feat(clusterconfig): ssl

clustersconfig/cert-request.go

@@ -0,0 +1,10 @@
+package clustersconfig
+
+type CertRequest struct {
+	Template `yaml:",inline"`
+
+	CA      string
+	Profile string
+	Label   string
+	PerHost bool `yaml:"per_host"`
+}

clustersconfig/clustersconfig.go

@@ -17,6 +17,8 @@ type Config struct {
 	Clusters     []*Cluster
 	Configs      []*Template
 	StaticPods   []*Template    `yaml:"static_pods"`
+	SSLConfig    string         `yaml:"ssl_config"`
+	CertRequests []*CertRequest `yaml:"cert_requests"`
 }
 
 func FromBytes(data []byte) (*Config, error) {
@@ -109,6 +111,15 @@ func (c *Config) StaticPodsTemplate(name string) *Template {
 	return nil
 }
 
+func (c *Config) CSR(name string) *CertRequest {
+	for _, s := range c.CertRequests {
+		if s.Name == name {
+			return s
+		}
+	}
+	return nil
+}
+
 func (c *Config) SaveTo(path string) error {
 	ba, err := yaml.Marshal(c)
 	if err != nil {

clustersconfig/dir.go

@@ -2,6 +2,7 @@ package clustersconfig
 
 import (
 	"io/ioutil"
+	"os"
 	"path"
 	"path/filepath"
 	"strings"
@@ -94,6 +95,25 @@ func FromDir(dirPath string) (*Config, error) {
 		return nil, err
 	}
 
+	if ba, err := ioutil.ReadFile(filepath.Join(dirPath, "ssl-config.json")); err == nil {
+		config.SSLConfig = string(ba)
+
+	} else if !os.IsNotExist(err) {
+		return nil, err
+	}
+
+	if ba, err := ioutil.ReadFile(filepath.Join(dirPath, "cert-requests.yaml")); err == nil {
+		reqs := make([]*CertRequest, 0)
+		if err = yaml.Unmarshal(ba, &reqs); err != nil {
+			return nil, err
+		}
+
+		config.CertRequests = reqs
+
+	} else if !os.IsNotExist(err) {
+		return nil, err
+	}
+
 	return config, nil
 }