Update some boring cert path infos to make API easier to use

Signed-off-by: Nathan LeClaire <nathan.leclaire@gmail.com>
docker · Aug 21, 2015 · e4e442e · e4e442e
1 parent f049dce
commit e4e442e
Show file tree

Hide file tree

Showing 14 changed files with 116 additions and 111 deletions.
diff --git a/commands/commands.go b/commands/commands.go
@@ -97,9 +97,9 @@ func getMachineDir(rootPath string) string {
 func getStore(c *cli.Context) persist.Store {
 	certInfo := getCertPathInfoFromContext(c)
 	return &persist.Filestore{
-		Path:           c.GlobalString("storage-path"),
-		CaCertPath:     certInfo.CaCertPath,
-		PrivateKeyPath: certInfo.CaKeyPath,
+		Path:             c.GlobalString("storage-path"),
+		CaCertPath:       certInfo.CaCertPath,
+		CaPrivateKeyPath: certInfo.CaPrivateKeyPath,
 	}
 }
 
@@ -528,10 +528,10 @@ func getCertPathInfoFromContext(c *cli.Context) cert.CertPathInfo {
 	}
 
 	return cert.CertPathInfo{
-		CaCertPath:     caCertPath,
-		CaKeyPath:      caKeyPath,
-		ClientCertPath: clientCertPath,
-		ClientKeyPath:  clientKeyPath,
+		CaCertPath:       caCertPath,
+		CaPrivateKeyPath: caKeyPath,
+		ClientCertPath:   clientCertPath,
+		ClientKeyPath:    clientKeyPath,
 	}
 }
 

diff --git a/commands/commands_test.go b/commands/commands_test.go
@@ -54,9 +54,9 @@ func getTestStore() (persist.Filestore, error) {
 	os.Setenv("MACHINE_STORAGE_PATH", tmpDir)
 
 	return persist.Filestore{
-		Path:           tmpDir,
-		CaCertPath:     hostTestCaCert,
-		PrivateKeyPath: hostTestPrivateKey,
+		Path:             tmpDir,
+		CaCertPath:       hostTestCaCert,
+		CaPrivateKeyPath: hostTestPrivateKey,
 	}, nil
 }
 
@@ -88,8 +88,8 @@ func getDefaultTestHost() (*host.Host, error) {
 		Address:   "",
 	}
 	authOptions := &auth.AuthOptions{
-		CaCertPath:     hostTestCaCert,
-		PrivateKeyPath: hostTestPrivateKey,
+		CaCertPath:       hostTestCaCert,
+		CaPrivateKeyPath: hostTestPrivateKey,
 	}
 	hostOptions := &host.HostOptions{
 		EngineOptions: engineOptions,

diff --git a/commands/create.go b/commands/create.go
@@ -27,9 +27,9 @@ func cmdCreate(c *cli.Context) {
 	name := c.Args().First()
 	certInfo := getCertPathInfoFromContext(c)
 	store := &persist.Filestore{
-		Path:           c.GlobalString("storage-path"),
-		CaCertPath:     certInfo.CaCertPath,
-		PrivateKeyPath: certInfo.CaKeyPath,
+		Path:             c.GlobalString("storage-path"),
+		CaCertPath:       certInfo.CaCertPath,
+		CaPrivateKeyPath: certInfo.CaPrivateKeyPath,
 	}
 
 	// TODO: Not really a fan of "none" as the default driver...
@@ -53,12 +53,12 @@ func cmdCreate(c *cli.Context) {
 
 	hostOptions := &host.HostOptions{
 		AuthOptions: &auth.AuthOptions{
-			CaCertPath:     certInfo.CaCertPath,
-			PrivateKeyPath: certInfo.CaKeyPath,
-			ClientCertPath: certInfo.ClientCertPath,
-			ClientKeyPath:  certInfo.ClientKeyPath,
-			ServerCertPath: filepath.Join(utils.GetMachineDir(), name, "server.pem"),
-			ServerKeyPath:  filepath.Join(utils.GetMachineDir(), name, "server-key.pem"),
+			CaCertPath:       certInfo.CaCertPath,
+			CaPrivateKeyPath: certInfo.CaPrivateKeyPath,
+			ClientCertPath:   certInfo.ClientCertPath,
+			ClientKeyPath:    certInfo.ClientKeyPath,
+			ServerCertPath:   filepath.Join(utils.GetMachineDir(), name, "server.pem"),
+			ServerKeyPath:    filepath.Join(utils.GetMachineDir(), name, "server-key.pem"),
 		},
 		EngineOptions: &engine.EngineOptions{
 			ArbitraryFlags:   c.StringSlice("engine-opt"),
@@ -94,7 +94,7 @@ func cmdCreate(c *cli.Context) {
 		log.Fatalf("Error setting machine configuration from flags provided: %s", err)
 	}
 
