status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

ca: update GenerateRoot godoc

This commit is contained in:
Daniel Nephin 2021-12-01 15:11:20 -05:00
parent 9a59733b7d
commit f05bad4a1d
2 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
agent/connect/ca/provider.go
View File

@ -118,9 +118,17 @@ type Provider interface {
} }
type PrimaryProvider interface { type PrimaryProvider interface {
// GenerateRoot causes the creation of a new root certificate for this provider. // GenerateRoot is called:
// This can also be a no-op if a root certificate already exists for the given // * to initialize the CA system when a server is elected as a raft leader
// config. If IsPrimary is false, calling this method is an error. // * when the CA configuration is updated in a way that might require
// generating a new root certificate.
//
// In both cases GenerateRoot is always called on a newly created provider
// after calling Provider.Configure, and before any other calls to the
// provider.
//
// The provider should return an existing root certificate if one exists,
// otherwise it should generate a new root certificate and return it.
GenerateRoot() error GenerateRoot() error
// ActiveRoot returns the currently active root CA for this // ActiveRoot returns the currently active root CA for this

3
agent/connect/ca/provider_consul.go
View File

@ -159,8 +159,7 @@ func (c *ConsulProvider) ActiveRoot() (string, error) {
return providerState.RootCert, nil return providerState.RootCert, nil
} }
// GenerateRoot initializes a new root certificate and private key // GenerateRoot initializes a new root certificate and private key if needed.
// if needed.
func (c *ConsulProvider) GenerateRoot() error { func (c *ConsulProvider) GenerateRoot() error {
providerState, err := c.getState() providerState, err := c.getState()
if err != nil { if err != nil {