Enable step path contexts in identity and pki paths

This commit is contained in:
max furman 2021-08-13 00:16:41 -07:00
parent 10db335f13
commit 7eeebca529
2 changed files with 29 additions and 4 deletions

View file

@ -40,10 +40,10 @@ const TunnelTLS Type = "tTLS"
const DefaultLeeway = 1 * time.Minute
// IdentityFile contains the location of the identity file.
var IdentityFile = filepath.Join(step.Path(), "config", "identity.json")
var IdentityFile = filepath.Join(step.ProfilePath(), "config", "identity.json")
// DefaultsFile contains the location of the defaults file.
var DefaultsFile = filepath.Join(step.Path(), "config", "defaults.json")
var DefaultsFile = filepath.Join(step.ProfilePath(), "config", "defaults.json")
// Identity represents the identity file that can be used to authenticate with
// the CA.
@ -80,8 +80,8 @@ func LoadDefaultIdentity() (*Identity, error) {
// configDir and identityDir are used in WriteDefaultIdentity for testing
// purposes.
var (
configDir = filepath.Join(step.Path(), "config")
identityDir = filepath.Join(step.Path(), "identity")
configDir = filepath.Join(step.ProfilePath(), "config")
identityDir = filepath.Join(step.ProfilePath(), "identity")
)
// WriteDefaultIdentity writes the given certificates and key and the

View file

@ -10,6 +10,7 @@ import (
"encoding/json"
"encoding/pem"
"fmt"
"io/ioutil"
"net"
"os"
"path/filepath"
@ -98,6 +99,12 @@ func GetConfigPath() string {
return filepath.Join(step.Path(), configPath)
}
// GetProfileConfigPath returns the directory where the profile configuration
// files are stored based on the STEPPATH environment variable.
func GetProfileConfigPath() string {
return filepath.Join(step.ProfilePath(), configPath)
}
// GetPublicPath returns the directory where the public keys are stored based on
// the STEPPATH environment variable.
func GetPublicPath() string {
@ -367,6 +374,21 @@ func New(o apiv1.Options, opts ...Option) (*PKI, error) {
}
}
// Create profile directory and stub for default profile configuration.
if currentCtx := step.GetCurrentContext(); currentCtx != nil {
profile := GetProfileConfigPath()
if err := os.MkdirAll(profile, 0700); err != nil {
return nil, errs.FileError(err, profile)
}
if p.profileDefaults, err = getPath(profile, "defaults.json"); err != nil {
return nil, err
}
if err := ioutil.WriteFile(p.profileDefaults,
[]byte("{}"), 0600); err != nil {
return nil, err
}
}
if p.Defaults.CaUrl == "" {
p.Defaults.CaUrl = p.DnsNames[0]
_, port, err := net.SplitHostPort(p.Address)
@ -958,6 +980,9 @@ func (p *PKI) Save(opt ...ConfigOption) error {
}
ui.PrintSelected("Default configuration", p.defaults)
if p.profileDefaults != "" {
ui.PrintSelected("Profile default configuration", p.profileDefaults)
}
ui.PrintSelected("Certificate Authority configuration", p.config)
if p.options.deploymentType != LinkedDeployment {
ui.Println()