// NewKeyManagerClient returns an api.keymanager.Client connected to the API Server for
// the named environment. If envName is "", the default environment will be used.
func NewKeyManagerClient(envName string) (*keymanager.Client, error) {
st, err := newAPIClient(envName)
if err != nil {
return nil, err
}
return keymanager.NewClient(st), nil
}
func ensureSystemSSHKey(context Context) error {
identityFile := context.AgentConfig().SystemIdentityPath()
// Don't generate a key unless we have to.
keyExists, err := systemKeyExists(identityFile)
if err != nil {
return fmt.Errorf("failed to check system key exists: %v", err)
}
if keyExists {
return nil
}
privateKey, publicKey, err := ssh.GenerateKey(config.JujuSystemKey)
if err != nil {
return fmt.Errorf("failed to create system key: %v", err)
}
// Write new authorised key.
keyManager := keymanager.NewClient(context.APIState())
errResults, err := keyManager.AddKeys(config.JujuSystemKey, publicKey)
apiErr := err
if apiErr == nil {
apiErr = errResults[0].Error
}
if err != nil || errResults[0].Error != nil {
return fmt.Errorf("failed to update authoised keys with new system key: %v", apiErr)
}
return ioutil.WriteFile(identityFile, []byte(privateKey), 0600)
}