keboola
diff --git a/‎src/DataPlane/Config/DataPlaneConfig.php‎
Lines changed: 39 additions & 0 deletions b/‎src/DataPlane/Config/DataPlaneConfig.php‎
Lines changed: 39 additions & 0 deletions
diff --git a/‎src/DataPlane/Config/Encryption/AwsEncryptionConfig.php‎
Lines changed: 54 additions & 0 deletions b/‎src/DataPlane/Config/Encryption/AwsEncryptionConfig.php‎
Lines changed: 54 additions & 0 deletions
diff --git a/‎src/DataPlane/Config/Encryption/EncryptionConfigInterface.php‎
Lines changed: 12 additions & 0 deletions b/‎src/DataPlane/Config/Encryption/EncryptionConfigInterface.php‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎src/DataPlane/Config/Encryption/TestingEncryptorConfig.php‎
Lines changed: 22 additions & 0 deletions b/‎src/DataPlane/Config/Encryption/TestingEncryptorConfig.php‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎src/DataPlane/Config/KubernetesConfig.php‎
Lines changed: 48 additions & 0 deletions b/‎src/DataPlane/Config/KubernetesConfig.php‎
Lines changed: 48 additions & 0 deletions
diff --git a/‎src/DataPlane/DataPlaneConfigRepository.php‎
Lines changed: 59 additions & 47 deletions b/‎src/DataPlane/DataPlaneConfigRepository.php‎
Lines changed: 59 additions & 47 deletions
@@ -0,0 +1,39 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Keboola\JobQueueInternalClient\DataPlane\Config;
+
+use Keboola\JobQueueInternalClient\DataPlane\Config\Encryption\EncryptionConfigInterface;
+
+class DataPlaneConfig
+{
+    private string $id;
+    private KubernetesConfig $kubernetes;
+    private EncryptionConfigInterface $encryption;
+
+    public function __construct(
+        string $id,
+        KubernetesConfig $kubernetes,
+        EncryptionConfigInterface $encryption
+    ) {
+        $this->id = $id;
+        $this->kubernetes = $kubernetes;
+        $this->encryption = $encryption;
+    }
+
+    public function getId(): string
+    {
+        return $this->id;
+    }
+
+    public function getKubernetes(): KubernetesConfig
+    {
+        return $this->kubernetes;
+    }
+
+    public function getEncryption(): EncryptionConfigInterface
+    {
+        return $this->encryption;
+    }
+}
@@ -0,0 +1,54 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Keboola\JobQueueInternalClient\DataPlane\Config\Encryption;
+
+use Keboola\ObjectEncryptor\ObjectEncryptor;
+use Keboola\ObjectEncryptor\ObjectEncryptorFactory;
+
+class AwsEncryptionConfig implements EncryptionConfigInterface
+{
+    private string $stackId;
+    private string $kmsRegion;
+    private string $kmsKeyId;
+    private ?string $kmsRoleArn;
+
+    public function __construct(string $stackId, string $kmsRegion, string $kmsKeyId, ?string $kmsRoleArn)
+    {
+        $this->stackId = $stackId;
+        $this->kmsRegion = $kmsRegion;
+        $this->kmsKeyId = $kmsKeyId;
+        $this->kmsRoleArn = $kmsRoleArn;
+    }
+
+    public function getStackId(): string
+    {
+        return $this->stackId;
+    }
+
+    public function getKmsRegion(): string
+    {
+        return $this->kmsRegion;
+    }
+
+    public function getKmsKeyId(): string
+    {
+        return $this->kmsKeyId;
+    }
+
+    public function getKmsRoleArn(): ?string
+    {
+        return $this->kmsRoleArn;
+    }
+
+    public function createEncryptor(): ObjectEncryptor
+    {
+        return ObjectEncryptorFactory::getAwsEncryptor(
+            $this->stackId,
+            $this->kmsKeyId,
+            $this->kmsRegion,
+            $this->kmsRoleArn,
+        );
+    }
+}
@@ -0,0 +1,12 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Keboola\JobQueueInternalClient\DataPlane\Config\Encryption;
+
+use Keboola\ObjectEncryptor\ObjectEncryptor;
+
+interface EncryptionConfigInterface
+{
+    public function createEncryptor(): ObjectEncryptor;
+}
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Keboola\JobQueueInternalClient\DataPlane\Config\Encryption;
+
+use Keboola\ObjectEncryptor\ObjectEncryptor;
+
+class TestingEncryptorConfig implements EncryptionConfigInterface
+{
+    private ObjectEncryptor $encryptor;
+
+    public function __construct(ObjectEncryptor $encryptor)
+    {
+        $this->encryptor = $encryptor;
+    }
+
+    public function createEncryptor(): ObjectEncryptor
+    {
+        return $this->encryptor;
+    }
+}
@@ -0,0 +1,48 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Keboola\JobQueueInternalClient\DataPlane\Config;
+
+use Keboola\ObjectEncryptor\ObjectEncryptor;
+
+class KubernetesConfig
+{
+    private string $apiUrl;
+    private string $token;
+    private string $certificateAuthority;
+    private string $namespace;
+
+    public function __construct(string $apiUrl, string $token, string $certificateAuthority, string $namespace)
+    {
+        $this->apiUrl = $apiUrl;
+        $this->token = $token;
+        $this->certificateAuthority = $certificateAuthority;
+        $this->namespace = $namespace;
+    }
+
+    public function getApiUrl(): string
+    {
+        return $this->apiUrl;
+    }
+
+    public function getToken(): string
+    {
+        return $this->token;
+    }
+
+    public function getTokenDecrypted(ObjectEncryptor $encryptor): string
+    {
+        return $encryptor->decryptGeneric($this->token);
+    }
+
+    public function getCertificateAuthority(): string
+    {
+        return $this->certificateAuthority;
+    }
+
+    public function getNamespace(): string
+    {
+        return $this->namespace;
+    }
+}
@@ -4,6 +4,9 @@
 
 namespace Keboola\JobQueueInternalClient\DataPlane;
 
