Minor fixes

2025-05-17 12:48:37 -04:00 · 2025-05-17 12:48:37 -04:00 · ce6f2ce29d
commit ce6f2ce29d
parent b33127bd34
9 changed files with 27 additions and 34 deletions
--- a/.gitignore
+++ b/.gitignore
@ -29,3 +29,9 @@ go.work.sum


 .local
+
+*.csr
+*.crt
+*.key
+*.srl
+.kat/
--- a/6
+++ b/6
@ -23,19 +23,19 @@ test: generate
 # Run unit tests only (faster, no integration tests)
 test-unit:
 	@echo "Running unit tests..."
-	@go test -count=1 -short ./...
+	@go test -v -count=1 -short ./...

 # Run integration tests only
 test-integration:
 	@echo "Running integration tests..."
-	@go test -count=1 -run Integration ./...
+	@go test -v -count=1 -run Integration ./...

 # Run tests for a specific package
 test-package:
 	@echo "Running tests for package $(PACKAGE)..."
 	@go test -v ./$(PACKAGE)

-kat-agent:
+kat-agent: $(shell find ./cmd/kat-agent -name '*.go') $(shell find . -name 'go.mod' -o -name 'go.sum')
 	@echo "Building kat-agent..."
 	@go build -o kat-agent ./cmd/kat-agent/main.go

--- a/internal/api/join_handler.go
+++ b/internal/api/join_handler.go
@ -11,8 +11,8 @@ import (

 	"github.com/google/uuid"

-	"kat-system/internal/pki"
-	"kat-system/internal/store"
+	"git.dws.rip/dubey/kat/internal/pki"
+	"git.dws.rip/dubey/kat/internal/store"
 )

 // JoinRequest represents the data sent by an agent when joining
@ -103,10 +103,10 @@ func NewJoinHandler(stateStore store.StateStore, caKeyPath, caCertPath string) h
 		// Store node registration in etcd
 		nodeRegKey := fmt.Sprintf("/kat/nodes/registration/%s", nodeName)
 		nodeReg := map[string]interface{}{
-			"uid":           nodeUID,
-			"advertiseAddr": joinReq.AdvertiseAddr,
+			"uid":             nodeUID,
+			"advertiseAddr":   joinReq.AdvertiseAddr,
 			"wireguardPubKey": joinReq.WireguardPubKey,
-			"joinTimestamp": time.Now().Unix(),
+			"joinTimestamp":   time.Now().Unix(),
 		}
 		nodeRegData, err := json.Marshal(nodeReg)
 		if err != nil {
--- a/internal/api/server.go
+++ b/internal/api/server.go
@ -8,7 +8,6 @@ import (
 	"log"
 	"net/http"
 	"os"
-	"strings"
 	"time"
 )

@ -113,7 +112,7 @@ func (s *Server) Start() error {
 		ClientAuth:   tls.NoClientCert, // Don't require client certs for now
 		MinVersion:   tls.VersionTLS12,
 	}
-	
+
 	log.Printf("WARNING: TLS configured without client certificate verification for Phase 2")
 	log.Printf("This is a temporary development configuration and should be secured in production")

--- a/internal/api/server_test.go
+++ b/internal/api/server_test.go
@ -12,7 +12,7 @@ import (
 	"testing"
 	"time"

-	"kat-system/internal/pki"
+	"git.dws.rip/dubey/kat/internal/pki"
 )

 func TestServerWithMTLS(t *testing.T) {
@ -31,7 +31,7 @@ func TestServerWithMTLS(t *testing.T) {
 	// Generate CA
 	caKeyPath := filepath.Join(tempDir, "ca.key")
 	caCertPath := filepath.Join(tempDir, "ca.crt")
-	if err := pki.GenerateCA(caKeyPath, caCertPath, "KAT Test CA", 24*time.Hour); err != nil {
+	if err := pki.GenerateCA(tempDir, caKeyPath, caCertPath); err != nil {
 		t.Fatalf("Failed to generate CA: %v", err)
 	}

