github.com/openshift/installer@v1.4.17/pkg/asset/tls/cabundle.go (about) 1 package tls 2 3 import ( 4 "bytes" 5 "context" 6 "encoding/pem" 7 8 "github.com/pkg/errors" 9 "github.com/sirupsen/logrus" 10 11 "github.com/openshift/installer/pkg/asset" 12 ) 13 14 // CertBundle contains a multiple certificates in a bundle. 15 type CertBundle struct { 16 BundleRaw []byte 17 FileList []*asset.File 18 } 19 20 // Cert returns the certificate bundle. 21 func (b *CertBundle) Cert() []byte { 22 return b.BundleRaw 23 } 24 25 // Generate generates the cert bundle from certs. 26 func (b *CertBundle) Generate(_ context.Context, filename string, certs ...CertInterface) error { 27 if len(certs) < 1 { 28 return errors.New("atleast one certificate required for a bundle") 29 } 30 31 buf := bytes.Buffer{} 32 for _, c := range certs { 33 cert, err := PemToCertificate(c.Cert()) 34 if err != nil { 35 logrus.Debugf("Failed to decode bundle certificate: %s", err) 36 return errors.Wrap(err, "decoding certificate from PEM") 37 } 38 if err := pem.Encode(&buf, &pem.Block{Type: "CERTIFICATE", Bytes: cert.Raw}); err != nil { 39 logrus.Debugf("Failed to encode bundle certificates: %s", err) 40 return errors.Wrap(err, "encoding certificate to PEM") 41 } 42 } 43 b.BundleRaw = buf.Bytes() 44 b.FileList = []*asset.File{ 45 { 46 Filename: assetFilePath(filename + ".crt"), 47 Data: b.BundleRaw, 48 }, 49 } 50 return nil 51 } 52 53 // Files returns the files generated by the asset. 54 func (b *CertBundle) Files() []*asset.File { 55 return b.FileList 56 } 57 58 // Load is a no-op because TLS assets are not written to disk. 59 func (b *CertBundle) Load(asset.FileFetcher) (bool, error) { 60 return false, nil 61 }