Enable step path contexts in identity and pki paths

3 years ago · 7eeebca529
parent 10db335f13
commit 7eeebca529
2 changed files with 29 additions and 4 deletions
--- a/ca/identity/identity.go
+++ b/ca/identity/identity.go
@ -40,10 +40,10 @@ const TunnelTLS Type = "tTLS"
 const DefaultLeeway = 1 * time.Minute

 // IdentityFile contains the location of the identity file.
-var IdentityFile = filepath.Join(step.Path(), "config", "identity.json")
+var IdentityFile = filepath.Join(step.ProfilePath(), "config", "identity.json")

 // DefaultsFile contains the location of the defaults file.
-var DefaultsFile = filepath.Join(step.Path(), "config", "defaults.json")
+var DefaultsFile = filepath.Join(step.ProfilePath(), "config", "defaults.json")

 // Identity represents the identity file that can be used to authenticate with
 // the CA.
@ -80,8 +80,8 @@ func LoadDefaultIdentity() (*Identity, error) {
 // configDir and identityDir are used in WriteDefaultIdentity for testing
 // purposes.
 var (
-	configDir   = filepath.Join(step.Path(), "config")
-	identityDir = filepath.Join(step.Path(), "identity")
+	configDir   = filepath.Join(step.ProfilePath(), "config")
+	identityDir = filepath.Join(step.ProfilePath(), "identity")
 )

 // WriteDefaultIdentity writes the given certificates and key and the
--- a/pki/pki.go
+++ b/pki/pki.go
@ -10,6 +10,7 @@ import (
 	"encoding/json"
 	"encoding/pem"
 	"fmt"
+	"io/ioutil"
 	"net"
 	"os"
 	"path/filepath"
@ -98,6 +99,12 @@ func GetConfigPath() string {
 	return filepath.Join(step.Path(), configPath)
 }

+// GetProfileConfigPath returns the directory where the profile configuration
+// files are stored based on the STEPPATH environment variable.
+func GetProfileConfigPath() string {
+	return filepath.Join(step.ProfilePath(), configPath)
+}
+
 // GetPublicPath returns the directory where the public keys are stored based on
 // the STEPPATH environment variable.
 func GetPublicPath() string {
@ -367,6 +374,21 @@ func New(o apiv1.Options, opts ...Option) (*PKI, error) {
 		}
 	}

+	// Create profile directory and stub for default profile configuration.
+	if currentCtx := step.GetCurrentContext(); currentCtx != nil {
+		profile := GetProfileConfigPath()
+		if err := os.MkdirAll(profile, 0700); err != nil {
+			return nil, errs.FileError(err, profile)
+		}
+		if p.profileDefaults, err = getPath(profile, "defaults.json"); err != nil {
+			return nil, err
+		}
+		if err := ioutil.WriteFile(p.profileDefaults,
+			[]byte("{}"), 0600); err != nil {
+			return nil, err
+		}
+	}
+
 	if p.Defaults.CaUrl == "" {
 		p.Defaults.CaUrl = p.DnsNames[0]
 		_, port, err := net.SplitHostPort(p.Address)
@ -958,6 +980,9 @@ func (p *PKI) Save(opt ...ConfigOption) error {
 		}

 		ui.PrintSelected("Default configuration", p.defaults)
+		if p.profileDefaults != "" {
+			ui.PrintSelected("Profile default configuration", p.profileDefaults)
+		}
 		ui.PrintSelected("Certificate Authority configuration", p.config)
 		if p.options.deploymentType != LinkedDeployment {
 			ui.Println()