-	if err := libmachine.Create(store, certInfo, h); err != nil {
+	if err := libmachine.Create(store, h); err != nil {
 		log.Fatal(err)
 	}
 

diff --git a/libmachine/auth/auth.go b/libmachine/auth/auth.go
@@ -3,12 +3,12 @@ package auth
 type AuthOptions struct {
 	StorePath            string
 	CaCertPath           string
+	CaPrivateKeyPath     string
 	CaCertRemotePath     string
 	ServerCertPath       string
 	ServerKeyPath        string
 	ClientKeyPath        string
 	ServerCertRemotePath string
 	ServerKeyRemotePath  string
-	PrivateKeyPath       string
 	ClientCertPath       string
 }
diff --git a/libmachine/cert/bootstrap.go b/libmachine/cert/bootstrap.go
@@ -3,15 +3,16 @@ package cert
 import (
 	"os"
 
+	"github.com/docker/machine/libmachine/auth"
 	"github.com/docker/machine/libmachine/log"
 	"github.com/docker/machine/libmachine/utils"
 )
 
-func BootstrapCertificates(certPathInfo CertPathInfo) error {
-	caCertPath := certPathInfo.CaCertPath
-	caKeyPath := certPathInfo.CaKeyPath
-	clientCertPath := certPathInfo.ClientCertPath
-	clientKeyPath := certPathInfo.ClientKeyPath
+func BootstrapCertificates(authOptions *auth.AuthOptions) error {
+	caCertPath := authOptions.CaCertPath
+	caPrivateKeyPath := authOptions.CaPrivateKeyPath
+	clientCertPath := authOptions.ClientCertPath
+	clientKeyPath := authOptions.ClientKeyPath
 	org := utils.GetUsername()
 	bits := 2048
 
@@ -29,11 +30,11 @@ func BootstrapCertificates(certPathInfo CertPathInfo) error {
 		log.Infof("Creating CA: %s", caCertPath)
 
 		// check if the key path exists; if so, error
-		if _, err := os.Stat(caKeyPath); err == nil {
+		if _, err := os.Stat(caPrivateKeyPath); err == nil {
 			log.Fatalf("The CA key already exists.  Please remove it or specify a different key/cert.")
 		}
 
-		if err := GenerateCACertificate(caCertPath, caKeyPath, org, bits); err != nil {
+		if err := GenerateCACertificate(caCertPath, caPrivateKeyPath, org, bits); err != nil {
 			log.Infof("Error generating CA certificate: %s", err)
 		}
 	}
@@ -56,7 +57,7 @@ func BootstrapCertificates(certPathInfo CertPathInfo) error {
 			log.Fatalf("The client key already exists.  Please remove it or specify a different key/cert.")
 		}
 
-		if err := GenerateCert([]string{""}, clientCertPath, clientKeyPath, caCertPath, caKeyPath, org, bits); err != nil {
+		if err := GenerateCert([]string{""}, clientCertPath, clientKeyPath, caCertPath, caPrivateKeyPath, org, bits); err != nil {
 			log.Fatalf("Error generating client certificate: %s", err)
 		}
 	}

diff --git a/libmachine/cert/cert_path_info.go b/libmachine/cert/cert_path_info.go
@@ -1,10 +1,10 @@
 package cert
 
 type CertPathInfo struct {
-	CaCertPath     string
-	CaKeyPath      string
-	ClientCertPath string
-	ClientKeyPath  string
-	ServerCertPath string
-	ServerKeyPath  string
+	CaCertPath       string
+	CaPrivateKeyPath string
+	ClientCertPath   string
+	ClientKeyPath    string
+	ServerCertPath   string
+	ServerKeyPath    string
 }
diff --git a/libmachine/host/get_default_test_host.go b/libmachine/host/get_default_test_host.go
@@ -38,8 +38,8 @@ func GetDefaultTestHost() (*Host, error) {
 		EngineOptions: &engine.EngineOptions{},
 		SwarmOptions:  &swarm.SwarmOptions{},
 		AuthOptions: &auth.AuthOptions{
-			CaCertPath:     hostTestCaCert,
-			PrivateKeyPath: hostTestPrivateKey,
+			CaCertPath:       hostTestCaCert,
+			CaPrivateKeyPath: hostTestPrivateKey,
 		},
 	}
 

diff --git a/libmachine/host/host_v0.go b/libmachine/host/host_v0.go
@@ -9,26 +9,26 @@ type HostV0 struct {
 	ConfigVersion int
 	HostOptions   *HostOptions
 
