Add linkedca conversions.

authority/admin/db.go

@@ -44,6 +44,8 @@ func UnmarshalProvisionerDetails(typ linkedca.Provisioner_Type, data []byte) (*l
 		v.Data = new(linkedca.ProvisionerDetails_SSHPOP)
 	case linkedca.Provisioner_SCEP:
 		v.Data = new(linkedca.ProvisionerDetails_SCEP)
+	case linkedca.Provisioner_NEBULA:
+		v.Data = new(linkedca.ProvisionerDetails_Nebula)
 	default:
 		return nil, fmt.Errorf("unsupported provisioner type %s", typ)
 	}

authority/provisioners.go

@@ -710,6 +710,22 @@ func ProvisionerToCertificates(p *linkedca.Provisioner) (provisioner.Interface,
 			Claims:                 claims,
 			Options:                options,
 		}, nil
+	case *linkedca.ProvisionerDetails_Nebula:
+		var roots []byte
+		for i, root := range d.Nebula.GetRoots() {
+			if i > 0 {
+				roots = append(roots, '\n')
+			}
+			roots = append(roots, root...)
+		}
+		return &provisioner.Nebula{
+			ID:      p.Id,
+			Type:    p.Type.String(),
+			Name:    p.Name,
+			Roots:   roots,
+			Claims:  claims,
+			Options: options,
+		}, nil
 	default:
 		return nil, fmt.Errorf("provisioner %s not implemented", p.Type)
 	}
@@ -937,6 +953,26 @@ func ProvisionerToLinkedca(p provisioner.Interface) (*linkedca.Provisioner, erro
 			X509Template: x509Template,
 			SshTemplate:  sshTemplate,
 		}, nil
+	case *provisioner.Nebula:
+		x509Template, sshTemplate, err := provisionerOptionsToLinkedca(p.Options)
+		if err != nil {
+			return nil, err
+		}
+		return &linkedca.Provisioner{
+			Id:   p.ID,
+			Type: linkedca.Provisioner_NEBULA,
+			Name: p.GetName(),
+			Details: &linkedca.ProvisionerDetails{
+				Data: &linkedca.ProvisionerDetails_Nebula{
+					Nebula: &linkedca.NebulaProvisioner{
+						Roots: provisionerPEMToLinkedca(p.Roots),
+					},
+				},
+			},
+			Claims:       claimsToLinkedca(p.Claims),
+			X509Template: x509Template,
+			SshTemplate:  sshTemplate,
+		}, nil
 	default:
 		return nil, fmt.Errorf("provisioner %s not implemented", p.GetType())
 	}

go.mod

@@ -35,7 +35,7 @@ require (
 	go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352
 	go.step.sm/cli-utils v0.7.0
 	go.step.sm/crypto v0.13.1-0.20220104020740-cfaa65f61443
-	go.step.sm/linkedca v0.7.0
+	go.step.sm/linkedca v0.8.1-0.20220105022833-86b7a26c91f6
 	golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3
 	golang.org/x/net v0.0.0-20211216030914-fe4d6282115f
 	google.golang.org/api v0.47.0
@@ -48,3 +48,4 @@ require (
 // replace github.com/smallstep/nosql => ../nosql
 // replace go.step.sm/crypto => ../crypto
 // replace go.step.sm/cli-utils => ../cli-utils
+// replace go.step.sm/linkedca => ../linkedca

go.sum

@@ -607,8 +607,8 @@ go.step.sm/cli-utils v0.7.0/go.mod h1:Ur6bqA/yl636kCUJbp30J7Unv5JJ226eW2KqXPDwF/
 go.step.sm/crypto v0.9.0/go.mod h1:+CYG05Mek1YDqi5WK0ERc6cOpKly2i/a5aZmU1sfGj0=
 go.step.sm/crypto v0.13.1-0.20220104020740-cfaa65f61443 h1:58QFQDVfw/dQuR9iW/dqvstdhrXbPEzImQF5sBVkI0k=
 go.step.sm/crypto v0.13.1-0.20220104020740-cfaa65f61443/go.mod h1:3G0yQr5lQqfEG0CMYz8apC/qMtjLRQlzflL2AxkcN+g=
-go.step.sm/linkedca v0.7.0 h1:ydYigs0CgLFkPGjOO4KJcAcAWbuPP8ECF1IsyHdftYc=
-go.step.sm/linkedca v0.7.0/go.mod h1:5uTRjozEGSPAZal9xJqlaD38cvJcLe3o1VAFVjqcORo=
+go.step.sm/linkedca v0.8.1-0.20220105022833-86b7a26c91f6 h1:rh+wCqQhMeXqUfb7Kycd8DtO7K0JckYsPZS3nOuEtGA=
+go.step.sm/linkedca v0.8.1-0.20220105022833-86b7a26c91f6/go.mod h1:5uTRjozEGSPAZal9xJqlaD38cvJcLe3o1VAFVjqcORo=
 go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
 go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
 go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=