chore(kms): migrate kms to new multi version sdk

docs/stackit_kms_key_create.md

@@ -35,14 +35,14 @@ stackit kms key create [flags]
 ### Options
 
 ```
-      --algorithm string     En-/Decryption / signing algorithm. Possible values: ["aes_256_gcm" "rsa_2048_oaep_sha256" "rsa_3072_oaep_sha256" "rsa_4096_oaep_sha256" "rsa_4096_oaep_sha512" "hmac_sha256" "hmac_sha384" "hmac_sha512" "ecdsa_p256_sha256" "ecdsa_p384_sha384" "ecdsa_p521_sha512"]
+      --algorithm string     En-/Decryption / signing algorithm. (possible values: [aes_256_gcm, rsa_2048_oaep_sha256, rsa_3072_oaep_sha256, rsa_4096_oaep_sha256, rsa_4096_oaep_sha512, hmac_sha256, hmac_sha384, hmac_sha512, ecdsa_p256_sha256, ecdsa_p384_sha384, ecdsa_p521_sha512])
       --description string   Optional description of the key
   -h, --help                 Help for "stackit kms key create"
       --import-only          States whether versions can be created or only imported
       --keyring-id string    ID of the KMS key ring
       --name string          The display name to distinguish multiple keys
-      --protection string    The underlying system that is responsible for protecting the key material. Possible values: ["symmetric_encrypt_decrypt" "asymmetric_encrypt_decrypt" "message_authentication_code" "asymmetric_sign_verify"]
-      --purpose string       Purpose of the key. Possible values: ["symmetric_encrypt_decrypt" "asymmetric_encrypt_decrypt" "message_authentication_code" "asymmetric_sign_verify"]
+      --protection string    The underlying system that is responsible for protecting the key material. (possible values: [software])
+      --purpose string       Purpose of the key. (possible values: [symmetric_encrypt_decrypt, asymmetric_encrypt_decrypt, message_authentication_code, asymmetric_sign_verify])
 ```
 
 ### Options inherited from parent commands

docs/stackit_kms_wrapping-key_create.md

@@ -23,13 +23,13 @@ stackit kms wrapping-key create [flags]
 ### Options
 
 ```
-      --algorithm string     En-/Decryption / signing algorithm. Possible values: ["rsa_2048_oaep_sha256" "rsa_3072_oaep_sha256" "rsa_4096_oaep_sha256" "rsa_4096_oaep_sha512" "rsa_2048_oaep_sha256_aes_256_key_wrap" "rsa_3072_oaep_sha256_aes_256_key_wrap" "rsa_4096_oaep_sha256_aes_256_key_wrap" "rsa_4096_oaep_sha512_aes_256_key_wrap"]
+      --algorithm string     En-/Decryption / signing algorithm. (possible values: [rsa_2048_oaep_sha256, rsa_3072_oaep_sha256, rsa_4096_oaep_sha256, rsa_4096_oaep_sha512, rsa_2048_oaep_sha256_aes_256_key_wrap, rsa_3072_oaep_sha256_aes_256_key_wrap, rsa_4096_oaep_sha256_aes_256_key_wrap, rsa_4096_oaep_sha512_aes_256_key_wrap])
       --description string   Optional description of the wrapping key
   -h, --help                 Help for "stackit kms wrapping-key create"
       --keyring-id string    ID of the KMS key ring
       --name string          The display name to distinguish multiple wrapping keys
-      --protection string    The underlying system that is responsible for protecting the wrapping key material. Possible values: ["wrap_symmetric_key" "wrap_asymmetric_key"]
-      --purpose string       Purpose of the wrapping key. Possible values: ["wrap_symmetric_key" "wrap_asymmetric_key"]
+      --protection string    The underlying system that is responsible for protecting the key material. (possible values: [software])
+      --purpose string       Purpose of the key. (possible values: [wrap_symmetric_key, wrap_asymmetric_key])
 ```
 
