Merge pull request #165 from ovotech/armoured-keyring-path

Make armoured keyring configurable

Author: Chris Every

pkg/cred/creds.go

@@ -19,6 +19,7 @@ type Credentials struct {
 	CircleCIAPIToken string
 	GitAccount       GitAccount
 	AkrPass          string
+	AkrPath          string
 	KmsKey           string
 	GocdServer       GocdServer
 }

pkg/crypt/crypt.go

@@ -35,14 +35,17 @@ func EncryptedServiceAccountKey(key, kmsKey string) (encKey []byte) {
 //CommitSignKey creates an openPGP Entity based on a user's name, email,
 //armoredKeyRing and passphrase for the key ring. This commitSignKey can then
 //be used to GPG sign Git commits
-func CommitSignKey(name, email, passphrase string) (entity *openpgp.Entity,
+func CommitSignKey(name, email, passphrase, path string) (entity *openpgp.Entity,
 	err error) {
-	if passphrase == "" {
+	if len(passphrase) == 0 {
 		err = errors.New("ArmouredKeyRing passphrase must not be empty")
 		return
 	}
+	if len(path) == 0 {
+		path = "/etc/cloud-key-rotator/akr.asc"
+	}
 	var reader *os.File
-	if reader, err = os.Open("/etc/cloud-key-rotator/akr.asc"); err != nil {
+	if reader, err = os.Open(path); err != nil {
 		if reader, err = os.Open("./akr.asc"); err != nil {
 			return
 		}

pkg/location/git.go

@@ -56,7 +56,7 @@ func (git Git) Write(serviceAccountName string, keyWrapper KeyWrapper, creds cre
 	defer os.RemoveAll(localDir)
 
 	var signKey *openpgp.Entity
-	if signKey, err = crypt.CommitSignKey(creds.GitAccount.GitName, creds.GitAccount.GitEmail, creds.AkrPass); err != nil {
+	if signKey, err = crypt.CommitSignKey(creds.GitAccount.GitName, creds.GitAccount.GitEmail, creds.AkrPass, creds.AkrPath); err != nil {
 		return
 	}