+use Keboola\JobQueueInternalClient\DataPlane\Config\DataPlaneConfig;
+use Keboola\JobQueueInternalClient\DataPlane\Config\Encryption\AwsEncryptionConfig;
+use Keboola\JobQueueInternalClient\DataPlane\Config\KubernetesConfig;
 use Keboola\JobQueueInternalClient\DataPlane\Exception\DataPlaneNotFoundException;
 use Keboola\ManageApi\Client as ManageApiClient;
 use Keboola\ManageApi\ClientException;
@@ -13,32 +16,22 @@ class DataPlaneConfigRepository
 {
     private ManageApiClient $manageApiClient;
     private DataPlaneConfigValidator $configValidator;
+    private string $stackId;
+    private string $kmsRegion;
 
-    public function __construct(ManageApiClient $manageApiClient, DataPlaneConfigValidator $configValidator)
-    {
+    public function __construct(
+        ManageApiClient $manageApiClient,
+        DataPlaneConfigValidator $configValidator,
+        string $stackId,
+        string $kmsRegion
+    ) {
         $this->manageApiClient = $manageApiClient;
         $this->configValidator = $configValidator;
+        $this->stackId = $stackId;
+        $this->kmsRegion = $kmsRegion;
     }
 
-    /**
-     * @return null|array{
-     *     id: string,
-     *     parameters: array{
-     *         kubernetes: array{
-     *             apiUrl: string,
-     *             token: string,
-     *             certificateAuthority: string,
-     *             namespace: string,
-     *         },
-     *         encryption: array{
-     *             type: 'aws',
-     *             kmsKeyId: string,
-     *             kmsRoleArn: string,
-     *         },
-     *     }
-     * }
-     */
-    public function fetchProjectDataPlane(string $projectId): ?array
+    public function fetchProjectDataPlane(string $projectId): ?DataPlaneConfig
     {
         $project = $this->manageApiClient->getProject($projectId);
 
@@ -49,34 +42,13 @@ public function fetchProjectDataPlane(string $projectId): ?array
             return null;
         }
 
-        $dataPlaneId = (string) $dataPlane['id'];
-        $dataPlaneConfig = $this->configValidator->validateDataPlaneConfig(
-            $dataPlaneId,
-            $dataPlane['parameters'] ?? []
+        return $this->mapDataPlaneConfig(
+            (string) $dataPlane['id'],
+            $dataPlane['parameters'] ?? [],
         );
-
-        return [
-            'id' => $dataPlaneId,
-            'parameters' => $dataPlaneConfig,
-        ];
     }
 
-    /**
-     * @return array{
-     *     kubernetes: array{
-     *         apiUrl: string,
-     *         token: string,
-     *         certificateAuthority: string,
-     *         namespace: string,
-     *     },
-     *     encryption: array{
-     *         type: 'aws',
-     *         kmsKeyId: string,
-     *         kmsRoleArn: string,
-     *     },
-     * }
-     */
-    public function fetchDataPlaneConfig(string $dataPlaneId): array
+    public function fetchDataPlaneConfig(string $dataPlaneId): DataPlaneConfig
     {
         if (!ctype_digit($dataPlaneId)) {
             throw new RuntimeException(sprintf(
@@ -98,6 +70,46 @@ public function fetchDataPlaneConfig(string $dataPlaneId): array
             throw $e;
         }
 
-        return $this->configValidator->validateDataPlaneConfig($dataPlaneId, $dataPlane['parameters'] ?? []);
+        return $this->mapDataPlaneConfig(
+            $dataPlaneId,
+            $dataPlane['parameters'] ?? [],
+        );
+    }
+
+    private function mapDataPlaneConfig(string $dataPlaneId, array $data): DataPlaneConfig
+    {
+        $data = $this->configValidator->validateDataPlaneConfig($dataPlaneId, $data);
+
+        $kubernetesData = $data['kubernetes'];
+        $kubernetesConfig = new KubernetesConfig(
+            $kubernetesData['apiUrl'],
+            $kubernetesData['#token'],
+            $kubernetesData['certificateAuthority'],
+            $kubernetesData['namespace'],
+        );
+
+        $encryptionData = $data['encryption'];
+        switch ($encryptionData['type']) {
+            case DataPlaneConfigValidator::ENCRYPTION_TYPE_AWS:
+                $encryptionConfig = new AwsEncryptionConfig(
+                    $this->stackId,
+                    $this->kmsRegion,
+                    $encryptionData['kmsKeyId'],
+                    $encryptionData['kmsRoleArn'],
+                );
+                break;
+
+            default:
+                throw new RuntimeException(sprintf(
+                    'Invalid encryption type "%s"',
+                    $encryptionData['type']
+                ));
+        }
+
+        return new DataPlaneConfig(
+            $dataPlaneId,
+            $kubernetesConfig,
+            $encryptionConfig,
+        );
     }
 }