)]}'
{"helm-toolkit/templates/tls/_tls_generate_certs.tpl":[{"author":{"_account_id":26449,"name":"Scott Hussey","email":"sthussey@att.com","username":"sh8121"},"change_message_id":"440ecf7b43be400f5d84d9087cad9d561b2c0813","unresolved":false,"context_lines":[{"line_number":68,"context_line":"{{- $ca :\u003d genCA $params.commonName (int $params.life) }}"},{"line_number":69,"context_line":"{{- if $params.ca }}"},{"line_number":70,"context_line":"{{- if and (hasKey $params.ca \"crt\") (hasKey $params.ca \"key\") }}"},{"line_number":71,"context_line":"{{- $ca :\u003d buildCustomCert ($params.ca.crt | b64enc ) ($params.ca.key | b64enc ) }}"},{"line_number":72,"context_line":"{{- end }}"},{"line_number":73,"context_line":"{{- end }}"},{"line_number":74,"context_line":"{{- $expDate :\u003d date_in_zone \"2006-01-02T15:04:05Z07:00\" ( date_modify (printf \"+%sh\" (mul $params.life 24 |toString)) now ) \"UTC\" }}"}],"source_content_type":"text/x-smarty","patch_set":1,"id":"9fb8cfa7_ab5f280d","line":71,"range":{"start_line":71,"start_character":0,"end_line":71,"end_character":83},"updated":"2019-06-26 18:14:39.000000000","message":"Due to gotpl scoping, I believe you are losing this assignment when you leave the block. Likely need to utilizes the $local dictionary above and set a \u0027ca\u0027 key in it so that it survives if/end block","commit_id":"97a8524fe8b7ca8bc59773f661508fdd01811b8f"},{"author":{"_account_id":28664,"name":"Ahmad Mahmoudi","email":"ahmad.mahmoudi@att.com","username":"ahmad"},"change_message_id":"7e50888e57f8223560441f8c157fe63aae7adc41","unresolved":false,"context_lines":[{"line_number":68,"context_line":"{{- $ca :\u003d genCA $params.commonName (int $params.life) }}"},{"line_number":69,"context_line":"{{- if $params.ca }}"},{"line_number":70,"context_line":"{{- if and (hasKey $params.ca \"crt\") (hasKey $params.ca \"key\") }}"},{"line_number":71,"context_line":"{{- $ca :\u003d buildCustomCert ($params.ca.crt | b64enc ) ($params.ca.key | b64enc ) }}"},{"line_number":72,"context_line":"{{- end }}"},{"line_number":73,"context_line":"{{- end }}"},{"line_number":74,"context_line":"{{- $expDate :\u003d date_in_zone \"2006-01-02T15:04:05Z07:00\" ( date_modify (printf \"+%sh\" (mul $params.life 24 |toString)) now ) \"UTC\" }}"}],"source_content_type":"text/x-smarty","patch_set":1,"id":"9fb8cfa7_cb413ca8","line":71,"range":{"start_line":71,"start_character":0,"end_line":71,"end_character":83},"in_reply_to":"9fb8cfa7_ab5f280d","updated":"2019-06-26 18:44:31.000000000","message":"I thought I\u0027d addressed it by declaring and assigning ca outside of the if block first. But, wasn\u0027t sure. like your suggestion better. I will add ca/crt/key in local instead. thanks.","commit_id":"97a8524fe8b7ca8bc59773f661508fdd01811b8f"},{"author":{"_account_id":22477,"name":"Matt McEuen","email":"matt.mceuen@att.com","username":"mattmceuen"},"change_message_id":"ed39d17bf6f57e939fa1a2afbcd7690f375811ba","unresolved":false,"context_lines":[{"line_number":65,"context_line":"{{- $_ :\u003d set $local \"certIps\" $_ips }}"},{"line_number":66,"context_line":"{{- end }}"},{"line_number":67,"context_line":""},{"line_number":68,"context_line":"{{- $ca :\u003d genCA $params.commonName (int $params.life) }}"},{"line_number":69,"context_line":"{{- $_ :\u003d set $local \"ca\" $ca }}"},{"line_number":70,"context_line":"{{- if $params.ca }}"},{"line_number":71,"context_line":"{{- if and (hasKey $params.ca \"crt\") (hasKey $params.ca \"key\") }}"}],"source_content_type":"text/x-smarty","patch_set":4,"id":"7faddb67_66326eaa","line":68,"updated":"2019-07-03 16:11:51.000000000","message":"Need to wrap this on a conditional for presence of commonName","commit_id":"207328fb9a3150489696092bc09f6d7a6357ec90"},{"author":{"_account_id":20466,"name":"Tin Lam","email":"tin@lam.wtf","username":"tinlam"},"change_message_id":"6eaf7aff228f6867091ed6eff1c7bebcc65ed80c","unresolved":false,"context_lines":[{"line_number":72,"context_line":"{{- $_ :\u003d set $local \"ca\" $ca }}"},{"line_number":73,"context_line":"{{- end }}"},{"line_number":74,"context_line":"{{- else }}"},{"line_number":75,"context_line":"{{- $ca :\u003d genCA (first $local.certHosts) (int $params.life) }}"},{"line_number":76,"context_line":"{{- $_ :\u003d set $local \"ca\" $ca }}"},{"line_number":77,"context_line":"{{- end }}"},{"line_number":78,"context_line":""}],"source_content_type":"text/x-smarty","patch_set":8,"id":"7faddb67_ce59bb5a","line":75,"range":{"start_line":75,"start_character":17,"end_line":75,"end_character":41},"updated":"2019-07-08 20:47:04.000000000","message":"are we just using the first certHosts as the CN for the CA in this case, is that desired?","commit_id":"d34faf1c0408e402f08ecf68a8e33d367dc33e2c"},{"author":{"_account_id":28664,"name":"Ahmad Mahmoudi","email":"ahmad.mahmoudi@att.com","username":"ahmad"},"change_message_id":"2ea7224ba01bbbc18e3ef91c15c1a71255f8368d","unresolved":false,"context_lines":[{"line_number":72,"context_line":"{{- $_ :\u003d set $local \"ca\" $ca }}"},{"line_number":73,"context_line":"{{- end }}"},{"line_number":74,"context_line":"{{- else }}"},{"line_number":75,"context_line":"{{- $ca :\u003d genCA (first $local.certHosts) (int $params.life) }}"},{"line_number":76,"context_line":"{{- $_ :\u003d set $local \"ca\" $ca }}"},{"line_number":77,"context_line":"{{- end }}"},{"line_number":78,"context_line":""}],"source_content_type":"text/x-smarty","patch_set":8,"id":"7faddb67_71ae6a99","line":75,"range":{"start_line":75,"start_character":17,"end_line":75,"end_character":41},"in_reply_to":"7faddb67_ce59bb5a","updated":"2019-07-08 21:24:25.000000000","message":"No. we are using the first host in the list as the commonName for the x.509 ca cert.\nThis the same pattern used below in the existing code that generates the server cert at L80.\nPlease see reference in: http://masterminds.github.io/sprig/crypto.html","commit_id":"d34faf1c0408e402f08ecf68a8e33d367dc33e2c"},{"author":{"_account_id":28208,"name":"Roman Gorshunov","email":"roman.gorshunov@att.com","username":"gorshunovr"},"change_message_id":"aa1920b7994cf3eb84453c8ac20fd91bbda71946","unresolved":false,"context_lines":[{"line_number":29,"context_line":"        - 192.168.0.1"},{"line_number":30,"context_line":"    life: 3"},{"line_number":31,"context_line":"    # Use ca.crt and ca.key to build a customized ca, if they are provided."},{"line_number":32,"context_line":"    # Use hosts.names[0] and life to auto-generate a ca, if ca is not provided."