@ -39,7 +39,7 @@ func TestServerWithMTLS(t *testing.T) {
 	serverKeyPath := filepath.Join(tempDir, "server.key")
 	serverCSRPath := filepath.Join(tempDir, "server.csr")
 	serverCertPath := filepath.Join(tempDir, "server.crt")
-	if err := pki.GenerateCertificateRequest("server.test", serverKeyPath, serverCSRPath); err != nil {
+	if err := pki.GenerateCertificateRequest("localhost", serverKeyPath, serverCSRPath); err != nil {
 		t.Fatalf("Failed to generate server CSR: %v", err)
 	}
 	if err := pki.SignCertificateRequest(caKeyPath, caCertPath, serverCSRPath, serverCertPath, 24*time.Hour); err != nil {
@ -58,7 +58,7 @@ func TestServerWithMTLS(t *testing.T) {
 	}

 	// Create and start server
-	server, err := NewServer("localhost:0", serverCertPath, serverKeyPath, caCertPath)
+	server, err := NewServer("localhost:8443", serverCertPath, serverKeyPath, caCertPath)
 	if err != nil {
 		t.Fatalf("Failed to create server: %v", err)
 	}
@ -76,7 +76,7 @@ func TestServerWithMTLS(t *testing.T) {
 	}()

 	// Wait for server to start
-	time.Sleep(100 * time.Millisecond)
+	time.Sleep(250 * time.Millisecond)

 	// Load CA cert
 	caCert, err := os.ReadFile(caCertPath)
--- a/internal/config/parse_test.go
+++ b/internal/config/parse_test.go
@ -201,8 +201,8 @@ func TestValidateClusterConfiguration_InvalidValues(t *testing.T) {
 			ApiPort:                10251,
 			EtcdPeerPort:           2380,
 			EtcdClientPort:         2379,
-			VolumeBasePath:         "~/.kat/volumes",
-			BackupPath:             "~/.kat/backups",
+			VolumeBasePath:         ".kat/volumes",
+			BackupPath:             ".kat/backups",
 			BackupIntervalMinutes:  30,
 			AgentTickSeconds:       15,
 			NodeLossTimeoutSeconds: 60,
--- a/internal/config/types.go
+++ b/internal/config/types.go
@ -11,8 +11,8 @@ const (
 	DefaultApiPort            = 9115
 	DefaultEtcdPeerPort       = 2380
 	DefaultEtcdClientPort     = 2379
-	DefaultVolumeBasePath     = "~/.kat/volumes"
-	DefaultBackupPath         = "~/.kat/backups"
+	DefaultVolumeBasePath     = ".kat/volumes"
+	DefaultBackupPath         = ".kat/backups"
 	DefaultBackupIntervalMins = 30
 	DefaultAgentTickSeconds   = 15
 	DefaultNodeLossTimeoutSec = 60 // DefaultNodeLossTimeoutSeconds = DefaultAgentTickSeconds * 4 (example logic)
--- a/internal/pki/ca.go
+++ b/internal/pki/ca.go
@ -22,7 +22,7 @@ const (
 	// Default certificate validity period
 	DefaultCertValidityDays = 365 // 1 year
 	// Default PKI directory
-	DefaultPKIDir = "/var/lib/kat/pki"
+	DefaultPKIDir = ".kat/pki"
 )

 // GenerateCA creates a new Certificate Authority key pair and certificate.
@ -271,18 +271,6 @@ func GetPKIPathFromClusterConfig(backupPath string) string {
 	return filepath.Dir(backupPath) + "/pki"
 }

-// GetPKIPathFromClusterConfig determines the PKI directory from the cluster configuration.
-// If backupPath is provided, it uses the parent directory of backupPath.
-// Otherwise, it uses the default PKI directory.
-func GetPKIPathFromClusterConfig(backupPath string) string {
-	if backupPath == "" {
-		return DefaultPKIDir
-	}
-
-	// Use the parent directory of backupPath
-	return filepath.Dir(backupPath) + "/pki"
-}
-
 // generateSerialNumber creates a random serial number for certificates
 func generateSerialNumber() (*big.Int, error) {
 	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128) // 128 bits
--- a/internal/testutil/testutil.go
+++ b/internal/testutil/testutil.go
@ -51,8 +51,8 @@ spec:
  apiPort: 9115
  etcdPeerPort: 2380
  etcdClientPort: 2379
-  volumeBasePath: "~/.kat/volumes"
-  backupPath: "~/.kat/backups"
+  volumeBasePath: ".kat/volumes"
+  backupPath: ".kat/backups"
  backupIntervalMinutes: 30
  agentTickSeconds: 15
  nodeLossTimeoutSeconds: 60