Browse code
add validation calls when we delegate cert commands
deads2k authored on 2015/03/20 21:22:12Showing 8 changed files
- pkg/cmd/server/admin/create_allcerts.go
- pkg/cmd/server/admin/create_client.go
- pkg/cmd/server/admin/create_clientcert.go
- pkg/cmd/server/admin/create_nodeclientcerts.go
- pkg/cmd/server/admin/create_servercert.go
- pkg/cmd/server/start/start_allinone.go
- pkg/cmd/server/start/start_master.go
- pkg/cmd/server/start/start_node.go
| ... | ... |
@@ -88,6 +88,9 @@ func (o CreateAllCertsOptions) CreateAllCerts() error {
|
| 88 | 88 |
Name: o.SignerName, |
| 89 | 89 |
Overwrite: o.Overwrite, |
| 90 | 90 |
} |
| 91 |
+ if err := signerCertOptions.Validate(nil); err != nil {
|
|
| 92 |
+ return err |
|
| 93 |
+ } |
|
| 91 | 94 |
if _, err := signerCertOptions.CreateSignerCert(); err != nil {
|
| 92 | 95 |
return err |
| 93 | 96 |
} |
| ... | ... |
@@ -109,6 +112,9 @@ func (o CreateAllCertsOptions) CreateAllCerts() error {
|
| 109 | 109 |
Groups: util.StringList(clientCertInfo.Groups.List()), |
| 110 | 110 |
Overwrite: o.Overwrite, |
| 111 | 111 |
} |
| 112 |
+ if err := clientCertOptions.Validate(nil); err != nil {
|
|
| 113 |
+ return err |
|
| 114 |
+ } |
|
| 112 | 115 |
if _, err := clientCertOptions.CreateClientCert(); err != nil {
|
| 113 | 116 |
return err |
| 114 | 117 |
} |
| ... | ... |
@@ -125,6 +131,9 @@ func (o CreateAllCertsOptions) CreateAllCerts() error {
|
| 125 | 125 |
|
| 126 | 126 |
KubeConfigFile: path.Join(filepath.Dir(clientCertOptions.CertFile), ".kubeconfig"), |
| 127 | 127 |
} |
| 128 |
+ if err := createKubeConfigOptions.Validate(nil); err != nil {
|
|
| 129 |
+ return err |
|
| 130 |
+ } |
|
| 128 | 131 |
if _, err := createKubeConfigOptions.CreateKubeConfig(); err != nil {
|
| 129 | 132 |
return err |
| 130 | 133 |
} |
| ... | ... |
@@ -142,6 +151,9 @@ func (o CreateAllCertsOptions) CreateAllCerts() error {
|
| 142 | 142 |
Overwrite: o.Overwrite, |
| 143 | 143 |
} |
| 144 | 144 |
|
| 145 |
+ if err := nodeServerCertOptions.Validate(nil); err != nil {
|
|
| 146 |
+ return err |
|
| 147 |
+ } |
|
| 145 | 148 |
if _, err := nodeServerCertOptions.CreateServerCert(); err != nil {
|
| 146 | 149 |
return err |
| 147 | 150 |
} |
| ... | ... |
@@ -157,6 +169,9 @@ func (o CreateAllCertsOptions) CreateAllCerts() error {
|
| 157 | 157 |
NodeName: nodeName, |
| 158 | 158 |
Overwrite: o.Overwrite, |
| 159 | 159 |
} |
| 160 |
+ if err := nodeCertOptions.Validate(nil); err != nil {
|
|
| 161 |
+ return err |
|
| 162 |
+ } |
|
| 160 | 163 |
if _, err := nodeCertOptions.CreateNodeClientCert(); err != nil {
|
| 161 | 164 |
return err |
| 162 | 165 |
} |
| ... | ... |
@@ -173,6 +188,9 @@ func (o CreateAllCertsOptions) CreateAllCerts() error {
|
| 173 | 173 |
|
| 174 | 174 |
KubeConfigFile: DefaultNodeKubeConfigFile(o.CertDir, nodeName), |
| 175 | 175 |
} |
| 176 |
+ if err := createKubeConfigOptions.Validate(nil); err != nil {
|
|
| 177 |
+ return err |
|
| 178 |
+ } |
|
| 176 | 179 |
if _, err := createKubeConfigOptions.CreateKubeConfig(); err != nil {
|
| 177 | 180 |
return err |
| 178 | 181 |
} |
| ... | ... |
@@ -189,6 +207,9 @@ func (o CreateAllCertsOptions) CreateAllCerts() error {
