fix(ci): Adding .goreleaser.yml

Author: spbsoluble

.goreleaser.yml

@@ -0,0 +1,56 @@
+# Visit https://goreleaser.com for documentation on how to customize this
+# behavior.
+before:
+  hooks:
+    # this is just an example and not a requirement for provider building/publishing
+    - go mod tidy
+builds:
+- env:
+    # goreleaser does not work with CGO, it could also complicate
+    # usage by users in CI/CD systems like Terraform Cloud where
+    # they are unable to install libraries.
+    - CGO_ENABLED=0
+  mod_timestamp: '{{ .CommitTimestamp }}'
+  flags:
+    - -trimpath
+  ldflags:
+    - '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}'
+  goos:
+    - freebsd
+    - windows
+    - linux
+    - darwin
+  goarch:
+    - amd64
+    - '386'
+    - arm
+    - arm64
+  ignore:
+    - goos: darwin
+      goarch: '386'
+  binary: '{{ .ProjectName }}_v{{ .Version }}'
+archives:
+- format: zip
+  name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}'
+checksum:
+  extra_files: []
+  name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS'
+  algorithm: sha256
+signs:
+  - artifacts: checksum
+    args:
+      # if you are using this in a GitHub action or some other automated pipeline, you 
+      # need to pass the batch flag to indicate its not interactive.
+      - "--batch"
+      - "--local-user"
+      - "{{ .Env.GPG_FINGERPRINT }}" # set this environment variable for your signing key
+      - "--output"
+      - "${signature}"
+      - "--detach-sign"
+      - "${artifact}"
+release:
+  extra_files: []
+  # If you want to manually examine the release before its live, uncomment this line:
+  draft: true
+changelog:
+  skip: true

GNUmakefile

@@ -6,7 +6,7 @@ NAMESPACE=keyfactor
 WEBSITE_REPO=https://github.com/Keyfactor/kfutil
 NAME=kfutil
 BINARY=${NAME}
-VERSION=0.0.1
+VERSION=0.0.2
 OS_ARCH := $(shell go env GOOS)_$(shell go env GOARCH)
 BASEDIR := ${HOME}/go/bin
 INSTALLDIR := ${BASEDIR}
@@ -45,4 +45,10 @@ test:
 fmt:
 	gofmt -w $(GOFMT_FILES)
 
-.PHONY: build release install test fmt
+prerelease:
+	git tag -d $(VERSION)
+	git push origin :$(VERSION)
+	git tag $(VERSION)
+	git push origin $(VERSION)
+
+.PHONY: build prerelease release install test fmt

cmd/rot.go

@@ -38,9 +38,13 @@ var rotCmd = &cobra.Command{
 		var lookupFailures []string
 		kfClient, _ := initClient()
 		storesFile, _ := cmd.Flags().GetString("stores")
-		certsFile, _ := cmd.Flags().GetString("certs")
+		addRootsFile, _ := cmd.Flags().GetString("add-certs")
+		removeRootsFile, _ := cmd.Flags().GetString("remove-certs")
+		dryRun, _ := cmd.Flags().GetBool("dry-run")
 		log.Printf("[DEBUG] storesFile: %s", storesFile)
-		log.Printf("[DEBUG] certsFile: %s", certsFile)
+		log.Printf("[DEBUG] addRootsFile: %s", addRootsFile)
+		log.Printf("[DEBUG] removeRootsFile: %s", removeRootsFile)
+		log.Printf("[DEBUG] dryRun: %t", dryRun)
 
 		// Read in the stores CSV
 		csvFile, _ := os.Open(storesFile)
@@ -69,31 +73,65 @@ var rotCmd = &cobra.Command{
 		storesJson, _ := json.Marshal(stores)
 		fmt.Println(string(storesJson))
 