 ### Options inherited from parent commands

go.mod

@@ -265,7 +265,7 @@ require (
 	github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 // indirect
 	github.com/spf13/afero v1.15.0 // indirect
 	github.com/spf13/cast v1.10.0 // indirect
-	github.com/stackitcloud/stackit-sdk-go/services/kms v1.3.2
+	github.com/stackitcloud/stackit-sdk-go/services/kms v1.11.0
 	github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.8.0
 	github.com/stackitcloud/stackit-sdk-go/services/logme v0.25.6
 	github.com/stackitcloud/stackit-sdk-go/services/mariadb v0.25.6

go.sum

@@ -614,6 +614,8 @@ github.com/stackitcloud/stackit-sdk-go/services/intake v0.7.1 h1:7ZSrwps/zI41rl+
 github.com/stackitcloud/stackit-sdk-go/services/intake v0.7.1/go.mod h1:ZIvwBZwEMFO+YfJLCNXqabslI0Fp9zxV7ZBwlZjk7uE=
 github.com/stackitcloud/stackit-sdk-go/services/kms v1.3.2 h1:2ulSL2IkIAKND59eAjbEhVkOoBMyvm48ojwz1a3t0U0=
 github.com/stackitcloud/stackit-sdk-go/services/kms v1.3.2/go.mod h1:cuIaMMiHeHQsbvy7BOFMutoV3QtN+ZBx7Tg3GmYUw7s=
+github.com/stackitcloud/stackit-sdk-go/services/kms v1.11.0 h1:OrUaDypQNr1nOXZfVQXCwUpN4YhR5y0vtvYi9/Ogoi4=
+github.com/stackitcloud/stackit-sdk-go/services/kms v1.11.0/go.mod h1:pVaCmb1ZHAPGVRlSlBlVOjThp9Tb2sX9+nRX0M+d1KU=
 github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.8.0 h1:DxrN85V738CRLynu6MULQHO+OXyYnkhVPgoZKULfFIs=
 github.com/stackitcloud/stackit-sdk-go/services/loadbalancer v1.8.0/go.mod h1:ClPE4TOM1FeaJiwTXvApq4gWaSgTLq6nU3PPHAIQDN4=
 github.com/stackitcloud/stackit-sdk-go/services/logme v0.25.6 h1:4x30lC+YBmo7XpsAzTn0W+C/oP5flnLVgIh5u3O/P0o=

internal/cmd/kms/key/create/create.go

@@ -13,8 +13,8 @@ import (
 	"github.com/stackitcloud/stackit-cli/internal/pkg/services/kms/client"
 	"github.com/stackitcloud/stackit-cli/internal/pkg/spinner"
 
-	"github.com/stackitcloud/stackit-sdk-go/services/kms"
-	"github.com/stackitcloud/stackit-sdk-go/services/kms/wait"
+	kms "github.com/stackitcloud/stackit-sdk-go/services/kms/v1api"
+	"github.com/stackitcloud/stackit-sdk-go/services/kms/v1api/wait"
 
 	"github.com/stackitcloud/stackit-cli/internal/pkg/examples"
 	"github.com/stackitcloud/stackit-cli/internal/pkg/flags"
@@ -26,24 +26,38 @@ import (
 const (
 	keyRingIdFlag = "keyring-id"
 
-	algorithmFlag   = "algorithm"
 	descriptionFlag = "description"
 	displayNameFlag = "name"
 	importOnlyFlag  = "import-only"
-	purposeFlag     = "purpose"
-	protectionFlag  = "protection"
+)
+
+var (
+	algorithmFlag = flags.StringEnumFlag(
+		"algorithm",
+		kms.AllowedAlgorithmEnumValues,
+		"En-/Decryption / signing algorithm.",
+	)
+	purposeFlag = flags.StringEnumFlag(
+		"purpose",
+		kms.AllowedPurposeEnumValues,
+		"Purpose of the key.",
+	)
+	protectionFlag = flags.StringEnumFlag(
+		"protection",
+		kms.AllowedProtectionEnumValues,
+		"The underlying system that is responsible for protecting the key material.")
 )
 
 type inputModel struct {
 	*globalflags.GlobalFlagModel
 	KeyRingId string
 
-	Algorithm   *string
+	Algorithm   kms.Algorithm
 	Description *string
 	Name        *string
 	ImportOnly  bool // Default false
-	Purpose     *string
-	Protection  *string
+	Purpose     kms.Purpose
+	Protection  kms.Protection
 }
 
 func NewCmd(params *types.CmdParams) *cobra.Command {
@@ -91,7 +105,7 @@ func NewCmd(params *types.CmdParams) *cobra.Command {
 			}
 
