Skip to content

Commit

Permalink
Store cheCA.crt into tmp director (#931)
Browse files Browse the repository at this point in the history
Signed-off-by: Anatolii Bazko <[email protected]>
  • Loading branch information
tolusha authored Oct 21, 2020
1 parent 7c352e2 commit b21f570
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 32 deletions.
29 changes: 18 additions & 11 deletions src/api/che.ts
Original file line number Diff line number Diff line change
Expand Up @@ -180,22 +180,29 @@ export class CheHelper {
throw new Error(`Secret "${CHE_ROOT_CA_SECRET_NAME}" has invalid format: "ca.crt" key not found in data.`)
}

async saveCheCaCert(cheCaCert: string, destinaton?: string): Promise<string> {
if (destinaton && fs.existsSync(destinaton)) {
if (fs.lstatSync(destinaton).isDirectory()) {
destinaton = path.join(destinaton, DEFAULT_CA_CERT_FILE_NAME)
}
} else {
// Fallback to default location
destinaton = path.join(os.homedir(), DEFAULT_CA_CERT_FILE_NAME)
async saveCheCaCert(cheCaCert: string, destination?: string): Promise<string> {
const cheCaCertFile = this.getTargetFile(destination)
fs.writeFileSync(cheCaCertFile, cheCaCert)
return cheCaCertFile
}

/**
* Handles certificate target location and returns string which points to the target file.
*/
private getTargetFile(destination: string | undefined): string {
if (!destination) {
return path.join(os.tmpdir(), DEFAULT_CA_CERT_FILE_NAME)
}

if (fs.existsSync(destination)) {
return fs.lstatSync(destination).isDirectory() ? path.join(destination, DEFAULT_CA_CERT_FILE_NAME) : destination
}

fs.writeFileSync(destinaton, cheCaCert)
return destinaton
throw new Error(`Given path \'${destination}\' doesn't exist.`)
}

/**
* Retreives Keycloak admin user credentials.
* Retrieves Keycloak admin user credentials.
* Works only with installers which use Che CR (operator, olm).
* Returns credentials as an array of two values: [login, password]
* In case of an error an array with undefined values will be returned.
Expand Down
23 changes: 2 additions & 21 deletions src/commands/cacert/export.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,6 @@

import { Command, flags } from '@oclif/command'
import { string } from '@oclif/parser/lib/flags'
import * as fs from 'fs'
import * as os from 'os'
import * as path from 'path'

import { CheHelper } from '../../api/che'
import { KubeHelper } from '../../api/kube'
Expand All @@ -30,7 +27,7 @@ export default class Export extends Command {
description: `Destination where to store Che self-signed CA certificate.
If the destination is a file (might not exist), then the certificate will be saved there in PEM format.
If the destination is a directory, then ${DEFAULT_CA_CERT_FILE_NAME} file will be created there with Che certificate in PEM format.
If this option is ommited, then Che certificate will be stored in user's home directory as ${DEFAULT_CA_CERT_FILE_NAME}`,
If this option is omitted, then Che certificate will be stored in a user's temporary directory as ${DEFAULT_CA_CERT_FILE_NAME}.`,
env: 'CHE_CA_CERT_LOCATION',
default: ''
}),
Expand All @@ -52,7 +49,7 @@ export default class Export extends Command {
try {
const cheCaCert = await cheHelper.retrieveCheCaCert(flags.chenamespace)
if (cheCaCert) {
const targetFile = await cheHelper.saveCheCaCert(cheCaCert, this.getTargetFile(flags.destination))
const targetFile = await cheHelper.saveCheCaCert(cheCaCert, flags.destination)
this.log(`Eclipse Che self-signed CA certificate is exported to ${targetFile}`)
} else {
this.log('Self signed certificate secret not found. Is commonly trusted certificate used?')
Expand All @@ -61,20 +58,4 @@ export default class Export extends Command {
this.error(error)
}
}

/**
* Handles certificate target location and returns string which points to the target file.
*/
private getTargetFile(destinaton: string): string {
if (!destinaton) {
return path.join(os.homedir(), DEFAULT_CA_CERT_FILE_NAME)
}

if (fs.existsSync(destinaton)) {
return fs.lstatSync(destinaton).isDirectory() ? path.join(destinaton, DEFAULT_CA_CERT_FILE_NAME) : destinaton
}

this.error(`Given path "${destinaton}" doesn't exist.`)
}

}

0 comments on commit b21f570

Please sign in to comment.