Move tls-san flag to a local flag for create

Signed-off-by: Jean-Laurent de Morlhon <jeanlaurent@morlhon.net>
2015-11-23 12:26:46 +01:00
parent b6519d43e9
commit a55bba3ed2
4 changed files with 13 additions and 19 deletions
--- a/cmd/machine.go
+++ b/cmd/machine.go
@@ -133,12 +133,6 @@ func main() {
 			Usage:  "Token to use for requests to the Github API",
 			Value:  "",
 		},
-		cli.StringSliceFlag{
-			EnvVar: "MACHINE_TLS_SAN",
-			Name:   "tls-san",
-			Usage:  "Support extra SANs for TLS certs",
-			Value:  &cli.StringSlice{},
-		},
 		cli.BoolFlag{
 			EnvVar: "MACHINE_NATIVE_SSH",
 			Name:   "native-ssh",
--- a/commands/create.go
+++ b/commands/create.go
@@ -115,6 +115,11 @@ var (
 			Usage: "addr to advertise for Swarm (default: detect and use the machine IP)",
 			Value: "",
 		},
+		cli.StringSliceFlag{
+			Name:  "tls-san",
+			Usage: "Support extra SANs for TLS certs",
+			Value: &cli.StringSlice{},
+		},
 	}
 )

@@ -178,7 +183,7 @@ func cmdCreateInner(c CommandLine) error {
 			ServerCertPath:   filepath.Join(mcndirs.GetMachineDir(), name, "server.pem"),
 			ServerKeyPath:    filepath.Join(mcndirs.GetMachineDir(), name, "server-key.pem"),
 			StorePath:        filepath.Join(mcndirs.GetMachineDir(), name),
-			ServerCertSANs: c.GlobalStringSlice("tls-san"),
+			ServerCertSANs:   c.StringSlice("tls-san"),
 		},
 		EngineOptions: &engine.Options{
 			ArbitraryFlags:   c.StringSlice("engine-opt"),
--- a/libmachine/provision/utils.go
+++ b/libmachine/provision/utils.go
@@ -86,19 +86,19 @@ func ConfigureAuth(p Provisioner) error {
 	}

 	// The Host IP is always added to the certificate's SANs list
-	certSANs := append(authOptions.ServerCertSANs, ip)
+	hosts := append(authOptions.ServerCertSANs, ip, "localhost")
 	log.Debugf("generating server cert: %s ca-key=%s private-key=%s org=%s san=%s",
 		authOptions.ServerCertPath,
 		authOptions.CaCertPath,
 		authOptions.CaPrivateKeyPath,
 		org,
-		certSANs,
+		hosts,
 	)

 	// TODO: Switch to passing just authOptions to this func
 	// instead of all these individual fields
 	err = cert.GenerateCert(
-		certSANs,
+		hosts,
 		authOptions.ServerCertPath,
 		authOptions.ServerKeyPath,
 		authOptions.CaCertPath,
--- a/test/integration/core/certs-extra-san.bats
+++ b/test/integration/core/certs-extra-san.bats
@@ -1,13 +1,12 @@
 #!/usr/bin/env bats

-load helpers
+load ${BASE_TEST_DIR}/helpers.bash

-export DRIVER=virtualbox
-export NAME="bats-$DRIVER-test"
-export MACHINE_STORAGE_PATH=/tmp/machine-bats-test-$DRIVER

@test "$DRIVER: create" {
-  run machine --tls-san foo.bar.tld --tls-san 10.42.42.42 create -d $DRIVER $NAME
+  run machine create --tls-san foo.bar.tld --tls-san 10.42.42.42  -d $DRIVER $NAME
+  echo ${output}
+  [ "$status" -eq 0  ]
 }

@test "$DRIVER: verify that server cert contains the extra SANs" {
@@ -20,7 +19,3 @@ export MACHINE_STORAGE_PATH=/tmp/machine-bats-test-$DRIVER
    machine ssh $NAME -- openssl x509 -in /var/lib/boot2docker/server.pem -text | grep 'DNS:foo.bar.tld'
    machine ssh $NAME -- openssl x509 -in /var/lib/boot2docker/server.pem -text | grep 'IP Address:10.42.42.42'
 }
-
-@test "cleanup" {
-  machine rm $NAME
-}