 			// Call API
-			req, _ := buildRequest(ctx, model, apiClient)
+			req, _ := buildRequest(ctx, model, apiClient.DefaultAPI)
 			resp, err := req.Execute()
 			if err != nil {
 				return fmt.Errorf("create KMS key: %w", err)
@@ -100,7 +114,7 @@ func NewCmd(params *types.CmdParams) *cobra.Command {
 			// Wait for async operation, if async mode not enabled
 			if !model.Async {
 				err := spinner.Run(params.Printer, "Creating key", func() error {
-					_, err = wait.CreateOrUpdateKeyWaitHandler(ctx, apiClient, model.ProjectId, model.Region, model.KeyRingId, *resp.Id).WaitWithContext(ctx)
+					_, err = wait.CreateOrUpdateKeyWaitHandler(ctx, apiClient.DefaultAPI, model.ProjectId, model.Region, model.KeyRingId, resp.Id).WaitWithContext(ctx)
 					return err
 				})
 				if err != nil {
@@ -124,12 +138,12 @@ func parseInput(p *print.Printer, cmd *cobra.Command) (*inputModel, error) {
 	model := inputModel{
 		GlobalFlagModel: globalFlags,
 		KeyRingId:       flags.FlagToStringValue(p, cmd, keyRingIdFlag),
-		Algorithm:       flags.FlagToStringPointer(p, cmd, algorithmFlag),
+		Algorithm:       algorithmFlag.Get(),
 		Name:            flags.FlagToStringPointer(p, cmd, displayNameFlag),
 		Description:     flags.FlagToStringPointer(p, cmd, descriptionFlag),
 		ImportOnly:      flags.FlagToBoolValue(p, cmd, importOnlyFlag),
-		Purpose:         flags.FlagToStringPointer(p, cmd, purposeFlag),
-		Protection:      flags.FlagToStringPointer(p, cmd, protectionFlag),
+		Purpose:         purposeFlag.Get(),
+		Protection:      protectionFlag.Get(),
 	}
 
 	p.DebugInputModel(model)
@@ -144,12 +158,12 @@ func buildRequest(ctx context.Context, model *inputModel, apiClient kmsKeyClient
 	req := apiClient.CreateKey(ctx, model.ProjectId, model.Region, model.KeyRingId)
 
 	req = req.CreateKeyPayload(kms.CreateKeyPayload{
-		DisplayName: model.Name,
+		DisplayName: utils.PtrString(model.Name),
 		Description: model.Description,
-		Algorithm:   kms.CreateKeyPayloadGetAlgorithmAttributeType(model.Algorithm),
-		Purpose:     kms.CreateKeyPayloadGetPurposeAttributeType(model.Purpose),
+		Algorithm:   model.Algorithm,
+		Purpose:     model.Purpose,
 		ImportOnly:  &model.ImportOnly,
-		Protection:  kms.CreateKeyPayloadGetProtectionAttributeType(model.Protection),
+		Protection:  model.Protection,
 	})
 	return req, nil
 }
@@ -164,39 +178,22 @@ func outputResult(p *print.Printer, model *inputModel, resp *kms.Key) error {
 		if model.Async {
 			operationState = "Triggered creation of"
 		}
-		p.Outputf("%s the KMS key %q. Key ID: %s\n", operationState, utils.PtrString(resp.DisplayName), utils.PtrString(resp.Id))
+		p.Outputf("%s the KMS key %q. Key ID: %s\n", operationState, resp.DisplayName, resp.Id)
 		return nil
 	})
 }
 
