Update TLSCACert and TLSKeyFromCA to always require all parameters

Removes variadic versions for referencing previously created cert/key pairs. This makes the order these are created in less important.
replicatedhq · Jul 24, 2020 · c863c92 · c863c92
1 parent 38f3f55
commit c863c92
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 41 deletions.
diff --git a/pkg/template/static_context.go b/pkg/template/static_context.go
@@ -395,26 +395,17 @@ func (ctx StaticCtx) tlsKey(certName string, args ...interface{}) string {
 	return p.Key
 }
 
-func (ctx StaticCtx) tlsCaCert(caName string, args ...interface{}) string {
+func (ctx StaticCtx) tlsCaCert(caName string, daysValid int) string {
 	cap, ok := caMap[caName]
 	if !ok {
-		if len(args) != 1 {
-			return ""
-		}
-
-		daysValid, ok := args[0].(int)
-		if !ok {
-			return ""
-		}
-
 		cap = genCa(caName, daysValid)
 		caMap[caName] = cap
 	}
 
 	return cap.Cert
 }
 
-func (ctx StaticCtx) tlsCertFromCa(caName, certName, cn string, ips []interface{}, alternateDNS []interface{}, daysValid int) string {
+func (ctx StaticCtx) tlsCertFromCa(caName, certName, cn string, ips, alternateDNS []interface{}, daysValid int) string {
 	key := fmt.Sprintf("%s:%s:%s", caName, certName, cn)
 	if p, ok := tlsMap[key]; ok {
 		return p.Cert
@@ -425,31 +416,12 @@ func (ctx StaticCtx) tlsCertFromCa(caName, certName, cn string, ips []interface{
 	return p.Cert
 }
 
-func (ctx StaticCtx) tlsKeyFromCa(caName, certName, cn string, args ...interface{}) string {
+func (ctx StaticCtx) tlsKeyFromCa(caName, certName, cn string, ips, alternateDNS []interface{}, daysValid int) string {
 	key := fmt.Sprintf("%s:%s:%s", caName, certName, cn)
 	if p, ok := tlsMap[key]; ok {
 		return p.Key
 	}
 
-	if len(args) != 3 {
-		return ""
-	}
-
-	ips, ok := args[0].([]interface{})
-	if !ok {
-		return ""
-	}
-
-	alternateDNS, ok := args[1].([]interface{})
-	if !ok {
-		return ""
-	}
-
-	daysValid, ok := args[2].(int)
-	if !ok {
-		return ""
-	}
-
 	p := genSignedCert(caName, cn, ips, alternateDNS, daysValid)
 	tlsMap[key] = p
 	return p.Key

diff --git a/pkg/template/static_context_test.go b/pkg/template/static_context_test.go
@@ -81,14 +81,7 @@ func TestSprigRandom(t *testing.T) {
 	req.Len(randAlphaNum, 50)
 }
 
-func TestTlsCaCert(t *testing.T) {
-	scopetest := scopeagent.StartTest(t)
-	defer scopetest.End()
-	req := require.New(t)
-
-	builder := Builder{}
-	builder.AddCtx(StaticCtx{})
-
+func validateAndClearCaCert(req *require.Assertions, builder Builder) {
 	caCert, err := builder.String(`{{repl TLSCACert "my-ca" 365}}`)
 	req.NoError(err)
 
@@ -101,6 +94,16 @@ func TestTlsCaCert(t *testing.T) {
 	delete(caMap, "my-ca")
 }
 
+func TestTlsCaCert(t *testing.T) {
+	scopetest := scopeagent.StartTest(t)
+	defer scopetest.End()
+	req := require.New(t)
+
+	builder := Builder{}
+	builder.AddCtx(StaticCtx{})
+	validateAndClearCaCert(req, builder)
+}
+
 func TestTlsCertFromCa(t *testing.T) {
 	scopetest := scopeagent.StartTest(t)
 	defer scopetest.End()
@@ -121,9 +124,10 @@ func TestTlsCertFromCa(t *testing.T) {
 	req.Equal("mine.example.com", expected.Cn)
 	req.Equal(expected.Cert, cert)
 
-	_, err = builder.String(`{{repl TLSKeyFromCA "my-ca" "my-cert" "mine.example.com"}}`)
+	_, err = builder.String(`{{repl TLSKeyFromCA "my-ca" "my-cert" "mine.example.com" nil nil 365}}`)
 	req.NoError(err)
-	delete(tlsMap, "my-ca:my-cert:mine.example.com")
+
+	validateAndClearCaCert(req, builder)
 }
 
 func TestTlsKeyFromCa(t *testing.T) {
@@ -149,6 +153,8 @@ func TestTlsKeyFromCa(t *testing.T) {
 	req.Equal("mine.example.com", expected.Cn)
 	req.Equal(expected.Cert, cert)
 	delete(tlsMap, "my-ca:my-cert:mine.example.com")
+
+	validateAndClearCaCert(req, builder)
 }
 
 func getCert(s string) (*x509.Certificate, error) {