-		// Read in the certs CSV
-		csvFile, _ = os.Open(certsFile)
-		reader = csv.NewReader(bufio.NewReader(csvFile))
-		certEntries, _ := reader.ReadAll()
-		var certs = make(map[string]RotCert)
-		for _, entry := range certEntries {
-			if entry[0] == "CertId" || entry[0] == "thumbprint" {
-				continue // Skip header
+		// Read in the add addCerts CSV
+		var addCerts = make(map[string]RotCert)
+		if addRootsFile != "" {
+			addCerts, err := readCertsFile(addRootsFile)
+			if err != nil {
+				log.Fatalf("Error reading addCerts file: %s", err)
 			}
-			certs[entry[0]] = RotCert{
-				ThumbPrint: entry[0],
+			addCertsJson, _ := json.Marshal(addCerts)
+			fmt.Printf("[DEBUG] add certs JSON: %s", string(addCertsJson))
+			fmt.Println("add rot called")
+		} else {
+			log.Printf("[DEBUG] No addCerts file specified")
+			log.Printf("[DEBUG] No addCerts = %s", addCerts)
+		}
+
+		// Read in the remove removeCerts CSV
+		var removeCerts = make(map[string]RotCert)
+		if removeRootsFile != "" {
+			removeCerts, err := readCertsFile(removeRootsFile)
+			if err != nil {
+				log.Fatalf("Error reading removeCerts file: %s", err)
 			}
-			// Get certificate context
-			//args := &api.GetCertificateContextArgs{
-			//	IncludeMetadata:  boolToPointer(true),
-			//	IncludeLocations: boolToPointer(true),
-			//	CollectionId:     nil,
-			//	Id:               certificateIdInt,
-			//}
-			//cResp, err := r.p.client.GetCertificateContext(args)
+			removeCertsJson, _ := json.Marshal(removeCerts)
+			fmt.Println(string(removeCertsJson))
+			fmt.Println("remove rot called")
+		} else {
+			log.Printf("[DEBUG] No removeCerts file specified")
+			log.Printf("[DEBUG] No removeCerts = %s", removeCerts)
 		}
-		fmt.Println("rot called")
 	},
 }
 
+func readCertsFile(certsFilePath string) (map[string]RotCert, error) {
+	// Read in the cert CSV
+	csvFile, _ := os.Open(certsFilePath)
+	reader := csv.NewReader(bufio.NewReader(csvFile))
+	certEntries, _ := reader.ReadAll()
+	var certs = make(map[string]RotCert)
+	for _, entry := range certEntries {
+		switch entry[0] {
+		case "CertId", "thumbprint", "id", "certId", "Thumbprint":
+			continue // Skip header
+		}
+
+		certs[entry[0]] = RotCert{
+			ThumbPrint: entry[0],
+		}
+		// Get certificate context
+		//args := &api.GetCertificateContextArgs{
+		//	IncludeMetadata:  boolToPointer(true),
+		//	IncludeLocations: boolToPointer(true),
+		//	CollectionId:     nil,
+		//	Id:               certificateIdInt,
+		//}
+		//cResp, err := r.p.client.GetCertificateContext(args)
+	}
+	return certs, nil
+}
+
 var rotGenStoreTemplateCmd = &cobra.Command{
 	Use:   "generate-template-rot",
 	Short: "For generating Root Of Trust template(s)",
@@ -177,7 +215,10 @@ func init() {
 	var certs string
 	rotCmd.Flags().StringVarP(&stores, "stores", "s", "", "CSV file containing cert stores to enroll into")
 	rotCmd.MarkFlagRequired("stores")
-	rotCmd.Flags().StringVarP(&certs, "certs", "c", "", "CSV file containing cert(s) to enroll into the defined cert stores")
+	rotCmd.Flags().StringVarP(&certs, "add-certs", "a", "", "CSV file containing cert(s) to enroll into the defined cert stores")
+	rotCmd.Flags().StringVarP(&certs, "remove-certs", "r", "", "CSV file containing cert(s) to remove from the defined cert stores")
+
+	rotCmd.Flags().BoolP("dry-run", "d", false, "Dry run mode")
 	rotCmd.MarkFlagRequired("certs")
 	storesCmd.AddCommand(rotGenStoreTemplateCmd)
 	rotGenStoreTemplateCmd.Flags().String("outpath", "template.csv", "Output file to write the template to")