 func configureFlags(cmd *cobra.Command) {
-	// Algorithm
-	var algorithmFlagOptions []string
-	for _, val := range kms.AllowedAlgorithmEnumValues {
-		algorithmFlagOptions = append(algorithmFlagOptions, string(val))
-	}
-	cmd.Flags().Var(flags.EnumFlag(false, "", algorithmFlagOptions...), algorithmFlag, fmt.Sprintf("En-/Decryption / signing algorithm. Possible values: %q", algorithmFlagOptions))
-
-	// Purpose
-	var purposeFlagOptions []string
-	for _, val := range kms.AllowedPurposeEnumValues {
-		purposeFlagOptions = append(purposeFlagOptions, string(val))
-	}
-	cmd.Flags().Var(flags.EnumFlag(false, "", purposeFlagOptions...), purposeFlag, fmt.Sprintf("Purpose of the key. Possible values: %q", purposeFlagOptions))
-
-	// Protection
-	var protectionFlagOptions []string
-	for _, val := range kms.AllowedProtectionEnumValues {
-		protectionFlagOptions = append(protectionFlagOptions, string(val))
-	}
-	cmd.Flags().Var(flags.EnumFlag(false, "", protectionFlagOptions...), protectionFlag, fmt.Sprintf("The underlying system that is responsible for protecting the key material. Possible values: %q", purposeFlagOptions))
+	algorithmFlag.Register(cmd)
+	purposeFlag.Register(cmd)
+	protectionFlag.Register(cmd)
 
 	// All further non Enum Flags
 	cmd.Flags().Var(flags.UUIDFlag(), keyRingIdFlag, "ID of the KMS key ring")
 	cmd.Flags().String(displayNameFlag, "", "The display name to distinguish multiple keys")
 	cmd.Flags().String(descriptionFlag, "", "Optional description of the key")
 	cmd.Flags().Bool(importOnlyFlag, false, "States whether versions can be created or only imported")
 
-	err := flags.MarkFlagsRequired(cmd, keyRingIdFlag, algorithmFlag, purposeFlag, displayNameFlag, protectionFlag)
+	err := flags.MarkFlagsRequired(cmd, keyRingIdFlag, algorithmFlag.Name(), purposeFlag.Name(), displayNameFlag, protectionFlag.Name())
 	cobra.CheckErr(err)
 }

internal/cmd/kms/key/create/create_test.go

@@ -8,7 +8,7 @@ import (
 	"github.com/google/go-cmp/cmp/cmpopts"
 	"github.com/google/uuid"
 	"github.com/spf13/cobra"
-	"github.com/stackitcloud/stackit-sdk-go/services/kms"
+	kms "github.com/stackitcloud/stackit-sdk-go/services/kms/v1api"
 
 	"github.com/stackitcloud/stackit-cli/internal/pkg/globalflags"
 	"github.com/stackitcloud/stackit-cli/internal/pkg/print"
@@ -18,19 +18,19 @@ import (
 
 const (
 	testRegion      = "eu01"
-	testAlgorithm   = "rsa_2048_oaep_sha256"
+	testAlgorithm   = kms.ALGORITHM_RSA_2048_OAEP_SHA256
 	testDisplayName = "my-key"
-	testPurpose     = "asymmetric_encrypt_decrypt"
+	testPurpose     = kms.PURPOSE_ASYMMETRIC_ENCRYPT_DECRYPT
 	testDescription = "my key description"
 	testImportOnly  = "true"
-	testProtection  = "software"
+	testProtection  = kms.PROTECTION_SOFTWARE
 )
 
