaded.
    60  func DeleteSSHKeyE(t testing.TestingT, user, key string) error {
    61  	logger.Logf(t, "Deleting SSH key for user %s", user)
    62  
    63  	ctx := context.Background()
    64  	service, err := NewOSLoginServiceE(t)
    65  	if err != nil {
    66  		return err
    67  	}
    68  
    69  	loginProfile := GetLoginProfile(t, user)
    70  
    71  	for _, v := range loginProfile.SshPublicKeys {
    72  		if key == v.Key {
    73  			path := fmt.Sprintf("users/%s/sshPublicKeys/%s", user, v.Fingerprint)
    74  			_, err = service.Users.SshPublicKeys.Delete(path).Context(ctx).Do()
    75  			break
    76  		}
    77  	}
    78  
    79  	if err != nil {
    80  		return err
    81  	}
    82  
    83  	return nil
    84  }
    85  
    86  // GetLoginProfile will retrieve the login profile for a user's Google identity. The login profile is a combination of OS Login + gcloud SSH keys and POSIX
    87  // accounts the user will appear as. Generally, this will only be the OS Login key + account, but `gcloud compute ssh` could create temporary keys and profiles.
    88  // The `user` parameter should be the email address of the user.
    89  // This will fail the test if there is an error.
    90  func GetLoginProfile(t testing.TestingT, user string) *oslogin.LoginProfile {
    91  	profile, err := GetLoginProfileE(t, user)
    92  	require.NoErrorf(t, err, "Could not get login profile for user %s", user)
    93  
    94  	return profile
    95  }
    96  
    97  // GetLoginProfileE will retrieve the login profile for a user's Google identity. The login profile is a combination of OS Login + gcloud SSH keys and POSIX
    98  // accounts the user will appear as. Generally, this will only be the OS Login key + account, but `gcloud compute ssh` could create temporary keys and profiles.
    99  // The `user` parameter should be the email address of the user.
   100  func GetLoginProfileE(t testing.TestingT, user string) (*oslogin.LoginProfile, error) {
   101  	logger.Logf(t, "Getting login profile for user %s", user)
   102  
   103  	ctx := context.Background()
   104  	service, err := NewOSLoginServiceE(t)
   105  	if err != nil {
   106  		return nil, err
   107  	}
   108  
   109  	name := fmt.Sprintf("users/%s", user)
   110  
   111  	profile, err := service.Users.GetLoginProfile(name).Context(ctx).Do()
   112  	if err != nil {
   113  		return nil, err
   114  	}
   115  
   116  	return profile, nil
   117  }
   118  
   119  // NewOSLoginServiceE creates a new OS Login service, which is used to make OS Login API calls.
   120  func NewOSLoginServiceE(t testing.TestingT) (*oslogin.Service, error) {
   121  	ctx := context.Background()
   122  
   123  	client, err := google.DefaultClient(ctx, compute.CloudPlatformScope)
   124  	if err != nil {
   125  		return nil, fmt.Errorf("Failed to get default client: %v", err)
   126  	}
   127  
   128  	service, err := oslogin.New(client)
   129  	if err != nil {
   130  		return nil, err
   131  	}
   132  
   133  	return service, nil
   134  }