2016-03-17 10:04:21 -04:00
|
|
|
/*
|
|
|
|
|
Copyright 2015 Home Office All rights reserved.
|
|
|
|
|
|
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
you may not use this file except in compliance with the License.
|
|
|
|
|
You may obtain a copy of the License at
|
|
|
|
|
|
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
See the License for the specific language governing permissions and
|
|
|
|
|
limitations under the License.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
package main
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"bytes"
|
|
|
|
|
"encoding/json"
|
2017-11-16 15:56:51 -05:00
|
|
|
"errors"
|
2016-03-17 10:04:21 -04:00
|
|
|
"fmt"
|
|
|
|
|
"io/ioutil"
|
2017-05-24 07:41:16 -04:00
|
|
|
"os"
|
2016-03-17 10:04:21 -04:00
|
|
|
"strings"
|
|
|
|
|
|
|
|
|
|
"github.com/golang/glog"
|
|
|
|
|
"gopkg.in/yaml.v2"
|
|
|
|
|
)
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
func writeIniFile(filename string, data map[string]interface{}, mode os.FileMode) error {
|
2016-03-17 10:04:21 -04:00
|
|
|
var buf bytes.Buffer
|
|
|
|
|
for key, val := range data {
|
|
|
|
|
buf.WriteString(fmt.Sprintf("%s = %v\n", key, val))
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
return writeFile(filename, buf.Bytes(), mode)
|
2016-03-17 10:04:21 -04:00
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
func writeCSVFile(filename string, data map[string]interface{}, mode os.FileMode) error {
|
2016-03-17 10:04:21 -04:00
|
|
|
var buf bytes.Buffer
|
|
|
|
|
for key, val := range data {
|
|
|
|
|
buf.WriteString(fmt.Sprintf("%s,%v\n", key, val))
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
return writeFile(filename, buf.Bytes(), mode)
|
2016-03-17 10:04:21 -04:00
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
func writeYAMLFile(filename string, data map[string]interface{}, mode os.FileMode) error {
|
2016-03-17 10:04:21 -04:00
|
|
|
// marshall the content to yaml
|
|
|
|
|
content, err := yaml.Marshal(data)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
return writeFile(filename, content, mode)
|
2016-03-17 10:04:21 -04:00
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
func writeEnvFile(filename string, data map[string]interface{}, mode os.FileMode) error {
|
2016-03-17 10:04:21 -04:00
|
|
|
var buf bytes.Buffer
|
|
|
|
|
for key, val := range data {
|
|
|
|
|
buf.WriteString(fmt.Sprintf("%s=%v\n", strings.ToUpper(key), val))
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
return writeFile(filename, buf.Bytes(), mode)
|
2016-03-17 10:04:21 -04:00
|
|
|
}
|
|
|
|
|
|
2017-11-16 15:56:51 -05:00
|
|
|
func getCombinedCaChain(dataValue interface{}) (string, error) {
|
|
|
|
|
arr, ok := dataValue.([]interface{})
|
|
|
|
|
if !ok {
|
|
|
|
|
return "", errors.New("ca_chain not of type array")
|
|
|
|
|
}
|
|
|
|
|
caChain := make([]string, len(arr))
|
|
|
|
|
for i := range arr {
|
|
|
|
|
caChain[i] = arr[i].(string)
|
|
|
|
|
}
|
|
|
|
|
return strings.Join(caChain, "\n"), nil
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
func writeCertificateFile(filename string, data map[string]interface{}, mode os.FileMode) error {
|
2016-03-17 10:04:21 -04:00
|
|
|
files := map[string]string{
|
|
|
|
|
"certificate": "crt",
|
|
|
|
|
"issuing_ca": "ca",
|
2017-11-16 15:56:51 -05:00
|
|
|
"ca_chain": "ca.pem",
|
2016-03-17 10:04:21 -04:00
|
|
|
"private_key": "key",
|
|
|
|
|
}
|
|
|
|
|
for key, suffix := range files {
|
2017-05-24 07:41:16 -04:00
|
|
|
name := fmt.Sprintf("%s.%s", filename, suffix)
|
2016-03-17 10:04:21 -04:00
|
|
|
content, found := data[key]