 type testCtxKey struct{}
 
 var (
 	testCtx       = context.WithValue(context.Background(), testCtxKey{}, "foo")
-	testClient    = &kms.APIClient{}
+	testClient    = &kms.APIClient{DefaultAPI: &kms.DefaultAPIService{}}
 	testProjectId = uuid.NewString()
 	testKeyRingId = uuid.NewString()
 )
@@ -41,12 +41,12 @@ func fixtureFlagValues(mods ...func(flagValues map[string]string)) map[string]st
 		globalflags.ProjectIdFlag: testProjectId,
 		globalflags.RegionFlag:    testRegion,
 		keyRingIdFlag:             testKeyRingId,
-		algorithmFlag:             testAlgorithm,
+		algorithmFlag.Name():      string(testAlgorithm),
 		displayNameFlag:           testDisplayName,
-		purposeFlag:               testPurpose,
+		purposeFlag.Name():        string(testPurpose),
 		descriptionFlag:           testDescription,
 		importOnlyFlag:            testImportOnly,
-		protectionFlag:            testProtection,
+		protectionFlag.Name():     string(testProtection),
 	}
 	for _, mod := range mods {
 		mod(flagValues)
@@ -63,12 +63,12 @@ func fixtureInputModel(mods ...func(model *inputModel)) *inputModel {
 			Verbosity: globalflags.VerbosityDefault,
 		},
 		KeyRingId:   testKeyRingId,
-		Algorithm:   utils.Ptr(testAlgorithm),
+		Algorithm:   testAlgorithm,
 		Name:        utils.Ptr(testDisplayName),
-		Purpose:     utils.Ptr(testPurpose),
+		Purpose:     testPurpose,
 		Description: utils.Ptr(testDescription),
 		ImportOnly:  true, // Watch out: ImportOnly is not testImportOnly!
-		Protection:  utils.Ptr(testProtection),
+		Protection:  testProtection,
 	}
 	for _, mod := range mods {
 		mod(model)
@@ -78,14 +78,14 @@ func fixtureInputModel(mods ...func(model *inputModel)) *inputModel {
 
 // Request
 func fixtureRequest(mods ...func(request *kms.ApiCreateKeyRequest)) kms.ApiCreateKeyRequest {
-	request := testClient.CreateKey(testCtx, testProjectId, testRegion, testKeyRingId)
+	request := testClient.DefaultAPI.CreateKey(testCtx, testProjectId, testRegion, testKeyRingId)
 	request = request.CreateKeyPayload(kms.CreateKeyPayload{
-		Algorithm:   kms.CreateKeyPayloadGetAlgorithmAttributeType(utils.Ptr(testAlgorithm)),
-		DisplayName: utils.Ptr(testDisplayName),
-		Purpose:     kms.CreateKeyPayloadGetPurposeAttributeType(utils.Ptr(testPurpose)),
+		Algorithm:   testAlgorithm,
+		DisplayName: testDisplayName,
+		Purpose:     testPurpose,
 		Description: utils.Ptr(testDescription),
 		ImportOnly:  utils.Ptr(true),
-		Protection:  kms.CreateKeyPayloadGetProtectionAttributeType(utils.Ptr(testProtection)),
+		Protection:  testProtection,
 	})
 
 	for _, mod := range mods {
@@ -162,14 +162,14 @@ func TestParseInput(t *testing.T) {
 		{
 			description: "algorithm missing (required)",
 			flagValues: fixtureFlagValues(func(flagValues map[string]string) {
-				delete(flagValues, algorithmFlag)
+				delete(flagValues, algorithmFlag.Name())
 			}),
 			isValid: false,
 		},
 		{
 			description: "protection missing (required)",
 			flagValues: fixtureFlagValues(func(flagValues map[string]string) {
-				delete(flagValues, protectionFlag)
+				delete(flagValues, protectionFlag.Name())
 			}),
 			isValid: false,
 		},
@@ -183,7 +183,7 @@ func TestParseInput(t *testing.T) {
 		{
 			description: "purpose missing (required)",
 			flagValues: fixtureFlagValues(func(flagValues map[string]string) {
-				delete(flagValues, purposeFlag)
+				delete(flagValues, purposeFlag.Name())
 			}),
 			isValid: false,
 		},
@@ -255,26 +255,26 @@ func TestBuildRequest(t *testing.T) {
 				model.ImportOnly = false
 			}),
 			expectedRequest: fixtureRequest().CreateKeyPayload(kms.CreateKeyPayload{
-				Algorithm:   kms.CreateKeyPayloadGetAlgorithmAttributeType(utils.Ptr(testAlgorithm)),
-				DisplayName: utils.Ptr(testDisplayName),
-				Purpose:     kms.CreateKeyPayloadGetPurposeAttributeType(utils.Ptr(testPurpose)),
+				Algorithm:   testAlgorithm,
+				DisplayName: testDisplayName,
+				Purpose:     testPurpose,
 				Description: nil,
 				ImportOnly:  utils.Ptr(false),
-				Protection:  kms.CreateKeyPayloadGetProtectionAttributeType(utils.Ptr(testProtection)),
+				Protection:  testProtection,
 			}),
 		},
 	}
 
