From 352439d13b20b1639ba52481f55035a5378616ea Mon Sep 17 00:00:00 2001 From: Sita Lakshmi Sangameswaran Date: Tue, 3 Aug 2021 23:37:02 +0530 Subject: [PATCH] docs: client sample docs update (#219) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * docs: update comments * docs: update comments * (docs): Adding README.md * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md * docs: updated README.md * refactor: replaced POOL_NAME with POOL_ID to align with cloud docs. * docs: lint fix * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/master/packages/owl-bot/README.md Co-authored-by: sitalakshmis <79585041+sitalakshmis@users.noreply.github.com> Co-authored-by: Owl Bot --- privateca/cloud-client/README.md | 75 +++++++++++++++++++ .../src/main/java/privateca/CreateCaPool.java | 12 +-- .../java/privateca/CreateCertificate.java | 10 +-- .../privateca/CreateCertificateAuthority.java | 15 ++-- .../src/main/java/privateca/DeleteCaPool.java | 16 ++-- .../privateca/DeleteCertificateAuthority.java | 10 +-- .../DisableCertificateAuthority.java | 10 +-- .../privateca/EnableCertificateAuthority.java | 10 +-- .../src/main/java/privateca/ListCaPools.java | 4 +- .../privateca/ListCertificateAuthorities.java | 10 +-- .../main/java/privateca/ListCertificates.java | 10 +-- .../java/privateca/RevokeCertificate.java | 10 +-- .../src/test/java/privateca/SnippetsIT.java | 53 +++++++------ 13 files changed, 159 insertions(+), 86 deletions(-) create mode 100644 privateca/cloud-client/README.md diff --git a/privateca/cloud-client/README.md b/privateca/cloud-client/README.md new file mode 100644 index 00000000000..948896c744d --- /dev/null +++ b/privateca/cloud-client/README.md @@ -0,0 +1,75 @@ +# Google Cloud Private Certificate Authority Service + + +Open in Cloud Shell + +Google [Cloud Private Certificate Authority Service](https://cloud.google.com/certificate-authority-service) is a highly available, scalable Google Cloud service that enables you to simplify, automate, and customize the deployment, management, and security of private certificate authorities (CA). + +These sample Java applications demonstrate how to access the Cloud CA API using the +Google Java API Client Libraries. + +## Prerequisites + +### Google Cloud Project + +Set up a Google Cloud project with billing enabled. + +### Enable the API + +You must [enable the Google Private Certificate Authority Service API](https://console.cloud.google.com/flows/enableapi?apiid=privateca.googleapis.com) for your project in order to use these samples. + +### Service account + +A service account with private key credentials is required to create signed bearer tokens. +Create a [service account](https://console.cloud.google.com/iam-admin/serviceaccounts/create) and download the credentials file as JSON. + +### Set Environment Variables + +You must set your project ID and service account credentials in order to run the tests. + +``` +$ export GOOGLE_CLOUD_PROJECT="" +$ export GOOGLE_APPLICATION_CREDENTIALS="" +``` + +### Grant Permissions + +You must ensure that the [user account or service account](https://cloud.google.com/iam/docs/service-accounts#differences_between_a_service_account_and_a_user_account) you used to authorize your gcloud session has the proper permissions to edit Private CA resources for your project. In the Cloud Console under IAM, add the following roles to the project whose service account you're using to test: + +* Cloud CA Service Admin +* Cloud CA Service Certificate Requester +* Cloud CA Service Certificate Manager +* Cloud CA Service Certificate Template User +* Cloud CA Service Workload Certificate Requester +* Cloud CA Service Operation Manager +* Cloud CA Service Auditor + +More information can be found in the [Google Private Certificate Authority Service Docs](https://cloud.google.com/certificate-authority-service/docs/reference/permissions-and-roles). + + +## Build and Run + +The following instructions will help you prepare your development environment. + +1. Download and install the [Java Development Kit (JDK)](https://www.oracle.com/java/technologies/javase-downloads.html). + Verify that the [JAVA_HOME](https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/envvars001.html) environment variable is set and points to your JDK installation. + + +2. Download and install [Apache Maven](http://maven.apache.org/download.cgi) by following the [Maven installation guide](http://maven.apache.org/install.html) for your specific operating system. + + +3. Clone the java-security-private-ca repository. +``` +git clone https://github.com/googleapis/java-security-private-ca.git +``` + +4. Navigate to the sample code directory. + +``` +cd java-security-private-ca/samples/snippets/cloud-client +``` + +5. Run the **SnippetsIT** test file present under the test folder. + +### Crypto frameworks +[Bouncy Castle](https://www.bouncycastle.org/documentation.html) cryptographic framework is used as a part of testing. diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCaPool.java b/privateca/cloud-client/src/main/java/privateca/CreateCaPool.java index 9a0ab28e9a8..3bbb6e5085a 100644 --- a/privateca/cloud-client/src/main/java/privateca/CreateCaPool.java +++ b/privateca/cloud-client/src/main/java/privateca/CreateCaPool.java @@ -34,16 +34,16 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: Set a unique name for the CA pool. + // pool_Id: Set a unique pool_Id for the CA pool. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; - createCaPool(project, location, caPoolName); + String pool_Id = "ca-pool-id"; + createCaPool(project, location, pool_Id); } // Create a Certificate Authority Pool. All certificates created under this CA pool will // follow the same issuance policy, IAM policies,etc., - public static void createCaPool(String project, String location, String caPoolName) + public static void createCaPool(String project, String location, String pool_Id) throws InterruptedException, ExecutionException, IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -59,7 +59,7 @@ Set the Tier (see: https://cloud.google.com/certificate-authority-service/docs/t CreateCaPoolRequest caPoolRequest = CreateCaPoolRequest.newBuilder() .setParent(LocationName.of(project, location).toString()) - .setCaPoolId(caPoolName) + .setCaPoolId(pool_Id) .setCaPool(CaPool.newBuilder().setTier(Tier.ENTERPRISE).build()) .build(); @@ -73,7 +73,7 @@ Set the Tier (see: https://cloud.google.com/certificate-authority-service/docs/t return; } - System.out.println("CA pool created successfully: " + caPoolName); + System.out.println("CA pool created successfully: " + pool_Id); } } } diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java b/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java index dd716f48439..296a9964592 100644 --- a/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java +++ b/privateca/cloud-client/src/main/java/privateca/CreateCertificate.java @@ -47,18 +47,18 @@ public static void main(String[] args) // publicKeyBytes: Public key used in signing the certificates. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: Set a unique name for the CA pool. + // pool_Id: Set a unique id for the CA pool. // certificateAuthorityName: The name of the certificate authority which issues the certificate. // certificateName: Set a unique name for the certificate. String project = "your-project-id"; ByteString publicKeyBytes = ByteString.copyFrom(new byte[] {}); String location = "ca-location"; - String caPoolName = "ca-pool-name"; + String pool_Id = "ca-pool_Id"; String certificateAuthorityName = "certificate-authority-name"; String certificateName = "certificate-name"; createCertificate( - project, location, caPoolName, certificateAuthorityName, certificateName, publicKeyBytes); + project, location, pool_Id, certificateAuthorityName, certificateName, publicKeyBytes); } // Create a Certificate which is issued by the Certificate Authority present in the CA Pool. @@ -67,7 +67,7 @@ public static void main(String[] args) public static void createCertificate( String project, String location, - String caPoolName, + String pool_Id, String certificateAuthorityName, String certificateName, ByteString publicKeyBytes) @@ -133,7 +133,7 @@ public static void createCertificate( // Create the Certificate Request. CreateCertificateRequest certificateRequest = CreateCertificateRequest.newBuilder() - .setParent(CaPoolName.of(project, location, caPoolName).toString()) + .setParent(CaPoolName.of(project, location, pool_Id).toString()) .setCertificateId(certificateName) .setCertificate(certificate) .setIssuingCertificateAuthorityId(certificateAuthorityName) diff --git a/privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java index b4877b90b60..e67851cf99b 100644 --- a/privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java +++ b/privateca/cloud-client/src/main/java/privateca/CreateCertificateAuthority.java @@ -43,19 +43,18 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: Set it to the CA Pool under which the CA should be created. + // pool_Id: Set it to the CA Pool under which the CA should be created. // certificateAuthorityName: Unique name for the CA. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; + String pool_Id = "ca-pool-id"; String certificateAuthorityName = "certificate-authority-name"; - createCertificateAuthority(project, location, caPoolName, certificateAuthorityName); + createCertificateAuthority(project, location, pool_Id, certificateAuthorityName); } - // Create Certificate Authority which is the root CA in the given CA Pool. This CA will be - // responsible for signing certificates within this pool. + // Create Certificate Authority which is the root CA in the given CA Pool. public static void createCertificateAuthority( - String project, String location, String caPoolName, String certificateAuthorityName) + String project, String location, String pool_Id, String certificateAuthorityName) throws InterruptedException, ExecutionException, IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -68,7 +67,7 @@ public static