MCPcopy
hub / github.com/smallstep/cli / renewAction

Function renewAction

command/ssh/renew.go:76–145  ·  view source on GitHub ↗
(ctx *cli.Context)

Source from the content-addressed store, hash-verified

74}
75
76func renewAction(ctx *cli.Context) error {
77 if err := errs.NumberOfArguments(ctx, 2); err != nil {
78 return err
79 }
80
81 args := ctx.Args()
82 certFile := args.Get(0)
83 keyFile := args.Get(1)
84
85 // Flags
86 outFile := ctx.String("out")
87 if outFile == "" {
88 outFile = certFile
89 }
90
91 flow, err := cautils.NewCertificateFlow(ctx)
92 if err != nil {
93 return err
94 }
95
96 // Load the cert, because we need the serial number.
97 certBytes, err := os.ReadFile(certFile)
98 if err != nil {
99 return errors.Wrapf(err, "error reading ssh certificate from %s", certFile)
100 }
101 sshpub, _, _, _, err := ssh.ParseAuthorizedKey(certBytes)
102 if err != nil {
103 return errors.Wrapf(err, "error parsing ssh public key from %s", certFile)
104 }
105 cert, ok := sshpub.(*ssh.Certificate)
106 if !ok {
107 return errors.New("error casting ssh public key to ssh certificate")
108 }
109 serial := strconv.FormatUint(cert.Serial, 10)
110
111 ctx.Set("sshpop-cert", certFile)
112 ctx.Set("sshpop-key", keyFile)
113 token, err := flow.GenerateSSHToken(ctx, serial, cautils.SSHRenewType, nil, provisioner.TimeDuration{}, provisioner.TimeDuration{})
114 if err != nil {
115 return err
116 }
117
118 caClient, err := flow.GetClient(ctx, token)
119 if err != nil {
120 return err
121 }
122
123 resp, err := caClient.SSHRenew(&api.SSHRenewRequest{
124 OTT: token,
125 })
126 if err != nil {
127 return err
128 }
129
130 // Write certificate
131 if err := fileutil.WriteFile(outFile, marshalPublicKey(resp.Certificate, cert.KeyId), 0o644); err != nil {
132 return err
133 }

Callers

nothing calls this directly

Calls 7

GenerateSSHTokenMethod · 0.95
GetClientMethod · 0.95
NewCertificateFlowFunction · 0.92
marshalPublicKeyFunction · 0.85
SetMethod · 0.80
StringMethod · 0.65
SSHRenewMethod · 0.65

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…