Merge pull request #682 from smallstep/helm-ssh

Fix ssh in helm chart values
This commit is contained in:
Mariano Cano 2021-08-26 11:22:49 -07:00 committed by GitHub
commit 8acce7b092
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 8 deletions

View file

@ -14,11 +14,9 @@ import (
type helmVariables struct {
*linkedca.Configuration
Defaults *linkedca.Defaults
Password string
SSH struct {
Enabled bool
}
Defaults *linkedca.Defaults
Password string
EnableSSH bool
TLS authconfig.TLSOptions
Provisioners []provisioner.Interface
}
@ -48,6 +46,7 @@ func (p *PKI) WriteHelmTemplate(w io.Writer) error {
Configuration: &p.Configuration,
Defaults: &p.Defaults,
Password: "",
EnableSSH: p.options.enableSSH,
TLS: authconfig.DefaultTLSOptions,
Provisioners: provisioners,
}); err != nil {
@ -67,7 +66,7 @@ inject:
federateRoots: []
crt: {{ .Intermediate }}
key: {{ .IntermediateKey }}
{{- if .SSH.Enabled }}
{{- if .EnableSSH }}
ssh:
hostKey: {{ .Ssh.HostKey }}
userKey: {{ .Ssh.UserKey }}

View file

@ -408,6 +408,15 @@ func (p *PKI) GenerateKeyPairs(pass []byte) error {
return err
}
var claims *linkedca.Claims
if p.options.enableSSH {
claims = &linkedca.Claims{
Ssh: &linkedca.SSHClaims{
Enabled: true,
},
}
}
// Add JWK provisioner to the configuration.
publicKey, err := json.Marshal(p.ottPublicKey)
if err != nil {
@ -418,8 +427,9 @@ func (p *PKI) GenerateKeyPairs(pass []byte) error {
return errors.Wrap(err, "error serializing private key")
}
p.Authority.Provisioners = append(p.Authority.Provisioners, &linkedca.Provisioner{
Type: linkedca.Provisioner_JWK,
Name: p.options.provisioner,
Type: linkedca.Provisioner_JWK,
Name: p.options.provisioner,
Claims: claims,
Details: &linkedca.ProvisionerDetails{
Data: &linkedca.ProvisionerDetails_JWK{
JWK: &linkedca.JWKProvisioner{