diff --git a/config.sample.toml b/config.sample.toml index da211480..3be96047 100644 --- a/config.sample.toml +++ b/config.sample.toml @@ -53,3 +53,11 @@ password = "sdslabs" [harbor] username = "admin" # cannot be changed password = "Password12345" # NOTE: Password should be 8-128 characters long with at least 1 uppercase, 1 lowercase and 1 number + +[certificate] +organization = "SDSLabs" +country = "IN" +province = "Delhi" +locality = "Delhi" +street_address = "smoking jawahar" +postal_code = "110080" \ No newline at end of file diff --git a/configs/types.go b/configs/types.go index 9870e91b..f7948a49 100644 --- a/configs/types.go +++ b/configs/types.go @@ -72,3 +72,12 @@ type HarborCfg struct { Username string `toml:"username"` Password string `toml:"password"` } + +type Certificate struct { + Organization string `toml:"organization"` + Country string `toml:"country"` + Province string `toml:"province"` + Locality string `toml:"locality"` + StreetAddress string `toml:"street_address"` + PostalCode string `toml:"postal_code"` +} \ No newline at end of file diff --git a/lib/utils/crypto.go b/lib/utils/crypto.go index e37e112a..0b033266 100644 --- a/lib/utils/crypto.go +++ b/lib/utils/crypto.go @@ -7,6 +7,7 @@ import ( "encoding/hex" "fmt" + "github.com/BurntSushi/toml" "github.com/xdg-go/pbkdf2" "golang.org/x/crypto/bcrypt" @@ -20,6 +21,9 @@ import ( "strings" "time" + + configs "github.com/sdslabs/katana/configs" + types "github.com/sdslabs/katana/types" ) // MD5 encodes string to hexadecimal of MD5 checksum. @@ -34,18 +38,14 @@ func Base64Encode(str string) string { return base64.StdEncoding.EncodeToString([]byte(str)) } -// V3Ext represents a v3.ext file -type V3Ext struct { - AuthorityKeyIdentifier string - BasicConstraintsValid bool - IsCA bool - KeyUsage string - ExtKeyUsage string - DNSNames []string -} - func GenerateCerts(domain string, basePath string) error { basePath += "/" + cert_config := &configs.Certificate{} + _, err := toml.DecodeFile("config.toml", &cert_config) + if err != nil { + return err + } + // Generate a new private key for the CA caPrivateKey, err := rsa.GenerateKey(rand.Reader, 4096) if err != nil { @@ -56,12 +56,12 @@ func GenerateCerts(domain string, basePath string) error { caTemplate := &x509.Certificate{ SerialNumber: big.NewInt(1), Subject: pkix.Name{ - Organization: []string{"SDSLabs"}, - Country: []string{"IN"}, - Province: []string{"Delhi"}, - Locality: []string{"Delhi"}, - StreetAddress: []string{"smoking jawahar"}, - PostalCode: []string{"110080"}, + Organization: []string{cert_config.Organization}, + Country: []string{cert_config.Country}, + Province: []string{cert_config.Province}, + Locality: []string{cert_config.Locality}, + StreetAddress: []string{cert_config.StreetAddress}, + PostalCode: []string{cert_config.PostalCode}, }, NotBefore: time.Now(), NotAfter: time.Now().Add(365 * 24 * time.Hour), // 1 year validity @@ -161,10 +161,10 @@ func GenerateCerts(domain string, basePath string) error { } // Define your v3.ext - v3ext := V3Ext{ + v3ext := types.V3Ext{ AuthorityKeyIdentifier: "keyid,issuer", - BasicConstraintsValid: true, - IsCA: false, + BasicConstraintsValid: true, + IsCA: false, KeyUsage: "digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment", ExtKeyUsage: "serverAuth", DNSNames: []string{"harbor.katana.local"}, @@ -182,9 +182,9 @@ func GenerateCerts(domain string, basePath string) error { ExtKeyUsage: []x509.ExtKeyUsage{ extKeyUsage(v3ext.ExtKeyUsage), }, - DNSNames: v3ext.DNSNames, + DNSNames: v3ext.DNSNames, BasicConstraintsValid: v3ext.BasicConstraintsValid, - IsCA: v3ext.IsCA, + IsCA: v3ext.IsCA, } // Create the server certificate diff --git a/services/infrasetservice/helper.go b/services/infrasetservice/helper.go index 8daed5da..ea76a700 100644 --- a/services/infrasetservice/helper.go +++ b/services/infrasetservice/helper.go @@ -2,6 +2,7 @@ package infrasetservice import ( "context" + "errors" "fmt" "log" "os" @@ -21,19 +22,26 @@ func generateCertsforHarbor() { log.Println("CHECK 1") // Delete the directory if it already exists - if _, err := os.Stat(path); err==nil { + _,err:=os.Stat(path) + if err==nil{ + //If it exists, delete it errDir := os.RemoveAll(path) if errDir != nil { - log.Fatal(err) + log.Fatalf("Failed to remove directory: %v", errDir) } + }else if !errors.Is(err, os.ErrNotExist){ + // If there is an error other than "does not exist", log it and exit + log.Fatalf("Failed to access directory: %v", err) } log.Println("CHECK 2") - if _, err := os.Stat(path); os.IsNotExist(err) { + if _, err := os.Stat(path); errors.Is(err, os.ErrNotExist) { + //creating directory errDir := os.Mkdir(path, 0755) if errDir != nil { - log.Fatal(err) + log.Fatalf("Failed to create directory: %v",errDir) } } + log.Println("CHECK 3") // Generate the certificates if err := utils.GenerateCerts("harbor.katana.local", path); err != nil { diff --git a/types/deployment.go b/types/deployment.go index 3ec33920..ad3938e7 100644 --- a/types/deployment.go +++ b/types/deployment.go @@ -47,3 +47,13 @@ type GogsRequest struct { Before string `json:"before"` Repository Repo `json:"repository"` } + +// V3Ext represents a v3.ext file +type V3Ext struct { + AuthorityKeyIdentifier string + BasicConstraintsValid bool + IsCA bool + KeyUsage string + ExtKeyUsage string + DNSNames []string +} \ No newline at end of file