-
Notifications
You must be signed in to change notification settings - Fork 3
/
sync.go
110 lines (88 loc) · 1.9 KB
/
sync.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
package trust
import (
"context"
"os"
"github.com/anchordotdev/cli"
"github.com/anchordotdev/cli/api"
"github.com/anchordotdev/cli/trust/models"
"github.com/anchordotdev/cli/truststore"
"github.com/anchordotdev/cli/ui"
)
type Sync struct {
Config *cli.Config
Anc *api.Session
OrgSlug, RealmSlug string
}
func (s Sync) UI() cli.UI {
return cli.UI{
RunTUI: s.runTUI,
}
}
func (s *Sync) runTUI(ctx context.Context, drv *ui.Driver) error {
confirmc := make(chan struct{})
drv.Activate(ctx, &models.SyncPreflight{
NonInteractive: s.Config.NonInteractive,
ConfirmCh: confirmc,
})
cas, err := fetchExpectedCAs(ctx, s.Anc, s.OrgSlug, s.RealmSlug)
if err != nil {
return err
}
stores, sudoMgr, err := loadStores(s.Config)
if err != nil {
return err
}
// TODO: handle nosudo
sudoMgr.AroundSudo = func(sudo func()) {
unpausec := drv.Pause()
defer close(unpausec)
sudo()
}
audit := &truststore.Audit{
Expected: cas,
Stores: stores,
SelectFn: checkAnchorCert,
}
info, err := audit.Perform()
if err != nil {
return err
}
drv.Send(models.AuditInfoMsg(info))
if len(info.Missing) == 0 {
drv.Send(models.PreflightFinishedMsg{})
return nil
}
if !s.Config.NonInteractive {
select {
case <-confirmc:
case <-ctx.Done():
return ctx.Err()
}
}
tmpDir, err := os.MkdirTemp("", "anchor-trust-sync")
if err != nil {
return err
}
defer os.RemoveAll(tmpDir)
for _, ca := range info.Missing {
if err := writeCAFile(ca, tmpDir); err != nil {
return err
}
drv.Activate(ctx, &models.SyncInstallCA{
CA: ca,
})
for _, store := range stores {
if info.IsPresent(ca, store) {
continue
}
drv.Send(models.SyncInstallingCAMsg{Store: store})
if ok, err := store.InstallCA(ca); err != nil {
return err
} else if !ok {
panic("impossible")
}
drv.Send(models.SyncInstalledCAMsg{Store: store})
}
}
return nil
}