begin docker-composing
diff --git a/docker/.gitignore b/docker/.gitignore
new file mode 100644
index 0000000..5a8ef6a
--- /dev/null
+++ b/docker/.gitignore
@@ -0,0 +1 @@
+pki
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
new file mode 100644
index 0000000..fb69186
--- /dev/null
+++ b/docker/docker-compose.yml
@@ -0,0 +1,9 @@
+version: '3'
+services:
+ m6220-proxy:
+ build:
+ context: ..
+ dockerfile: docker/Dockerfile
+ command:
+ - m6220-proxy
+ - "--logtostderr"
diff --git a/env.sh b/env.sh
new file mode 100644
index 0000000..206ae5b
--- /dev/null
+++ b/env.sh
@@ -0,0 +1,30 @@
+# source me to have all the nice things
+
+if [ "$0" == "$BASH_SOURCE" ]; then
+ echo "You should be sourcing this."
+ exit 1
+fi
+
+hscloud_root="$( cd "$(dirname "$BASH_SOURCE")"; pwd -P )"
+
+hscloud-dc() {
+ ( cd "$hscloud_root" && docker-compose -f "docker/docker-compose.yml" "$@" )
+}
+
+hscloud-pki-dev() {
+ (
+ set -e
+
+ cd "$hscloud_root"
+ rm -rf docker/pki
+
+ cp -rv go/pki/dev-certs docker/pki
+ cd docker/pki
+ bash gen.sh m6220-proxy arista-proxy cmc-proxy topo client
+ ls *pem
+ )
+}
+
+echo "Now playing:"
+echo " hscloud-dc - run docker-compose"
+echo " hscloud-pki-dev - generate dev PKI certs"
diff --git a/go/pki/dev-certs/client_csr.json b/go/pki/dev-certs/client_csr.json
deleted file mode 100644
index 26fc041..0000000
--- a/go/pki/dev-certs/client_csr.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
- "CN": "developer.humans.svc.cluster.local",
- "names": [
- {
- "C": "US",
- "L": "San Francisco",
- "O": "Internet Widgets, Inc.",
- "OU": "WWW",
- "ST": "California"
- }
- ]
-}
diff --git a/go/pki/dev-certs/gen.sh b/go/pki/dev-certs/gen.sh
index e09e9f3..b068731 100755
--- a/go/pki/dev-certs/gen.sh
+++ b/go/pki/dev-certs/gen.sh
@@ -1,7 +1,11 @@
#!/bin/sh
-set -e -x
+set -e
test -f ca.pem || ( cfssl gencert -initca ca_csr.json | cfssljson -bare ca )
-test -f service.pem || ( cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca_config.json -profile=test service_csr.json | cfssljson -bare service )
-test -f client.pem || ( cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca_config.json -profile=test client_csr.json | cfssljson -bare client )
+
+for crt in "$@"; do
+ jq ".CN |= \"${crt}.dev.svc.cluster.local\"" < template.json > service_${crt}.json
+ test -f ${crt}.pem || ( cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca_config.json -profile=test service_${crt}.json | cfssljson -bare ${crt} )
+ rm -f service_${crt}.json
+done
diff --git a/go/pki/dev-certs/service_csr.json b/go/pki/dev-certs/template.json
similarity index 100%
rename from go/pki/dev-certs/service_csr.json
rename to go/pki/dev-certs/template.json