fix: modified k8sanywhere implentation of get_ca_cert to use the kubernetes certificate name to find its respective secret and ca.crt

feat: added fn get_ca_cert to trait certificateManagement
2026-01-16 13:39:10 -05:00 · 2026-01-16 13:16:06 -05:00
2 changed files with 64 additions and 0 deletions
--- a/harmony/src/domain/topology/k8s_anywhere/k8s_anywhere.rs
+++ b/harmony/src/domain/topology/k8s_anywhere/k8s_anywhere.rs
@@ -453,6 +453,64 @@ impl CertificateManagement for K8sAnywhereTopology {
            details: format!("Created cert into ns: {:#?}", config.namespace.clone()),
        })
    }
+
+    async fn get_ca_certificate(
+        &self,
+        cert_name: String,
+        config: &CertificateManagementConfig,
+    ) -> Result<String, PreparationError> {
+        let namespace = config.namespace.clone().unwrap();
+        let certificate_gvk = GroupVersionKind {
+            group: "cert-manager.io".to_string(),
+            version: "v1".to_string(),
+            kind: "Certificate".to_string(),
+        };
+        let client = self.k8s_client().await.unwrap();
+        let certificate_data = client
+            .get_resource_json_value(&cert_name, Some(&namespace), &certificate_gvk)
+            .await?
+            .data;
+
+        trace!("Certificate Data {:#?}", certificate_data);
+
+        let secret_name = certificate_data
+            .get("spec")
+            .ok_or_else(|| PreparationError {
+                msg: format!("failed to get spec from Certificate {}", cert_name),
+            })?
+            .get("secretName")
+            .ok_or_else(|| PreparationError {
+                msg: format!("failed to get secretName from Certificate {}", cert_name),
+            })?;
+
+        trace!("Secret Name {:#?}", secret_name);
+
+        let secret_name: String = serde_json::from_value(secret_name.clone())
+            .map_err(|e| PreparationError { msg: e.to_string() })?;
+
+        let secret = client
+            .get_secret_json_value(&secret_name, Some(&namespace))
+            .await?
+            .data;
+
+        let ca_cert = secret
+            .get("data")
+            .ok_or_else(|| PreparationError {
+                msg: format!("failed to get data from secret {}", secret_name),
+            })?
+            .get("ca.crt")
+            .ok_or_else(|| PreparationError {
+                msg: format!("failed to get ca.crt from secret {}", secret_name),
+            })?;
+
+        trace!("ca.crt {:#?}", ca_cert.clone());
+
+        let ca_cert: String = serde_json::from_value(ca_cert.clone())
+            .map_err(|e| PreparationError { msg: e.to_string() })?;
+
+        trace!("ca.crt string {:#?}", ca_cert.clone());
+        Ok(ca_cert)
+    }
 }

 impl K8sAnywhereTopology {
--- a/harmony/src/modules/cert_manager/capability.rs
+++ b/harmony/src/modules/cert_manager/capability.rs
@@ -28,6 +28,12 @@ pub trait CertificateManagement: Send + Sync {
        issuer_name: String,
        config: &CertificateManagementConfig,
    ) -> Result<PreparationOutcome, PreparationError>;
+
+    async fn get_ca_certificate(
+        &self,
+        cert_name: String,
+        config: &CertificateManagementConfig,
+    ) -> Result<String, PreparationError>;
 }

 #[derive(Debug, Clone, Serialize)]
Author	SHA1	Message	Date
wjro	c6642db6fb	fix: modified k8sanywhere implentation of get_ca_cert to use the kubernetes certificate name to find its respective secret and ca.crt All checks were successful Run Check Script / check (pull_request) Successful in 1m46s Details	2026-01-16 13:39:10 -05:00
wjro	8f111bcb8b	feat: added fn get_ca_cert to trait certificateManagement All checks were successful Run Check Script / check (pull_request) Successful in 1m40s Details	2026-01-16 13:16:06 -05:00