You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by sr...@apache.org on 2023/03/13 05:19:49 UTC
[trafficcontrol] branch master updated: adding sslkey_expirations methods in clients (#7388)
This is an automated email from the ASF dual-hosted git repository.
srijeet0406 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new 5e1bca79ea adding sslkey_expirations methods in clients (#7388)
5e1bca79ea is described below
commit 5e1bca79ea5538c3b9cfa64cdf58f1c2ae1ee731
Author: Ashish P <as...@cable.comcast.com>
AuthorDate: Sun Mar 12 23:19:42 2023 -0600
adding sslkey_expirations methods in clients (#7388)
* adding sslkey_expirations methods in clients
* update changelog
* adding tests
* adding comments for go Docs
---------
Co-authored-by: Ashish Paudyal <ap...@cable.comcast.com>
---
CHANGELOG.md | 1 +
lib/go-tc/sslkey_expirations.go | 26 +++++++++
.../testing/api/v4/sslkey_expirations_test.go | 66 ++++++++++++++++++++++
.../testing/api/v5/sslkey_expirations_test.go | 66 ++++++++++++++++++++++
traffic_ops/v4-client/sslkey_expirations.go | 33 +++++++++++
traffic_ops/v5-client/sslkey_expirations.go | 33 +++++++++++
6 files changed, 225 insertions(+)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index d781932e2a..2c5b69e0ea 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -32,6 +32,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
- [#7322](https://github.com/apache/trafficcontrol/issues/7322) *t3c Adds support for anycast on http routed edges.
- [#7367](https://github.com/apache/trafficcontrol/pull/7367) *Traffic Ops* Adds ACME:CREATE, ACME:DELETE, ACME:DELETE, and ACME:READ permissions to operations role.
- [#7380](https://github.com/apache/trafficcontrol/pull/7380) *Traffic Portal* Adds strikethrough (expired), red (7 days until expiration) and yellow (30 days until expiration) visuals to delivery service cert expiration grid rows.
+- [#7388](https://github.com/apache/trafficcontrol/pull/7388) *TC go Client* Adds sslkey_expiration methodology in v4 and v5 clients
### Changed
- [#7369](https://github.com/apache/trafficcontrol/pull/7369) *Traffic Portal* Adds better labels to routing methods widget on the TP dashboard.
diff --git a/lib/go-tc/sslkey_expirations.go b/lib/go-tc/sslkey_expirations.go
new file mode 100644
index 0000000000..6d5b7ebad6
--- /dev/null
+++ b/lib/go-tc/sslkey_expirations.go
@@ -0,0 +1,26 @@
+package tc
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+// SSLKeyExpirationGetResponse is the format of a response to a GET request for API /sslkey_expirations endpoint.
+type SSLKeyExpirationGetResponse struct {
+ Response []SSLKeyExpirationInformation `json:"response"`
+ Alerts
+}
diff --git a/traffic_ops/testing/api/v4/sslkey_expirations_test.go b/traffic_ops/testing/api/v4/sslkey_expirations_test.go
new file mode 100644
index 0000000000..0e454410b9
--- /dev/null
+++ b/traffic_ops/testing/api/v4/sslkey_expirations_test.go
@@ -0,0 +1,66 @@
+package v4
+
+/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+import (
+ "net/http"
+ "net/url"
+ "testing"
+
+ "github.com/apache/trafficcontrol/lib/go-tc"
+ "github.com/apache/trafficcontrol/traffic_ops/testing/api/utils"
+ client "github.com/apache/trafficcontrol/traffic_ops/v4-client"
+)
+
+func TestSSLExpirations(t *testing.T) {
+
+ if !includeSystemTests {
+ t.Skip()
+ }
+
+ methodTests := utils.TestCase[client.Session, client.RequestOptions, struct{}]{
+ "GET": {
+ "OK when VALID request": {
+ ClientSession: TOSession,
+ Expectations: utils.CkRequest(utils.NoError(), utils.HasStatus(http.StatusOK)),
+ },
+ "OK when VALID DAYS PARAMETER": {
+ ClientSession: TOSession,
+ RequestOpts: client.RequestOptions{QueryParameters: url.Values{"days": {"30"}}},
+ Expectations: utils.CkRequest(utils.NoError(), utils.HasStatus(http.StatusOK)),
+ },
+ "UNAUTHORIZED when NOT LOGGED IN": {
+ ClientSession: NoAuthTOSession,
+ Expectations: utils.CkRequest(utils.HasError(), utils.HasStatus(http.StatusUnauthorized)),
+ },
+ },
+ }
+
+ for method, testCases := range methodTests {
