creates config and type for certs, resolved possible error in generat…

…eCertsforHarbor
sdslabs · May 24, 2024 · de09341 · de09341
1 parent b6e90e4
commit de09341
Show file tree

Hide file tree

Showing 5 changed files with 60 additions and 25 deletions.
diff --git a/config.sample.toml b/config.sample.toml
@@ -53,3 +53,11 @@ password = "sdslabs"
 [harbor]
 username = "admin" # cannot be changed
 password = "Password12345" # NOTE: Password should be 8-128 characters long with at least 1 uppercase, 1 lowercase and 1 number
+
+[certificate]
+organization = "SDSLabs"
+country = "IN"
+province = "Delhi"
+locality = "Delhi"
+street_address = "smoking jawahar"
+postal_code = "110080"
diff --git a/configs/types.go b/configs/types.go
@@ -72,3 +72,12 @@ type HarborCfg struct {
 	Username string `toml:"username"`
 	Password string `toml:"password"`
 }
+
+type Certificate struct {
+	Organization  string `toml:"organization"`
+	Country       string `toml:"country"`
+	Province      string `toml:"province"`
+	Locality      string `toml:"locality"`
+	StreetAddress string `toml:"street_address"`
+	PostalCode    string `toml:"postal_code"`
+}
diff --git a/lib/utils/crypto.go b/lib/utils/crypto.go
@@ -7,6 +7,7 @@ import (
 	"encoding/hex"
 	"fmt"
 
+	"github.com/BurntSushi/toml"
 	"github.com/xdg-go/pbkdf2"
 	"golang.org/x/crypto/bcrypt"
 
@@ -20,6 +21,9 @@ import (
 
 	"strings"
 	"time"
+
+	configs "github.com/sdslabs/katana/configs"
+	types "github.com/sdslabs/katana/types"
 )
 
 // MD5 encodes string to hexadecimal of MD5 checksum.
@@ -34,18 +38,14 @@ func Base64Encode(str string) string {
 	return base64.StdEncoding.EncodeToString([]byte(str))
 }
 
-// V3Ext represents a v3.ext file
-type V3Ext struct {
-	AuthorityKeyIdentifier string
-	BasicConstraintsValid bool
-	IsCA       bool
-	KeyUsage               string
-	ExtKeyUsage            string
-	DNSNames               []string
-}
-
 func GenerateCerts(domain string, basePath string) error {
 	basePath += "/"
+	cert_config := &configs.Certificate{}
+	_, err := toml.DecodeFile("config.toml", &cert_config)
+	if err != nil {
+		return err
+	}
+
 	// Generate a new private key for the CA
 	caPrivateKey, err := rsa.GenerateKey(rand.Reader, 4096)
 	if err != nil {
@@ -56,12 +56,12 @@ func GenerateCerts(domain string, basePath string) error {
 	caTemplate := &x509.Certificate{
 		SerialNumber: big.NewInt(1),
 		Subject: pkix.Name{
-			Organization:  []string{"SDSLabs"},
-			Country:       []string{"IN"},
-			Province:      []string{"Delhi"},
-			Locality:      []string{"Delhi"},
-			StreetAddress: []string{"smoking jawahar"},
-			PostalCode:    []string{"110080"},
+			Organization:  []string{cert_config.Organization},
+			Country:       []string{cert_config.Country},
+			Province:      []string{cert_config.Province},
+			Locality:      []string{cert_config.Locality},
+			StreetAddress: []string{cert_config.StreetAddress},
+			PostalCode:    []string{cert_config.PostalCode},
 		},
 		NotBefore:             time.Now(),
 		NotAfter:              time.Now().Add(365 * 24 * time.Hour), // 1 year validity
@@ -161,10 +161,10 @@ func GenerateCerts(domain string, basePath string) error {
 	}
 
 	// Define your v3.ext
-	v3ext := V3Ext{
+	v3ext := types.V3Ext{
 		AuthorityKeyIdentifier: "keyid,issuer",
-		BasicConstraintsValid: true,
-		IsCA:       false,
+		BasicConstraintsValid:  true,
+		IsCA:                   false,
 		KeyUsage:               "digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment",
 		ExtKeyUsage:            "serverAuth",
 		DNSNames:               []string{"harbor.katana.local"},
@@ -182,9 +182,9 @@ func GenerateCerts(domain string, basePath string) error {
 		ExtKeyUsage: []x509.ExtKeyUsage{
 			extKeyUsage(v3ext.ExtKeyUsage),
 		},
-		DNSNames: v3ext.DNSNames,
+		DNSNames:              v3ext.DNSNames,
 		BasicConstraintsValid: v3ext.BasicConstraintsValid,
-		IsCA: v3ext.IsCA,
+		IsCA:                  v3ext.IsCA,
 	}
 
 	// Create the server certificate

diff --git a/services/infrasetservice/helper.go b/services/infrasetservice/helper.go
@@ -2,6 +2,7 @@ package infrasetservice
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"log"
 	"os"
@@ -21,19 +22,26 @@ func generateCertsforHarbor() {
 
 	log.Println("CHECK 1")
 	// Delete the directory if it already exists
-	if _, err := os.Stat(path); err==nil {
+	_,err:=os.Stat(path)
+	if err==nil{
+		//If it exists, delete it
 		errDir := os.RemoveAll(path)
 		if errDir != nil {
-			log.Fatal(err)
+			log.Fatalf("Failed to remove directory: %v", errDir)
 		}
+	}else if !errors.Is(err, os.ErrNotExist){
+		// If there is an error other than "does not exist", log it and exit
+		log.Fatalf("Failed to access directory: %v", err)
 	}
 	log.Println("CHECK 2")
-	if _, err := os.Stat(path); os.IsNotExist(err) {
+	if _, err := os.Stat(path); errors.Is(err, os.ErrNotExist) {
+		//creating directory
 		errDir := os.Mkdir(path, 0755)
 		if errDir != nil {
-			log.Fatal(err)
+			log.Fatalf("Failed to create directory: %v",errDir)
 		}
 	}
+
 	log.Println("CHECK 3")
 	// Generate the certificates
 	if err := utils.GenerateCerts("harbor.katana.local", path); err != nil {

diff --git a/types/deployment.go b/types/deployment.go
@@ -47,3 +47,13 @@ type GogsRequest struct {
 	Before     string `json:"before"`
 	Repository Repo   `json:"repository"`
 }
+
+// V3Ext represents a v3.ext file
+type V3Ext struct {
+	AuthorityKeyIdentifier string
+	BasicConstraintsValid  bool
+	IsCA                   bool
+	KeyUsage               string
+	ExtKeyUsage            string
+	DNSNames               []string
+}