Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-21 07:58:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 110
fleet/cmd/fleetctl/generate.go
Roberto Dip 42876a69bb
add CLI for the new MDM cert flow (#19240) 
for #19022


# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
2024-05-27 11:14:37 -03:00

148 lines
3.4 KiB
Go
Raw Blame History

package main
import (
"fmt"
"os"
"github.com/urfave/cli/v2"
)
const (
apnsCSRPath = "fleet-mdm-csr.csr"
bmPublicKeyCertPath = "fleet-apple-mdm-bm-public-key.crt"
)
func generateCommand() *cli.Command {
return &cli.Command{
Name: "generate",
Usage: "Generate certificates and keys required for MDM.",
Flags: []cli.Flag{
configFlag(),
contextFlag(),
debugFlag(),
},
Subcommands: []*cli.Command{
generateMDMAppleCommand(),
generateMDMAppleBMCommand(),
},
}
}
func generateMDMAppleCommand() *cli.Command {
return &cli.Command{
Name: "mdm-apple",
Aliases: []string{"mdm_apple"},
Usage: "Generates certificate signing request (CSR) to turn on MDM features.",
Flags: []cli.Flag{
contextFlag(),
debugFlag(),
&cli.StringFlag{
Name: "csr",
Usage: "The output path for the APNs CSR.",
Value: apnsCSRPath,
},
},
Action: func(c *cli.Context) error {
csrPath := c.String("csr")
// get the fleet API client first, so that any login requirement are met
// before printing the CSR output message.
client, err := clientFromCLI(c)
if err != nil {
fmt.Fprintf(c.App.ErrWriter, "client from CLI: %s", err)
return ErrGeneric
}
csr, err := client.RequestAppleCSR()
if err != nil {
fmt.Fprintf(c.App.ErrWriter, "requesting APNs CSR: %s", err)
return ErrGeneric
}
if err := os.WriteFile(csrPath, csr, defaultFileMode); err != nil {
fmt.Fprintf(c.App.ErrWriter, "write CSR: %s", err)
return ErrGeneric
}
appCfg, err := client.GetAppConfig()
if err != nil {
fmt.Fprintf(c.App.ErrWriter, "fetching app config: %s", err)
return ErrGeneric
}
fmt.Fprintf(
c.App.Writer,
`Success!
Generated your certificate signing request (CSR) at %s
Go to %s/settings/integrations/mdm/apple and follow the steps.
`,
csrPath,
appCfg.ServerSettings.ServerURL,
)
return nil
},
}
}
func generateMDMAppleBMCommand() *cli.Command {
return &cli.Command{
Name: "mdm-apple-bm",
Aliases: []string{"mdm_apple_bm"},
Usage: "Generate Apple Business Manager public key to enable automatic enrollment for macOS hosts.",
Flags: []cli.Flag{
contextFlag(),
debugFlag(),
&cli.StringFlag{
Name: "public-key",
Usage: "The output path for the Apple Business Manager public key certificate.",
Value: bmPublicKeyCertPath,
},
},
Action: func(c *cli.Context) error {
publicKeyPath := c.String("public-key")
// get the fleet API client first, so that any login requirement are met
// before printing the CSR output message.
client, err := clientFromCLI(c)
if err != nil {
fmt.Fprintf(c.App.ErrWriter, "client from CLI: %s", err)
return ErrGeneric
}
publicKey, err := client.RequestAppleABM()
if err != nil {
fmt.Fprintf(c.App.ErrWriter, "requesting ABM public key: %s", err)
return ErrGeneric
}
if err := os.WriteFile(publicKeyPath, publicKey, defaultFileMode); err != nil {
fmt.Fprintf(c.App.ErrWriter, "write public key: %s", err)
return ErrGeneric
}
appCfg, err := client.GetAppConfig()
if err != nil {
fmt.Fprintf(c.App.ErrWriter, "fetching app config: %s", err)
return ErrGeneric
}
fmt.Fprintf(
c.App.Writer,
`Success!
Generated your public key at %s
Go to %s/settings/integrations/automatic-enrollment/apple and follow the steps.
`,
publicKeyPath,
appCfg.ServerSettings.ServerURL,
)
return nil
},
}
}
Reference in a new issue View git blame Copy permalink