Allow to fetch and apply certificates with root user read only access (…

…#7678) * readonly file scp fix error Signed-off-by: Vivek Shankar <vshankar@progress.com> * removed sudo Signed-off-by: Vivek Shankar <vshankar@progress.com> * added sudo while cat Signed-off-by: Vivek Shankar <vshankar@progress.com> Signed-off-by: Vivek Shankar <vshankar@progress.com>
chef · Jan 27, 2023 · aa7f3b4 · aa7f3b4
1 parent 58d822a
commit aa7f3b4
Showing 1 changed file with 4 additions and 5 deletions.
diff --git a/components/automate-cli/cmd/chef-automate/certRotate.go b/components/automate-cli/cmd/chef-automate/certRotate.go
@@ -599,7 +599,7 @@ func (c *certRotateFlow) getCertFromFile(certPath string, infra *AutomteHAInfraD
 	certPath = strings.TrimSpace(certPath)
 	// Checking if the given path is remote or local.
 	if c.IsRemotePath(certPath) {
-		remoteFilePath, fileName, hostIP, err := c.GetRemoteFileDetails(certPath, infra)
+		remoteFilePath, _, hostIP, err := c.GetRemoteFileDetails(certPath, infra)
 		if err != nil {
 			return nil, err
 		}
@@ -608,12 +608,11 @@ func (c *certRotateFlow) getCertFromFile(certPath string, infra *AutomteHAInfraD
 		sshConfig.hostIP = hostIP
 		sshUtil := NewSSHUtil(sshConfig)
 
-		filePath, err := sshUtil.copyFileFromRemote(remoteFilePath, fileName)
+		out, err := sshUtil.connectAndExecuteCommandOnRemote("sudo cat "+remoteFilePath, true)
 		if err != nil {
-			return nil, errors.New(fmt.Sprintf("Unable to copy file from remote path: %v", certPath))
+			return nil, errors.Wrap(err, fmt.Sprintf("Unable to read file from remote path: %v", certPath))
 		}
-		defer os.Remove(filePath)
-		return c.FileUtils.ReadFile(filePath)
+		return []byte(out), nil
 	}
 	return c.FileUtils.ReadFile(certPath)
 }