fixed authority mapping and [wip] github/workflows

tarach · Dec 17, 2023 · 9b7b322 · 9b7b322
1 parent 350004a
commit 9b7b322
Show file tree

Hide file tree

Showing 6 changed files with 68 additions and 5 deletions.
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -0,0 +1,31 @@
+name: Context testing
+on: push
+
+jobs:
+  dump_contexts_to_log:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Dump GitHub context
+        env:
+          GITHUB_CONTEXT: ${{ toJson(github) }}
+        run: echo "$GITHUB_CONTEXT"
+      - name: Dump job context
+        env:
+          JOB_CONTEXT: ${{ toJson(job) }}
+        run: echo "$JOB_CONTEXT"
+      - name: Dump steps context
+        env:
+          STEPS_CONTEXT: ${{ toJson(steps) }}
+        run: echo "$STEPS_CONTEXT"
+      - name: Dump runner context
+        env:
+          RUNNER_CONTEXT: ${{ toJson(runner) }}
+        run: echo "$RUNNER_CONTEXT"
+      - name: Dump strategy context
+        env:
+          STRATEGY_CONTEXT: ${{ toJson(strategy) }}
+        run: echo "$STRATEGY_CONTEXT"
+      - name: Dump matrix context
+        env:
+          MATRIX_CONTEXT: ${{ toJson(matrix) }}
+        run: echo "$MATRIX_CONTEXT"
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
 vendor/
 .idea/
 ssl-cert/
+sslgen.phar
diff --git a/README.md b/README.md
@@ -0,0 +1,16 @@
+```bash
+export USR=userName
+ssh ${USR}@192.168.56.10 mkdir ssl-cert/
+cd ssl-cert/
+sftp ${USR}@192.168.56.10:ssl-cert
+put *
+
+ssh ${USR}@192.168.56.10:ssl-cert
+sudo cp ca.pem /root/.docker/
+sudo cp server.key /root/.docker/key.pem
+sudo cp server.pem /root/.docker/cert.pem
+
+cat client.pem >> cert-and-key.pem
+cat client.key >> cert-and-key.pem
+curl -vv --cacert ca.pem --cert cert-and-key.pem https://192.168.56.10:2376/version
+```
diff --git a/src/Command/Config/Authority.php b/src/Command/Config/Authority.php
@@ -10,10 +10,16 @@
 
 readonly class Authority
 {
+    public ?string $cert;
+    public ?string $pkey;
+
     public function __construct(
-        public ?string $cert,
-        public ?string $pkey
+        ?string $cert,
+        ?string $pkey
     ){
+        $this->cert = $cert ? realpath($cert) : null;
+        $this->pkey = $pkey ? realpath($pkey) : null;
+
         $files = [
             'cert' => $this->cert,
             'pkey' => $this->pkey,

diff --git a/src/SSLExporterService.php b/src/SSLExporterService.php
@@ -40,7 +40,11 @@ public function toFiles(SSLGeneratorOutput $ssl, string $directory): void
 
     private function normalizeDirectoryPath(string $directory): string
     {
-        $directory = realpath(rtrim($directory, '\\/')) . DIRECTORY_SEPARATOR;
+        $directory = rtrim($directory, '\\/') . DIRECTORY_SEPARATOR;
+
+        if ('.' === $directory[0]) {
+            $directory = getcwd() . DIRECTORY_SEPARATOR . $directory;
+        }
 
         if (!file_exists($directory)) {
             if (!@mkdir($directory)) {

diff --git a/src/SSLGeneratorService.php b/src/SSLGeneratorService.php
@@ -17,12 +17,17 @@ public function generate(DistinguishedNames $names): SSLGeneratorOutput
     {
         $privateKey = openssl_pkey_new($this->config->getPrivateKeyFile()->getOptions());
 
+        $days = 365;
+        $options = [
+            'digest_alg' => 'sha256',
+        ];
+
         // Certificate signing request
-        $csr = openssl_csr_new($names->getArray(), $privateKey, ['digest_alg' => 'sha256']);
+        $csr = openssl_csr_new($names->getArray(), $privateKey, $options);
 
         $authority = $this->config->getAuthority();
         $key = $authority->getPrivateKey() ?: $privateKey;
-        $certificate = openssl_csr_sign($csr, $authority->getCertificate(), $key, $days=365, ['digest_alg' => 'sha256']);
+        $certificate = openssl_csr_sign($csr, $authority->getCertificate(), $key, $days, $options);
 
         return new SSLGeneratorOutput(
             $privateKey,