Add azureaccesskeyrequest approval

go.mod

@@ -3,22 +3,60 @@ module github.com/kubevault/cli
 go 1.12
 
 require (
+	contrib.go.opencensus.io/exporter/ocagent v0.4.12 // indirect
 	github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect
+	github.com/Azure/go-autorest v12.0.0+incompatible // indirect
 	github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd // indirect
+	github.com/SermoDigital/jose v0.0.0-20180104203859-803625baeddc // indirect
 	github.com/appscode/go v0.0.0-20190424183524-60025f1135c9
+	github.com/appscode/pat v0.0.0-20170521084856-48ff78925b79 // indirect
+	github.com/armon/go-radix v1.0.0 // indirect
+	github.com/aws/aws-sdk-go v1.19.27 // indirect
+	github.com/cpuguy83/go-md2man v1.0.10 // indirect
 	github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect
 	github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
+	github.com/golang/snappy v0.0.1 // indirect
+	github.com/gophercloud/gophercloud v0.0.0-20190509013533-844afee4f565 // indirect
+	github.com/hashicorp/go-cleanhttp v0.5.1 // indirect
+	github.com/hashicorp/go-hclog v0.9.0 // indirect
+	github.com/hashicorp/go-immutable-radix v1.0.0 // indirect
+	github.com/hashicorp/go-plugin v1.0.0 // indirect
+	github.com/hashicorp/go-retryablehttp v0.5.3 // indirect
+	github.com/hashicorp/go-rootcerts v1.0.0 // indirect
+	github.com/hashicorp/go-sockaddr v1.0.2 // indirect
+	github.com/hashicorp/go-uuid v1.0.1 // indirect
+	github.com/hashicorp/go-version v1.1.0 // indirect
+	github.com/hashicorp/hcl v1.0.0 // indirect
+	github.com/hashicorp/vault v1.0.1 // indirect
+	github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d // indirect
 	github.com/kubedb/apimachinery v0.0.0-20190506191700-871d6b5d30ee
-	github.com/kubevault/operator v0.0.0-20190509030635-7f32eefb5188
+	github.com/kubevault/operator v0.0.0-20190514092450-f2bcaeb9f847
+	github.com/lib/pq v0.0.0-20180201184707-88edab080323 // indirect
+	github.com/mitchellh/go-testing-interface v1.0.0 // indirect
+	github.com/ncw/swift v1.0.47 // indirect
+	github.com/pierrec/lz4 v2.0.5+incompatible // indirect
 	github.com/pkg/errors v0.8.1
+	github.com/prometheus/common v0.4.0 // indirect
+	github.com/ryanuber/go-glob v1.0.0 // indirect
 	github.com/spf13/cobra v0.0.3
+	golang.org/x/sync v0.0.0-20190423024810-112230192c58 // indirect
+	golang.org/x/sys v0.0.0-20190508220229-2d0786266e9c // indirect
+	gomodules.xyz/cert v1.0.0 // indirect
+	google.golang.org/genproto v0.0.0-20190508193815-b515fa19cec8 // indirect
+	k8s.io/apiextensions-apiserver v0.0.0-20190508224317-421cff06bf05 // indirect
 	k8s.io/apimachinery v0.0.0-20190508063446-a3da69d3723c
+	k8s.io/apiserver v0.0.0-20190508223931-4756b09d7af2 // indirect
 	k8s.io/cli-runtime v0.0.0-20190508184404-b26560c459bd
 	k8s.io/client-go v11.0.0+incompatible
 	k8s.io/component-base v0.0.0-20190509023737-8de8845fb642
+	k8s.io/kube-aggregator v0.0.0-20190508224022-f9852b6d3a84 // indirect
 	k8s.io/kubernetes v1.14.1
 	kmodules.xyz/client-go v0.0.0-20190508091620-0d215c04352f
 	kmodules.xyz/custom-resources v0.0.0-20190508103408-464e8324c3ec
+	kmodules.xyz/monitoring-agent-api v0.0.0-20190508125842-489150794b9b // indirect
+	kmodules.xyz/objectstore-api v0.0.0-20190506085934-94c81c8acca9 // indirect
+	kmodules.xyz/offshoot-api v0.0.0-20190508142450-1c69d50f3c1c // indirect
+	kmodules.xyz/webhook-runtime v0.0.0-20190508093950-b721b4eba5e5 // indirect
 )
 
 replace (

go.sum

@@ -230,6 +230,10 @@ github.com/kubedb/apimachinery v0.0.0-20190506191700-871d6b5d30ee/go.mod h1:KB3G
 github.com/kubernetes-incubator/service-catalog v0.1.43/go.mod h1:D0CRODiXUJs6VCZDB15TmCkesbuizkac9fYEiTA78BA=
 github.com/kubevault/operator v0.0.0-20190509030635-7f32eefb5188 h1:AtHcm2CIGZo4fT/mclFazc8YbmeV6fruK3rC2tpCajw=
 github.com/kubevault/operator v0.0.0-20190509030635-7f32eefb5188/go.mod h1:fFRoNsp1wgKb58tU5M3EMSbqAXR5R4cUynlK+vIRELM=
+github.com/kubevault/operator v0.0.0-20190514050510-558af602cfc4 h1:CA6Snycd76YJgWuVOmrGsxa63kslzYrWxtJpXrFeIcI=
+github.com/kubevault/operator v0.0.0-20190514050510-558af602cfc4/go.mod h1:woaog+tPLfTeBa12TzPLvzzwUTGn4QLCmvzwBF7Nvbo=
+github.com/kubevault/operator v0.0.0-20190514092450-f2bcaeb9f847 h1:3/ECDC5Kaa6MaL5cohDlSNW06HLKxw5y5NPZ87qRR4o=
+github.com/kubevault/operator v0.0.0-20190514092450-f2bcaeb9f847/go.mod h1:woaog+tPLfTeBa12TzPLvzzwUTGn4QLCmvzwBF7Nvbo=
 github.com/lib/pq v0.0.0-20180201184707-88edab080323/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/mailru/easyjson v0.0.0-20190403194419-1ea4449da983 h1:wL11wNW7dhKIcRCHSm4sHKPWz0tt4mwBsVodG7+Xyqg=

