Fix ssh in helm chart values.

3 years ago · 8cb62b6d67
parent c43d0362a4
commit 8cb62b6d67
2 changed files with 17 additions and 8 deletions
--- a/pki/helm.go
+++ b/pki/helm.go
@ -14,11 +14,9 @@ import (

 type helmVariables struct {
 	*linkedca.Configuration
-	Defaults *linkedca.Defaults
-	Password string
-	SSH      struct {
-		Enabled bool
-	}
+	Defaults     *linkedca.Defaults
+	Password     string
+	EnableSSH    bool
 	TLS          authconfig.TLSOptions
 	Provisioners []provisioner.Interface
 }
@ -48,6 +46,7 @@ func (p *PKI) WriteHelmTemplate(w io.Writer) error {
 		Configuration: &p.Configuration,
 		Defaults:      &p.Defaults,
 		Password:      "",
+		EnableSSH:     p.options.enableSSH,
 		TLS:           authconfig.DefaultTLSOptions,
 		Provisioners:  provisioners,
 	}); err != nil {
@ -67,7 +66,7 @@ inject:
        federateRoots: []
        crt: {{ .Intermediate }}
        key: {{ .IntermediateKey }}
-        {{- if .SSH.Enabled }}
+        {{- if .EnableSSH }}
        ssh:
          hostKey: {{ .Ssh.HostKey }}
          userKey: {{ .Ssh.UserKey }}
--- a/pki/pki.go
+++ b/pki/pki.go
@ -408,6 +408,15 @@ func (p *PKI) GenerateKeyPairs(pass []byte) error {
 		return err
 	}

+	var claims *linkedca.Claims
+	if p.options.enableSSH {
+		claims = &linkedca.Claims{
+			Ssh: &linkedca.SSHClaims{
+				Enabled: true,
+			},
+		}
+	}
+
 	// Add JWK provisioner to the configuration.
 	publicKey, err := json.Marshal(p.ottPublicKey)
 	if err != nil {
@ -418,8 +427,9 @@ func (p *PKI) GenerateKeyPairs(pass []byte) error {
 		return errors.Wrap(err, "error serializing private key")
 	}
 	p.Authority.Provisioners = append(p.Authority.Provisioners, &linkedca.Provisioner{
-		Type: linkedca.Provisioner_JWK,
-		Name: p.options.provisioner,
+		Type:   linkedca.Provisioner_JWK,
+		Name:   p.options.provisioner,
+		Claims: claims,
 		Details: &linkedca.ProvisionerDetails{
 			Data: &linkedca.ProvisionerDetails_JWK{
 				JWK: &linkedca.JWKProvisioner{