mbiryukova/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Enable step path contexts in identity and pki paths

Browse source
This commit is contained in:
max furman 2021-08-13 00:16:41 -07:00
parent 10db335f13
commit 7eeebca529
2 changed files with 29 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
ca/identity/identity.go
View file

@ -40,10 +40,10 @@ const TunnelTLS Type = "tTLS"
const DefaultLeeway = 1 * time.Minute const DefaultLeeway = 1 * time.Minute
// IdentityFile contains the location of the identity file. // IdentityFile contains the location of the identity file.
var IdentityFile = filepath.Join(step.Path(), "config", "identity.json") var IdentityFile = filepath.Join(step.ProfilePath(), "config", "identity.json")
// DefaultsFile contains the location of the defaults file. // DefaultsFile contains the location of the defaults file.
var DefaultsFile = filepath.Join(step.Path(), "config", "defaults.json") var DefaultsFile = filepath.Join(step.ProfilePath(), "config", "defaults.json")
// Identity represents the identity file that can be used to authenticate with // Identity represents the identity file that can be used to authenticate with
// the CA. // the CA.
@ -80,8 +80,8 @@ func LoadDefaultIdentity() (*Identity, error) {
// configDir and identityDir are used in WriteDefaultIdentity for testing // configDir and identityDir are used in WriteDefaultIdentity for testing
// purposes. // purposes.
var ( var (
configDir = filepath.Join(step.Path(), "config") configDir = filepath.Join(step.ProfilePath(), "config")
identityDir = filepath.Join(step.Path(), "identity") identityDir = filepath.Join(step.ProfilePath(), "identity")
) )
// WriteDefaultIdentity writes the given certificates and key and the // WriteDefaultIdentity writes the given certificates and key and the

25
pki/pki.go
View file

@ -10,6 +10,7 @@ import (
"encoding/json" "encoding/json"
"encoding/pem" "encoding/pem"
"fmt" "fmt"
"io/ioutil"
"net" "net"
"os" "os"
"path/filepath" "path/filepath"
@ -98,6 +99,12 @@ func GetConfigPath() string {
return filepath.Join(step.Path(), configPath) return filepath.Join(step.Path(), configPath)
} }
// GetProfileConfigPath returns the directory where the profile configuration
// files are stored based on the STEPPATH environment variable.
func GetProfileConfigPath() string {
return filepath.Join(step.ProfilePath(), configPath)
}
// GetPublicPath returns the directory where the public keys are stored based on // GetPublicPath returns the directory where the public keys are stored based on
// the STEPPATH environment variable. // the STEPPATH environment variable.
func GetPublicPath() string { func GetPublicPath() string {
@ -367,6 +374,21 @@ func New(o apiv1.Options, opts ...Option) (*PKI, error) {
} }
} }
// Create profile directory and stub for default profile configuration.
if currentCtx := step.GetCurrentContext(); currentCtx != nil {
profile := GetProfileConfigPath()
if err := os.MkdirAll(profile, 0700); err != nil {
return nil, errs.FileError(err, profile)
}
if p.profileDefaults, err = getPath(profile, "defaults.json"); err != nil {
return nil, err
}
if err := ioutil.WriteFile(p.profileDefaults,
[]byte("{}"), 0600); err != nil {
return nil, err
}
}
if p.Defaults.CaUrl == "" { if p.Defaults.CaUrl == "" {
p.Defaults.CaUrl = p.DnsNames[0] p.Defaults.CaUrl = p.DnsNames[0]
_, port, err := net.SplitHostPort(p.Address) _, port, err := net.SplitHostPort(p.Address)
@ -958,6 +980,9 @@ func (p *PKI) Save(opt ...ConfigOption) error {
} }
ui.PrintSelected("Default configuration", p.defaults) ui.PrintSelected("Default configuration", p.defaults)
if p.profileDefaults != "" {
ui.PrintSelected("Profile default configuration", p.profileDefaults)
}
ui.PrintSelected("Certificate Authority configuration", p.config) ui.PrintSelected("Certificate Authority configuration", p.config)
if p.options.deploymentType != LinkedDeployment { if p.options.deploymentType != LinkedDeployment {
ui.Println() ui.Println()