+ t.Run(method, func(t *testing.T) {
+ for name, testCase := range testCases {
+ switch method {
+ case "GET":
+ t.Run(name, func(t *testing.T) {
+ resp, reqInf, err := testCase.ClientSession.GetExpiringCerts(testCase.RequestOpts)
+ for _, check := range testCase.Expectations {
+ check(t, reqInf, resp, tc.Alerts{}, err)
+ }
+ })
+ }
+ }
+ })
+ }
+}
diff --git a/traffic_ops/testing/api/v5/sslkey_expirations_test.go b/traffic_ops/testing/api/v5/sslkey_expirations_test.go
new file mode 100644
index 0000000000..14559695c5
--- /dev/null
+++ b/traffic_ops/testing/api/v5/sslkey_expirations_test.go
@@ -0,0 +1,66 @@
+package v5
+
+/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+import (
+ "net/http"
+ "net/url"
+ "testing"
+
+ "github.com/apache/trafficcontrol/lib/go-tc"
+ "github.com/apache/trafficcontrol/traffic_ops/testing/api/utils"
+ client "github.com/apache/trafficcontrol/traffic_ops/v5-client"
+)
+
+func TestSSLExpirations(t *testing.T) {
+
+ if !includeSystemTests {
+ t.Skip()
+ }
+
+ methodTests := utils.TestCase[client.Session, client.RequestOptions, struct{}]{
+ "GET": {
+ "OK when VALID request": {
+ ClientSession: TOSession,
+ Expectations: utils.CkRequest(utils.NoError(), utils.HasStatus(http.StatusOK)),
+ },
+ "OK when VALID DAYS PARAMETER": {
+ ClientSession: TOSession,
+ RequestOpts: client.RequestOptions{QueryParameters: url.Values{"days": {"30"}}},
+ Expectations: utils.CkRequest(utils.NoError(), utils.HasStatus(http.StatusOK)),
+ },
+ "UNAUTHORIZED when NOT LOGGED IN": {
+ ClientSession: NoAuthTOSession,
+ Expectations: utils.CkRequest(utils.HasError(), utils.HasStatus(http.StatusUnauthorized)),
+ },
+ },
+ }
+
+ for method, testCases := range methodTests {
+ t.Run(method, func(t *testing.T) {
+ for name, testCase := range testCases {
+ switch method {
+ case "GET":
+ t.Run(name, func(t *testing.T) {
+ resp, reqInf, err := testCase.ClientSession.GetExpiringCerts(testCase.RequestOpts)
+ for _, check := range testCase.Expectations {
+ check(t, reqInf, resp, tc.Alerts{}, err)
+ }
+ })
+ }
+ }
+ })
+ }
+}
diff --git a/traffic_ops/v4-client/sslkey_expirations.go b/traffic_ops/v4-client/sslkey_expirations.go
new file mode 100644
index 0000000000..db29b65a4a
--- /dev/null
+++ b/traffic_ops/v4-client/sslkey_expirations.go
@@ -0,0 +1,33 @@
+/*
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+*/
+
+// Package client provides Go bindings to the Traffic Ops RPC API.
+package client
+
+import (
+ "github.com/apache/trafficcontrol/lib/go-tc"
+ "github.com/apache/trafficcontrol/traffic_ops/toclientlib"
+)
+
+// GetExpiringCerts gets the exiring certs within the days if 'days' param is passed
+// or the full list of all Delivery services and there expirations
+func (to *Session) GetExpiringCerts(opts RequestOptions) (tc.SSLKeyExpirationGetResponse, toclientlib.ReqInf, error) {
+ const sslKeyExpirations = "/sslkey_expirations"
+
+ var data tc.SSLKeyExpirationGetResponse
+
+ reqInf, err := to.get(sslKeyExpirations, opts, &data)
+ return data, reqInf, err
+}
diff --git a/traffic_ops/v5-client/sslkey_expirations.go b/traffic_ops/v5-client/sslkey_expirations.go
new file mode 100644
index 0000000000..db29b65a4a
--- /dev/null
+++ b/traffic_ops/v5-client/sslkey_expirations.go
@@ -0,0 +1,33 @@
+/*
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+*/
+
+// Package client provides Go bindings to the Traffic Ops RPC API.
+package client
+
+import (
+ "github.com/apache/trafficcontrol/lib/go-tc"
+ "github.com/apache/trafficcontrol/traffic_ops/toclientlib"
+)
+
+// GetExpiringCerts gets the exiring certs within the days if 'days' param is passed
+// or the full list of all Delivery services and there expirations
+func (to *Session) GetExpiringCerts(opts RequestOptions) (tc.SSLKeyExpirationGetResponse, toclientlib.ReqInf, error) {
+ const sslKeyExpirations = "/sslkey_expirations"
+
+ var data tc.SSLKeyExpirationGetResponse
+
+ reqInf, err := to.get(sslKeyExpirations, opts, &data)
+ return data, reqInf, err
+}