|
| 189 | 189 |
Overwrite: o.Overwrite, |
| 190 | 190 |
} |
| 191 | 191 |
|
| 192 |
+ if err := serverCertOptions.Validate(nil); err != nil {
|
|
| 193 |
+ return err |
|
| 194 |
+ } |
|
| 192 | 195 |
if _, err := serverCertOptions.CreateServerCert(); err != nil {
|
| 193 | 196 |
return err |
| 194 | 197 |
} |
| ... | ... |
@@ -77,6 +77,13 @@ func (o CreateClientOptions) Validate(args []string) error {
|
| 77 | 77 |
return errors.New("certificate-authority must be provided")
|
| 78 | 78 |
} |
| 79 | 79 |
|
| 80 |
+ if o.GetSignerCertOptions == nil {
|
|
| 81 |
+ return errors.New("signer options are required")
|
|
| 82 |
+ } |
|
| 83 |
+ if err := o.GetSignerCertOptions.Validate(); err != nil {
|
|
| 84 |
+ return err |
|
| 85 |
+ } |
|
| 86 |
+ |
|
| 80 | 87 |
return nil |
| 81 | 88 |
} |
| 82 | 89 |
|
| ... | ... |
@@ -73,7 +73,14 @@ func (o CreateClientCertOptions) Validate(args []string) error {
|
| 73 | 73 |
return errors.New("user must be provided")
|
| 74 | 74 |
} |
| 75 | 75 |
|
| 76 |
- return o.GetSignerCertOptions.Validate() |
|
| 76 |
+ if o.GetSignerCertOptions == nil {
|
|
| 77 |
+ return errors.New("signer options are required")
|
|
| 78 |
+ } |
|
| 79 |
+ if err := o.GetSignerCertOptions.Validate(); err != nil {
|
|
| 80 |
+ return err |
|
| 81 |
+ } |
|
| 82 |
+ |
|
| 83 |
+ return nil |
|
| 77 | 84 |
} |
| 78 | 85 |
|
| 79 | 86 |
func (o CreateClientCertOptions) CreateClientCert() (*crypto.TLSCertificateConfig, error) {
|
| ... | ... |
@@ -69,7 +69,14 @@ func (o CreateNodeClientCertOptions) Validate(args []string) error {
|
| 69 | 69 |
return errors.New("node-name must be provided")
|
| 70 | 70 |
} |
| 71 | 71 |
|
| 72 |
- return o.GetSignerCertOptions.Validate() |
|
| 72 |
+ if o.GetSignerCertOptions == nil {
|
|
| 73 |
+ return errors.New("signer options are required")
|
|
| 74 |
+ } |
|
| 75 |
+ if err := o.GetSignerCertOptions.Validate(); err != nil {
|
|
| 76 |
+ return err |
|
| 77 |
+ } |
|
| 78 |
+ |
|
| 79 |
+ return nil |
|
| 73 | 80 |
} |
| 74 | 81 |
|
| 75 | 82 |
func (o CreateNodeClientCertOptions) CreateNodeClientCert() (*crypto.TLSCertificateConfig, error) {
|
| ... | ... |
@@ -86,5 +93,9 @@ func (o CreateNodeClientCertOptions) CreateNodeClientCert() (*crypto.TLSCertific |
| 86 | 86 |
Overwrite: o.Overwrite, |
| 87 | 87 |
} |
| 88 | 88 |
|
| 89 |
+ if err := nodeCertOptions.Validate(nil); err != nil {
|
|
| 90 |
+ return nil, err |
|
| 91 |
+ } |
|
| 92 |
+ |
|
| 89 | 93 |
return nodeCertOptions.CreateClientCert() |
| 90 | 94 |
} |
| ... | ... |
@@ -67,7 +67,14 @@ func (o CreateServerCertOptions) Validate(args []string) error {
|
| 67 | 67 |
return errors.New("key must be provided")
|
| 68 | 68 |
} |
| 69 | 69 |
|
| 70 |
- return o.GetSignerCertOptions.Validate() |
|
| 70 |
+ if o.GetSignerCertOptions == nil {
|
|
| 71 |
+ return errors.New("signer options are required")
|
|
| 72 |
+ } |
|
| 73 |
+ if err := o.GetSignerCertOptions.Validate(); err != nil {
|
|
| 74 |
+ return err |
|
| 75 |
+ } |
|
| 76 |
+ |
|
| 77 |
+ return nil |
|
| 71 | 78 |
} |
| 72 | 79 |
|
| 73 | 80 |
func (o CreateServerCertOptions) CreateServerCert() (*crypto.TLSCertificateConfig, error) {
