OCM-6419 | feat: Move fetching OIDC Thumbprint to backend

openshift · Aug 9, 2024 · 912a584 · 912a584
1 parent ac85896
commit 912a584
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 7 deletions.
diff --git a/cmd/create/oidcprovider/cmd.go b/cmd/create/oidcprovider/cmd.go
@@ -21,7 +21,6 @@ import (
  "os"
  "strings"
 
- "github.com/openshift-online/ocm-common/pkg/rosa/oidcconfigs"
  cmv1 "github.com/openshift-online/ocm-sdk-go/clustersmgmt/v1"
  "github.com/spf13/cobra"
 
@@ -227,13 +226,17 @@ func run(cmd *cobra.Command, argv []string) {
 }
 
 func createProvider(r *rosa.Runtime, oidcEndpointUrl string, clusterId string) error {
- thumbprint, err := oidcconfigs.FetchThumbprint(oidcEndpointUrl)
+ input, err := cmv1.NewOidcThumbprintInput().OidcConfigId(args.oidcConfigId).ClusterId(clusterId).Build()
  if err != nil {
  return err
  }
- r.Reporter.Debugf("Using thumbprint '%s'", thumbprint)
+ thumbprint, err := r.OCMClient.FetchOidcThumbprint(input)
+ if err != nil {
+ return err
+ }
+ r.Reporter.Debugf("Using thumbprint '%s'", thumbprint.Thumbprint())
 
- oidcProviderARN, err := r.AWSClient.CreateOpenIDConnectProvider(oidcEndpointUrl, thumbprint, clusterId)
+ oidcProviderARN, err := r.AWSClient.CreateOpenIDConnectProvider(oidcEndpointUrl, thumbprint.Thumbprint(), clusterId)
  if err != nil {
  return err
  }
@@ -247,11 +250,18 @@ func createProvider(r *rosa.Runtime, oidcEndpointUrl string, clusterId string) e
 func buildCommands(r *rosa.Runtime, oidcEndpointUrl string, clusterId string) (string, error) {
  commands := []string{}
 
- thumbprint, err := oidcconfigs.FetchThumbprint(oidcEndpointUrl)
+ input, err := cmv1.NewOidcThumbprintInput().OidcConfigId(args.oidcConfigId).ClusterId(clusterId).Build()
+ if err != nil {
+ return "", err
+ }
+ thumbprint, err := r.OCMClient.FetchOidcThumbprint(input)
+ if err != nil {
+ return "", err
+ }
  if err != nil {
  return "", err
  }
- r.Reporter.Debugf("Using thumbprint '%s'", thumbprint)
+ r.Reporter.Debugf("Using thumbprint '%s'", thumbprint.Thumbprint())
 
  iamTags := map[string]string{
  tags.RedHatManaged: tags.True,
@@ -266,7 +276,7 @@ func buildCommands(r *rosa.Runtime, oidcEndpointUrl string, clusterId string) (s
  SetCommand(awscb.CreateOpenIdConnectProvider).
  AddParam(awscb.Url, oidcEndpointUrl).
  AddParam(awscb.ClientIdList, clientIdList).
- AddParam(awscb.ThumbprintList, thumbprint).
+ AddParam(awscb.ThumbprintList, thumbprint.Thumbprint()).
  AddTags(iamTags).
  Build()
  commands = append(commands, createOpenIDConnectProvider)

diff --git a/pkg/ocm/oidc_config.go b/pkg/ocm/oidc_config.go
@@ -64,3 +64,11 @@ func (c *Client) DeleteOidcConfig(id string) error {
  }
  return nil
 }
+
+func (c *Client) FetchOidcThumbprint(oidcConfigInput *cmv1.OidcThumbprintInput) (*cmv1.OidcThumbprint, error) {
+ response, err := c.ocm.ClustersMgmt().V1().AWSInquiries().OidcThumbprint().Post().Body(oidcConfigInput).Send()
+ if err != nil {
+ return nil, handleErr(response.Error(), err)
+ }
+ return response.Body(), nil
+}