TrueCloudLab/certificates
17
0
Fork 2
Code Issues 1 Pull requests 1 Releases Activity Actions

Use templates from authority instead of config.

Browse source
This commit is contained in:
Mariano Cano 2020-06-16 17:57:35 -07:00
parent a845b56283
commit e3ae751b57
3 changed files with 16 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
authority/authority.go
View file

@ -31,6 +31,7 @@ type Authority struct {
keyManager kms.KeyManager keyManager kms.KeyManager
provisioners *provisioner.Collection provisioners *provisioner.Collection
db db.AuthDB db db.AuthDB
templates *templates.Templates
// X509 CA // X509 CA
rootX509Certs []*x509.Certificate rootX509Certs []*x509.Certificate
@ -301,13 +302,14 @@ func (a *Authority) init() error {
// Configure templates, currently only ssh templates are supported. // Configure templates, currently only ssh templates are supported.
if a.sshCAHostCertSignKey != nil || a.sshCAUserCertSignKey != nil { if a.sshCAHostCertSignKey != nil || a.sshCAUserCertSignKey != nil {
if a.config.Templates == nil { a.templates = a.config.Templates
a.config.Templates = templates.DefaultTemplates() if a.templates == nil {
a.templates = templates.DefaultTemplates()
} }
if a.config.Templates.Data == nil { if a.templates.Data == nil {
a.config.Templates.Data = make(map[string]interface{}) a.templates.Data = make(map[string]interface{})
} }
a.config.Templates.Data["Step"] = tmplVars a.templates.Data["Step"] = tmplVars
} }
// JWT numeric dates are seconds. // JWT numeric dates are seconds.

16
authority/ssh.go
View file

@ -125,19 +125,19 @@ func (a *Authority) GetSSHConfig(ctx context.Context, typ string, data map[strin
return nil, errs.NotFound("getSSHConfig: ssh is not configured") return nil, errs.NotFound("getSSHConfig: ssh is not configured")
} }
if a.config.Templates == nil { if a.templates == nil {
return nil, errs.NotFound("getSSHConfig: ssh templates are not configured") return nil, errs.NotFound("getSSHConfig: ssh templates are not configured")
} }
var ts []templates.Template var ts []templates.Template
switch typ { switch typ {
case provisioner.SSHUserCert: case provisioner.SSHUserCert:
if a.config.Templates != nil && a.config.Templates.SSH != nil { if a.templates != nil && a.templates.SSH != nil {
ts = a.config.Templates.SSH.User ts = a.templates.SSH.User
} }
case provisioner.SSHHostCert: case provisioner.SSHHostCert:
if a.config.Templates != nil && a.config.Templates.SSH != nil { if a.templates != nil && a.templates.SSH != nil {
ts = a.config.Templates.SSH.Host ts = a.templates.SSH.Host
} }
default: default:
return nil, errs.BadRequest("getSSHConfig: type %s is not valid", typ) return nil, errs.BadRequest("getSSHConfig: type %s is not valid", typ)
@ -147,11 +147,11 @@ func (a *Authority) GetSSHConfig(ctx context.Context, typ string, data map[strin
var mergedData map[string]interface{} var mergedData map[string]interface{}
if len(data) == 0 { if len(data) == 0 {
mergedData = a.config.Templates.Data mergedData = a.templates.Data
} else { } else {
mergedData = make(map[string]interface{}, len(a.config.Templates.Data)+1) mergedData = make(map[string]interface{}, len(a.templates.Data)+1)
mergedData["User"] = data mergedData["User"] = data
for k, v := range a.config.Templates.Data { for k, v := range a.templates.Data {
mergedData[k] = v mergedData[k] = v
} }
} }

2
authority/ssh_test.go
View file

@ -460,7 +460,7 @@ func TestAuthority_GetSSHConfig(t *testing.T) {
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
a := testAuthority(t) a := testAuthority(t)
a.config.Templates = tt.fields.templates a.templates = tt.fields.templates
a.sshCAUserCertSignKey = tt.fields.userSigner a.sshCAUserCertSignKey = tt.fields.userSigner
a.sshCAHostCertSignKey = tt.fields.hostSigner a.sshCAHostCertSignKey = tt.fields.hostSigner