chore: split mgmt/gen.go into several files

No functional changes in this PR, to make future PRs easier. Signed-off-by: Alexey Palazhchenko <alexey.palazhchenko@gmail.com>
siderolabs · May 26, 2021 · e0f5b1e · e0f5b1e
1 parent fad1b4f
commit e0f5b1e
Show file tree

Hide file tree

Showing 15 changed files with 390 additions and 289 deletions.
diff --git a/cmd/talosctl/cmd/mgmt/config.go b/cmd/talosctl/cmd/mgmt/config.go
@@ -17,6 +17,7 @@ import (
 	talosnet "github.com/talos-systems/net"
 	"gopkg.in/yaml.v3"
 
+	"github.com/talos-systems/talos/cmd/talosctl/cmd/mgmt/gen"
 	"github.com/talos-systems/talos/cmd/talosctl/pkg/mgmt/helpers"
 	"github.com/talos-systems/talos/pkg/images"
 	"github.com/talos-systems/talos/pkg/machinery/config"
@@ -46,7 +47,7 @@ var genConfigCmdFlags struct {
 	withDocs                bool
 }
 
-// genConfigCmd represents the gen config command.
+// genConfigCmd represents the `gen config` command.
 var genConfigCmd = &cobra.Command{
 	Use:   "config <cluster name> <cluster endpoint>",
 	Short: "Generates a set of configuration files for Talos cluster",
@@ -257,7 +258,6 @@ func writeV1Alpha1Config(args []string) error {
 }
 
 func init() {
-	genCmd.AddCommand(genConfigCmd)
 	genConfigCmd.Flags().StringVar(&genConfigCmdFlags.installDisk, "install-disk", "/dev/sda", "the disk to install to")
 	genConfigCmd.Flags().StringVar(&genConfigCmdFlags.installImage, "install-image", helpers.DefaultImage(images.DefaultInstallerImageRepository), "the image used to perform an installation")
 	genConfigCmd.Flags().StringSliceVar(&genConfigCmdFlags.additionalSANs, "additional-sans", []string{}, "additional Subject-Alt-Names for the APIServer certificate")
@@ -273,4 +273,6 @@ func init() {
 	genConfigCmd.Flags().BoolVarP(&genConfigCmdFlags.persistConfig, "persist", "p", true, "the desired persist value for configs")
 	genConfigCmd.Flags().BoolVarP(&genConfigCmdFlags.withExamples, "with-examples", "", true, "renders all machine configs with the commented examples")
 	genConfigCmd.Flags().BoolVarP(&genConfigCmdFlags.withDocs, "with-docs", "", true, "renders all machine configs adding the documentation for each field")
+
+	gen.Cmd.AddCommand(genConfigCmd)
 }
diff --git a/cmd/talosctl/cmd/mgmt/gen.go b/cmd/talosctl/cmd/mgmt/gen.go
diff --git a/cmd/talosctl/cmd/mgmt/gen/ca.go b/cmd/talosctl/cmd/mgmt/gen/ca.go
@@ -0,0 +1,66 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+package gen
+
+import (
+	"fmt"
+	"io/ioutil"
+	"time"
+
+	"github.com/spf13/cobra"
+	"github.com/talos-systems/crypto/x509"
+
+	"github.com/talos-systems/talos/pkg/cli"
+)
+
+var genCACmdFlags struct {
+	organization string
+	hours        int
+	rsa          bool
+}
+
+// genCACmd represents the `gen ca` command.
+var genCACmd = &cobra.Command{
+	Use:   "ca",
+	Short: "Generates a self-signed X.509 certificate authority",
+	Long:  ``,
+	Args:  cobra.NoArgs,
+	RunE: func(cmd *cobra.Command, args []string) error {
+		opts := []x509.Option{x509.RSA(genCACmdFlags.rsa)}
+		if genCACmdFlags.organization != "" {
+			opts = append(opts, x509.Organization(genCACmdFlags.organization))
+		}
+
+		opts = append(opts, x509.NotAfter(time.Now().Add(time.Duration(genCACmdFlags.hours)*time.Hour)))
+
+		ca, err := x509.NewSelfSignedCertificateAuthority(opts...)
+		if err != nil {
+			return fmt.Errorf("error generating CA: %w", err)
+		}
+
+		if err := ioutil.WriteFile(genCACmdFlags.organization+".crt", ca.CrtPEM, 0o600); err != nil {
+			return fmt.Errorf("error writing CA certificate: %w", err)
+		}
+
+		if err := ioutil.WriteFile(genCACmdFlags.organization+".sha256", []byte(x509.Hash(ca.Crt)), 0o600); err != nil {
+			return fmt.Errorf("error writing certificate hash: %w", err)
+		}
+
+		if err := ioutil.WriteFile(genCACmdFlags.organization+".key", ca.KeyPEM, 0o600); err != nil {
+			return fmt.Errorf("error writing key: %w", err)
+		}
+
+		return nil
+	},
+}
+
+func init() {
+	genCACmd.Flags().StringVar(&genCACmdFlags.organization, "organization", "", "X.509 distinguished name for the Organization")
+	cli.Should(cobra.MarkFlagRequired(genCACmd.Flags(), "organization"))
+	genCACmd.Flags().IntVar(&genCACmdFlags.hours, "hours", 87600, "the hours from now on which the certificate validity period ends")
+	genCACmd.Flags().BoolVar(&genCACmdFlags.rsa, "rsa", false, "generate in RSA format")
+
+	Cmd.AddCommand(genCACmd)
+}