diff --git a/main.go b/main.go
index 8ed874c91a9d80a308db8541df2bf8238f30b3b9..99468ab5589a26ee263b23264f5437742bed2493 100644
--- a/main.go
+++ b/main.go
@@ -18,22 +18,40 @@ import (
)
var (
- appVersion string
- buildTime string
- CertBase string
- KeyBase string
- GroupName string
- RedisBaseURL string
- VaultBaseURL string
- certificateDestination string
- fullchainDestination string
- keyDestination string
- caDestination string
- Type string
+ appVersion string
+ buildTime string
+ CertBase string
+ KeyBase string
+ GroupName string
+ RedisBaseURL string
+ VaultBaseURL string
+ certificateDestination string
+ fullchainDestination string
+ keyDestination string
+ caDestination string
+ Type string
+ tmpCertificateDestination = "/tmp/amce_cert.pem"
+ tmpFullchainDestination = "/tmp/amce_fullchain.pem"
+ tmpCaDestination = "/tmp/amce_ca.pem"
+ tmpKeyDestination = "/tmp/amce_key.pem"
+ tempCertSlice = []string{tmpCertificateDestination, tmpFullchainDestination, tmpCaDestination, tmpKeyDestination}
)
+// app exit
+func appExit(status int) {
+ for _, element := range tempCertSlice {
+ err := os.Remove(element)
+ if err != nil {
+ }
+ }
+ os.Exit(status)
+}
+
// check certificates
func checkCerificates(dnsname string, certificate string, fullchain string, ca string, key string, days int, fail bool) bool {
+ for _, element := range tempCertSlice {
+ fmt.Printf(element)
+ }
Seconds := days * 86400
daysNumber := time.Now().Local().Add(time.Second * time.Duration(Seconds))
@@ -43,7 +61,7 @@ func checkCerificates(dnsname string, certificate string, fullchain string, ca s
if err != nil {
if fail == true {
fmt.Printf("[ERROR] %v\n", err)
- os.Exit(255)
+ appExit(255)
} else {
return false
}
@@ -53,7 +71,7 @@ func checkCerificates(dnsname string, certificate string, fullchain string, ca s
if err != nil {
if fail == true {
fmt.Printf("[ERROR] %v\n", err)
- os.Exit(255)
+ appExit(255)
} else {
return false
}
@@ -63,7 +81,7 @@ func checkCerificates(dnsname string, certificate string, fullchain string, ca s
if err != nil {
if fail == true {
fmt.Printf("[ERROR] %v\n", err)
- os.Exit(255)
+ appExit(255)
} else {
return false
}
@@ -74,7 +92,7 @@ func checkCerificates(dnsname string, certificate string, fullchain string, ca s
if !ok {
if fail == true {
fmt.Printf("[ERROR] failed to parse root certificate\n")
- os.Exit(255)
+ appExit(255)
} else {
return false
}
@@ -84,7 +102,7 @@ func checkCerificates(dnsname string, certificate string, fullchain string, ca s
if block == nil {
if fail == true {
fmt.Printf("[ERROR] failed to parse certificate PEM\n")
- os.Exit(255)
+ appExit(255)
} else {
return false
}
@@ -93,7 +111,7 @@ func checkCerificates(dnsname string, certificate string, fullchain string, ca s
if err != nil {
if fail == true {
fmt.Printf("[ERROR] failed to parse certificate %v\n", err)
- os.Exit(255)
+ appExit(255)
} else {
return false
}
@@ -103,7 +121,7 @@ func checkCerificates(dnsname string, certificate string, fullchain string, ca s
if fullchainBlock == nil {
if fail == true {
fmt.Printf("[ERROR] failed to parse certificate PEM\n")
- os.Exit(255)
+ appExit(255)
} else {
return false
}
@@ -112,7 +130,7 @@ func checkCerificates(dnsname string, certificate string, fullchain string, ca s
if fullchainErr != nil {
if fail == true {
fmt.Printf("[ERROR] failed to parse certificate %v\n", fullchainErr)
- os.Exit(255)
+ appExit(255)
} else {
return false
}
@@ -128,7 +146,7 @@ func checkCerificates(dnsname string, certificate string, fullchain string, ca s
if _, err := cert.Verify(opts); err != nil {
if fail == true {
fmt.Printf("[ERROR] failed to parse certificate %v\n", err.Error())
