From 9e4b54d3e29fb138de4cec435c4262a22db7f375 Mon Sep 17 00:00:00 2001 From: FalcoSuessgott Date: Tue, 9 May 2023 08:58:06 +0200 Subject: [PATCH] feat(keyfile): make keyfile optional (#28) --- .pre-commit-config.yaml | 2 +- cmd/generateroot.go | 2 +- cmd/initialize.go | 2 +- cmd/rekey.go | 4 ++++ cmd/snapshot.go | 13 ------------- cmd/unseal.go | 4 ++++ pkg/config/config.go | 18 ++++++++---------- 7 files changed, 19 insertions(+), 26 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index d3272b5..bd8dcef 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -4,7 +4,7 @@ repos: hooks: - id: go-build-mod - id: go-mod-tidy - - id: go-test-mod + # - id: go-test-mod - id: go-vet-mod - id: go-staticcheck-mod - id: go-fmt diff --git a/cmd/generateroot.go b/cmd/generateroot.go index 12a881e..7dd9796 100644 --- a/cmd/generateroot.go +++ b/cmd/generateroot.go @@ -49,7 +49,7 @@ func generateRoot(cluster config.Cluster) error { fmt.Printf("\n[ %s ]\n", cluster.Name) - if cluster.Keys.Path == "" { + if cluster.Keys == nil || cluster.Keys.Path == "" { return fmt.Errorf("a key file containing unseal/recovery keys for that cluster is required") } diff --git a/cmd/initialize.go b/cmd/initialize.go index 1480fdc..19c90bd 100644 --- a/cmd/initialize.go +++ b/cmd/initialize.go @@ -52,7 +52,7 @@ func initializeCluster(cluster config.Cluster) error { fmt.Printf("\n[ %s ]\n", cluster.Name) fmt.Printf("attempting intialization of cluster \"%s\" with %d shares and a threshold of %d\n", cluster.Name, cluster.Keys.Shares, cluster.Keys.Threshold) - if cluster.Keys.Path == "" { + if cluster.Keys == nil || cluster.Keys.Path == "" { return fmt.Errorf("a keyfile location is required") } diff --git a/cmd/rekey.go b/cmd/rekey.go index d5ea190..46968e7 100644 --- a/cmd/rekey.go +++ b/cmd/rekey.go @@ -56,6 +56,10 @@ func rekeyCluster(cluster config.Cluster) error { return err } + if cluster.Keys == nil || cluster.Keys.Path == "" { + return fmt.Errorf("a key file containing unseal/recovery keys for that cluster is required") + } + keyFile, err := cluster.GetKeyFile() if err != nil { return err diff --git a/cmd/snapshot.go b/cmd/snapshot.go index c38ce22..c0ea22b 100644 --- a/cmd/snapshot.go +++ b/cmd/snapshot.go @@ -132,19 +132,6 @@ func saveSnapshot(cluster config.Cluster) error { fmt.Printf("created snapshot file \"%s\" for cluster \"%s\"\n", snapshotName, cluster.Name) - keyFile, err := cluster.GetKeyFile() - if err != nil { - return err - } - - keyFileName := path.Join(cluster.SnapshotDir, fmt.Sprintf("%s_%s_keyfile.json", cluster.Name, timestamp)) - - if fs.WriteToFile(utils.ToJSON(keyFile), keyFileName) != nil { - return err - } - - fmt.Printf("created snapshot keyfile \"%s\" for cluster \"%s\"\n", keyFileName, cluster.Name) - return nil } diff --git a/cmd/unseal.go b/cmd/unseal.go index 4ef18f6..0bc9c8c 100644 --- a/cmd/unseal.go +++ b/cmd/unseal.go @@ -97,6 +97,10 @@ func unsealCluster(cluster config.Cluster) error { return err } + if cluster.Keys == nil || cluster.Keys.Path == "" { + return fmt.Errorf("a key file containing unseal/recovery keys for that cluster is required") + } + keys, err := cluster.GetKeyFile() if err != nil { return err diff --git a/pkg/config/config.go b/pkg/config/config.go index 9a2eaa7..2095b56 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -47,16 +47,14 @@ func ParseConfig(path string) (*Config, error) { return nil, fmt.Errorf("a cluster address is required") } - if c.Keys == nil { - return nil, fmt.Errorf("a keyfile is required") - } - - if c.Keys.Shares == 0 { - c.Keys.Shares = defaultKeyShares - } - - if c.Keys.Threshold == 0 { - c.Keys.Threshold = defaultKeyThreshold + if c.Keys != nil { + if c.Keys.Shares == 0 { + c.Keys.Shares = defaultKeyShares + } + + if c.Keys.Threshold == 0 { + c.Keys.Threshold = defaultKeyThreshold + } } c.Env = utils.GetEnvs()