diff --git a/harmony/src/domain/topology/k8s_anywhere/k8s_anywhere.rs b/harmony/src/domain/topology/k8s_anywhere/k8s_anywhere.rs index 4760b2e..0476ac3 100644 --- a/harmony/src/domain/topology/k8s_anywhere/k8s_anywhere.rs +++ b/harmony/src/domain/topology/k8s_anywhere/k8s_anywhere.rs @@ -453,6 +453,39 @@ impl CertificateManagement for K8sAnywhereTopology { details: format!("Created cert into ns: {:#?}", config.namespace.clone()), }) } + + async fn get_ca_certificate( + &self, + cert_name: String, + config: &CertificateManagementConfig, + ) -> Result { + let namespace = config.namespace.clone().unwrap(); + + let client = self.k8s_client().await.unwrap(); + + let secret = client + .get_secret_json_value(&cert_name, Some(&namespace)) + .await? + .data; + + let ca_cert = secret + .get("data") + .ok_or_else(|| PreparationError { + msg: format!("failed to get data from secret {}", cert_name), + })? + .get("ca.crt") + .ok_or_else(|| PreparationError { + msg: format!("failed to get ca.crt from secret {}", cert_name), + })?; + + trace!("{:#?}", ca_cert.clone()); + + let cert: String = serde_json::from_value(ca_cert.clone()) + .map_err(|e| PreparationError { msg: e.to_string() })?; + + trace!("{:#?}", cert.clone()); + Ok(cert) + } } impl K8sAnywhereTopology { diff --git a/harmony/src/modules/cert_manager/capability.rs b/harmony/src/modules/cert_manager/capability.rs index a280660..f39f6e6 100644 --- a/harmony/src/modules/cert_manager/capability.rs +++ b/harmony/src/modules/cert_manager/capability.rs @@ -28,6 +28,12 @@ pub trait CertificateManagement: Send + Sync { issuer_name: String, config: &CertificateManagementConfig, ) -> Result; + + async fn get_ca_certificate( + &self, + cert_name: String, + config: &CertificateManagementConfig, + ) -> Result; } #[derive(Debug, Clone, Serialize)]