pkg/cmds/approve.go

@@ -43,6 +43,12 @@ var (
 		Reason:  "KubectlApprove",
 		Message: "This was approved by kubectl vault approve gcpaccesskeyrequest",
 	}
+
+	azureApprovedCond = engineapi.AzureAccessKeyRequestCondition{
+		Type:    engineapi.AccessApproved,
+		Reason:  "KubectlApprove",
+		Message: "This was approved by kubectl vault approve azureaccesskeyrequest",
+	}
 )
 
 func NewCmdApprove(clientGetter genericclioptions.RESTClientGetter) *cobra.Command {
@@ -78,6 +84,8 @@ func modifyStatusCondition(clientGetter genericclioptions.RESTClientGetter, isAp
 		resourceName = dbapi.ResourceDatabaseAccessRequest
 	case engineapi.ResourceGCPAccessKeyRequest, engineapi.ResourceGCPAccessKeyRequests:
 		resourceName = engineapi.ResourceGCPAccessKeyRequest
+	case engineapi.ResourceAzureAccessKeyRequest, engineapi.ResourceAzureAccessKeyRequests:
+		resourceName = engineapi.ResourceAzureAccessKeyRequest
 	case "":
 		resourceName = ""
 	default:
@@ -145,6 +153,13 @@ func modifyStatusCondition(clientGetter genericclioptions.RESTClientGetter, isAp
 				cond = gcpApprovedCond
 			}
 			err2 = UpdateGCPAccessKeyRequest(engineClient, obj, cond)
+		case *engineapi.AzureAccessKeyRequest:
+			obj := info.Object.(*engineapi.AzureAccessKeyRequest)
+			cond := azureDeniedCond
+			if isApproveReq {
+				cond = azureApprovedCond
+			}
+			err2 = UpdateAzureAccessKeyRequest(engineClient, obj, cond)
 		default:
 			err2 = errors.New("unknown/unsupported type")
 		}
@@ -198,3 +213,17 @@ func UpdateGCPAccessKeyRequest(c enginecs.EngineV1alpha1Interface, gcpAKR *engin
 	}, EnableStatusSubresource)
 	return err
 }
+
+func UpdateAzureAccessKeyRequest(c enginecs.EngineV1alpha1Interface, azureAKR *engineapi.AzureAccessKeyRequest, cond engineapi.AzureAccessKeyRequestCondition) error {
+	_, err := engineutil.UpdateAzureAccessKeyRequestStatus(c, azureAKR, func(in *engineapi.AzureAccessKeyRequestStatus) *engineapi.AzureAccessKeyRequestStatus {
+		for _, cond := range in.Conditions {
+			if cond.Type == cond.Type {
+				return in
+			}
+		}
+		cond.LastUpdateTime = metav1.Now()
+		in.Conditions = append(in.Conditions, cond)
+		return in
+	}, EnableStatusSubresource)
+	return err
+}

pkg/cmds/deny.go

@@ -7,6 +7,7 @@ import (
 	dbapi "github.com/kubedb/apimachinery/apis/authorization/v1alpha1"
 	engineapi "github.com/kubevault/operator/apis/engine/v1alpha1"
 	"github.com/spf13/cobra"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/cli-runtime/pkg/genericclioptions"
 	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
 )
@@ -29,6 +30,13 @@ var (
 		Reason:  "KubectlDeny",
 		Message: "This was denied by kubectl vault deny gcpaccesskeyrequest",
 	}
+
+	azureDeniedCond = engineapi.AzureAccessKeyRequestCondition{
+		Type:           engineapi.AccessDenied,
+		Reason:         "KubectlDeny",
+		Message:        "This was denied by kubectl vault deny azureaccesskeyrequest",
+		LastUpdateTime: v1.Time{},
+	}
 )
 
 func NewCmdDeny(clientGetter genericclioptions.RESTClientGetter) *cobra.Command {

pkg/cmds/root.go

@@ -39,7 +39,7 @@ func NewRootCmd() *cobra.Command {
 	// a.k.a. change all "_" to "-". e.g. glog package
 	flags.SetNormalizeFunc(cliflag.WordSepNormalizeFunc)
 
-	kubeConfigFlags := genericclioptions.NewConfigFlags(true)
+	kubeConfigFlags := genericclioptions.NewConfigFlags(false)
 	kubeConfigFlags.AddFlags(flags)
 	matchVersionKubeConfigFlags := cmdutil.NewMatchVersionFlags(kubeConfigFlags)
 	matchVersionKubeConfigFlags.AddFlags(flags)