cloudflare
Incompatibility with cfssl/csr
Presumably since b8be2da153c6e2661275ae41b86c8b54ef0e02c6, projects using both cfssl and certmgr seems to fail to build.
To reproduce:
- Create main.go with:
package main
import (
"fmt"
"github.com/cloudflare/certmgr/cert"
"github.com/cloudflare/cfssl/csr"
)
func main() {
c := csr.New()
x := &cert.Spec{
Request: c,
Key: &cert.File{},
Cert: &cert.File{},
}
fmt.Println(x)
}
- Run (1.12 -> 1.11 has the same issue):
docker run --rm -it -v $PWD:/go/src/mytest -w /go/src/mytest golang:1.12 go get -v
- Observe:
./main.go:13:3: cannot use c (type *"github.com/cloudflare/cfssl/csr".CertificateRequest) as type *"github.com/cloudflare/certmgr/vendor/github.com/cloudflare/cfssl/csr".CertificateRequest in field value
./main.go:15:3: cannot use cert.File literal (type *cert.File) as type *cert.CertificateFile in field value
You want this instead:
package main
import (
"fmt"
"github.com/cloudflare/certmgr/cert"
"github.com/cloudflare/cfssl/csr"
)
func main() {
c := csr.New()
x := &cert.Spec{
Request: c,
Key: &cert.File{},
Cert: &cert.CertificateFile{},
}
fmt.Println(x)
}
Note that in the next API breakage I'll be converting the Key field to a cert.KeyFile ; I've been moving logic down into each of those to simplify other internals. If you have complaints with the encapsulation, let me know.
Regarding Request: c; I'm assuming your cfssl/csr version in your GOPATH doesn't match what we have vendored for certmgr; we have 2001f384ec4fea8e6e648cd89d07bda9bd7568c1 vendored (one commit after 1.3.3 carrying yaml parsing fixes). That's my assumption, but go vendoring is still a bit messy/voodoo-y to me for imports like this.
@cbroglie any comment on above regarding vendoring?
That example code was taken from an existing project that indeed did not vendor anything. It looks like there was a go.mod file in the project and I had to use GO111MODULE=on go mod download instead of go get to obtain the right versions.