slawek/lab-ca
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

Simplified template rendering.

Browse Source
This commit is contained in:
Sławek Koszewski
2025-07-27 21:46:27 +02:00
parent dba4ced05f
commit bd9547ff70
1 changed files with 14 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
ca.go
View File

@@ -545,14 +545,12 @@ func parseDistinguishedName(dn string) pkix.Name {
return name return name
} }
// Helper: apply Go template to a string using CertificateDefinition and CertificateDefaults as data // Helper: apply Go template to a string using only the certificate label as data
func applyTemplate(s string, def CertificateDefinition, defaults *CertificateDefaults) (string, error) { func applyTemplate(s string, name string) (string, error) {
data := struct { data := struct {
CertificateDefinition Name string
Defaults *CertificateDefaults
}{ }{
CertificateDefinition: def, Name: name,
Defaults: defaults,
} }
tmpl, err := template.New("").Parse(s) tmpl, err := template.New("").Parse(s)
if err != nil { if err != nil {
@@ -570,39 +568,27 @@ func renderCertificateDefTemplates(def CertificateDefinition, defaults *Certific
newDef := def newDef := def
// Subject: use def.Subject if set, else defaults.Subject (rendered) // Subject: use def.Subject if set, else defaults.Subject (rendered)
if def.Subject != "" { if def.Subject != "" {
if rendered, err := applyTemplate(def.Subject, def, defaults); err == nil { if rendered, err := applyTemplate(def.Subject, def.Name); err == nil {
newDef.Subject = rendered newDef.Subject = rendered
} }
} else if defaults != nil && defaults.Subject != "" { } else if defaults != nil && defaults.Subject != "" {
if rendered, err := applyTemplate(defaults.Subject, def, defaults); err == nil { if rendered, err := applyTemplate(defaults.Subject, def.Name); err == nil {
newDef.Subject = rendered newDef.Subject = rendered
} }
} }
// Type: use def.Type if set, else defaults.Type (rendered) // Type: use def.Type if set, else defaults.Type (no template)
if def.Type != "" { if def.Type == "" && defaults != nil && defaults.Type != "" {
if rendered, err := applyTemplate(def.Type, def, defaults); err == nil { newDef.Type = defaults.Type
newDef.Type = rendered
}
} else if defaults != nil && defaults.Type != "" {
if rendered, err := applyTemplate(defaults.Type, def, defaults); err == nil {
newDef.Type = rendered
}
} }
// Validity: use def.Validity if set, else defaults.Validity (rendered) // Validity: use def.Validity if set, else defaults.Validity (no template)
if def.Validity != "" { if def.Validity == "" && defaults != nil && defaults.Validity != "" {
if rendered, err := applyTemplate(def.Validity, def, defaults); err == nil { newDef.Validity = defaults.Validity
newDef.Validity = rendered
}
} else if defaults != nil && defaults.Validity != "" {
if rendered, err := applyTemplate(defaults.Validity, def, defaults); err == nil {
newDef.Validity = rendered
}
} }
// SAN: use def.SAN if set, else defaults.SAN (rendered) // SAN: use def.SAN if set, else defaults.SAN (rendered)
if len(def.SAN) > 0 { if len(def.SAN) > 0 {
newSAN := make([]string, len(def.SAN)) newSAN := make([]string, len(def.SAN))
for i, s := range def.SAN { for i, s := range def.SAN {
if rendered, err := applyTemplate(s, def, defaults); err == nil { if rendered, err := applyTemplate(s, def.Name); err == nil {
newSAN[i] = rendered newSAN[i] = rendered
} else { } else {
newSAN[i] = s newSAN[i] = s
@@ -612,7 +598,7 @@ func renderCertificateDefTemplates(def CertificateDefinition, defaults *Certific
} else if defaults != nil && len(defaults.SAN) > 0 { } else if defaults != nil && len(defaults.SAN) > 0 {
newSAN := make([]string, len(defaults.SAN)) newSAN := make([]string, len(defaults.SAN))
for i, s := range defaults.SAN { for i, s := range defaults.SAN {
if rendered, err := applyTemplate(s, def, defaults); err == nil { if rendered, err := applyTemplate(s, def.Name); err == nil {
newSAN[i] = rendered newSAN[i] = rendered
} else { } else {
newSAN[i] = s newSAN[i] = s