yunion.io/x/cloudmux@v0.3.10-0-alpha.1/pkg/multicloud/google/loadbalancer_cert.go

yunion.io/x/cloudmux@v0.3.10-0-alpha.1/pkg/multicloud/google/loadbalancer_cert.go (about)

     1  // Copyright 2019 Yunion
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package google
    16  
    17  import (
    18  	"crypto/sha256"
    19  	"crypto/x509"
    20  	"encoding/hex"
    21  	"encoding/pem"
    22  	"strings"
    23  	"time"
    24  
    25  	"yunion.io/x/log"
    26  	"yunion.io/x/pkg/errors"
    27  
    28  	api "yunion.io/x/cloudmux/pkg/apis/compute"
    29  	"yunion.io/x/cloudmux/pkg/cloudprovider"
    30  )
    31  
    32  type SLoadbalancerCertificate struct {
    33  	region *SRegion
    34  	SResourceBase
    35  	cert *x509.Certificate
    36  
    37  	ID                string      `json:"id"`
    38  	CreationTimestamp string      `json:"creationTimestamp"`
    39  	Certificate       string      `json:"certificate"`
    40  	SelfManaged       SelfManaged `json:"selfManaged"`
    41  	Type              string      `json:"type"`
    42  	ExpireTime        time.Time   `json:"expireTime"`
    43  	Region            string      `json:"region"`
    44  	Kind              string      `json:"kind"`
    45  }
    46  
    47  type SelfManaged struct {
    48  	Certificate string `json:"certificate"`
    49  }
    50  
    51  func (self *SLoadbalancerCertificate) GetStatus() string {
    52  	return api.LB_STATUS_ENABLED
    53  }
    54  
    55  func (self *SLoadbalancerCertificate) Refresh() error {
    56  	return nil
    57  }
    58  
    59  func (self *SLoadbalancerCertificate) IsEmulated() bool {
    60  	return false
    61  }
    62  
    63  func (self *SLoadbalancerCertificate) GetCreatedAt() time.Time {
    64  	return time.Time{}
    65  }
    66  
    67  func (self *SLoadbalancerCertificate) GetSysTags() map[string]string {
    68  	return nil
    69  }
    70  
    71  func (self *SLoadbalancerCertificate) GetTags() (map[string]string, error) {
    72  	return nil, nil
    73  }
    74  
    75  func (self *SLoadbalancerCertificate) SetTags(tags map[string]string, replace bool) error {
    76  	return cloudprovider.ErrNotSupported
    77  }
    78  
    79  func (self *SLoadbalancerCertificate) GetProjectId() string {
    80  	return self.region.GetProjectId()
    81  }
    82  
    83  func (self *SLoadbalancerCertificate) Sync(name, privateKey, publickKey string) error {
    84  	return cloudprovider.ErrNotSupported
    85  }
    86  
    87  func (self *SLoadbalancerCertificate) Delete() error {
    88  	return cloudprovider.ErrNotSupported
    89  }
    90  
    91  func (self *SLoadbalancerCertificate) GetCommonName() string {
    92  	c := self.getCert()
    93  	if c == nil {
    94  		return ""
    95  	}
    96  	return c.Subject.CommonName
    97  }
    98  
    99  func (self *SLoadbalancerCertificate) GetSubjectAlternativeNames() string {
   100  	c := self.getCert()
   101  	if c == nil {
   102  		return ""
   103  	}
   104  
   105  	names := []string{}
   106  	for i := range c.Extensions {
   107  		names = append(names, string(c.Extensions[i].Value))
   108  	}
   109  
   110  	return strings.Join(names, ",")
   111  }
   112  
   113  func (self *SLoadbalancerCertificate) getCert() *x509.Certificate {
   114  	if self.cert != nil {
   115  		return self.cert
   116  	}
   117  
   118  	p, _ := pem.Decode([]byte(self.Certificate))
   119  	c, err := x509.ParseCertificate(p.Bytes)
   120  	if err != nil {
   121  		log.Errorf("get certificate %s(%s): %s", self.Name, self.GetId(), err)
   122  		return nil
   123  	}
   124  
   125  	self.cert = c
   126  	return c
   127  }
   128  
   129  func (self *SLoadbalancerCertificate) GetFingerprint() string {
   130  	c := self.getCert()
   131  	if c == nil {
   132  		return ""
   133  	}
   134  	d := sha256.Sum256(c.Raw)
   135  	return api.LB_TLS_CERT_FINGERPRINT_ALGO_SHA256 + ":" + hex.EncodeToString(d[:])
   136  }
   137  
   138  func (self *SLoadbalancerCertificate) GetExpireTime() time.Time {
   139  	return self.ExpireTime
   140  }
   141  
   142  func (self *SLoadbalancerCertificate) GetPublickKey() string {
   143  	return ""
   144  }
   145  
   146  func (self *SLoadbalancerCertificate) GetPrivateKey() string {
   147  	return ""
   148  }
   149  
   150  func (self *SRegion) GetILoadBalancerCertificates() ([]cloudprovider.ICloudLoadbalancerCertificate, error) {
   151  	certs, err := self.GetRegionalSslCertificates("")
   152  	if err != nil {
   153  		return nil, errors.Wrap(err, "GetRegionalSslCertificates")
   154  	}
   155  
   156  	icerts := make([]cloudprovider.ICloudLoadbalancerCertificate, len(certs))
   157  	for i := range certs {
   158  		icerts[i] = &certs[i]
   159  	}
   160  
   161  	return icerts, nil
   162  }
   163  
   164  func (self *SRegion) GetILoadBalancerCertificateById(certId string) (cloudprovider.ICloudLoadbalancerCertificate, error) {
   165  	ret := SLoadbalancerCertificate{}
   166  	err := self.GetBySelfId(certId, &ret)
   167  	if err != nil {
   168  		return nil, errors.Wrap(err, "Get")
   169  	}
   170  	ret.region = self
   171  	return &ret, nil
   172  }