MCPcopy
hub / github.com/smallstep/cli / rootsAndFederationFlow

Function rootsAndFederationFlow

command/ca/federation.go:122–189  ·  view source on GitHub ↗
(ctx *cli.Context, typ flowType)

Source from the content-addressed store, hash-verified

120}
121
122func rootsAndFederationFlow(ctx *cli.Context, typ flowType) error {
123 if err := errs.MinMaxNumberOfArguments(ctx, 0, 1); err != nil {
124 return err
125 }
126
127 caURL, err := flags.ParseCaURL(ctx)
128 if err != nil {
129 return err
130 }
131
132 root := ctx.String("root")
133 if root == "" {
134 root = pki.GetRootCAPath()
135 if _, err := os.Stat(root); err != nil {
136 return errs.RequiredFlag(ctx, "root")
137 }
138 }
139
140 client, err := ca.NewClient(caURL, ca.WithRootFile(root))
141 if err != nil {
142 return err
143 }
144
145 var certs []api.Certificate
146 switch typ {
147 case rootsFlow:
148 roots, err := client.Roots()
149 if err != nil {
150 return err
151 }
152 certs = roots.Certificates
153 case federationFlow:
154 federation, err := client.Federation()
155 if err != nil {
156 return err
157 }
158 certs = federation.Certificates
159 default:
160 return errors.New("unknown flow type: this should not happen")
161 }
162
163 var data []byte
164 for _, cert := range certs {
165 block, err := pemutil.Serialize(cert.Certificate)
166 if err != nil {
167 return err
168 }
169 data = append(data, pem.EncodeToMemory(block)...)
170 }
171
172 if outFile := ctx.Args().Get(0); outFile != "" {
173 if err := fileutil.WriteFile(outFile, data, 0o600); err != nil {
174 return err
175 }
176
177 switch typ {
178 case rootsFlow:
179 ui.Printf("The root certificate bundle has been saved in %s.\n", outFile)

Callers 2

rootsActionFunction · 0.85
federationActionFunction · 0.85

Calls 2

ParseCaURLFunction · 0.92
StringMethod · 0.65

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…