From 8f111bcb8b1413dcd102ac3700751228eb89ad59 Mon Sep 17 00:00:00 2001
From: wjro <wrolleman@nationtech.io>
Date: Fri, 16 Jan 2026 13:16:06 -0500
Subject: [PATCH] feat: added fn get_ca_cert to trait certificateManagement

---
 .../topology/k8s_anywhere/k8s_anywhere.rs     | 33 +++++++++++++++++++
 .../src/modules/cert_manager/capability.rs    |  6 ++++
 2 files changed, 39 insertions(+)

diff --git a/harmony/src/domain/topology/k8s_anywhere/k8s_anywhere.rs b/harmony/src/domain/topology/k8s_anywhere/k8s_anywhere.rs
index 4760b2e..0476ac3 100644
--- a/harmony/src/domain/topology/k8s_anywhere/k8s_anywhere.rs
+++ b/harmony/src/domain/topology/k8s_anywhere/k8s_anywhere.rs
@@ -453,6 +453,39 @@ impl CertificateManagement for K8sAnywhereTopology {
             details: format!("Created cert into ns: {:#?}", config.namespace.clone()),
         })
     }
+
+    async fn get_ca_certificate(
+        &self,
+        cert_name: String,
+        config: &CertificateManagementConfig,
+    ) -> Result<String, PreparationError> {
+        let namespace = config.namespace.clone().unwrap();
+
+        let client = self.k8s_client().await.unwrap();
+
+        let secret = client
+            .get_secret_json_value(&cert_name, Some(&namespace))
+            .await?
+            .data;
+
+        let ca_cert = secret
+            .get("data")
+            .ok_or_else(|| PreparationError {
+                msg: format!("failed to get data from secret {}", cert_name),
+            })?
+            .get("ca.crt")
+            .ok_or_else(|| PreparationError {
+                msg: format!("failed to get ca.crt from secret {}", cert_name),
+            })?;
+
+        trace!("{:#?}", ca_cert.clone());
+
+        let cert: String = serde_json::from_value(ca_cert.clone())
+            .map_err(|e| PreparationError { msg: e.to_string() })?;
+
+        trace!("{:#?}", cert.clone());
+        Ok(cert)
+    }
 }
 
 impl K8sAnywhereTopology {
diff --git a/harmony/src/modules/cert_manager/capability.rs b/harmony/src/modules/cert_manager/capability.rs
index a280660..f39f6e6 100644
--- a/harmony/src/modules/cert_manager/capability.rs
+++ b/harmony/src/modules/cert_manager/capability.rs
@@ -28,6 +28,12 @@ pub trait CertificateManagement: Send + Sync {
         issuer_name: String,
         config: &CertificateManagementConfig,
     ) -> Result<PreparationOutcome, PreparationError>;
+
+    async fn get_ca_certificate(
+        &self,
+        cert_name: String,
+        config: &CertificateManagementConfig,
+    ) -> Result<String, PreparationError>;
 }
 
 #[derive(Debug, Clone, Serialize)]