|
|
|
|
|
if !found {
|
2017-05-24 07:41:16 -04:00
|
|
|
glog.Errorf("didn't find the certification option: %s in the resource: %s", key, name)
|
2016-03-17 10:04:21 -04:00
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// step: write the file
|
2017-11-16 15:56:51 -05:00
|
|
|
var contentToWrite string
|
|
|
|
|
var err error
|
|
|
|
|
if key == "ca_chain" {
|
|
|
|
|
contentToWrite, err = getCombinedCaChain(data[key])
|
|
|
|
|
if err != nil {
|
|
|
|
|
glog.Errorf("failed to parse ca_chain: %s", err)
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
contentToWrite = fmt.Sprintf("%s", content)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := writeFile(name, []byte(contentToWrite), mode); err != nil {
|
2017-05-24 07:41:16 -04:00
|
|
|
glog.Errorf("failed to write resource: %s, element: %s, filename: %s, error: %s", filename, suffix, name, err)
|
2016-03-17 10:04:21 -04:00
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
func writeCertificateBundleFile(filename string, data map[string]interface{}, mode os.FileMode) error {
|
2016-06-30 09:07:00 -04:00
|
|
|
bundleFile := fmt.Sprintf("%s-bundle.pem", filename)
|
|
|
|
|
keyFile := fmt.Sprintf("%s-key.pem", filename)
|
|
|
|
|
caFile := fmt.Sprintf("%s-ca.pem", filename)
|
2017-11-16 15:56:51 -05:00
|
|
|
caChainFile := fmt.Sprintf("%s-ca-chain.pem", filename)
|
2016-06-30 09:07:00 -04:00
|
|
|
certFile := fmt.Sprintf("%s.pem", filename)
|
2016-03-17 10:04:21 -04:00
|
|
|
|
2016-06-30 09:07:00 -04:00
|
|
|
bundle := fmt.Sprintf("%s\n\n%s", data["certificate"], data["issuing_ca"])
|
|
|
|
|
key := fmt.Sprintf("%s\n", data["private_key"])
|
2017-11-13 15:02:28 -05:00
|
|
|
ca := fmt.Sprintf("%s\n", data["issuing_ca"])
|
|
|
|
|
certificate := fmt.Sprintf("%s\n", data["certificate"])
|
2017-11-16 15:56:51 -05:00
|
|
|
caChain, err := getCombinedCaChain(data["ca_chain"])
|
|
|
|
|
if err != nil {
|
|
|
|
|
glog.Errorf("failed to parse ca_chain: %s", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
2017-11-13 15:02:28 -05:00
|
|
|
|
|
|
|
|
if err := writeFile(bundleFile, []byte(bundle), mode); err != nil {
|
|
|
|
|
glog.Errorf("failed to write the bundled certificate file, error: %s", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := writeFile(certFile, []byte(certificate), mode); err != nil {
|
|
|
|
|
glog.Errorf("failed to write the certificate file, errro: %s", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := writeFile(caFile, []byte(ca), mode); err != nil {
|
|
|
|
|
glog.Errorf("failed to write the ca file, errro: %s", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-16 15:56:51 -05:00
|
|
|
if err := writeFile(caChainFile, []byte(caChain), mode); err != nil {
|
|
|
|
|
glog.Errorf("failed to write the ca_chain file, errro: %s", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-13 15:02:28 -05:00
|
|
|
if err := writeFile(keyFile, []byte(key), mode); err != nil {
|
|
|
|
|
glog.Errorf("failed to write the key file, errro: %s", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func writeKeyCertificateBundleFile(filename string, data map[string]interface{}, mode os.FileMode) error {
|
|
|
|
|
bundleFile := fmt.Sprintf("%s-bundle.pem", filename)
|
|
|
|
|
keyFile := fmt.Sprintf("%s-key.pem", filename)
|
|
|
|
|
caFile := fmt.Sprintf("%s-ca.pem", filename)
|
2017-11-16 15:56:51 -05:00
|
|
|
caChainFile := fmt.Sprintf("%s-ca-chain.pem", filename)
|
2017-11-13 15:02:28 -05:00
|
|
|
certFile := fmt.Sprintf("%s.pem", filename)
|
|
|
|
|
|
|
|
|
|
bundle := fmt.Sprintf("%s\n%s", data["private_key"], data["certificate"])
|
|
|
|
