[GH-2] Restructure project

.gitignore

@@ -0,0 +1 @@
+node_modules

venafi-snowflake-connector/.gitignore

@@ -0,0 +1,2 @@
+.serverless
+bin

lambda-go/go.mod → venafi-snowflake-connector/lambda/request_cert/go.mod

@@ -5,7 +5,6 @@ go 1.14
 replace github.com/snowflake-venafi-connector/go-lambda/src/request_cert => ./request_cert
 
 require (
-	github.com/Venafi/vcert v3.18.4+incompatible
 	github.com/Venafi/vcert/v4 v4.14.1
 	github.com/aws/aws-lambda-go v1.23.0
 )

lambda-go/go.sum → venafi-snowflake-connector/lambda/request_cert/go.sum

@@ -14,8 +14,6 @@ dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
-github.com/Venafi/vcert v3.18.4+incompatible h1:mDXSjd+EpXa8YEkEo9Oad19E270aiPJJMhjoKs63b+8=
-github.com/Venafi/vcert v3.18.4+incompatible/go.mod h1:3dpfrCI+31cDZosD+1UX8GFziVFORaegByXtzT1dwNo=
 github.com/Venafi/vcert/v4 v4.14.1 h1:7P4XCnFsbGokZeKMUwgOSQbU9dUXhtTFcZc2cfyMDGU=
 github.com/Venafi/vcert/v4 v4.14.1/go.mod h1:IL+6LA8QRWZbmcMzIr/vRhf9Aa6XDM2cQO50caWevjA=
 github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=

lambda-go/request_cert.go → venafi-snowflake-connector/lambda/request_cert/main.go

@@ -3,6 +3,7 @@ package main
 import (
 	"context"
 	"crypto/x509/pkix"
+	"encoding/json"
 	"fmt"
 
 	"github.com/Venafi/vcert/v4"
@@ -21,37 +22,47 @@ type StuffNeededForRequestCerts struct {
 	CommonName  string `json:"	,omitempty"`
 }
 
+type SnowFlakeType struct {
+	Data [][]interface{} `json:"data,omitempty"`
+}
 
-func RequestCert(ctx context.Context, request StuffNeededForRequestCerts) (events.APIGatewayProxyResponse, error) {
+func RequestCert(ctx context.Context, request events.APIGatewayProxyRequest) (events.APIGatewayProxyResponse, error) {
+
+	var dataForRequestCert StuffNeededForRequestCerts
+	var snowflakeData SnowFlakeType
+	err := json.Unmarshal([]byte(request.Body), &snowflakeData)
+	if err != nil {
+		fmt.Printf("Failed to unmarshal snowflake value: %v ", err)
+		return events.APIGatewayProxyResponse{ // Error HTTP response
+			Body:       err.Error(),
+			StatusCode: 500,
+		}, nil
+	}
+
+	dataForRequestCert.TppURL = fmt.Sprintf("%v", snowflakeData.Data[0][1])
+	dataForRequestCert.AccessToken = fmt.Sprintf("%v", snowflakeData.Data[0][2])
+	dataForRequestCert.DNSName = fmt.Sprintf("%v", snowflakeData.Data[0][3]) // TODO: UPN, DNS should allow multiple values
+	dataForRequestCert.Zone = fmt.Sprintf("%v", snowflakeData.Data[0][4])
+	dataForRequestCert.UPN = fmt.Sprintf("%v", snowflakeData.Data[0][5])
+	dataForRequestCert.CommonName = fmt.Sprintf("%v", snowflakeData.Data[0][6])
 
-	dataForRequestCert := request
-	//
-	// 0. Get client instance based on connection config
-	//
 	config := &vcert.Config{
 		ConnectorType: endpoint.ConnectorTypeTPP,
 		BaseUrl:       dataForRequestCert.TppURL,
 		Zone:          dataForRequestCert.Zone,
 		Credentials: &endpoint.Authentication{
 			AccessToken: dataForRequestCert.AccessToken},
 	}
-	fmt.Printf("TPP URL: %s", config.BaseUrl)
 
