Skip to content

Commit

Permalink
Combine assignment of pkcs12 and dname objects into single statement
Browse files Browse the repository at this point in the history
Signed-off-by: 1000TurquoisePogs <[email protected]>
  • Loading branch information
1000TurquoisePogs committed May 22, 2024
1 parent e33830b commit ea9f8ab
Showing 1 changed file with 7 additions and 15 deletions.
22 changes: 7 additions & 15 deletions files/defaults.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -79,23 +79,15 @@ zowe:
# This section fully defines a default for certificate scenario 1, but makes way when detecting any other scenarios.
certificate:
type: PKCS12
pkcs12:
directory: "${{ zowe.setup.certificate.type != 'PKCS12' ? undefined : '/var/zowe/keystore' }}"
lock: "${{ zowe.setup.certificate.type != 'PKCS12' ? undefined : true }}"
name: "${{ zowe.setup.certificate.type == 'PKCS12' && !zowe.setup.certificate.pkcs12.import ? 'localhost' : undefined }}"
password: "${{ zowe.setup.certificate.type == 'PKCS12' && !zowe.setup.certificate.pkcs12.import ? 'password' : undefined }}"
caAlias: "${{ zowe.setup.certificate.type == 'PKCS12' && !zowe.setup.certificate.pkcs12.import ? 'local_ca' : undefined }}"
caPassword: "${{ zowe.setup.certificate.type == 'PKCS12' && !zowe.setup.certificate.pkcs12.import ? 'local_ca_password' : undefined }}"
# Quirk in templating and schema - undefined/null here will be rejected by a schema that wants a string, so instead of templating individual objects
# This templates the entire object.
# Templating the entire object as "pkcs12: zowe.setup.certificate.pkcs12" also does not work, because internal template attributes are added.
# This will work for pkcs12 and dname objects as long as they dont have 'required' fields.
pkcs12: "${{ zowe.setup.certificate.type != 'PKCS12' ? {} : zowe.setup.certificate.pkcs12.import ? { directory: zowe.setup.certificate.pkcs12.directory, lock: zowe.setup.certificate.pkcs12.lock, import: zowe.setup.certificate.pkcs12.import } : { directory: '/var/zowe/keystore', lock: true, name: 'localhost', password: 'password', caAlias: 'local_ca', caPassword: 'local_ca_password' } }}"

# Distinguished name for Zowe generated certificates.
dname:
caCommonName: "${{ (zowe.setup.certificate.pkcs12?.name || zowe.setup.certificate.keyring?.label) ? 'Zowe Development Instances CA' : undefined }}"
commonName: "${{ (zowe.setup.certificate.pkcs12?.name || zowe.setup.certificate.keyring?.label) ? 'Zowe Development Instances Certificate' : undefined }}"
orgUnit: "${{ (zowe.setup.certificate.pkcs12?.name || zowe.setup.certificate.keyring?.label) ? 'API Mediation Layer' : undefined }}"
org: "${{ (zowe.setup.certificate.pkcs12?.name || zowe.setup.certificate.keyring?.label) ? 'Zowe Sample' : undefined }}"
locality: "${{ (zowe.setup.certificate.pkcs12?.name || zowe.setup.certificate.keyring?.label) ? 'Prague' : undefined }}"
state: "${{ (zowe.setup.certificate.pkcs12?.name || zowe.setup.certificate.keyring?.label) ? 'Prague' : undefined }}"
country: "${{ (zowe.setup.certificate.pkcs12?.name || zowe.setup.certificate.keyring?.label) ? 'CZ' : undefined }}"
dname: "${{ (zowe.setup.certificate.pkcs12?.name || zowe.setup.certificate.keyring?.label) ? { caCommonName: 'Zowe Development Instances CA', commonName: 'Zowe Development Instances Certificate', orgUnit: 'API Mediation Layer', org: 'Zowe Sample', locality: 'Prague', state: 'Prague', country: 'CZ' } : {} }}"

# Validity days for Zowe generated certificates
validity: "${{ (zowe.setup.certificate.pkcs12?.import || zowe.setup.certificate.keyring?.label) ? undefined : 3650 }}"

Expand Down

0 comments on commit ea9f8ab

Please sign in to comment.