Fix conflict post refactoring (#760)

* Handle multiple registered directories in BFF

* Version bump to v1.5.0

* Certman refactor and automated reissuance (#753)

Co-authored-by: kbelita <[email protected]>
Co-authored-by: Daniel Sollis <[email protected]>

* sc-8837 Extend Background Color to bottom of Overview page (#754)

* sc-8408 Add min/max to date of incorporation field (#743)

* Handle multiple registered directories in BFF

* sc-8408 Add min/max to date of incorporation field

Co-authored-by: Benjamin Bengfort <[email protected]>

* sc-8837 Extend Background Color to bottom of Overview page

Co-authored-by: Benjamin Bengfort <[email protected]>
Co-authored-by: Cletus Razakou <[email protected]>

* adds slack notifications to Github Actions container build yaml (#755)

Co-authored-by: Cletus Razakou <[email protected]>

* Allow multiple DNS names in certificate issuance (#701)

Co-authored-by: Benjamin Bengfort <[email protected]>

* Add baggage to CORS allowed headers

* BFF test cleanup (#706)

* BFF string constants (#708)

* Add VASP timestamps to overview response (#740)

* version bump v1.5.0-rc.22

* add VASP timestamps to overview response

* Emit unpopulated registration form fields (#741)

* sc-8837 Extend Background Color to bottom of Overview page (#754)

* sc-8408 Add min/max to date of incorporation field (#743)

* Handle multiple registered directories in BFF

* sc-8408 Add min/max to date of incorporation field

Co-authored-by: Benjamin Bengfort <[email protected]>

* sc-8837 Extend Background Color to bottom of Overview page

Co-authored-by: Benjamin Bengfort <[email protected]>
Co-authored-by: Cletus Razakou <[email protected]>

* fix models merge conflicts

Co-authored-by: Benjamin Bengfort <[email protected]>
Co-authored-by: Patrick Deziel <[email protected]>
Co-authored-by: kbelita <[email protected]>
Co-authored-by: Daniel Sollis <[email protected]>
Co-authored-by: elysee15 <[email protected]>
Co-authored-by: Rebecca Bilbro <[email protected]>

pkg/gds/certman/certs.go

@@ -266,25 +266,30 @@ func (c *CertificateManager) submitCertificateRequest(r *models.CertificateReque
 		return fmt.Errorf("could not retrieve pkcs12password: %s", err)
 	}
 
-	profile := c.certs.Profile()
-	var params map[string]string
-	if profile == sectigo.ProfileCipherTraceEndEntityCertificate || profile == sectigo.ProfileIDCipherTraceEndEntityCertificate {
-		params = r.Params
-		if params == nil {
-			log.Error().Str("vasp", vasp.Id).Str("certreq", r.Id).Msg("certificate request params are nil")
-			return errors.New("no params are available on the certificate request")
-		}
-	} else {
-		params = make(map[string]string)
-	}
-
-	params["commonName"] = r.CommonName
-	params["dNSName"] = r.CommonName
-	params["pkcs12Password"] = string(pkcs12Password)
+	// Allow multiple DNS names to be specified in addition to the common name
+	// This will overwrite whatever is in the params ensuring the latest common name and
+	// dns names are submitted to Sectigo if there were intermediate changes to the req.
+	dnsNames := []string{r.CommonName}
+	dnsNames = append(dnsNames, r.DnsNames...)
+	models.UpdateCertificateRequestParams(r, sectigo.ParamDNSNames, strings.Join(dnsNames, "\n"))
+	models.UpdateCertificateRequestParams(r, sectigo.ParamCommonName, r.CommonName)
+	models.UpdateCertificateRequestParams(r, sectigo.ParamPassword, string(pkcs12Password))
 
 	// Step 3: submit the certificate
-	var rep *sectigo.BatchResponse
+	var (
+		rep    *sectigo.BatchResponse
+		params map[string]string
+	)
+
+	// Construct the required parameters for the Sectigo request.
+	profile := c.certs.Profile()
 	batchName := fmt.Sprintf("%s-certreq-%s)", c.conf.DirectoryID, r.Id)
+
+	if params, err = models.GetCertificateRequestParams(r, profile); err != nil {
+		return fmt.Errorf("could not retrieve certificate request parameters for profile %q: %s", profile, err)
+	}
+
+	// Execute the certificate request to Sectigo.
 	if rep, err = c.certs.CreateSingleCertBatch(authority, batchName, params); err != nil {
 		// Although the error may be logged again by the calling function, log the error
 		// here as well to provide debugging information about why the Sectigo request failed.

pkg/gds/certman/certs_test.go

@@ -2,7 +2,6 @@ package certman_test
 
 import (
 	"context"
-	"io/ioutil"
 	"net/http"
 	"os"
 	"path/filepath"
@@ -675,14 +674,20 @@ func (s *certTestSuite) TestSubmitBatchError() {
 	require.NoError(sm.CreateSecret(ctx, "password"))
 	require.NoError(sm.AddSecretVersion(ctx, "password", []byte("qDhAwnfMjgDEzzUC")))
 
-	// Certificate request with a missing country name
+	// Create a valid certificate request with extended parameters
 	quebecCertReq.Params = map[string]string{
 		"organizationName":    "TRISA Member VASP",
 		"localityName":        "Menlo Park",
 		"stateOrProvinceName": "California",
+		"country":             "US",
 	}
 	require.NoError(s.db.UpdateCertReq(quebecCertReq))
 
+	// Ensure that Sectigo returns an error response when the batch is submitted.
+	mock.Handle(sectigo.CreateSingleCertBatchEP, func(c *gin.Context) {
+		c.JSON(http.StatusBadRequest, gin.H{"error": "bad request"})
+	})
+
 	// Run the CertManager for a tick
 	s.certman.HandleCertificateRequests()
 
@@ -694,7 +699,7 @@ func (s *certTestSuite) TestSubmitBatchError() {
 	// Cert request should still be in the READY_TO_SUBMIT state
 	cert, err := s.db.RetrieveCertReq(quebecCertReq.Id)
 	require.NoError(err)
-	require.Equal(models.CertificateRequestState_READY_TO_SUBMIT, cert.Status)
+	require.Equal(models.CertificateRequestState_READY_TO_SUBMIT, cert.Status, "certificate request is not in ready to submit state")
 
 	// Audit log should be updated
 	log, err := models.GetAuditLog(v)
@@ -935,7 +940,7 @@ func (s *certTestSuite) setupCertManager(profile string, fType fixtures.FixtureT
 
 	// Create the certificate manager configuration
 	var err error
-	certPath, err := ioutil.TempDir("testdata", "certs-*")
+	certPath, err := os.MkdirTemp("testdata", "certs-*")
 	require.NoError(err, "could not create cert storage")
 	s.conf.CertMan.Storage = certPath
 	s.conf.CertMan.RequestInterval = time.Millisecond