summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Polden <mpolden@mpolden.no>2023-08-14 10:15:10 +0200
committerMartin Polden <mpolden@mpolden.no>2023-08-14 10:18:03 +0200
commita36505a8c77a75d38dd453d291a5e000a4841112 (patch)
treed799dc3cdce5f89a77ea44b283f8c2fbd47157cb
parentc644eefd16e2803362a773989b9758401e0cb006 (diff)
Never attempt to add certificate to compressed package
-rw-r--r--client/go/internal/cli/cmd/cert.go13
1 files changed, 10 insertions, 3 deletions
diff --git a/client/go/internal/cli/cmd/cert.go b/client/go/internal/cli/cmd/cert.go
index f7320e37626..7fbb357d1db 100644
--- a/client/go/internal/cli/cmd/cert.go
+++ b/client/go/internal/cli/cmd/cert.go
@@ -156,9 +156,16 @@ func doCertAdd(cli *CLI, overwriteCertificate bool, args []string) error {
}
func maybeCopyCertificate(force, ignoreZip bool, cli *CLI, target vespa.Target, pkg vespa.ApplicationPackage) error {
- if pkg.IsZip() && !ignoreZip {
- hint := "Try running 'mvn clean', then 'vespa auth cert add' and finally 'mvn package'"
- return errHint(fmt.Errorf("cannot add certificate to compressed application package: %s", pkg.Path), hint)
+ if pkg.IsZip() {
+ if ignoreZip {
+ cli.printWarning("Cannot verify existence of "+color.CyanString("security/clients.pem")+" since "+pkg.Path+" is compressed",
+ "Deployment to Vespa Cloud requires certificate in application package",
+ "See https://cloud.vespa.ai/en/security/guide")
+ return nil
+ } else {
+ hint := "Try running 'mvn clean', then 'vespa auth cert add' and finally 'mvn package'"
+ return errHint(fmt.Errorf("cannot add certificate to compressed application package: %s", pkg.Path), hint)
+ }
}
if force {
return copyCertificate(cli, target, pkg)