Use profileDefaults in PKI
- write profile defaults at the same time as authority defaults
This commit is contained in:
parent
c8560b4854
commit
3e9830e363
1 changed files with 10 additions and 20 deletions
30
pki/pki.go
30
pki/pki.go
|
@ -10,7 +10,6 @@ import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"encoding/pem"
|
"encoding/pem"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
|
||||||
"net"
|
"net"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
@ -99,12 +98,6 @@ func GetConfigPath() string {
|
||||||
return filepath.Join(step.Path(), configPath)
|
return filepath.Join(step.Path(), configPath)
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetProfileConfigPath returns the directory where the profile configuration
|
|
||||||
// files are stored based on the STEPPATH environment variable.
|
|
||||||
func GetProfileConfigPath() string {
|
|
||||||
return filepath.Join(step.ProfilePath(), configPath)
|
|
||||||
}
|
|
||||||
|
|
||||||
// GetPublicPath returns the directory where the public keys are stored based on
|
// GetPublicPath returns the directory where the public keys are stored based on
|
||||||
// the STEPPATH environment variable.
|
// the STEPPATH environment variable.
|
||||||
func GetPublicPath() string {
|
func GetPublicPath() string {
|
||||||
|
@ -375,18 +368,6 @@ func New(o apiv1.Options, opts ...Option) (*PKI, error) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create profile directory and stub for default profile configuration.
|
|
||||||
if currentCtx := step.Contexts().GetCurrent(); currentCtx != nil {
|
|
||||||
profile := GetProfileConfigPath()
|
|
||||||
if err := os.MkdirAll(profile, 0700); err != nil {
|
|
||||||
return nil, errs.FileError(err, profile)
|
|
||||||
}
|
|
||||||
if err := ioutil.WriteFile(step.ProfileDefaultsFile(),
|
|
||||||
[]byte("{}"), 0600); err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if p.Defaults.CaUrl == "" {
|
if p.Defaults.CaUrl == "" {
|
||||||
p.Defaults.CaUrl = p.DnsNames[0]
|
p.Defaults.CaUrl = p.DnsNames[0]
|
||||||
_, port, err := net.SplitHostPort(p.Address)
|
_, port, err := net.SplitHostPort(p.Address)
|
||||||
|
@ -435,6 +416,10 @@ func New(o apiv1.Options, opts ...Option) (*PKI, error) {
|
||||||
if p.defaults, err = getPath(cfg, "defaults.json"); err != nil {
|
if p.defaults, err = getPath(cfg, "defaults.json"); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
if c := step.Contexts().GetCurrent(); c != nil {
|
||||||
|
p.profileDefaults = c.ProfileDefaultsFile()
|
||||||
|
}
|
||||||
|
|
||||||
if p.config, err = getPath(cfg, "ca.json"); err != nil {
|
if p.config, err = getPath(cfg, "ca.json"); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -964,6 +949,11 @@ func (p *PKI) Save(opt ...ConfigOption) error {
|
||||||
if err = fileutil.WriteFile(p.defaults, b, 0644); err != nil {
|
if err = fileutil.WriteFile(p.defaults, b, 0644); err != nil {
|
||||||
return errs.FileError(err, p.defaults)
|
return errs.FileError(err, p.defaults)
|
||||||
}
|
}
|
||||||
|
if p.profileDefaults != "" {
|
||||||
|
if err = fileutil.WriteFile(p.profileDefaults, []byte("{}"), 0644); err != nil {
|
||||||
|
return errs.FileError(err, p.profileDefaults)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Generate and write templates
|
// Generate and write templates
|
||||||
if err := generateTemplates(cfg.Templates); err != nil {
|
if err := generateTemplates(cfg.Templates); err != nil {
|
||||||
|
@ -979,7 +969,7 @@ func (p *PKI) Save(opt ...ConfigOption) error {
|
||||||
|
|
||||||
ui.PrintSelected("Default configuration", p.defaults)
|
ui.PrintSelected("Default configuration", p.defaults)
|
||||||
if p.profileDefaults != "" {
|
if p.profileDefaults != "" {
|
||||||
ui.PrintSelected("Profile default configuration", p.profileDefaults)
|
ui.PrintSelected("Default profile configuration", p.profileDefaults)
|
||||||
}
|
}
|
||||||
ui.PrintSelected("Certificate Authority configuration", p.config)
|
ui.PrintSelected("Certificate Authority configuration", p.config)
|
||||||
if p.options.deploymentType != LinkedDeployment {
|
if p.options.deploymentType != LinkedDeployment {
|
||||||
|
|
Loading…
Reference in a new issue