|
key := fmt.Sprintf("%s\n", data["private_key"])
|
2016-06-30 09:07:00 -04:00
|
|
|
ca := fmt.Sprintf("%s\n", data["issuing_ca"])
|
|
|
|
|
certificate := fmt.Sprintf("%s\n", data["certificate"])
|
2017-11-16 15:56:51 -05:00
|
|
|
caChain, err := getCombinedCaChain(data["ca_chain"])
|
|
|
|
|
if err != nil {
|
|
|
|
|
glog.Errorf("failed to parse ca_chain: %s", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
2016-06-30 09:07:00 -04:00
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
if err := writeFile(bundleFile, []byte(bundle), mode); err != nil {
|
2016-03-17 10:04:21 -04:00
|
|
|
glog.Errorf("failed to write the bundled certificate file, error: %s", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
if err := writeFile(certFile, []byte(certificate), mode); err != nil {
|
2016-06-30 09:07:00 -04:00
|
|
|
glog.Errorf("failed to write the certificate file, errro: %s", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
if err := writeFile(caFile, []byte(ca), mode); err != nil {
|
2016-06-30 09:07:00 -04:00
|
|
|
glog.Errorf("failed to write the ca file, errro: %s", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-16 15:56:51 -05:00
|
|
|
if err := writeFile(caChainFile, []byte(caChain), mode); err != nil {
|
|
|
|
|
glog.Errorf("failed to write the ca_chain file, errro: %s", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
if err := writeFile(keyFile, []byte(key), mode); err != nil {
|
2016-06-30 09:07:00 -04:00
|
|
|
glog.Errorf("failed to write the key file, errro: %s", err)
|
2016-03-17 10:04:21 -04:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
func writeTxtFile(filename string, data map[string]interface{}, mode os.FileMode) error {
|
2016-03-17 10:04:21 -04:00
|
|
|
keys := getKeys(data)
|
|
|
|
|
if len(keys) > 1 {
|
|
|
|
|
// step: for plain formats we need to iterate the keys and produce a file per key
|
|
|
|
|
for suffix, content := range data {
|
2017-05-24 07:41:16 -04:00
|
|
|
name := fmt.Sprintf("%s.%s", filename, suffix)
|
|
|
|
|
if err := writeFile(name, []byte(fmt.Sprintf("%v", content)), mode); err != nil {
|
2016-03-17 10:04:21 -04:00
|
|
|
glog.Errorf("failed to write resource: %s, elemment: %s, filename: %s, error: %s",
|
2017-05-24 07:41:16 -04:00
|
|
|
filename, suffix, name, err)
|
2016-03-17 10:04:21 -04:00
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// step: we only have the one key, so will write plain
|
|
|
|
|
value, _ := data[keys[0]]
|
|
|
|
|
content := []byte(fmt.Sprintf("%s", value))
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
return writeFile(filename, content, mode)
|
2016-03-17 10:04:21 -04:00
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
func writeJSONFile(filename string, data map[string]interface{}, mode os.FileMode) error {
|
2016-03-17 10:04:21 -04:00
|
|
|
content, err := json.MarshalIndent(data, "", " ")
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
return writeFile(filename, content, mode)
|
2016-03-17 10:04:21 -04:00
|
|
|
}
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
// writeFile writes the file to stdout or an actual file
|
|
|
|
|
func writeFile(filename string, content []byte, mode os.FileMode) error {
|
2016-03-17 10:04:21 -04:00
|
|
|
if options.dryRun {
|
|
|
|
|
glog.Infof("dry-run: filename: %s, content:", filename)
|
|
|
|
|
fmt.Printf("%s\n", string(content))
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
glog.V(3).Infof("saving the file: %s", filename)
|
|
|
|
|
|
2017-05-24 07:41:16 -04:00
|
|
|
return ioutil.WriteFile(filename, content, mode)
|
2016-03-17 10:04:21 -04:00
|
|
|
}
|
