/
options.go
79 lines (64 loc) · 2.39 KB
/
options.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
package cert
import (
"crypto/x509"
"net"
certutil "github.com/fabedge/fabedge/pkg/util/cert"
timeutil "github.com/fabedge/fabedge/pkg/util/time"
flag "github.com/spf13/pflag"
)
type CommonOptions struct {
CASecret string
APIServerAddress string
Token string
}
func (opts *CommonOptions) AddFlags(fs *flag.FlagSet) {
fs.StringVar(&opts.CASecret, "ca-secret", "fabedge-ca", "The name of ca secret, by default CLI read CA cert/key from secret")
fs.StringVar(&opts.APIServerAddress, "api-server-address", "", "The address of host cluster's API server, when this option is set, generate or verify certificate remotely")
fs.StringVar(&opts.Token, "token", "", "Authentication token, not necessary when verifying certificate")
}
func (opts *CommonOptions) Remote() bool {
return len(opts.APIServerAddress) != 0
}
type CertOptions struct {
Organization []string
ValidityPeriod int64
IPs []string
DNSNames []string
}
func (opts *CertOptions) AddFlags(fs *flag.FlagSet) {
fs.StringSliceVarP(&opts.Organization, "organization", "O", []string{certutil.DefaultOrganization}, "your organization name")
fs.Int64Var(&opts.ValidityPeriod, "validity-period", 365, "validity period for your cert, unit: day")
fs.StringSliceVar(&opts.IPs, "ips", nil, "The ip addresses for your cert, e.g. 2.2.2.2,10.10.10.10")
fs.StringSliceVar(&opts.DNSNames, "dns-names", nil, "The dns names for your cert, e.g. fabedge.io,yourdomain.com")
}
func (opts *CertOptions) AsConfig(cn string, isCA bool, usages []x509.ExtKeyUsage) certutil.Config {
return certutil.Config{
CommonName: cn,
IsCA: isCA,
Organization: opts.Organization,
IPs: opts.GetIPs(),
DNSNames: opts.DNSNames,
ValidityPeriod: timeutil.Days(opts.ValidityPeriod),
Usages: usages,
}
}
func (opts *CertOptions) AsRequest(cn string) certutil.Request {
return certutil.Request{
CommonName: cn,
Organization: opts.Organization,
IPs: opts.GetIPs(),
DNSNames: opts.DNSNames,
}
}
func (opts *CertOptions) GetIPs() (ips []net.IP) {
for _, v := range opts.IPs {
ips = append(ips, net.ParseIP(v))
}
return ips
}
type SaveOptions struct {
SecretName string
}
func (opts *SaveOptions) AddFlags(fs *flag.FlagSet) {
fs.StringVar(&opts.SecretName, "secret-name", "", "The name of the secret to store certificate and private key, if not provided, the commonName will be used")
}