void createCertificateAuthority( String orgName = "org-name"; int caDuration = 100000; // Validity of this CA in seconds. - // Set the types of Algorithm used to create a cloud KMS key. + // Set the type of Algorithm. KeyVersionSpec keyVersionSpec = KeyVersionSpec.newBuilder().setAlgorithm(SignHashAlgorithm.RSA_PKCS1_4096_SHA256).build(); @@ -108,7 +107,7 @@ public static void createCertificateAuthority( // Create the CertificateAuthorityRequest. CreateCertificateAuthorityRequest certificateAuthorityRequest = CreateCertificateAuthorityRequest.newBuilder() - .setParent(CaPoolName.of(project, location, caPoolName).toString()) + .setParent(CaPoolName.of(project, location, pool_Id).toString()) .setCertificateAuthorityId(certificateAuthorityName) .setCertificateAuthority(certificateAuthority) .build(); diff --git a/privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java b/privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java index 69e0a12a380..b97e4fc7579 100644 --- a/privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java +++ b/privateca/cloud-client/src/main/java/privateca/DeleteCaPool.java @@ -33,16 +33,16 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: The name of the CA pool to be deleted. + // pool_Id: The id of the CA pool to be deleted. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; - deleteCaPool(project, location, caPoolName); + String pool_Id = "ca-pool-id"; + deleteCaPool(project, location, pool_Id); } - // Delete the CA pool as mentioned by the caPoolName. + // Delete the CA pool as mentioned by the pool_Id. // Before deleting the pool, all CAs in the pool MUST BE deleted. - public static void deleteCaPool(String project, String location, String caPoolName) + public static void deleteCaPool(String project, String location, String pool_Id) throws InterruptedException, ExecutionException, IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -51,12 +51,12 @@ public static void deleteCaPool(String project, String location, String caPoolNa try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) { - // Set the project, location and caPoolName to delete. + // Set the project, location and pool_Id to delete. CaPoolName caPool = CaPoolName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .build(); // Create the Delete request. @@ -73,7 +73,7 @@ public static void deleteCaPool(String project, String location, String caPoolNa return; } - System.out.println("Deleted CA Pool: " + caPoolName); + System.out.println("Deleted CA Pool: " + pool_Id); } } } diff --git a/privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java index d370acf8306..7f5df99ef7c 100644 --- a/privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java +++ b/privateca/cloud-client/src/main/java/privateca/DeleteCertificateAuthority.java @@ -33,19 +33,19 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: The name of the CA pool under which the CA is present. + // pool_Id: The id of the CA pool under which the CA is present. // certificateAuthorityName: The name of the CA to be deleted. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; + String pool_Id = "ca-pool-id"; String certificateAuthorityName = "certificate-authority-name"; - deleteCertificateAuthority(project, location, caPoolName, certificateAuthorityName); + deleteCertificateAuthority(project, location, pool_Id, certificateAuthorityName); } // Delete the Certificate Authority from the specified CA pool. // Before deletion, the CA must be disabled and must not contain any active certificates. public static void deleteCertificateAuthority( - String project, String location, String caPoolName, String certificateAuthorityName) + String project, String location, String pool_Id, String certificateAuthorityName) throws IOException, ExecutionException, InterruptedException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -58,7 +58,7 @@ public static void deleteCertificateAuthority( CertificateAuthorityName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .setCertificateAuthority(certificateAuthorityName) .build(); diff --git a/privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java index 73ab2cf1163..0e427676b3d 100644 --- a/privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java +++ b/privateca/cloud-client/src/main/java/privateca/DisableCertificateAuthority.java @@ -33,18 +33,18 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: The name of the CA pool under which the CA is present. + // pool_Id: The id of the CA pool under which the CA is present. // certificateAuthorityName: The name of the CA to be disabled. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; + String pool_Id = "ca-pool-id"; String certificateAuthorityName = "certificate-authority-name"; - disableCertificateAuthority(project, location, caPoolName, certificateAuthorityName); + disableCertificateAuthority(project, location, pool_Id, certificateAuthorityName); } // Disable a Certificate Authority which is present in the given CA pool. public static void disableCertificateAuthority( - String project, String location, String caPoolName, String certificateAuthorityName) + String project, String location, String pool_Id, String certificateAuthorityName) throws IOException, ExecutionException, InterruptedException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -58,7 +58,7 @@ public static void disableCertificateAuthority( CertificateAuthorityName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .setCertificateAuthority(certificateAuthorityName) .build(); diff --git a/privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java b/privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java index 121d7998b77..2a182e3bc3f 100644 --- a/privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java +++ b/privateca/cloud-client/src/main/java/privateca/EnableCertificateAuthority.java @@ -33,19 +33,19 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: The name of the CA pool under which the CA is present. + // pool_Id: The id of the CA pool under which the CA is present. // certificateAuthorityName: The name of the CA to be enabled. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; + String pool_Id = "ca-pool-id"; String certificateAuthorityName = "certificate-authority-name"; - enableCertificateAuthority(project, location, caPoolName, certificateAuthorityName); + enableCertificateAuthority(project, location, pool_Id, certificateAuthorityName); } // Enable the Certificate Authority present in the given ca pool. // CA cannot be enabled if it has been already deleted. public static void enableCertificateAuthority( - String project, String location, String caPoolName, String certificateAuthorityName) + String project, String location, String pool_Id, String certificateAuthorityName) throws IOException, ExecutionException, InterruptedException { try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) { @@ -54,7 +54,7 @@ public static void enableCertificateAuthority( CertificateAuthorityName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .setCertificateAuthority(certificateAuthorityName) .build(); diff --git a/privateca/cloud-client/src/main/java/privateca/ListCaPools.java b/privateca/cloud-client/src/main/java/privateca/ListCaPools.java index aec8ff4e134..b7deb564a66 100644 --- a/privateca/cloud-client/src/main/java/privateca/ListCaPools.java +++ b/privateca/cloud-client/src/main/java/privateca/ListCaPools.java @@ -54,8 +54,8 @@ public static void listCaPools(String project, String location) throws IOExcepti certificateAuthorityServiceClient.listCaPools(locationName).iterateAll()) { caPoolName = caPool.getName(); // caPoolName represents the full resource name of the - // format 'projects/{project-id}/locations/{location}/ca-pools/{ca-pool-name}'. - // Hence stripping it down to just pool name. + // format 'projects/{project-id}/locations/{location}/ca-pools/{ca-pool-id}'. + // Hence stripping it down to just CA pool id. System.out.println( caPoolName.substring(caPoolName.lastIndexOf("/") + 1) + " " + caPool.isInitialized()); } diff --git a/privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java b/privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java index 49d76dfb875..c0faf5a8393 100644 --- a/privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java +++ b/privateca/cloud-client/src/main/java/privateca/ListCertificateAuthorities.java @@ -28,15 +28,15 @@ public static void main(String[] args) throws IOException { // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: The name of the CA pool under which the CAs to be listed are present. + // pool_Id: The id of the CA pool under which the CAs to be listed are present. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; - listCertificateAuthority(project, location, caPoolName); + String pool_Id = "ca-pool-id"; + listCertificateAuthority(project, location, pool_Id); } // List all Certificate authorities present in the given CA Pool. - public static void listCertificateAuthority(String project, String location, String caPoolName) + public static void listCertificateAuthority(String project, String location, String pool_Id) throws IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -50,7 +50,7 @@ public static void listCertificateAuthority(String project, String location, Str CaPoolName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .build(); // List the CA name and its corresponding state. diff --git a/privateca/cloud-client/src/main/java/privateca/ListCertificates.java b/privateca/cloud-client/src/main/java/privateca/ListCertificates.java index 1e255c21bb2..53adf5bcb8f 100644 --- a/privateca/cloud-client/src/main/java/privateca/ListCertificates.java +++ b/privateca/cloud-client/src/main/java/privateca/ListCertificates.java @@ -28,15 +28,15 @@ public static void main(String[] args) throws IOException { // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: Name of the CA pool which contains the certificates to be listed. + // pool_Id: Id of the CA pool which contains the certificates to be listed. