mirror of
https://github.com/kairos-io/kairos-sdk.git
synced 2025-09-20 02:26:10 +00:00
Print the EFI certs in the state command (#98)
* Print the EFI certs in the state command Signed-off-by: Itxaka <itxaka@kairos.io> * Fix key for yaml/json output Signed-off-by: Itxaka <itxaka@kairos.io> * Fix go.mod Signed-off-by: Itxaka <itxaka@kairos.io> * Move things around Signed-off-by: Itxaka <itxaka@kairos.io> * Fix format Signed-off-by: Itxaka <itxaka@kairos.io> --------- Signed-off-by: Itxaka <itxaka@kairos.io>
This commit is contained in:
2
go.mod
2
go.mod
@@ -72,8 +72,8 @@ require (
|
|||||||
github.com/hashicorp/errwrap v1.1.0 // indirect
|
github.com/hashicorp/errwrap v1.1.0 // indirect
|
||||||
github.com/itchyny/timefmt-go v0.1.5 // indirect
|
github.com/itchyny/timefmt-go v0.1.5 // indirect
|
||||||
github.com/jaypipes/pcidb v1.0.0 // indirect
|
github.com/jaypipes/pcidb v1.0.0 // indirect
|
||||||
github.com/kr/pretty v0.2.1 // indirect
|
|
||||||
github.com/klauspost/compress v1.17.4 // indirect
|
github.com/klauspost/compress v1.17.4 // indirect
|
||||||
|
github.com/kr/pretty v0.2.1 // indirect
|
||||||
github.com/kr/text v0.2.0 // indirect
|
github.com/kr/text v0.2.0 // indirect
|
||||||
github.com/lithammer/fuzzysearch v1.1.8 // indirect
|
github.com/lithammer/fuzzysearch v1.1.8 // indirect
|
||||||
github.com/mattn/go-colorable v0.1.13 // indirect
|
github.com/mattn/go-colorable v0.1.13 // indirect
|
||||||
|
@@ -11,6 +11,7 @@ import (
|
|||||||
"github.com/itchyny/gojq"
|
"github.com/itchyny/gojq"
|
||||||
"github.com/jaypipes/ghw"
|
"github.com/jaypipes/ghw"
|
||||||
"github.com/jaypipes/ghw/pkg/block"
|
"github.com/jaypipes/ghw/pkg/block"
|
||||||
|
"github.com/kairos-io/kairos-sdk/signatures"
|
||||||
"github.com/kairos-io/kairos-sdk/types"
|
"github.com/kairos-io/kairos-sdk/types"
|
||||||
"github.com/kairos-io/kairos-sdk/utils"
|
"github.com/kairos-io/kairos-sdk/utils"
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
@@ -47,10 +48,11 @@ type PartitionState struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type Kairos struct {
|
type Kairos struct {
|
||||||
Flavor string `yaml:"flavor" json:"flavor"`
|
Flavor string `yaml:"flavor" json:"flavor"`
|
||||||
Version string `yaml:"version" json:"version"`
|
Version string `yaml:"version" json:"version"`
|
||||||
Init string `yaml:"init" json:"init"`
|
Init string `yaml:"init" json:"init"`
|
||||||
SecureBoot bool `yaml:"secureboot" json:"secureboot"`
|
SecureBoot bool `yaml:"secureboot" json:"secureboot"`
|
||||||
|
EfiCerts types.EfiCerts `yaml:"eficerts,omitempty" json:"eficerts,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type Runtime struct {
|
type Runtime struct {
|
||||||
@@ -309,11 +311,28 @@ func detectKairos(r *Runtime) {
|
|||||||
k.Version = v
|
k.Version = v
|
||||||
}
|
}
|
||||||
k.Init = utils.GetInit()
|
k.Init = utils.GetInit()
|
||||||
|
k.EfiCerts = getEfiCertsCommonNames()
|
||||||
k.SecureBoot = efi.GetSecureBoot()
|
k.SecureBoot = efi.GetSecureBoot()
|
||||||
r.Kairos = *k
|
r.Kairos = *k
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// getEfiCertsCommonNames returns a simple list of the Common names of the certs
|
||||||
|
func getEfiCertsCommonNames() types.EfiCerts {
|
||||||
|
var data types.EfiCerts
|
||||||
|
certs, _ := signatures.GetAllCerts() // Ignore errors here, we dont care about them, we only want the presentation of the names
|
||||||
|
for _, c := range certs.PK {
|
||||||
|
data.PK = append(data.PK, c.Issuer.CommonName)
|
||||||
|
}
|
||||||
|
for _, c := range certs.KEK {
|
||||||
|
data.KEK = append(data.KEK, c.Issuer.CommonName)
|
||||||
|
}
|
||||||
|
for _, c := range certs.DB {
|
||||||
|
data.DB = append(data.DB, c.Issuer.CommonName)
|
||||||
|
}
|
||||||
|
return data
|
||||||
|
}
|
||||||
|
|
||||||
func NewRuntimeWithLogger(logger zerolog.Logger) (Runtime, error) {
|
func NewRuntimeWithLogger(logger zerolog.Logger) (Runtime, error) {
|
||||||
logger.Info().Msg("creating a runtime")
|
logger.Info().Msg("creating a runtime")
|
||||||
runtime := &Runtime{
|
runtime := &Runtime{
|
||||||
|
@@ -13,3 +13,10 @@ type CertDetail struct {
|
|||||||
Owner pkix.Name
|
Owner pkix.Name
|
||||||
Issuer pkix.Name
|
Issuer pkix.Name
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// EfiCerts is a simplified version of a CertList which only provides the Common names for the certs
|
||||||
|
type EfiCerts struct {
|
||||||
|
PK []string
|
||||||
|
KEK []string
|
||||||
|
DB []string
|
||||||
|
}
|
||||||
|
Reference in New Issue
Block a user