 	for _, tt := range tests {
 		t.Run(tt.description, func(t *testing.T) {
-			request, err := buildRequest(testCtx, tt.model, testClient)
+			request, err := buildRequest(testCtx, tt.model, testClient.DefaultAPI)
 			if err != nil {
 				t.Fatalf("error building request: %v", err)
 			}
 
 			diff := cmp.Diff(tt.expectedRequest, request,
 				cmp.AllowUnexported(tt.expectedRequest),
-				cmpopts.EquateComparable(testCtx),
+				cmpopts.EquateComparable(testCtx, kms.DefaultAPIService{}),
 			)
 			if diff != "" {
 				t.Fatalf("Data does not match: %s", diff)

internal/cmd/kms/key/delete/delete.go

@@ -17,7 +17,7 @@ import (
 	kmsUtils "github.com/stackitcloud/stackit-cli/internal/pkg/services/kms/utils"
 	"github.com/stackitcloud/stackit-cli/internal/pkg/utils"
 
-	"github.com/stackitcloud/stackit-sdk-go/services/kms"
+	kms "github.com/stackitcloud/stackit-sdk-go/services/kms/v1api"
 
 	"github.com/stackitcloud/stackit-cli/internal/pkg/services/kms/client"
 )
@@ -58,7 +58,7 @@ func NewCmd(params *types.CmdParams) *cobra.Command {
 				return err
 			}
 
-			keyName, err := kmsUtils.GetKeyName(ctx, apiClient, model.ProjectId, model.Region, model.KeyRingId, model.KeyId)
+			keyName, err := kmsUtils.GetKeyName(ctx, apiClient.DefaultAPI, model.ProjectId, model.Region, model.KeyRingId, model.KeyId)
 			if err != nil {
 				params.Printer.Debug(print.ErrorLevel, "get key name: %v", err)
 				keyName = model.KeyId
@@ -79,7 +79,7 @@ func NewCmd(params *types.CmdParams) *cobra.Command {
 
 			// Don't wait for a month until the deletion was performed.
 			// Just print the deletion date.
-			resp, err := apiClient.GetKeyExecute(ctx, model.ProjectId, model.Region, model.KeyRingId, model.KeyId)
+			resp, err := apiClient.DefaultAPI.GetKey(ctx, model.ProjectId, model.Region, model.KeyRingId, model.KeyId).Execute()
 			if err != nil {
 				params.Printer.Debug(print.ErrorLevel, "get key: %v", err)
 			}
@@ -111,7 +111,7 @@ func parseInput(p *print.Printer, cmd *cobra.Command, inputArgs []string) (*inpu
 }
 
 func buildRequest(ctx context.Context, model *inputModel, apiClient *kms.APIClient) kms.ApiDeleteKeyRequest {
-	req := apiClient.DeleteKey(ctx, model.ProjectId, model.Region, model.KeyRingId, model.KeyId)
+	req := apiClient.DefaultAPI.DeleteKey(ctx, model.ProjectId, model.Region, model.KeyRingId, model.KeyId)
 	return req
 }
 
@@ -128,7 +128,7 @@ func outputResult(p *print.Printer, outputFormat string, resp *kms.Key) error {
 	}
 
 	return p.OutputResult(outputFormat, resp, func() error {
-		p.Outputf("Deletion of KMS key %s scheduled successfully for the deletion date: %s\n", utils.PtrString(resp.DisplayName), utils.PtrString(resp.DeletionDate))
+		p.Outputf("Deletion of KMS key %s scheduled successfully for the deletion date: %s\n", resp.DisplayName, utils.PtrString(resp.DeletionDate))
 		return nil
 	})
 }