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; - listCertificates(project, location, caPoolName); + String pool_Id = "ca-pool-id"; + listCertificates(project, location, pool_Id); } // List Certificates present in the given CA pool. - public static void listCertificates(String project, String location, String caPoolName) + public static void listCertificates(String project, String location, String pool_Id) throws IOException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -49,7 +49,7 @@ public static void listCertificates(String project, String location, String caPo CaPoolName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .build(); // Retrieve and print the certificate names. diff --git a/privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java b/privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java index c12171ca1f9..afec32c1f36 100644 --- a/privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java +++ b/privateca/cloud-client/src/main/java/privateca/RevokeCertificate.java @@ -33,19 +33,19 @@ public static void main(String[] args) // TODO(developer): Replace these variables before running the sample. // location: For a list of locations, see: // https://cloud.google.com/certificate-authority-service/docs/locations - // caPoolName: Name for the CA pool which contains the certificate. + // pool_Id: Id for the CA pool which contains the certificate. // certificateName: Name of the certificate to be revoked. String project = "your-project-id"; String location = "ca-location"; - String caPoolName = "ca-pool-name"; + String pool_Id = "ca-pool-id"; String certificateName = "certificate-name"; - revokeCertificate(project, location, caPoolName, certificateName); + revokeCertificate(project, location, pool_Id, certificateName); } // Revoke an issued certificate. Once revoked, the certificate will become invalid and will expire // post its lifetime. public static void revokeCertificate( - String project, String location, String caPoolName, String certificateName) + String project, String location, String pool_Id, String certificateName) throws IOException, ExecutionException, InterruptedException { // Initialize client that will be used to send requests. This client only needs to be created // once, and can be reused for multiple requests. After completing all of your requests, call @@ -59,7 +59,7 @@ public static void revokeCertificate( CertificateName.newBuilder() .setProject(project) .setLocation(location) - .setCaPool(caPoolName) + .setCaPool(pool_Id) .setCertificate(certificateName) .build(); diff --git a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java index f9903a9bf17..736bc37e542 100644 --- a/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java +++ b/privateca/cloud-client/src/test/java/privateca/SnippetsIT.java @@ -57,8 +57,8 @@ public class SnippetsIT { private static final String PROJECT_ID = System.getenv("GOOGLE_CLOUD_PROJECT"); private static String LOCATION; - private static String CA_POOL_NAME; - private static String CA_POOL_NAME_DELETE; + private static String CA_POOL_ID; + private static String CA_POOL_ID_DELETE; private static String CA_NAME; private static String CA_NAME_DELETE; private static String CERTIFICATE_NAME; @@ -81,26 +81,26 @@ public static void setUp() reqEnvVar("GOOGLE_CLOUD_PROJECT"); LOCATION = "asia-south1"; - CA_POOL_NAME = "ca-pool-" + UUID.randomUUID().toString(); - CA_POOL_NAME_DELETE = "ca-pool-" + UUID.randomUUID().toString(); + CA_POOL_ID = "ca-pool-" + UUID.randomUUID().toString(); + CA_POOL_ID_DELETE = "ca-pool-" + UUID.randomUUID().toString(); CA_NAME = "ca-name-" + UUID.randomUUID().toString(); CA_NAME_DELETE = "ca-name-" + UUID.randomUUID().toString(); CERTIFICATE_NAME = "certificate-name-" + UUID.randomUUID().toString(); KEY_SIZE = 2048; // Default key size // Create CA Pool. - privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME); - privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME_DELETE); + privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_ID); + privateca.CreateCaPool.createCaPool(PROJECT_ID, LOCATION, CA_POOL_ID_DELETE); sleep(5); // Create and Enable Certificate Authorities. privateca.CreateCertificateAuthority.createCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); privateca.CreateCertificateAuthority.createCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME_DELETE); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME_DELETE); sleep(10); privateca.EnableCertificateAuthority.enableCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); // Create an asymmetric key pair using Bouncy Castle crypto framework. KeyPair asymmetricKeyPair = createAsymmetricKeyPair(); @@ -122,7 +122,7 @@ public static void setUp() // Create certificate with the above generated public key. privateca.CreateCertificate.createCertificate( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME, CERTIFICATE_NAME, publicKeyByteString); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME, CERTIFICATE_NAME, publicKeyByteString); sleep(5); } @@ -134,9 +134,9 @@ public static void