(ctx *cli.Context, typ flowType)
| 120 | } |
| 121 | |
| 122 | func rootsAndFederationFlow(ctx *cli.Context, typ flowType) error { |
| 123 | if err := errs.MinMaxNumberOfArguments(ctx, 0, 1); err != nil { |
| 124 | return err |
| 125 | } |
| 126 | |
| 127 | caURL, err := flags.ParseCaURL(ctx) |
| 128 | if err != nil { |
| 129 | return err |
| 130 | } |
| 131 | |
| 132 | root := ctx.String("root") |
| 133 | if root == "" { |
| 134 | root = pki.GetRootCAPath() |
| 135 | if _, err := os.Stat(root); err != nil { |
| 136 | return errs.RequiredFlag(ctx, "root") |
| 137 | } |
| 138 | } |
| 139 | |
| 140 | client, err := ca.NewClient(caURL, ca.WithRootFile(root)) |
| 141 | if err != nil { |
| 142 | return err |
| 143 | } |
| 144 | |
| 145 | var certs []api.Certificate |
| 146 | switch typ { |
| 147 | case rootsFlow: |
| 148 | roots, err := client.Roots() |
| 149 | if err != nil { |
| 150 | return err |
| 151 | } |
| 152 | certs = roots.Certificates |
| 153 | case federationFlow: |
| 154 | federation, err := client.Federation() |
| 155 | if err != nil { |
| 156 | return err |
| 157 | } |
| 158 | certs = federation.Certificates |
| 159 | default: |
| 160 | return errors.New("unknown flow type: this should not happen") |
| 161 | } |
| 162 | |
| 163 | var data []byte |
| 164 | for _, cert := range certs { |
| 165 | block, err := pemutil.Serialize(cert.Certificate) |
| 166 | if err != nil { |
| 167 | return err |
| 168 | } |
| 169 | data = append(data, pem.EncodeToMemory(block)...) |
| 170 | } |
| 171 | |
| 172 | if outFile := ctx.Args().Get(0); outFile != "" { |
| 173 | if err := fileutil.WriteFile(outFile, data, 0o600); err != nil { |
| 174 | return err |
| 175 | } |
| 176 | |
| 177 | switch typ { |
| 178 | case rootsFlow: |
| 179 | ui.Printf("The root certificate bundle has been saved in %s.\n", outFile) |
no test coverage detected
searching dependent graphs…