Make the ticket optional in 'icinga2 node wizard'

refs #5450

lib/cli/nodewizardcommand.cpp

@@ -216,35 +216,17 @@ wizard_endpoint_loop_start:
 		if (choice.Contains("y"))
 			goto wizard_endpoint_loop_start;
 
-		std::cout << ConsoleColorTag(Console_Bold)
+		String master_host, master_port;
-		    << "Please specify the master connection for CSR auto-signing"
-		    << ConsoleColorTag(Console_Normal) << " (defaults to master endpoint host):\n";
 
-wizard_master_host:
+		for (const String& endpoint : endpoints) {
-		std::cout << ConsoleColorTag(Console_Bold) << "Host"
+			std::vector<String> tokens = endpoint.Split(",");
-		    << ConsoleColorTag(Console_Normal) << " [" << master_endpoint_name << "]: ";
 
-		std::getline(std::cin, answer);
+			if (tokens.size() > 1)
+				master_host = tokens[1];
 
-		if (answer.empty() && !master_endpoint_name.IsEmpty())
+			if (tokens.size() > 2)
-			answer = master_endpoint_name;
+				master_port = tokens[2];
-
+		}
-		if (answer.empty() && master_endpoint_name.IsEmpty())
-			goto wizard_master_host;
-
-		String master_host = answer;
-		master_host = master_host.Trim();
-
-		std::cout << ConsoleColorTag(Console_Bold) << "Port"
-		    << ConsoleColorTag(Console_Normal) << " [" << tmpPort << "]: ";
-
-		std::getline(std::cin, answer);
-
-		if (!answer.empty())
-			tmpPort = answer;
-
-		String master_port = tmpPort;
-		master_port = master_port.Trim();
 
 		/* workaround for fetching the master cert */
 		String pki_path = PkiUtility::GetPkiPath();
@@ -283,12 +265,15 @@ wizard_master_host:
 			    << "' on file '" << node_key << "'. Verify it yourself!";
 		}
 
+		boost::shared_ptr<X509> trustedcert;
+
+		if (!master_host.IsEmpty()) {
 			//save-cert and store the master certificate somewhere
 			Log(LogInformation, "cli")
 			    << "Fetching public certificate from master ("
 			    << master_host << ", " << master_port << "):\n";
 
-		boost::shared_ptr<X509> trustedcert = PkiUtility::FetchCert(master_host, master_port);
+			trustedcert = PkiUtility::FetchCert(master_host, master_port);
 			if (!trustedcert) {
 				Log(LogCritical, "cli", "Peer did not present a valid certificate.");
 				return 1;
@@ -307,23 +292,34 @@ wizard_master_host:
 			}
 
 			Log(LogInformation, "cli", "Received trusted master certificate.\n");
+		}
 
 wizard_ticket:
 		std::cout << ConsoleColorTag(Console_Bold)
-		    << "Please specify the request ticket generated on your Icinga 2 master."
+		    << "Please specify the request ticket generated on your Icinga 2 master (optional)."
 		    << ConsoleColorTag(Console_Normal) << "\n"
 		    << " (Hint: # icinga2 pki ticket --cn '" << cn << "'): ";
 
 		std::getline(std::cin, answer);
 
-		if (answer.empty())
+		if (answer.empty()) {
-			goto wizard_ticket;
+			std::cout << ConsoleColorTag(Console_Bold) << "\n"
+			    << "No ticket was specified. Please approve the certificate signing request manually\n"
+			    << "on the master (see 'icinga2 ca list' and 'icinga2 ca sign --help' for details)."
+			    << ConsoleColorTag(Console_Normal) << "\n\n";
+		}
 
 		String ticket = answer;
 		ticket = ticket.Trim();
 
+		if (!master_host.IsEmpty()) {
+			if (ticket.IsEmpty()) {
 				Log(LogInformation, "cli")
-		    << "Requesting certificate with ticket '" << ticket << "'.\n";
+				    << "Requesting certificate without a ticket.";
+			} else {
+				Log(LogInformation, "cli")
+				    << "Requesting certificate with ticket '" << ticket << "'.";
+			}
 
 			String target_ca = pki_path + "/ca.crt";
 
@@ -348,6 +344,7 @@ wizard_ticket:
 				    << "' group '" << group << "' on file '"
 				    << node_cert << "'. Verify it yourself!";
 			}
+		}
 
 		/* apilistener config */
 		std::cout << ConsoleColorTag(Console_Bold)