Consolidate setX509SVIDResponse

Signed-off-by: Peyton Walters <[email protected]>
bloomberg · Jan 3, 2020 · 335a7db · 335a7db
1 parent 5ef02b3
commit 335a7db
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 14 deletions.
diff --git a/cmd/plugin/vault-auth-spire.go b/cmd/plugin/vault-auth-spire.go
@@ -23,7 +23,7 @@ import (
 	"github.com/hashicorp/vault/sdk/framework"
 	"github.com/hashicorp/vault/sdk/logical"
 	"github.com/sirupsen/logrus"
-	"vault-auth-spire/internal/common"
+	"github.com/bloomberg/vault-auth-spire/internal/common"
 
 	"log"
 	"os"

diff --git a/go.mod b/go.mod
@@ -1,4 +1,4 @@
-module vault-auth-spire
+module github.com/bloomberg/vault-auth-spire
 
 go 1.12
 

diff --git a/internal/common/settings.go b/internal/common/settings.go
@@ -143,11 +143,12 @@ func readSpireSourceOfTrustSettings() (*SpireTrustSourceSettings, error) {
 		return nil, errors.New("trustsource.spire.domains is required but not found")
 	}
 
-	spireSettings := new(SpireTrustSourceSettings)
-	spireSettings.SpireEndpoints = viper.GetStringMapString("trustsource.spire.domains")
 	viper.SetDefault("trustsource.spire.certLocation", "/tmp/vault-spire-certs.json")
 	viper.SetDefault("trustsource.spire.storeEnabled", true)
-	spireSettings.CertStorePath = viper.GetString("trustsource.spire.certLocation")
+	spireSettings := &SpireTrustSourceSettings{
+		SpireEndpoints: viper.GetStringMapString("trustsource.spire.domains"),
+		CertStorePath:  viper.GetString("trustsource.spire.certLocation"),
+	}
 	if !viper.GetBool("trustsource.spire.storeEnabled") {
 		spireSettings.CertStorePath = ""
 	}

diff --git a/internal/common/spiretrustsource.go b/internal/common/spiretrustsource.go
@@ -74,10 +74,8 @@ func (s *SpireTrustSource) parseCertFile() error {
 	if err != nil {
 		return fmt.Errorf("could not read cert file: %v", err)
 	}
-	fmt.Println(string(fileDat))
 	var certStruct certMap
-	err = json.Unmarshal(fileDat, &certStruct)
-	if err != nil {
+	if err = json.Unmarshal(fileDat, &certStruct); err != nil {
 		logrus.Warnf("Error unmarshaling cert file: %v\n", err)
 	}
 	for domain, encCerts := range certStruct.Certs {

diff --git a/internal/common/spiffetrustsource_test.go → internal/common/spiretrustsource_test.go b/internal/common/spiffetrustsource_test.go → internal/common/spiretrustsource_test.go
@@ -21,8 +21,8 @@ var (
 )
 
 // makeX509SVIDResponse is a convenience function for generating X509 responses
-func makeX509SVIDResponse(ca *spiffetest.CA, svid []*x509.Certificate, key crypto.Signer) *spiffetest.X509SVIDResponse {
-	return &spiffetest.X509SVIDResponse{
+func setX509SVIDResponse(api *spiffetest.WorkloadAPI, ca *spiffetest.CA, svid []*x509.Certificate, key crypto.Signer) {
+	response := &spiffetest.X509SVIDResponse{
 		Bundle: ca.Roots(),
 		SVIDs: []spiffetest.X509SVID{
 			{
@@ -31,6 +31,7 @@ func makeX509SVIDResponse(ca *spiffetest.CA, svid []*x509.Certificate, key crypt
 			},
 		},
 	}
+	api.SetX509SVIDResponse(response)
 }
 
 func TestInitalLoad(t *testing.T) {
@@ -59,7 +60,7 @@ func TestWriteCerts(t *testing.T) {
 	ca := spiffetest.NewCA(t)
 	svidFoo, keyFoo := ca.CreateX509SVID("spiffe://example.org/foo")
 
-	workloadAPI.SetX509SVIDResponse(makeX509SVIDResponse(ca, svidFoo, keyFoo))
+	setX509SVIDResponse(workloadAPI, ca, svidFoo, keyFoo)
 
 	source, err := NewSpireTrustSource(map[string]string{
 		"spiffe://example.org": workloadAPI.Addr(),
@@ -84,7 +85,7 @@ func TestSpireOverwrite(t *testing.T) {
 	ca := spiffetest.NewCA(t)
 	svidFoo, keyFoo := ca.CreateX509SVID("spiffe://example.org/foo")
 
-	workloadAPI.SetX509SVIDResponse(makeX509SVIDResponse(ca, svidFoo, keyFoo))
+	setX509SVIDResponse(workloadAPI, ca, svidFoo, keyFoo)
 
 	source, err := NewSpireTrustSource(map[string]string{
 		"spiffe://example.org": workloadAPI.Addr(),
@@ -104,7 +105,7 @@ func TestSpireReload(t *testing.T) {
 
 	ca := spiffetest.NewCA(t)
 	svidFoo, keyFoo := ca.CreateX509SVID("spiffe://example.org/foo")
-	workloadAPI.SetX509SVIDResponse(makeX509SVIDResponse(ca, svidFoo, keyFoo))
+	setX509SVIDResponse(workloadAPI, ca, svidFoo, keyFoo)
 
 	source, err := NewSpireTrustSource(map[string]string{
 		"spiffe://example.org": workloadAPI.Addr(),
@@ -117,7 +118,7 @@ func TestSpireReload(t *testing.T) {
 
 	caRot := spiffetest.NewCA(t)
 	svidFooRot, keyFooRot := ca.CreateX509SVID("spiffe://example.org/foo")
-	workloadAPI.SetX509SVIDResponse(makeX509SVIDResponse(caRot, svidFooRot, keyFooRot))
+	setX509SVIDResponse(workloadAPI, caRot, svidFooRot, keyFooRot)
 
 	time.Sleep(1 * time.Second) // wait for watcher to get new certs
 	assert.Equal(t, caRot.Roots(), source.TrustedCertificates()["spiffe://example.org"])