Allow to create an SSL certificate with a specific key type (#4)

* Allow to create an SSL certificate with a specific key type

Author: cloudmarius

go.mod

@@ -0,0 +1,58 @@
+module github.com/swisscom/appcloud-cf-cli-plugin
+
+go 1.17
+
+require (
+	code.cloudfoundry.org/cli v7.1.0+incompatible
+	github.com/pkg/errors v0.9.1
+)
+
+require (
+	code.cloudfoundry.org/bytefmt v0.0.0-20211005130812-5bb3c17173e5 // indirect
+	code.cloudfoundry.org/cli-plugin-repo v0.0.0-20211108170549-31c720a1b03c // indirect
+	code.cloudfoundry.org/go-log-cache v1.0.0 // indirect
+	code.cloudfoundry.org/go-loggregator v7.4.0+incompatible // indirect
+	code.cloudfoundry.org/gofileutils v0.0.0-20170111115228-4d0c80011a0f // indirect
+	code.cloudfoundry.org/jsonry v1.1.3 // indirect
+	code.cloudfoundry.org/rfc5424 v0.0.0-20201103192249-000122071b78 // indirect
+	code.cloudfoundry.org/tlsconfig v0.0.0-20211123175040-23cc9f05b6b3 // indirect
+	code.cloudfoundry.org/ykk v0.0.0-20170424192843-e4df4ce2fd4d // indirect
+	github.com/SermoDigital/jose v0.9.1 // indirect
+	github.com/blang/semver v3.5.1+incompatible // indirect
+	github.com/bmatcuk/doublestar v1.3.4 // indirect
+	github.com/bmizerany/pat v0.0.0-20210406213842-e4b6760bdd6f // indirect
+	github.com/charlievieth/fs v0.0.2 // indirect
+	github.com/cloudfoundry/bosh-cli v6.4.1+incompatible // indirect
+	github.com/cloudfoundry/bosh-utils v0.0.291 // indirect
+	github.com/cppforlife/go-patch v0.2.0 // indirect
+	github.com/creack/pty v1.1.11 // indirect
+	github.com/cyphar/filepath-securejoin v0.2.3 // indirect
+	github.com/fatih/color v1.13.0 // indirect
+	github.com/google/go-querystring v1.1.0 // indirect
+	github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect
+	github.com/jessevdk/go-flags v1.5.0 // indirect
+	github.com/kr/pty v1.1.8 // indirect
+	github.com/kr/text v0.1.0 // indirect
+	github.com/lunixbochs/vtclean v1.0.0 // indirect
+	github.com/mattn/go-colorable v0.1.9 // indirect
+	github.com/mattn/go-isatty v0.0.14 // indirect
+	github.com/mattn/go-runewidth v0.0.13 // indirect
+	github.com/moby/moby v20.10.11+incompatible // indirect
+	github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 // indirect
+	github.com/rivo/uniseg v0.2.0 // indirect
+	github.com/rogpeppe/go-internal v1.8.0 // indirect
+	github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 // indirect
+	github.com/sirupsen/logrus v1.8.1 // indirect
+	github.com/tedsuo/rata v1.0.0 // indirect
+	github.com/vito/go-interact v1.0.0 // indirect
+	golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871 // indirect
+	golang.org/x/sys v0.0.0-20211117180635-dee7805ff2e1 // indirect
+	golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 // indirect
+	golang.org/x/text v0.3.7 // indirect
+	google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1 // indirect
+	google.golang.org/grpc v1.42.0 // indirect
+	google.golang.org/protobuf v1.27.1 // indirect
+	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
+	gopkg.in/cheggaaa/pb.v1 v1.0.28 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+)

go.sum

@@ -155,9 +155,10 @@ func (p *Plugin) GetMetadata() plugin.PluginMetadata {
 				Name:     "create-ssl-certificate",
 				HelpText: "Create and enable an SSL certificate for a route",
 				UsageDetails: plugin.Usage{
-					Usage: "create-ssl-certificate DOMAIN [--hostname HOSTNAME]",
+					Usage: "create-ssl-certificate DOMAIN [--hostname HOSTNAME] [--key-type KEY_TYPE]",
 					Options: map[string]string{
 						"-hostname, -n": "Hostname for the HTTP route",
+						"-key-type, -kt": "Key type for the certificate (e.g. RSA, ECDSA)",
 					},
 				},
 			},
@@ -357,11 +358,11 @@ func (p *Plugin) Run(cliConnection plugin.CliConnection, args []string) {
 		var fc flags.FlagContext
 		fc, err = parseSSLCertificateArgs(args)
 		if err != nil {
-			p.ui.Say("Incorrect Usage: Organization option must be a string")
+			p.ui.Say(err.Error())
 			return
 		}
 
-		err = p.CreateSSLCertificate(cliConnection, args[1], fc.String("hostname"))
+		err = p.CreateSSLCertificate(cliConnection, args[1], fc.String("hostname"), fc.String("key-type"))
 	case "revoke-ssl-certificate":
 		if len(args) < 2 {
 			p.ui.Say("Incorrect Usage: the required argument DOMAIN was not provided")
@@ -447,10 +448,11 @@ func (p *Plugin) Run(cliConnection plugin.CliConnection, args []string) {
 	}
 }
 
-// parseSSLCertificateArgs parses the arguments passed to a ssl certificate command.
+// parseSSLCertificateArgs parses the arguments passed to an ssl certificate command.
 func parseSSLCertificateArgs(args []string) (flags.FlagContext, error) {
 	fc := flags.New()
 	fc.NewStringFlag("hostname", "n", "Hostname for the HTTP route")
+	fc.NewStringFlag("key-type", "kt", "Key type for the certificate")
 	err := fc.Parse(args...)
 	if err != nil {
 		return nil, err

internal/appcloud/appcloud.go

@@ -11,7 +11,7 @@ import (
 )
 
 // CreateSSLCertificate creates a new SSL certificate for an FQDN.
-func (p *Plugin) CreateSSLCertificate(c plugin.CliConnection, domain string, hostname string) error {
+func (p *Plugin) CreateSSLCertificate(c plugin.CliConnection, domain string, hostname string, keyType string) error {
 	un, err := c.Username()
 	if err != nil {
 		return errors.Wrap(err, "Couldn't get your username")
@@ -32,6 +32,7 @@ func (p *Plugin) CreateSSLCertificate(c plugin.CliConnection, domain string, hos
 	req := SSLCertificateRequest{
 		SpaceID:        s.Guid,
 		FullDomainName: fullDomain,
+		KeyType:        keyType,
 	}
 	reqData, err := json.Marshal(req)
 	if err != nil {

internal/appcloud/create_ssl_certificate.go

@@ -13,6 +13,7 @@ type SSLCertificate struct {
 type SSLCertificateRequest struct {
 	SpaceID        string `json:"space_id"`
 	FullDomainName string `json:"full_domain_name"`
+	KeyType        string `json:"key_type,omitempty"`
 }
 
 // SSLCertificateResponse is the response from the server from a create certificate call