fix: modified k8sanywhere implentation of get_ca_cert to use the kubernetes certificate name to find its respective secret and ca.crt

2026-01-16 13:39:10 -05:00
parent 8f111bcb8b
commit c6642db6fb
1 changed files with 33 additions and 8 deletions
--- a/harmony/src/domain/topology/k8s_anywhere/k8s_anywhere.rs
+++ b/harmony/src/domain/topology/k8s_anywhere/k8s_anywhere.rs
@@ -460,31 +460,56 @@ impl CertificateManagement for K8sAnywhereTopology {
        config: &CertificateManagementConfig,
    ) -> Result<String, PreparationError> {
        let namespace = config.namespace.clone().unwrap();
-
+        let certificate_gvk = GroupVersionKind {
+            group: "cert-manager.io".to_string(),
+            version: "v1".to_string(),
+            kind: "Certificate".to_string(),
+        };
        let client = self.k8s_client().await.unwrap();
+        let certificate_data = client
+            .get_resource_json_value(&cert_name, Some(&namespace), &certificate_gvk)
+            .await?
+            .data;
+
+        trace!("Certificate Data {:#?}", certificate_data);
+
+        let secret_name = certificate_data
+            .get("spec")
+            .ok_or_else(|| PreparationError {
+                msg: format!("failed to get spec from Certificate {}", cert_name),
+            })?
+            .get("secretName")
+            .ok_or_else(|| PreparationError {
+                msg: format!("failed to get secretName from Certificate {}", cert_name),
+            })?;
+
+        trace!("Secret Name {:#?}", secret_name);
+
+        let secret_name: String = serde_json::from_value(secret_name.clone())
+            .map_err(|e| PreparationError { msg: e.to_string() })?;

        let secret = client
-            .get_secret_json_value(&cert_name, Some(&namespace))
+            .get_secret_json_value(&secret_name, Some(&namespace))
            .await?
            .data;

        let ca_cert = secret
            .get("data")
            .ok_or_else(|| PreparationError {
-                msg: format!("failed to get data from secret {}", cert_name),
+                msg: format!("failed to get data from secret {}", secret_name),
            })?
            .get("ca.crt")
            .ok_or_else(|| PreparationError {
-                msg: format!("failed to get ca.crt from secret {}", cert_name),
+                msg: format!("failed to get ca.crt from secret {}", secret_name),
            })?;

-        trace!("{:#?}", ca_cert.clone());
+        trace!("ca.crt {:#?}", ca_cert.clone());

-        let cert: String = serde_json::from_value(ca_cert.clone())
+        let ca_cert: String = serde_json::from_value(ca_cert.clone())
            .map_err(|e| PreparationError { msg: e.to_string() })?;

-        trace!("{:#?}", cert.clone());
-        Ok(cert)
+        trace!("ca.crt string {:#?}", ca_cert.clone());
+        Ok(ca_cert)
    }
 }