| Tim Windelschmidt | f0ec0f6 | 2023-07-17 13:43:38 +0200 | [diff] [blame] | 1 | package main |
| 2 | |
| 3 | import ( |
| 4 | "crypto/x509" |
| 5 | "encoding/pem" |
| 6 | "log" |
| 7 | "os" |
| 8 | |
| 9 | "github.com/spf13/cobra" |
| 10 | |
| 11 | "source.monogon.dev/metropolis/cli/metroctl/core" |
| 12 | ) |
| 13 | |
| 14 | func init() { |
| 15 | certCmd.AddCommand(certExportCmd) |
| 16 | |
| 17 | rootCmd.AddCommand(certCmd) |
| 18 | } |
| 19 | |
| 20 | var certCmd = &cobra.Command{ |
| 21 | Short: "Certificate utilities", |
| 22 | Use: "cert", |
| 23 | } |
| 24 | |
| 25 | var certExportCmd = &cobra.Command{ |
| 26 | Short: "Exports certificates for use in other programs", |
| 27 | Use: "export", |
| 28 | Example: "metroctl cert export", |
| 29 | Run: func(cmd *cobra.Command, args []string) { |
| 30 | ocert, opkey, err := core.GetOwnerCredentials(flags.configPath) |
| 31 | if err == core.NoCredentialsError { |
| 32 | log.Fatalf("You have to take ownership of the cluster first: %v", err) |
| 33 | } |
| 34 | |
| 35 | pkcs8Key, err := x509.MarshalPKCS8PrivateKey(opkey) |
| 36 | if err != nil { |
| 37 | // We explicitly pass an Ed25519 private key in, so this can't happen |
| 38 | panic(err) |
| 39 | } |
| 40 | |
| 41 | if err := os.WriteFile("owner.crt", pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: ocert.Raw}), 0755); err != nil { |
| 42 | log.Fatal(err) |
| 43 | } |
| 44 | |
| 45 | if err := os.WriteFile("owner.key", pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: pkcs8Key}), 0755); err != nil { |
| 46 | log.Fatal(err) |
| 47 | } |
| 48 | log.Println("Wrote files to current dir: cert.pem, key.pem") |
| 49 | }, |
| 50 | Args: cobra.NoArgs, |
| 51 | } |