blueprint: add cacert customization #4487
Conversation
| @@ -0,0 +1,5 @@ | |||
| package blueprint | |||
|
|
|||
| type CACustomization struct { | |||
There was a problem hiding this comment.
I think this belongs in the customizations.go with the rest of the structs. Putting it into a separate file makes it harder to read the code.
| @@ -0,0 +1,5 @@ | |||
| package blueprint | |||
|
|
|||
| type CACustomization struct { | |||
There was a problem hiding this comment.
This maybe out of scope for this PR but we have exactly this struct define in "images" and it is public, couldn't we just import it instead of copying it (the same question for most of the others but I guess this is why it's out of scope).
| @@ -31,6 +33,7 @@ type Customizations struct { | |||
| Installer *InstallerCustomization `json:"installer,omitempty" toml:"installer,omitempty"` | |||
| RPM *RPMCustomization `json:"rpm,omitempty" toml:"rpm,omitempty"` | |||
| RHSM *RHSMCustomization `json:"rhsm,omitempty" toml:"rhsm,omitempty"` | |||
| CACerts *CACustomization `json:"cacerts,omitempty" toml:"ca,omitempty"` | |||
There was a problem hiding this comment.
Why is there a different field name for toml than for json?
| if c.CACerts != nil { | ||
| for _, bundle := range c.CACerts.PEMCerts { | ||
| _, err := cert.ParseCerts(bundle) | ||
| if err != nil { | ||
| return err | ||
| } | ||
| } | ||
| } | ||
|
|
||
| return nil |
There was a problem hiding this comment.
I was thinking that maybe we could leave the happy path here? An early return, and then continue with parsing the values.
| case int64: | ||
| if s < 0 { | ||
| return 0, fmt.Errorf("cannot be negative") | ||
| } | ||
| return uint64(s), nil | ||
| case float64: | ||
| if s < 0 { | ||
| return 0, fmt.Errorf("cannot be negative") | ||
| } | ||
| // TODO: emit warning of possible truncation? | ||
| return uint64(s), nil |
There was a problem hiding this comment.
| case int64: | |
| if s < 0 { | |
| return 0, fmt.Errorf("cannot be negative") | |
| } | |
| return uint64(s), nil | |
| case float64: | |
| if s < 0 { | |
| return 0, fmt.Errorf("cannot be negative") | |
| } | |
| // TODO: emit warning of possible truncation? | |
| return uint64(s), nil | |
| case int64, float64: | |
| if s < 0 { | |
| return 0, fmt.Errorf("cannot be negative") | |
| } | |
| return uint64(s), nil |
But I am not sure, what is the plan with this, as there is also the TODO comment.
This is a follow-up to
https://github.com/osbuild/images/pull/907/files
I am shooting in the dark, not sure how can I test this locally. Let me know how can I test this.