-	StorePath      string
-	CaCertPath     string
-	PrivateKeyPath string
-	ServerCertPath string
-	ServerKeyPath  string
-	ClientCertPath string
-	SwarmHost      string
-	SwarmMaster    bool
-	SwarmDiscovery string
-	ClientKeyPath  string
+	StorePath        string
+	CaCertPath       string
+	CaPrivateKeyPath string
+	ServerCertPath   string
+	ServerKeyPath    string
+	ClientCertPath   string
+	SwarmHost        string
+	SwarmMaster      bool
+	SwarmDiscovery   string
+	ClientKeyPath    string
 }
 
 type HostMetadataV0 struct {
 	HostOptions HostOptions
 	DriverName  string
 
-	StorePath      string
-	CaCertPath     string
-	PrivateKeyPath string
-	ServerCertPath string
-	ServerKeyPath  string
-	ClientCertPath string
+	StorePath        string
+	CaCertPath       string
+	CaPrivateKeyPath string
+	ServerCertPath   string
+	ServerKeyPath    string
+	ClientCertPath   string
 }
diff --git a/libmachine/host/migrate_v0_v1.go b/libmachine/host/migrate_v0_v1.go
@@ -41,7 +41,7 @@ func MigrateHostV0ToHostV1(hostV0 *HostV0) *Host {
 		ClientKeyPath:        certInfoV0.ClientKeyPath,
 		ServerCertRemotePath: "",
 		ServerKeyRemotePath:  "",
-		PrivateKeyPath:       certInfoV0.CaKeyPath,
+		CaPrivateKeyPath:     certInfoV0.CaPrivateKeyPath,
 		ClientCertPath:       certInfoV0.ClientCertPath,
 	}
 
@@ -63,7 +63,7 @@ func MigrateHostMetadataV0ToHostMetadataV1(m *HostMetadataV0) *HostMetadata {
 		ClientKeyPath:        "",
 		ServerCertRemotePath: "",
 		ServerKeyRemotePath:  "",
-		PrivateKeyPath:       m.PrivateKeyPath,
+		CaPrivateKeyPath:     m.CaPrivateKeyPath,
 		ClientCertPath:       m.ClientCertPath,
 	}
 
@@ -73,7 +73,7 @@ func MigrateHostMetadataV0ToHostMetadataV1(m *HostMetadataV0) *HostMetadata {
 func getCertInfoFromHost(h *HostV0) cert.CertPathInfo {
 	// setup cert paths
 	caCertPath := h.CaCertPath
-	caKeyPath := h.PrivateKeyPath
+	caKeyPath := h.CaPrivateKeyPath
 	clientCertPath := h.ClientCertPath
 	clientKeyPath := h.ClientKeyPath
 	serverCertPath := h.ServerCertPath
@@ -104,11 +104,11 @@ func getCertInfoFromHost(h *HostV0) cert.CertPathInfo {
 	}
 
