Simplified template rendering.
This commit is contained in:
42
ca.go
42
ca.go
@@ -545,14 +545,12 @@ func parseDistinguishedName(dn string) pkix.Name {
|
||||
return name
|
||||
}
|
||||
|
||||
// Helper: apply Go template to a string using CertificateDefinition and CertificateDefaults as data
|
||||
func applyTemplate(s string, def CertificateDefinition, defaults *CertificateDefaults) (string, error) {
|
||||
// Helper: apply Go template to a string using only the certificate label as data
|
||||
func applyTemplate(s string, name string) (string, error) {
|
||||
data := struct {
|
||||
CertificateDefinition
|
||||
Defaults *CertificateDefaults
|
||||
Name string
|
||||
}{
|
||||
CertificateDefinition: def,
|
||||
Defaults: defaults,
|
||||
Name: name,
|
||||
}
|
||||
tmpl, err := template.New("").Parse(s)
|
||||
if err != nil {
|
||||
@@ -570,39 +568,27 @@ func renderCertificateDefTemplates(def CertificateDefinition, defaults *Certific
|
||||
newDef := def
|
||||
// Subject: use def.Subject if set, else defaults.Subject (rendered)
|
||||
if def.Subject != "" {
|
||||
if rendered, err := applyTemplate(def.Subject, def, defaults); err == nil {
|
||||
if rendered, err := applyTemplate(def.Subject, def.Name); err == nil {
|
||||
newDef.Subject = rendered
|
||||
}
|
||||
} else if defaults != nil && defaults.Subject != "" {
|
||||
if rendered, err := applyTemplate(defaults.Subject, def, defaults); err == nil {
|
||||
if rendered, err := applyTemplate(defaults.Subject, def.Name); err == nil {
|
||||
newDef.Subject = rendered
|
||||
}
|
||||
}
|
||||
// Type: use def.Type if set, else defaults.Type (rendered)
|
||||
if def.Type != "" {
|
||||
if rendered, err := applyTemplate(def.Type, def, defaults); err == nil {
|
||||
newDef.Type = rendered
|
||||
}
|
||||
} else if defaults != nil && defaults.Type != "" {
|
||||
if rendered, err := applyTemplate(defaults.Type, def, defaults); err == nil {
|
||||
newDef.Type = rendered
|
||||
}
|
||||
}
|
||||
// Validity: use def.Validity if set, else defaults.Validity (rendered)
|
||||
if def.Validity != "" {
|
||||
if rendered, err := applyTemplate(def.Validity, def, defaults); err == nil {
|
||||
newDef.Validity = rendered
|
||||
}
|
||||
} else if defaults != nil && defaults.Validity != "" {
|
||||
if rendered, err := applyTemplate(defaults.Validity, def, defaults); err == nil {
|
||||
newDef.Validity = rendered
|
||||
// Type: use def.Type if set, else defaults.Type (no template)
|
||||
if def.Type == "" && defaults != nil && defaults.Type != "" {
|
||||
newDef.Type = defaults.Type
|
||||
}
|
||||
// Validity: use def.Validity if set, else defaults.Validity (no template)
|
||||
if def.Validity == "" && defaults != nil && defaults.Validity != "" {
|
||||
newDef.Validity = defaults.Validity
|
||||
}
|
||||
// SAN: use def.SAN if set, else defaults.SAN (rendered)
|
||||
if len(def.SAN) > 0 {
|
||||
newSAN := make([]string, len(def.SAN))
|
||||
for i, s := range def.SAN {
|
||||
if rendered, err := applyTemplate(s, def, defaults); err == nil {
|
||||
if rendered, err := applyTemplate(s, def.Name); err == nil {
|
||||
newSAN[i] = rendered
|
||||
} else {
|
||||
newSAN[i] = s
|
||||
@@ -612,7 +598,7 @@ func renderCertificateDefTemplates(def CertificateDefinition, defaults *Certific
|
||||
} else if defaults != nil && len(defaults.SAN) > 0 {
|
||||
newSAN := make([]string, len(defaults.SAN))
|
||||
for i, s := range defaults.SAN {
|
||||
if rendered, err := applyTemplate(s, def, defaults); err == nil {
|
||||
if rendered, err := applyTemplate(s, def.Name); err == nil {
|
||||
newSAN[i] = rendered
|
||||
} else {
|
||||
newSAN[i] = s
|
||||
|
||||
Reference in New Issue
Block a user