cleanUp() throws InterruptedException, ExecutionException, IO // Delete CA and CA pool. privateca.DeleteCertificateAuthority.deleteCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); sleep(5); - privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME); + privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_POOL_ID); stdOut = null; System.setOut(null); @@ -191,26 +191,26 @@ public void testCreateCAPool() throws IOException { CertificateAuthorityServiceClient.create()) { String caPoolName = certificateAuthorityServiceClient - .getCaPool(CaPoolName.of(PROJECT_ID, LOCATION, CA_POOL_NAME).toString()) + .getCaPool(CaPoolName.of(PROJECT_ID, LOCATION, CA_POOL_ID).toString()) .getName(); assertThat(caPoolName) .contains( String.format( - "projects/%s/locations/%s/caPools/%s", PROJECT_ID, LOCATION, CA_POOL_NAME)); + "projects/%s/locations/%s/caPools/%s", PROJECT_ID, LOCATION, CA_POOL_ID)); } } @Test public void testListCAPools() throws IOException { privateca.ListCaPools.listCaPools(PROJECT_ID, LOCATION); - assertThat(stdOut.toString()).contains(CA_POOL_NAME); + assertThat(stdOut.toString()).contains(CA_POOL_ID); } @Test public void testDeleteCAPool() throws InterruptedException, ExecutionException, IOException, TimeoutException { - privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_POOL_NAME_DELETE); - assertThat(stdOut.toString()).contains("Deleted CA Pool: " + CA_POOL_NAME_DELETE); + privateca.DeleteCaPool.deleteCaPool(PROJECT_ID, LOCATION, CA_POOL_ID_DELETE); + assertThat(stdOut.toString()).contains("Deleted CA Pool: " + CA_POOL_ID_DELETE); } @Test @@ -220,15 +220,14 @@ public void testCreateCertificateAuthority() throws IOException { CertificateAuthorityServiceClient.create()) { CertificateAuthority response = certificateAuthorityServiceClient.getCertificateAuthority( - CertificateAuthorityName.of(PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME).toString()); + CertificateAuthorityName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME).toString()); assertThat(response.getName()).contains(CA_NAME); } } @Test public void testListCertificateAuthorities() throws IOException { - privateca.ListCertificateAuthorities.listCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME); + privateca.ListCertificateAuthorities.listCertificateAuthority(PROJECT_ID, LOCATION, CA_POOL_ID); assertThat(stdOut.toString()).contains(CA_NAME); } @@ -236,10 +235,10 @@ public void testListCertificateAuthorities() throws IOException { public void testEnableDisableCertificateAuthority() throws InterruptedException, ExecutionException, IOException { privateca.EnableCertificateAuthority.enableCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); assertThat(stdOut.toString()).contains("Enabled Certificate Authority : " + CA_NAME); privateca.DisableCertificateAuthority.disableCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME); assertThat(stdOut.toString()).contains("Disabled Certificate Authority : " + CA_NAME); } @@ -247,7 +246,7 @@ public void testEnableDisableCertificateAuthority() public void testDeleteCertificateAuthority() throws InterruptedException, ExecutionException, IOException { privateca.DeleteCertificateAuthority.deleteCertificateAuthority( - PROJECT_ID, LOCATION, CA_POOL_NAME, CA_NAME_DELETE); + PROJECT_ID, LOCATION, CA_POOL_ID, CA_NAME_DELETE); assertThat(stdOut.toString()) .contains("Successfully deleted Certificate Authority : " + CA_NAME_DELETE); } @@ -258,7 +257,7 @@ public void testCreateCertificate() throws IOException { try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) { CertificateName certificateName = - CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_NAME, CERTIFICATE_NAME); + CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CERTIFICATE_NAME); Certificate certificate = certificateAuthorityServiceClient.getCertificate(certificateName); assertThat(certificate.getName()).contains(CERTIFICATE_NAME); } @@ -266,7 +265,7 @@ public void testCreateCertificate() throws IOException { @Test public void testListCertificates() throws IOException { - privateca.ListCertificates.listCertificates(PROJECT_ID, LOCATION, CA_POOL_NAME); + privateca.ListCertificates.listCertificates(PROJECT_ID, LOCATION, CA_POOL_ID); assertThat(stdOut.toString()).contains(CERTIFICATE_NAME); } @@ -276,12 +275,12 @@ public void testRevokeCertificate() throws InterruptedException, ExecutionExcept CertificateAuthorityServiceClient.create()) { // Revoke the certificate. privateca.RevokeCertificate.revokeCertificate( - PROJECT_ID, LOCATION, CA_POOL_NAME, CERTIFICATE_NAME); + PROJECT_ID, LOCATION, CA_POOL_ID, CERTIFICATE_NAME); // Check if the certificate has revocation details. If it does, then the certificate is // considered as revoked. CertificateName certificateName = - CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_NAME, CERTIFICATE_NAME); + CertificateName.of(PROJECT_ID, LOCATION, CA_POOL_ID, CERTIFICATE_NAME); Assert.assertTrue( certificateAuthorityServiceClient.getCertificate(certificateName).hasRevocationDetails()); }