Skip to content

Commit ad76356

Browse files
spbsolublespbsoluble
committed
fix(rot): remove cert errors sent to stdout
Signed-off-by: sbailey <[email protected]>
1 parent 51aa8b4 commit ad76356

File tree

3 files changed

+34
-26
lines changed

3 files changed

+34
-26
lines changed

cmd/rot.go

Lines changed: 13 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -276,6 +276,7 @@ func generateAuditReport(
276276
StorePath: store.Path,
277277
AddCert: true,
278278
RemoveCert: false,
279+
Deployed: false,
279280
},
280281
)
281282
}
@@ -383,7 +384,7 @@ func generateAuditReport(
383384
store.Path,
384385
"false", // Add to store
385386
"true", // Remove from store
386-
"false", // Is Deployed
387+
"true", // Is Deployed
387388
getCurrentTime(""),
388389
}
389390
log.Trace().
@@ -406,7 +407,7 @@ func generateAuditReport(
406407
}
407408
log.Debug().
408409
Str("thumbprint", tp).
409-
Msg("Adding 'add' action to actions map")
410+
Msg("Adding 'remove' action to actions map")
410411
actions[tp] = append(
411412
actions[tp], ROTAction{
412413
Thumbprint: tp,
@@ -416,6 +417,7 @@ func generateAuditReport(
416417
StorePath: store.Path,
417418
AddCert: false,
418419
RemoveCert: true,
420+
Deployed: true,
419421
},
420422
)
421423
}
@@ -560,11 +562,10 @@ func reconcileRoots(actions map[string][]ROTAction, kfClient *api.Client, report
560562
_, err := kfClient.AddCertificateToStores(&addReq)
561563
if err != nil {
562564
fmt.Printf(
563-
"[ERROR] adding cert %s (%d) to store %s (%s): %s\n",
565+
"ERROR adding cert %s(%d) to store %s: %s\n",
564566
a.Thumbprint,
565567
a.CertID,
566568
a.StoreID,
567-
a.StorePath,
568569
err,
569570
)
570571
log.Error().Err(err).Str("thumbprint", thumbprint).Str(
@@ -587,7 +588,7 @@ func reconcileRoots(actions map[string][]ROTAction, kfClient *api.Client, report
587588
).Msg("Attempting to remove cert from store")
588589
cStore := api.CertificateStore{
589590
CertificateStoreId: a.StoreID,
590-
Alias: a.Thumbprint,
591+
Alias: a.Thumbprint, //todo: support non-thumbprint aliases
591592
}
592593
log.Trace().Interface("store_object", cStore).Msg("Converting store to slice of single store")
593594
var stores []api.CertificateStore
@@ -620,6 +621,13 @@ func reconcileRoots(actions map[string][]ROTAction, kfClient *api.Client, report
620621
"store_id",
621622
a.StoreID,
622623
).Str("store_path", a.StorePath).Msg("unable to remove cert from store")
624+
fmt.Printf(
625+
"ERROR removing cert %s(%d) from store %s: %s\n",
626+
a.Thumbprint,
627+
a.CertID,
628+
a.StoreID,
629+
err,
630+
)
623631
}
624632
} else {
625633
fmt.Printf(

go.mod

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -4,8 +4,8 @@ go 1.21
44

55
require (
66
github.com/AlecAivazis/survey/v2 v2.3.7
7-
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.10.0
8-
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1
7+
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1
8+
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2
99
github.com/Jeffail/gabs v1.4.0
1010
github.com/Keyfactor/keyfactor-go-client-sdk v1.0.2
1111
github.com/Keyfactor/keyfactor-go-client/v2 v2.2.8
@@ -19,7 +19,7 @@ require (
1919
github.com/spf13/cobra v1.8.0
2020
github.com/spf13/pflag v1.0.5
2121
github.com/stretchr/testify v1.9.0
22-
golang.org/x/crypto v0.21.0
22+
golang.org/x/crypto v0.23.0
2323
gopkg.in/yaml.v3 v3.0.1
2424
//github.com/google/go-cmp/cmp v0.5.9
2525
)
@@ -41,8 +41,8 @@ require (
4141
github.com/russross/blackfriday/v2 v2.1.0 // indirect
4242
github.com/spbsoluble/go-pkcs12 v0.3.3 // indirect
4343
go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 // indirect
44-
golang.org/x/net v0.22.0 // indirect
45-
golang.org/x/sys v0.18.0 // indirect
46-
golang.org/x/term v0.18.0 // indirect
47-
golang.org/x/text v0.14.0 // indirect
44+
golang.org/x/net v0.23.0 // indirect
45+
golang.org/x/sys v0.20.0 // indirect
46+
golang.org/x/term v0.20.0 // indirect
47+
golang.org/x/text v0.15.0 // indirect
4848
)

go.sum

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,9 @@
11
github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkkhIiSjQ=
22
github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo=
3-
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.10.0 h1:n1DH8TPV4qqPTje2RcUBYwtrTWlabVp4n46+74X2pn4=
4-
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.10.0/go.mod h1:HDcZnuGbiyppErN6lB+idp4CKhjbc8gwjto6OPpyggM=
5-
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 h1:sO0/P7g68FrryJzljemN+6GTssUXdANk6aJ7T1ZxnsQ=
6-
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1/go.mod h1:h8hyGFDsU5HMivxiS2iYFZsgDbU9OnnJ163x5UGVKYo=
3+
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 h1:E+OJmp2tPvt1W+amx48v1eqbjDYsgN+RzP4q16yV5eM=
4+
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1/go.mod h1:a6xsAQUZg+VsS3TJ05SRp524Hs4pZ/AeFSr5ENf0Yjo=
5+
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2 h1:FDif4R1+UUR+00q6wquyX90K7A8dN+R5E8GEadoP7sU=
6+
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2/go.mod h1:aiYBYui4BJ/BJCAIKs92XiPyQfTaBWqvHujDwKb6CBU=
77
github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 h1:LqbJ/WzJUwBf8UiaSzgX7aMclParm9/5Vgp+TY51uBQ=
88
github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2/go.mod h1:yInRyqWXAuaPrgI7p70+lDDgh3mlBohis29jGMISnmc=
99
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU=
@@ -83,14 +83,14 @@ go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 h1:CCriYyAfq1Br1aIYettdH
8383
go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk=
8484
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
8585
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
86-
golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
87-
golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
86+
golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI=
87+
golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
8888
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
8989
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
9090
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
9191
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
92-
golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
93-
golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
92+
golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
93+
golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
9494
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
9595
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
9696
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -103,18 +103,18 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc
103103
golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
104104
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
105105
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
106-
golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
107-
golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
106+
golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
107+
golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
108108
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
109109
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
110-
golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8=
111-
golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
110+
golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw=
111+
golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
112112
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
113113
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
114114
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
115115
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
116-
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
117-
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
116+
golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk=
117+
golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
118118
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
119119
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
120120
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=

0 commit comments

Comments
 (0)