- os.Exit(255)
+ appExit(255)
} else {
return false
}
@@ -154,7 +172,7 @@ func GetRedisKey(redisurl string, redistoken string) string {
defer resp.Body.Close()
if err != nil {
fmt.Printf("[ERROR] Fail to read %v: %v\n", redisurl, err)
- os.Exit(255)
+ appExit(255)
}
return fmt.Sprintf(string(body))
}
@@ -169,7 +187,7 @@ func GetVaultKey(vaulturl string, vaulttoken string) string {
defer resp.Body.Close()
if err != nil {
fmt.Printf("[ERROR] Fail to read %v: %v\n", vaulturl, err)
- os.Exit(255)
+ appExit(255)
}
return gjson.Get(string(body), "data.value").String()
}
@@ -185,7 +203,7 @@ func WriteToFile(content string, destination string, groupname string, filemode
file, err := os.OpenFile(destination, os.O_WRONLY|os.O_CREATE, filemode)
if err != nil {
fmt.Printf("[ERROR] %v cannot be created\n", destination)
- os.Exit(255)
+ appExit(255)
}
fmt.Fprintf(file, "%v\n", content)
@@ -252,13 +270,12 @@ Options:
--ca-destination=CADESTINATION CA Destination [default: %v/COMODO_<type>.crt]
`, CertBase, CertBase, KeyBase, CertBase)
- // Annoyingly docopt tries to use 'version' the way he wants and I am using build
-
arguments, _ := docopt.Parse(usage, nil, true, appVersion, false)
+ // Annoyingly docopt tries to use 'version' the way he wants and I am using build
if arguments["--build"] == true {
fmt.Printf("acme-downloader version: %v, built on: %v\n", appVersion, buildTime)
- os.Exit(0)
+ appExit(0)
}
VaultToken := arguments["--vault-token"].(string)
@@ -271,7 +288,7 @@ Options:
Days, daysErr := strconv.Atoi(DayString)
if daysErr != nil {
fmt.Printf("Days mut be an integer\n")
- os.Exit(255)
+ appExit(255)
}
RedisBaseURL = "https://redis.geant.org/GET"
VaultBaseURL = "https://vault.geant.org/v1"
@@ -280,11 +297,6 @@ Options:
RedisCAURL := fmt.Sprintf("%v/%v:%v:redis_%v_chain_pem.txt", RedisBaseURL, TeamName, CertName, CertNameUndercored)
RedisFullChainURL := fmt.Sprintf("%v/%v:%v:redis_%v_fullchain_pem.txt", RedisBaseURL, TeamName, CertName, CertNameUndercored)
- tmpCertificateDestination := "/tmp/amce_cert.pem"
- tmpFullchainDestination := "/tmp/amce_fullchain.pem"
- tmpCaDestination := "/tmp/amce_ca.pem"
- tmpKeyDestination := "/tmp/amce_key.pem"
-
if arguments["--cert-destination"] == fmt.Sprintf("%v/<cert-name>.crt", CertBase) {
certificateDestination = fmt.Sprintf("%v/%v.crt", CertBase, CertName)
} else {
@@ -310,7 +322,7 @@ Options:
existingCert := checkCerificates(CertName, certificateDestination, fullchainDestination, caDestination, keyDestination, Days, false)
if existingCert == true {
fmt.Printf("the certificates are still valid\n")
- os.Exit(0)
+ appExit(0)
}
certificate := GetRedisKey(RedisCertURL, RedisToken)
ca := GetRedisKey(RedisCAURL, RedisToken)
@@ -321,14 +333,13 @@ Options:
WriteToFile(fullChain, tmpFullchainDestination, GroupName, 0644, 0755)
WriteToFile(ca, tmpCaDestination, GroupName, 0644, 0755)
WriteToFile(privKey, tmpKeyDestination, GroupName, 0640, 0750)
- tempCertSlice := []string{tmpCertificateDestination, tmpFullchainDestination, tmpCaDestination, tmpKeyDestination}
newCert := checkCerificates(CertName, tmpCertificateDestination, tmpFullchainDestination, tmpCaDestination, tmpKeyDestination, Days, false)
if newCert == false {
fmt.Printf("the certificates are malformed. Skippping installation\n")
for _, element := range tempCertSlice {
os.Remove(element)
}
- os.Exit(255)
+ appExit(255)
}
WriteToFile(certificate, certificateDestination, GroupName, 0644, 0755)
@@ -341,4 +352,7 @@ Options:
fmt.Printf("installed: %v\n", fullchainDestination)
fmt.Printf("installed: %v\n", keyDestination)
+ // Exit 100, means application reload
+ appExit(1)
+
}