(c echo.Context)
| 108 | } |
| 109 | |
| 110 | func (h *AppConfigHandler) PostCertificate(c echo.Context) error { |
| 111 | serverIP := strings.TrimSpace(c.FormValue("serverIP")) |
| 112 | name := strings.TrimSpace(c.FormValue("name")) |
| 113 | cert := strings.TrimSpace(c.FormValue("clientCertData")) |
| 114 | key := strings.TrimSpace(c.FormValue("clientKeyData")) |
| 115 | configName := strings.TrimSpace(c.FormValue("configName")) |
| 116 | tlsMode := strings.TrimSpace(c.FormValue("tlsMode")) |
| 117 | caCert := strings.TrimSpace(c.FormValue("caCertData")) |
| 118 | |
| 119 | if serverIP == "" || name == "" || cert == "" || key == "" { |
| 120 | return echo.NewHTTPError(http.StatusBadRequest, "missing required fields: serverIP, name, clientCertData, or clientKeyData") |
| 121 | } |
| 122 | |
| 123 | // Validate config name |
| 124 | if err := validateConfigName(configName); err != nil { |
| 125 | return echo.NewHTTPError(http.StatusBadRequest, err.Error()) |
| 126 | } |
| 127 | |
| 128 | // Normalize to lowercase |
| 129 | configName = strings.ToLower(strings.TrimSpace(configName)) |
| 130 | |
| 131 | // Check for duplicates |
| 132 | if h.container.Config().ConfigExists(configName) { |
| 133 | return echo.NewHTTPError(http.StatusConflict, fmt.Sprintf("config '%s' already exists", configName)) |
| 134 | } |
| 135 | |
| 136 | // Default to system mode if not specified |
| 137 | if tlsMode == "" { |
| 138 | tlsMode = "system" |
| 139 | } |
| 140 | |
| 141 | // Validate: if custom mode, CA cert is required |
| 142 | if tlsMode == "custom" && caCert == "" { |
| 143 | return echo.NewHTTPError(http.StatusBadRequest, "CA certificate required for custom TLS mode") |
| 144 | } |
| 145 | |
| 146 | encodedCert := base64.StdEncoding.EncodeToString([]byte(cert)) |
| 147 | encodedKey := base64.StdEncoding.EncodeToString([]byte(key)) |
| 148 | |
| 149 | var encodedCaCert string |
| 150 | if caCert != "" { |
| 151 | encodedCaCert = base64.StdEncoding.EncodeToString([]byte(caCert)) |
| 152 | } |
| 153 | |
| 154 | kubeconfig := generateCertificateConfig(serverIP, name, encodedCert, encodedKey, encodedCaCert, tlsMode) |
| 155 | |
| 156 | path := filepath.Join(homeDir(), config.AppConfigDir, config.AppKubeConfigDir, configName) |
| 157 | if err := writeKubeconfigToFile(path, kubeconfig); err != nil { |
| 158 | return err |
| 159 | } |
| 160 | |
| 161 | if err := validateKubeconfigFile(path); err != nil { |
| 162 | defer os.Remove(path) |
| 163 | return echo.NewHTTPError(http.StatusBadRequest, "invalid kubeconfig").SetInternal(err) |
| 164 | } |
| 165 | |
| 166 | h.container.Config().SaveKubeConfig(configName) |
| 167 | return c.JSON(http.StatusOK, echo.Map{"success": true, "configId": configName}) |
nothing calls this directly
no test coverage detected