mirror of https://github.com/hashicorp/consul
74 lines
2.3 KiB
Go
74 lines
2.3 KiB
Go
|
// Copyright (c) HashiCorp, Inc.
|
||
|
// SPDX-License-Identifier: BUSL-1.1
|
||
|
|
||
|
package structs
|
||
|
|
||
|
import (
|
||
|
"github.com/hashicorp/consul/acl"
|
||
|
)
|
||
|
|
||
|
// FileSystemCertificateConfigEntry manages the configuration for a certificate
|
||
|
// and private key located in the local file system.
|
||
|
type FileSystemCertificateConfigEntry struct {
|
||
|
// Kind of config entry. This will be set to structs.FileSystemCertificate.
|
||
|
Kind string
|
||
|
|
||
|
// Name is used to match the config entry with its associated file system certificate.
|
||
|
Name string
|
||
|
|
||
|
// Certificate is the optional path to a client certificate to use for TLS connections.
|
||
|
Certificate string
|
||
|
|
||
|
// PrivateKey is the optional path to a private key to use for TLS connections.
|
||
|
PrivateKey string
|
||
|
|
||
|
Meta map[string]string `json:",omitempty"`
|
||
|
Hash uint64 `json:",omitempty" hash:"ignore"`
|
||
|
acl.EnterpriseMeta `hcl:",squash" mapstructure:",squash"`
|
||
|
RaftIndex `hash:"ignore"`
|
||
|
}
|
||
|
|
||
|
func (e *FileSystemCertificateConfigEntry) SetHash(h uint64) {
|
||
|
e.Hash = h
|
||
|
}
|
||
|
|
||
|
func (e *FileSystemCertificateConfigEntry) GetHash() uint64 {
|
||
|
return e.Hash
|
||
|
}
|
||
|
|
||
|
func (e *FileSystemCertificateConfigEntry) GetKind() string { return FileSystemCertificate }
|
||
|
func (e *FileSystemCertificateConfigEntry) GetName() string { return e.Name }
|
||
|
func (e *FileSystemCertificateConfigEntry) Normalize() error {
|
||
|
h, err := HashConfigEntry(e)
|
||
|
if err != nil {
|
||
|
return err
|
||
|
}
|
||
|
e.Hash = h
|
||
|
return nil
|
||
|
}
|
||
|
func (e *FileSystemCertificateConfigEntry) GetMeta() map[string]string { return e.Meta }
|
||
|
func (e *FileSystemCertificateConfigEntry) GetEnterpriseMeta() *acl.EnterpriseMeta {
|
||
|
return &e.EnterpriseMeta
|
||
|
}
|
||
|
func (e *FileSystemCertificateConfigEntry) GetRaftIndex() *RaftIndex { return &e.RaftIndex }
|
||
|
|
||
|
func (e *FileSystemCertificateConfigEntry) Validate() error {
|
||
|
return validateConfigEntryMeta(e.Meta)
|
||
|
}
|
||
|
|
||
|
func (e *FileSystemCertificateConfigEntry) Hosts() ([]string, error) {
|
||
|
return []string{}, nil
|
||
|
}
|
||
|
|
||
|
func (e *FileSystemCertificateConfigEntry) CanRead(authz acl.Authorizer) error {
|
||
|
var authzContext acl.AuthorizerContext
|
||
|
e.FillAuthzContext(&authzContext)
|
||
|
return authz.ToAllowAuthorizer().MeshReadAllowed(&authzContext)
|
||
|
}
|
||
|
|
||
|
func (e *FileSystemCertificateConfigEntry) CanWrite(authz acl.Authorizer) error {
|
||
|
var authzContext acl.AuthorizerContext
|
||
|
e.FillAuthzContext(&authzContext)
|
||
|
return authz.ToAllowAuthorizer().MeshWriteAllowed(&authzContext)
|
||
|
}
|