Use filename as key in the hashes map (#28)

nsimons · web-flow · commit 2d17ae7d91ea · 2022-12-15T18:19:43.000+02:00
diff --git a/internal/manifest/manifest.go b/internal/manifest/manifest.go
@@ -38,7 +38,7 @@ type Manifest struct {
 	// certs is a map from subject name to CertificateManifest.
 	certs map[string]*CertificateManifest
 
-	// hashes is a map from subject name to hash of CertificateManifest struct.
+	// hashes is a map from file name (typically subject name) to hash of CertificateManifest struct.
 	// It is stored and read from certyaml's .state file between consequent executions of certyaml.
 	hashes map[string]string
 
@@ -107,7 +107,7 @@ func GenerateCertificates(output io.Writer, manifestFile, stateFile, destDir str
 		}
 
 		// Compare hash from state file to hash of the loaded certificate.
-		hash, ok := m.hashes[c.Subject]
+		hash, ok := m.hashes[c.Filename]
 		if ok && c.GeneratedCert != nil && hash == c.hash() {
 			fmt.Fprintf(output, "No changes: skipping %s\n", c.Filename)
 			continue // Continue to next certificate in manifest.
@@ -117,12 +117,12 @@ func GenerateCertificates(output io.Writer, manifestFile, stateFile, destDir str
 		// "adopt" the existing certificate like we would have generated it.
 		if !ok && c.GeneratedCert != nil {
 			fmt.Fprintf(output, "Recognized existing certificate: skipping %s\n", c.Filename)
-			m.hashes[c.Subject] = c.hash()
+			m.hashes[c.Filename] = c.hash()
 			continue // Continue to next certificate in manifest.
 		}
 
 		// Store hash of the current state of the certificate.
-		m.hashes[c.Subject] = c.hash()
+		m.hashes[c.Filename] = c.hash()
 
 		// Write the certificate and key to data dir.
 		certFile := path.Join(m.dataDir, c.Filename+".pem")
diff --git a/internal/manifest/manifest_test.go b/internal/manifest/manifest_test.go
@@ -61,6 +61,8 @@ func TestManifestHandling(t *testing.T) {
 		"server-root-ca.pem",
 		"shortlived-key.pem",
 		"shortlived.pem",
+		"shortlived2m-key.pem",
+		"shortlived2m.pem",
 		"state.yaml",
 	}
 
diff --git a/internal/manifest/testdata/certs-state-1.yaml b/internal/manifest/testdata/certs-state-1.yaml
@@ -25,6 +25,11 @@ subject: cn=shortlived
 issuer: cn=intermediate-ca
 expires: 1m
 ---
+subject: cn=shortlived
+issuer: cn=intermediate-ca
+expires: 2m
+filename: shortlived2m
+---
 subject: cn=client-root-ca
 ---
 subject: CN=John Doe,OU=People,O=Company
diff --git a/internal/manifest/testdata/certs-state-2.yaml b/internal/manifest/testdata/certs-state-2.yaml
@@ -25,6 +25,11 @@ subject: cn=shortlived
 issuer: cn=intermediate-ca
 expires: 1m
 ---
+subject: cn=shortlived
+issuer: cn=intermediate-ca
+expires: 2m
+filename: shortlived2m
+---
 subject: cn=client-root-ca
 ---
 subject: CN=John Doe,OU=People,O=Company

Original file line number	Diff line number	Diff line change
`@@ -61,6 +61,8 @@ func TestManifestHandling(t *testing.T) {`
`61`	`61`	`"server-root-ca.pem",`
`62`	`62`	`"shortlived-key.pem",`
`63`	`63`	`"shortlived.pem",`
	`64`	`+ "shortlived2m-key.pem",`
	`65`	`+ "shortlived2m.pem",`
`64`	`66`	`"state.yaml",`
`65`	`67`	`}`
`66`	`68`