Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
f6ae53bb
Commit
f6ae53bb
authored
Jul 25, 2018
by
Dylan Griffith
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Reduce duplication in code in Gitlab::Kubernetes::Helm::Certificate
parent
cb21560b
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
23 additions
and
30 deletions
+23
-30
lib/gitlab/kubernetes/helm/certificate.rb
lib/gitlab/kubernetes/helm/certificate.rb
+23
-30
No files found.
lib/gitlab/kubernetes/helm/certificate.rb
View file @
f6ae53bb
...
...
@@ -22,52 +22,45 @@ module Gitlab
end
def
self
.
generate_root
key
=
OpenSSL
::
PKey
::
RSA
.
new
(
4096
)
public_key
=
key
.
public_key
subject
=
"/C=US"
cert
=
OpenSSL
::
X509
::
Certificate
.
new
cert
.
subject
=
cert
.
issuer
=
OpenSSL
::
X509
::
Name
.
parse
(
subject
)
cert
.
not_before
=
Time
.
now
cert
.
not_after
=
INFINITE_EXPIRY
.
from_now
cert
.
public_key
=
public_key
cert
.
serial
=
0x0
cert
.
version
=
2
extension_factory
=
OpenSSL
::
X509
::
ExtensionFactory
.
new
extension_factory
.
subject_certificate
=
cert
extension_factory
.
issuer_certificate
=
cert
cert
.
add_extension
(
extension_factory
.
create_extension
(
'subjectKeyIdentifier'
,
'hash'
))
cert
.
add_extension
(
extension_factory
.
create_extension
(
'basicConstraints'
,
'CA:TRUE'
,
true
))
cert
.
add_extension
(
extension_factory
.
create_extension
(
'keyUsage'
,
'cRLSign,keyCertSign'
,
true
))
cert
.
sign
key
,
OpenSSL
::
Digest
::
SHA256
.
new
new
(
key
,
cert
)
_issue
(
signed_by:
nil
,
expires_in:
INFINITE_EXPIRY
,
ca:
true
)
end
def
issue
(
expires_in:
SHORT_EXPIRY
)
self
.
class
.
_issue
(
signed_by:
self
,
expires_in:
expires_in
,
ca:
false
)
end
private
def
self
.
_issue
(
signed_by
:,
expires_in
:,
ca
:)
key
=
OpenSSL
::
PKey
::
RSA
.
new
(
4096
)
public_key
=
key
.
public_key
subject
=
"/C=US"
subject
=
OpenSSL
::
X509
::
Name
.
parse
(
"/C=US"
)
cert
=
OpenSSL
::
X509
::
Certificate
.
new
cert
.
subject
=
OpenSSL
::
X509
::
Name
.
parse
(
subject
)
cert
.
issuer
=
self
.
cert
.
subject
cert
.
subject
=
subject
cert
.
issuer
=
signed_by
&
.
cert
&
.
subject
||
subject
cert
.
not_before
=
Time
.
now
cert
.
not_after
=
expires_in
.
from_now
cert
.
public_key
=
public_key
cert
.
serial
=
0x0
cert
.
version
=
2
cert
.
sign
self
.
key
,
OpenSSL
::
Digest
::
SHA256
.
new
if
ca
extension_factory
=
OpenSSL
::
X509
::
ExtensionFactory
.
new
extension_factory
.
subject_certificate
=
cert
extension_factory
.
issuer_certificate
=
cert
cert
.
add_extension
(
extension_factory
.
create_extension
(
'subjectKeyIdentifier'
,
'hash'
))
cert
.
add_extension
(
extension_factory
.
create_extension
(
'basicConstraints'
,
'CA:TRUE'
,
true
))
cert
.
add_extension
(
extension_factory
.
create_extension
(
'keyUsage'
,
'cRLSign,keyCertSign'
,
true
))
end
self
.
class
.
new
(
key
,
cert
)
end
cert
.
sign
(
signed_by
&
.
key
||
key
,
OpenSSL
::
Digest
::
SHA256
.
new
)
private
new
(
key
,
cert
)
end
def
initialize
(
key
,
cert
)
@key
=
key
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