|
| ... | ... |
@@ -184,6 +184,9 @@ func (o AllInOneOptions) StartAllInOne() error {
|
| 184 | 184 |
Name: admin.DefaultSignerName(), |
| 185 | 185 |
} |
| 186 | 186 |
|
| 187 |
+ if err := signerOptions.Validate(nil); err != nil {
|
|
| 188 |
+ return err |
|
| 189 |
+ } |
|
| 187 | 190 |
if _, err := signerOptions.CreateSignerCert(); err != nil {
|
| 188 | 191 |
return err |
| 189 | 192 |
} |
| ... | ... |
@@ -261,6 +261,9 @@ func (o MasterOptions) CreateCerts() error {
|
| 261 | 261 |
APIServerURL: masterAddr.String(), |
| 262 | 262 |
PublicAPIServerURL: publicMasterAddr.String(), |
| 263 | 263 |
} |
| 264 |
+ if err := mintAllCertsOptions.Validate(nil); err != nil {
|
|
| 265 |
+ return err |
|
| 266 |
+ } |
|
| 264 | 267 |
if err := mintAllCertsOptions.CreateAllCerts(); err != nil {
|
| 265 | 268 |
return err |
| 266 | 269 |
} |
| ... | ... |
@@ -280,6 +283,9 @@ func (o MasterOptions) CreateCerts() error {
|
| 280 | 280 |
KubeConfigFile: admin.DefaultKubeConfigFilename(o.MasterArgs.CertArgs.CertDir, clientCertInfo.SubDir), |
| 281 | 281 |
} |
| 282 | 282 |
|
| 283 |
+ if err := createKubeConfigOptions.Validate(nil); err != nil {
|
|
| 284 |
+ return err |
|
| 285 |
+ } |
|
| 283 | 286 |
if _, err := createKubeConfigOptions.CreateKubeConfig(); err != nil {
|
| 284 | 287 |
return err |
| 285 | 288 |
} |
| ... | ... |
@@ -208,6 +208,9 @@ func (o NodeOptions) CreateCerts() error {
|
| 208 | 208 |
SerialFile: admin.DefaultSerialFilename(o.NodeArgs.CertArgs.CertDir, "ca"), |
| 209 | 209 |
Name: admin.DefaultSignerName(), |
| 210 | 210 |
} |
| 211 |
+ if err := signerOptions.Validate(nil); err != nil {
|
|
| 212 |
+ return err |
|
| 213 |
+ } |
|
| 211 | 214 |
if _, err := signerOptions.CreateSignerCert(); err != nil {
|
| 212 | 215 |
return err |
| 213 | 216 |
} |
| ... | ... |
@@ -227,6 +230,9 @@ func (o NodeOptions) CreateCerts() error {
|
| 227 | 227 |
Hostnames: []string{o.NodeArgs.NodeName},
|
| 228 | 228 |
} |
| 229 | 229 |
|
| 230 |
+ if err := nodeServerCertOptions.Validate(nil); err != nil {
|
|
| 231 |
+ return err |
|
| 232 |
+ } |
|
| 230 | 233 |
if _, err := nodeServerCertOptions.CreateServerCert(); err != nil {
|
| 231 | 234 |
return err |
| 232 | 235 |
} |
| ... | ... |
@@ -238,6 +244,9 @@ func (o NodeOptions) CreateCerts() error {
|
| 238 | 238 |
KeyFile: clientCertInfo.KeyFile, |
| 239 | 239 |
NodeName: o.NodeArgs.NodeName, |
| 240 | 240 |
} |
| 241 |
+ if err := mintNodeClientCert.Validate(nil); err != nil {
|
|
| 242 |
+ return err |
|
| 243 |
+ } |
|
| 241 | 244 |
if _, err := mintNodeClientCert.CreateNodeClientCert(); err != nil {
|
| 242 | 245 |
return err |
| 243 | 246 |
} |
| ... | ... |
@@ -258,6 +267,9 @@ func (o NodeOptions) CreateCerts() error {
|
| 258 | 258 |
|
| 259 | 259 |
KubeConfigFile: admin.DefaultNodeKubeConfigFile(o.NodeArgs.CertArgs.CertDir, o.NodeArgs.NodeName), |
| 260 | 260 |
} |
| 261 |
+ if err := createKubeConfigOptions.Validate(nil); err != nil {
|
|
| 262 |
+ return err |
|
| 263 |
+ } |
|
| 261 | 264 |
if _, err := createKubeConfigOptions.CreateKubeConfig(); err != nil {
|
| 262 | 265 |
return err |
| 263 | 266 |
} |