github.com/jcarley/cli@v0.0.0-20180201210820-966d90434c30/commands/certs/create.go (about) 1 package certs 2 3 import ( 4 "encoding/json" 5 "fmt" 6 "io/ioutil" 7 "os" 8 "strings" 9 10 "github.com/Sirupsen/logrus" 11 "github.com/daticahealth/cli/commands/services" 12 "github.com/daticahealth/cli/commands/ssl" 13 "github.com/daticahealth/cli/config" 14 "github.com/daticahealth/cli/models" 15 ) 16 17 func CmdCreate(name, pubKeyPath, privKeyPath, downStream string, selfSigned, resolve, letsEncrypt bool, ic ICerts, is services.IServices, issl ssl.ISSL) error { 18 if strings.ContainsAny(name, config.InvalidChars) { 19 return fmt.Errorf("Invalid cert name. Names must not contain the following characters: %s", config.InvalidChars) 20 } 21 service, err := is.RetrieveByLabel(downStream) 22 if err != nil { 23 return err 24 } 25 if letsEncrypt { 26 err = ic.CreateLetsEncrypt(name, service.ID) 27 if err != nil { 28 return err 29 } 30 } else { 31 if _, err := os.Stat(pubKeyPath); os.IsNotExist(err) { 32 return fmt.Errorf("A cert does not exist at path '%s'", pubKeyPath) 33 } 34 if _, err := os.Stat(privKeyPath); os.IsNotExist(err) { 35 return fmt.Errorf("A private key does not exist at path '%s'", privKeyPath) 36 } 37 err := issl.Verify(pubKeyPath, privKeyPath, name, selfSigned) 38 var pubKeyBytes []byte 39 var privKeyBytes []byte 40 if err != nil && !ssl.IsHostnameMismatchErr(err) { 41 if ssl.IsIncompleteChainErr(err) && resolve { 42 pubKeyBytes, err = issl.Resolve(pubKeyPath) 43 if err != nil { 44 return fmt.Errorf("Could not resolve the incomplete certificate chain. If this is a self signed certificate, please re-run this command with the '-s' option: %s", err.Error()) 45 } 46 } else { 47 return err 48 } 49 } 50 if pubKeyBytes == nil { 51 pubKeyBytes, err = ioutil.ReadFile(pubKeyPath) 52 if err != nil { 53 return err 54 } 55 } 56 if privKeyBytes == nil { 57 privKeyBytes, err = ioutil.ReadFile(privKeyPath) 58 if err != nil { 59 return err 60 } 61 } 62 err = ic.Create(name, string(pubKeyBytes), string(privKeyBytes), service.ID) 63 if err != nil { 64 return err 65 } 66 } 67 logrus.Printf("Created '%s'", name) 68 logrus.Println("To make use of your cert, you need to add a site with the \"datica sites create\" command") 69 return nil 70 } 71 72 func (c *SCerts) Create(name, pubKey, privKey, svcID string) error { 73 cert := models.Cert{ 74 Name: name, 75 PubKey: pubKey, 76 PrivKey: privKey, 77 } 78 b, err := json.Marshal(cert) 79 if err != nil { 80 return err 81 } 82 headers := c.Settings.HTTPManager.GetHeaders(c.Settings.SessionToken, c.Settings.Version, c.Settings.Pod, c.Settings.UsersID) 83 resp, statusCode, err := c.Settings.HTTPManager.Post(b, fmt.Sprintf("%s%s/environments/%s/services/%s/certs", c.Settings.PaasHost, c.Settings.PaasHostVersion, c.Settings.EnvironmentID, svcID), headers) 84 if err != nil { 85 return err 86 } 87 return c.Settings.HTTPManager.ConvertResp(resp, statusCode, nil) 88 } 89 90 func (c *SCerts) CreateLetsEncrypt(name, svcID string) error { 91 var cert = struct { 92 Name string `json:"name"` 93 LetsEncrypt bool `json:"letsEncrypt"` 94 }{ 95 Name: name, 96 LetsEncrypt: true, 97 } 98 b, err := json.Marshal(cert) 99 if err != nil { 100 return err 101 } 102 headers := c.Settings.HTTPManager.GetHeaders(c.Settings.SessionToken, c.Settings.Version, c.Settings.Pod, c.Settings.UsersID) 103 resp, statusCode, err := c.Settings.HTTPManager.Post(b, fmt.Sprintf("%s%s/environments/%s/services/%s/certs", c.Settings.PaasHost, c.Settings.PaasHostVersion, c.Settings.EnvironmentID, svcID), headers) 104 if err != nil { 105 return err 106 } 107 return c.Settings.HTTPManager.ConvertResp(resp, statusCode, nil) 108 }