-	//config := cloudConfig
-	//config := mockConfig
 	c, err := vcert.NewClient(config)
 	if err != nil {
-		fmt.Printf("Failed to connect to endpoint: %v ", err)
-		return events.APIGatewayProxyResponse{ // Error HTTP response
+		fmt.Printf("Failed to connect to endpoint: %v ", err) // TODO: use logger
+		return events.APIGatewayProxyResponse{                // Error HTTP response
 			Body:       err.Error(),
 			StatusCode: 500,
 		}, nil
 	}
 
-	//
-	// 1.1. Compose request object
-	//
-	//Not all Venafi Cloud providers support IPAddress and EmailAddresses extensions.
 	var enrollReq = &certificate.Request{}
 
 	enrollReq = &certificate.Request{
@@ -97,11 +108,12 @@ func RequestCert(ctx context.Context, request StuffNeededForRequestCerts) (event
 	// fmt.Printf("Successfully submitted certificate request. Will pickup certificate by ID: %s", requestID)
 	// body, err := json.Marshal(requestID)
 	return events.APIGatewayProxyResponse{ // Success HTTP response
-		Body:       requestID,
+		Body:       fmt.Sprintf("{'data': [[0, '%v']]}", requestID),
 		StatusCode: 200,
 	}, nil
 }
 
 func main() {
+	// lambda.Start(GetCertificate)
 	lambda.Start(RequestCert)
 }

lambda-go/serverless.yml → venafi-snowflake-connector/serverless.yml

@@ -11,7 +11,6 @@
 #
 # Happy Coding!
 
-service: lambda-go
 # app and org for use with dashboard.serverless.com
 #app: your-app-name
 #org: your-org-name
@@ -20,44 +19,29 @@ service: lambda-go
 # Check out our docs for more details
 # frameworkVersion: "=X.X.X"
 
-# plugins:
-#   - serverless-snowflake-external-function-plugin
 
-package:
-  include:
-  - bin/**
-
-
-provider:
-  name: aws
-  runtime: go1.x
 
-# you can overwrite defaults here
-#  stage: dev
-  region: eu-west-1
 
+service: venafi-snowflake-connector
+plugins:
+  - serverless-snowflake-external-function-plugin
 
-# custom:
-#   snowflake:
-#     role: VENAFI_DEV
-#     account: starschema
-#     username: rakosif
-#     password: Okt1212939!
-#     warehouse: LOAD_WH
-#     database: TEST_DB
-#     schema: PUBLIC
-
+#  Every function that should be available as external function in snowflake needs
+#  at least argument_signature and data_type information
 functions:
-  # getCert:
-  #   handler: bin/handlers/get-cert
-  #   package:
-  #    include:
-  #      - ./bin/handlers/get-cert
-  #   events:
-  #     - http:
-  #         path: cert
-  #         method: get
-  #         cors: true
+  getCert:
+    handler: bin/handlers/getcert
+    package:
+      include:
+        - ./bin/**
+    events:
+      - http:
+          path: getcert
+          method: post
+          cors: true
+    snowflake:
+      argument_signature: (request variant)
+      data_type: variant
   # listCerts:
   #   handler: bin/handlers/list-certs
   #   package:
@@ -69,15 +53,19 @@ functions:
   #         method: get
   requestCert:
     handler: bin/handlers/requestcert
-    timeout: 65
+    timeout: 35
     package:
       include:
         - ./bin/**
     events:
       - http:
-          path: /
+          path: requestcert
           method: post
-          cors: true
+          authorizer: aws_iam
+    snowflake:
+      argument_signature: (request variant)
+      data_type: variant
+
   # getCertStatus:
   #   handler: bin/handlers/get-cert-status
   #   package:
@@ -107,4 +95,38 @@ functions:
   #     - http:
   #         path: cert/revoke
   #         method: delete
-  #         cors: true
+  #         cors: true
+
+custom:
+  snowflake:
+    role: VENAFI_DEV
+    account: starschema
+    username: rakosif
+    password: Okt1212939!
+    warehouse: LOAD_WH
+    database: TEST_DB
+    schema: PUBLIC
+
+package:
+  include:
+  - bin/**
+
+
+provider:
+  name: aws
+  runtime: go1.x
+
+# you can overwrite defaults here
+#  stage: dev
+  region: eu-west-1
+
+
+# custom:
+#   snowflake:
+#     role: VENAFI_DEV
+#     account: starschema
+#     username: rakosif
+#     password: Okt1212939!
+#     warehouse: LOAD_WH
+#     database: TEST_DB
+#     schema: PUBLIC