},{"line_number":33,"context_line":"    ca:"},{"line_number":34,"context_line":"      crt: |"},{"line_number":35,"context_line":"        \u003cCA CRT\u003e"}],"source_content_type":"text/x-smarty","patch_set":12,"id":"7faddb67_780b027c","line":32,"range":{"start_line":32,"start_character":29,"end_line":32,"end_character":33},"updated":"2019-08-06 12:15:35.000000000","message":"What is life here? Lifespan of certificate?","commit_id":"db164a29255d19dd37318fec3b4c4e6dde8d23ac"},{"author":{"_account_id":28664,"name":"Ahmad Mahmoudi","email":"ahmad.mahmoudi@att.com","username":"ahmad"},"change_message_id":"e74c109b23412da62e55afd14b6d007a476eb187","unresolved":false,"context_lines":[{"line_number":29,"context_line":"        - 192.168.0.1"},{"line_number":30,"context_line":"    life: 3"},{"line_number":31,"context_line":"    # Use ca.crt and ca.key to build a customized ca, if they are provided."},{"line_number":32,"context_line":"    # Use hosts.names[0] and life to auto-generate a ca, if ca is not provided."},{"line_number":33,"context_line":"    ca:"},{"line_number":34,"context_line":"      crt: |"},{"line_number":35,"context_line":"        \u003cCA CRT\u003e"}],"source_content_type":"text/x-smarty","patch_set":12,"id":"7faddb67_b3d75823","line":32,"range":{"start_line":32,"start_character":29,"end_line":32,"end_character":33},"in_reply_to":"7faddb67_780b027c","updated":"2019-08-06 14:30:57.000000000","message":"life is not new. It is the validity period for the certs.","commit_id":"db164a29255d19dd37318fec3b4c4e6dde8d23ac"},{"author":{"_account_id":28208,"name":"Roman Gorshunov","email":"roman.gorshunov@att.com","username":"gorshunovr"},"change_message_id":"aa1920b7994cf3eb84453c8ac20fd91bbda71946","unresolved":false,"context_lines":[{"line_number":37,"context_line":"        \u003cCA PRIVATE KEY\u003e"},{"line_number":38,"context_line":"usage: |"},{"line_number":39,"context_line":"  {{ include \"helm-toolkit.utils.tls_generate_certs\" (dict \"params\" .Values.test) }}"},{"line_number":40,"context_line":"return: |"},{"line_number":41,"context_line":"  ca: |"},{"line_number":42,"context_line":"    \u003cCA CRT\u003e"},{"line_number":43,"context_line":"  crt: |"}],"source_content_type":"text/x-smarty","patch_set":12,"id":"7faddb67_53cce787","line":40,"range":{"start_line":40,"start_character":6,"end_line":40,"end_character":7},"updated":"2019-08-06 12:15:35.000000000","message":"caKey missing here","commit_id":"db164a29255d19dd37318fec3b4c4e6dde8d23ac"},{"author":{"_account_id":28664,"name":"Ahmad Mahmoudi","email":"ahmad.mahmoudi@att.com","username":"ahmad"},"change_message_id":"e74c109b23412da62e55afd14b6d007a476eb187","unresolved":false,"context_lines":[{"line_number":37,"context_line":"        \u003cCA PRIVATE KEY\u003e"},{"line_number":38,"context_line":"usage: |"},{"line_number":39,"context_line":"  {{ include \"helm-toolkit.utils.tls_generate_certs\" (dict \"params\" .Values.test) }}"},{"line_number":40,"context_line":"return: |"},{"line_number":41,"context_line":"  ca: |"},{"line_number":42,"context_line":"    \u003cCA CRT\u003e"},{"line_number":43,"context_line":"  crt: |"}],"source_content_type":"text/x-smarty","patch_set":12,"id":"7faddb67_d39bf46f","line":40,"range":{"start_line":40,"start_character":6,"end_line":40,"end_character":7},"in_reply_to":"7faddb67_53cce787","updated":"2019-08-06 14:30:57.000000000","message":"This is the ca object with crt and key. I did not update this part. If it is populated in the values file, it will be:\n\nca:\n  crt: |\n    \u003cCA CRT\u003e\n  key: |\n    \u003cCA KEY\u003e","commit_id":"db164a29255d19dd37318fec3b4c4e6dde8d23ac"}]}