Release 0.15.1

doc/release-notes.md

@@ -4,6 +4,7 @@
 
 * Bug fixes
   * [#129](https://github.com/openziti/ziti/issues/129) - minor issue with `ziti-tunnel enroll` outputting the success message at ERROR level
+  * [#131](https://github.com/openziti/ziti/issues/131) - issues w/ creating identities, CAs and validating CAs
   * [edge#191](https://github.com/openziti/edge/issues/191) - updating self password via CLI would error with 404 not found
 
 # Release 0.15.0

ziti/cmd/ziti/cmd/edge_controller/create_ca.go

@@ -36,6 +36,7 @@ type createCaOptions struct {
 	autoCaEnrollment bool
 	ottCaEnrollment  bool
 	authEnabled      bool
+	identityRoles    []string
 }
 
 // newCreateCaCmd creates the 'edge controller create ca local' command for the given entity type
@@ -89,6 +90,7 @@ func newCreateCaCmd(f cmdutil.Factory, out io.Writer, errOut io.Writer) *cobra.C
 	cmd.Flags().BoolVarP(&options.authEnabled, "auth", "e", false, "Whether the CA can be used for authentication or not")
 	cmd.Flags().BoolVarP(&options.ottCaEnrollment, "ottca", "o", false, "Whether the CA can be used for one-time-token CA enrollment")
 	cmd.Flags().BoolVarP(&options.autoCaEnrollment, "autoca", "u", false, "Whether the CA can be used for auto CA enrollment")
+	cmd.Flags().StringSliceVarP(&options.identityRoles, "role-attributes", "a", nil, "A csv string of role attributes enrolling identities receive")
 
 	return cmd
 }
@@ -100,6 +102,7 @@ func runCreateCa(options *createCaOptions) (err error) {
 	setJSONValue(data, options.ottCaEnrollment, "isOttCaEnrollmentEnabled")
 	setJSONValue(data, options.authEnabled, "isAuthEnabled")
 	setJSONValue(data, string(options.caPemBytes), "certPem")
+	setJSONValue(data, options.identityRoles, "identityRoles")
 
 	result, err := createEntityOfType("cas", data.String(), &options.commonOptions)
 

ziti/cmd/ziti/cmd/edge_controller/create_identity.go

@@ -115,20 +115,12 @@ func runCreateIdentity(idType string, o *createIdentityOptions) error {
 }
 
 func getIdentityJwt(o *createIdentityOptions, id string) error {
-	list, _, err := listEntitiesOfType("identities", nil, o.OutputJSONResponse, o.Out)
+
+	newIdentity, err := DetailEntityOfType("identities", id, o.OutputJSONResponse, o.Out)
 	if err != nil {
 		return err
 	}
 
-	var newIdentity *gabs.Container
-	for _, gw := range list {
-		gwId := gw.Path("id").Data().(string)
-		if gwId == id {
-			newIdentity = gw
-			break
-		}
-	}
-
 	if newIdentity == nil {
 		return fmt.Errorf("no error during identity creation, but identity with id %v not found... unable to extract JWT", id)
 	}

ziti/cmd/ziti/cmd/edge_controller/detail.go

@@ -0,0 +1,34 @@
+/*
+	Copyright NetFoundry, Inc.
+
+	Licensed under the Apache License, Version 2.0 (the "License");
+	you may not use this file except in compliance with the License.
+	You may obtain a copy of the License at
+
+	https://www.apache.org/licenses/LICENSE-2.0
+
+	Unless required by applicable law or agreed to in writing, software
+	distributed under the License is distributed on an "AS IS" BASIS,
+	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+	See the License for the specific language governing permissions and
+	limitations under the License.
+*/
+
+package edge_controller
+
+import (
+	"github.com/Jeffail/gabs"
+	"github.com/openziti/ziti/ziti/cmd/ziti/util"
+	"io"
+)
+
+func DetailEntityOfType(entityType, entityId string, logJSON bool, out io.Writer) (*gabs.Container, error) {
+	jsonParsed, err := util.EdgeControllerDetailEntity(entityType, entityId, logJSON, out)
+
+	if err != nil {
+		return nil, err
+	}
+
+	entity := jsonParsed.S("data")
+	return entity, nil
+}

ziti/cmd/ziti/util/rest.go

@@ -436,6 +436,47 @@ func outputJson(out io.Writer, data []byte) {
 	}
 }
 
+func EdgeControllerDetailEntity(entityType, entityId string, logJSON bool, out io.Writer) (*gabs.Container, error) {
+	session := &Session{}
+	if err := session.Load(); err != nil {
+		return nil, err
+	}
+
+	client := newClient()
+
+	if session.GetCert() != "" {
+		client.SetRootCertificate(session.GetCert())
+	}
+
+	queryUrl := session.GetBaseUrl() + "/" + path.Join(entityType, entityId)
+
+	resp, err := client.R().
+		SetHeader("Content-Type", "application/json").
+		SetHeader(constants.ZitiSession, session.GetToken()).
+		Get(queryUrl)
+
+	if err != nil {
+		return nil, fmt.Errorf("unable to list entities at %v in Ziti Edge Controller at %v. Error: %v", queryUrl, session.GetBaseUrl(), err)
+	}
+
+	if resp.StatusCode() != http.StatusOK {
+		return nil, fmt.Errorf("error listing %v in Ziti Edge Controller. Status code: %v, Server returned: %v",
+			queryUrl, resp.Status(), resp.String())
+	}
+
+	if logJSON {
+		outputJson(out, resp.Body())
+	}
+
+	jsonParsed, err := gabs.ParseJSON(resp.Body())
+
+	if err != nil {
+		return nil, fmt.Errorf("unable to parse response from %v. Server returned: %v", queryUrl, resp.String())
+	}
+
+	return jsonParsed, nil
+}
+
 // EdgeControllerListSubEntities will list entities of the given type in the given Edge Controller
 func EdgeControllerListSubEntities(entityType, subType, entityId string, filter string, logJSON bool, out io.Writer) (*gabs.Container, error) {
 	params := url.Values{}
@@ -636,7 +677,7 @@ func EdgeControllerVerify(entityType, id, body string, out io.Writer, logJSON bo
 	}
 	resp, err := client.
 		R().
-		SetHeader("Content-Type", "application/json").
+		SetHeader("Content-Type", "text/plain").
 		SetHeader(constants.ZitiSession, session.Token).
 		SetBody(body).
 		Post(session.Host + "/" + entityType + "/" + id + "/verify")