 	return cert.CertPathInfo{
-		CaCertPath:     caCertPath,
-		CaKeyPath:      caKeyPath,
-		ClientCertPath: clientCertPath,
-		ClientKeyPath:  clientKeyPath,
-		ServerCertPath: serverCertPath,
-		ServerKeyPath:  serverKeyPath,
+		CaCertPath:       caCertPath,
+		CaPrivateKeyPath: caKeyPath,
+		ClientCertPath:   clientCertPath,
+		ClientKeyPath:    clientKeyPath,
+		ServerCertPath:   serverCertPath,
+		ServerKeyPath:    serverKeyPath,
 	}
 }
diff --git a/libmachine/host/migrate_v0_v1_test.go b/libmachine/host/migrate_v0_v1_test.go
@@ -14,16 +14,16 @@ import (
 func TestMigrateHostV0ToV1(t *testing.T) {
 	os.Setenv("MACHINE_STORAGE_PATH", "/tmp/migration")
 	originalHost := &HostV0{
-		HostOptions:    nil,
-		SwarmDiscovery: "token://foobar",
-		SwarmHost:      "1.2.3.4:2376",
-		SwarmMaster:    true,
-		CaCertPath:     "",
-		PrivateKeyPath: "",
-		ClientCertPath: "",
-		ClientKeyPath:  "",
-		ServerCertPath: "",
-		ServerKeyPath:  "",
+		HostOptions:      nil,
+		SwarmDiscovery:   "token://foobar",
+		SwarmHost:        "1.2.3.4:2376",
+		SwarmMaster:      true,
+		CaCertPath:       "",
+		CaPrivateKeyPath: "",
+		ClientCertPath:   "",
+		ClientKeyPath:    "",
+		ServerCertPath:   "",
+		ServerKeyPath:    "",
 	}
 	hostOptions := &HostOptions{
 		SwarmOptions: &swarm.SwarmOptions{
@@ -32,12 +32,12 @@ func TestMigrateHostV0ToV1(t *testing.T) {
 			Host:      "1.2.3.4:2376",
 		},
 		AuthOptions: &auth.AuthOptions{
-			CaCertPath:     "/tmp/migration/certs/ca.pem",
-			PrivateKeyPath: "/tmp/migration/certs/ca-key.pem",
-			ClientCertPath: "/tmp/migration/certs/cert.pem",
-			ClientKeyPath:  "/tmp/migration/certs/key.pem",
-			ServerCertPath: "/tmp/migration/certs/server.pem",
-			ServerKeyPath:  "/tmp/migration/certs/server-key.pem",
+			CaCertPath:       "/tmp/migration/certs/ca.pem",
+			CaPrivateKeyPath: "/tmp/migration/certs/ca-key.pem",
+			ClientCertPath:   "/tmp/migration/certs/cert.pem",
+			ClientKeyPath:    "/tmp/migration/certs/key.pem",
+			ServerCertPath:   "/tmp/migration/certs/server.pem",
+			ServerKeyPath:    "/tmp/migration/certs/server-key.pem",
 		},
 		EngineOptions: &engine.EngineOptions{},
 	}
@@ -91,20 +91,20 @@ func TestMigrateHostMetadataV0ToV1(t *testing.T) {
 func TestGetCertInfoFromHost(t *testing.T) {
 	os.Setenv("MACHINE_STORAGE_PATH", "/tmp/migration")
 	host := &HostV0{
-		CaCertPath:     "",
-		PrivateKeyPath: "",
-		ClientCertPath: "",
-		ClientKeyPath:  "",
-		ServerCertPath: "",
-		ServerKeyPath:  "",
+		CaCertPath:       "",
+		CaPrivateKeyPath: "",
+		ClientCertPath:   "",
+		ClientKeyPath:    "",
+		ServerCertPath:   "",
+		ServerKeyPath:    "",
 	}
 	expectedCertInfo := cert.CertPathInfo{
-		CaCertPath:     "/tmp/migration/certs/ca.pem",
-		CaKeyPath:      "/tmp/migration/certs/ca-key.pem",
-		ClientCertPath: "/tmp/migration/certs/cert.pem",
-		ClientKeyPath:  "/tmp/migration/certs/key.pem",
-		ServerCertPath: "/tmp/migration/certs/server.pem",
-		ServerKeyPath:  "/tmp/migration/certs/server-key.pem",
+		CaCertPath:       "/tmp/migration/certs/ca.pem",
+		CaPrivateKeyPath: "/tmp/migration/certs/ca-key.pem",
+		ClientCertPath:   "/tmp/migration/certs/cert.pem",
+		ClientKeyPath:    "/tmp/migration/certs/key.pem",
+		ServerCertPath:   "/tmp/migration/certs/server.pem",
+		ServerKeyPath:    "/tmp/migration/certs/server-key.pem",
 	}
 	certInfo := getCertInfoFromHost(host)
 	if !reflect.DeepEqual(expectedCertInfo, certInfo) {

diff --git a/libmachine/main.go b/libmachine/main.go
@@ -18,14 +18,16 @@ func GetDefaultStore() *persist.Filestore {
 	homeDir := utils.GetHomeDir()
 	certsDir := filepath.Join(homeDir, ".docker", "machine", "certs")
 	return &persist.Filestore{
-		Path:           homeDir,
-		CaCertPath:     certsDir,
-		PrivateKeyPath: certsDir,
+		Path:             homeDir,
+		CaCertPath:       certsDir,
+		CaPrivateKeyPath: certsDir,
 	}
 }
 
-func Create(store persist.Store, certInfo cert.CertPathInfo, h *host.Host) error {
-	if err := cert.BootstrapCertificates(certInfo); err != nil {
+// Create is the wrapper method which covers all of the boilerplate around
+// actually creating, provisioning, and persisting an instance in the store.
+func Create(store persist.Store, h *host.Host) error {
+	if err := cert.BootstrapCertificates(h.HostOptions.AuthOptions); err != nil {
 		return fmt.Errorf("Error generating certificates: %s", err)
 	}