agent/connect: rename SpiffeID to CertURI
This commit is contained in:
Mitchell Hashimoto
parent
b0315811b9
commit
da1bc48372
|
|
@ -197,9 +197,9 @@ func TestLeaf(t testing.T, service string, root *structs.CARoot) string {
|
|||
|
||||
// TestCSR returns a CSR to sign the given service along with the PEM-encoded
|
||||
// private key for this certificate.
|
||||
func TestCSR(t testing.T, id SpiffeID) (string, string) {
|
||||
func TestCSR(t testing.T, uri CertURI) (string, string) {
|
||||
template := &x509.CertificateRequest{
|
||||
URIs: []*url.URL{id.URI()},
|
||||
URIs: []*url.URL{uri.URI()},
|
||||
SignatureAlgorithm: x509.ECDSAWithSHA256,
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -6,9 +6,14 @@ import (
|
|||
"regexp"
|
||||
)
|
||||
|
||||
// SpiffeID represents a Connect-valid SPIFFE ID. The user should type switch
|
||||
// on the various implementations in this package to determine the type of ID.
|
||||
type SpiffeID interface {
|
||||
// CertURI represents a Connect-valid URI value for a TLS certificate.
|
||||
// The user should type switch on the various implementations in this
|
||||
// package to determine the type of URI and the data encoded within it.
|
||||
//
|
||||
// Note that the current implementations of this are all also SPIFFE IDs.
|
||||
// However, we anticipate that we may accept URIs that are also not SPIFFE
|
||||
// compliant and therefore the interface is named as such.
|
||||
type CertURI interface {
|
||||
URI() *url.URL
|
||||
}
|
||||
|
||||
|
|
@ -17,8 +22,8 @@ var (
|
|||
`^/ns/(\w+)/dc/(\w+)/svc/(\w+)$`)
|
||||
)
|
||||
|
||||
// ParseSpiffeID parses a SPIFFE ID from the input URI.
|
||||
func ParseSpiffeID(input *url.URL) (SpiffeID, error) {
|
||||
// ParseCertURI parses a the URI value from a TLS certificate.
|
||||
func ParseCertURI(input *url.URL) (CertURI, error) {
|
||||
if input.Scheme != "spiffe" {
|
||||
return nil, fmt.Errorf("SPIFFE ID must have 'spiffe' scheme")
|
||||
}
|
||||
|
|
@ -7,9 +7,9 @@ import (
|
|||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
// testSpiffeIDCases contains the test cases for parsing and encoding
|
||||
// testCertURICases contains the test cases for parsing and encoding
|
||||
// the SPIFFE IDs. This is a global since it is used in multiple test functions.
|
||||
var testSpiffeIDCases = []struct {
|
||||
var testCertURICases = []struct {
|
||||
Name string
|
||||
URI string
|
||||
Struct interface{}
|
||||
|
|
@ -35,8 +35,8 @@ var testSpiffeIDCases = []struct {
|
|||
},
|
||||
}
|
||||
|
||||
func TestParseSpiffeID(t *testing.T) {
|
||||
for _, tc := range testSpiffeIDCases {
|
||||
func TestParseCertURI(t *testing.T) {
|
||||
for _, tc := range testCertURICases {
|
||||
t.Run(tc.Name, func(t *testing.T) {
|
||||
assert := assert.New(t)
|
||||
|
||||
|
|
@ -45,7 +45,7 @@ func TestParseSpiffeID(t *testing.T) {
|
|||
assert.Nil(err)
|
||||
|
||||
// Parse the ID and check the error/return value
|
||||
actual, err := ParseSpiffeID(uri)
|
||||
actual, err := ParseCertURI(uri)
|
||||
assert.Equal(tc.ParseError != "", err != nil, "error value")
|
||||
if err != nil {
|
||||
assert.Contains(err.Error(), tc.ParseError)
|
||||
|
|
@ -171,7 +171,7 @@ func (s *ConnectCA) Sign(
|
|||
}
|
||||
|
||||
// Parse the SPIFFE ID
|
||||
spiffeId, err := connect.ParseSpiffeID(csr.URIs[0])
|
||||
spiffeId, err := connect.ParseCertURI(csr.URIs[0])
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue