From e3ae751b5793e19f6a2a96b643f36ccf2f38707a Mon Sep 17 00:00:00 2001 From: Mariano Cano Date: Tue, 16 Jun 2020 17:57:35 -0700 Subject: [PATCH] Use templates from authority instead of config. --- authority/authority.go | 12 +++++++----- authority/ssh.go | 16 ++++++++-------- authority/ssh_test.go | 2 +- 3 files changed, 16 insertions(+), 14 deletions(-) diff --git a/authority/authority.go b/authority/authority.go index 89e3c5c9..6168e2e3 100644 --- a/authority/authority.go +++ b/authority/authority.go @@ -31,6 +31,7 @@ type Authority struct { keyManager kms.KeyManager provisioners *provisioner.Collection db db.AuthDB + templates *templates.Templates // X509 CA rootX509Certs []*x509.Certificate @@ -301,13 +302,14 @@ func (a *Authority) init() error { // Configure templates, currently only ssh templates are supported. if a.sshCAHostCertSignKey != nil || a.sshCAUserCertSignKey != nil { - if a.config.Templates == nil { - a.config.Templates = templates.DefaultTemplates() + a.templates = a.config.Templates + if a.templates == nil { + a.templates = templates.DefaultTemplates() } - if a.config.Templates.Data == nil { - a.config.Templates.Data = make(map[string]interface{}) + if a.templates.Data == nil { + a.templates.Data = make(map[string]interface{}) } - a.config.Templates.Data["Step"] = tmplVars + a.templates.Data["Step"] = tmplVars } // JWT numeric dates are seconds. diff --git a/authority/ssh.go b/authority/ssh.go index 3c29dd87..0bc0b343 100644 --- a/authority/ssh.go +++ b/authority/ssh.go @@ -125,19 +125,19 @@ func (a *Authority) GetSSHConfig(ctx context.Context, typ string, data map[strin return nil, errs.NotFound("getSSHConfig: ssh is not configured") } - if a.config.Templates == nil { + if a.templates == nil { return nil, errs.NotFound("getSSHConfig: ssh templates are not configured") } var ts []templates.Template switch typ { case provisioner.SSHUserCert: - if a.config.Templates != nil && a.config.Templates.SSH != nil { - ts = a.config.Templates.SSH.User + if a.templates != nil && a.templates.SSH != nil { + ts = a.templates.SSH.User } case provisioner.SSHHostCert: - if a.config.Templates != nil && a.config.Templates.SSH != nil { - ts = a.config.Templates.SSH.Host + if a.templates != nil && a.templates.SSH != nil { + ts = a.templates.SSH.Host } default: return nil, errs.BadRequest("getSSHConfig: type %s is not valid", typ) @@ -147,11 +147,11 @@ func (a *Authority) GetSSHConfig(ctx context.Context, typ string, data map[strin var mergedData map[string]interface{} if len(data) == 0 { - mergedData = a.config.Templates.Data + mergedData = a.templates.Data } else { - mergedData = make(map[string]interface{}, len(a.config.Templates.Data)+1) + mergedData = make(map[string]interface{}, len(a.templates.Data)+1) mergedData["User"] = data - for k, v := range a.config.Templates.Data { + for k, v := range a.templates.Data { mergedData[k] = v } } diff --git a/authority/ssh_test.go b/authority/ssh_test.go index 626c0da6..a07ed0db 100644 --- a/authority/ssh_test.go +++ b/authority/ssh_test.go @@ -460,7 +460,7 @@ func TestAuthority_GetSSHConfig(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { a := testAuthority(t) - a.config.Templates = tt.fields.templates + a.templates = tt.fields.templates a.sshCAUserCertSignKey = tt.fields.userSigner a.sshCAHostCertSignKey = tt.fields.hostSigner