Rename pki.FindKeypair to FindPrimaryKeypair

cmd/kops-controller/pkg/server/keystore.go

@@ -35,7 +35,7 @@ type keystoreEntry struct {
 
 var _ pki.Keystore = keystore{}
 
-func (k keystore) FindKeypair(name string) (*pki.Certificate, *pki.PrivateKey, error) {
+func (k keystore) FindPrimaryKeypair(name string) (*pki.Certificate, *pki.PrivateKey, error) {
 	entry, ok := k.keys[name]
 	if !ok {
 		return nil, nil, fmt.Errorf("unknown CA %q", name)

cmd/kops-controller/pkg/server/node_config.go

@@ -63,7 +63,7 @@ func (s *Server) getNodeConfig(ctx context.Context, req *nodeup.BootstrapRequest
 
 	// We populate some certificates that we know the node will need.
 	for _, name := range []string{"ca"} {
-		cert, _, err := s.keystore.FindKeypair(name)
+		cert, _, err := s.keystore.FindPrimaryKeypair(name)
 		if err != nil {
 			return nil, fmt.Errorf("error getting certificate %q: %w", name, err)
 		}

nodeup/pkg/model/fakes_test.go

@@ -33,8 +33,8 @@ type fakeKeyStore struct {
 
 var _ fi.Keystore = &fakeKeyStore{}
 
-func (k fakeKeyStore) FindKeypair(name string) (*pki.Certificate, *pki.PrivateKey, error) {
-	panic("fakeKeyStore does not implement FindKeypair")
+func (k fakeKeyStore) FindPrimaryKeypair(name string) (*pki.Certificate, *pki.PrivateKey, error) {
+	panic("fakeKeyStore does not implement FindPrimaryKeypair")
 }
 
 func (k fakeKeyStore) FindKeyset(name string) (*fi.Keyset, error) {

pkg/configserver/keystore.go

@@ -38,9 +38,9 @@ func NewKeyStore(nodeConfig *nodeup.NodeConfig) fi.CAStore {
 	}
 }
 
-// FindKeypair implements pki.Keystore
-func (s *configserverKeyStore) FindKeypair(name string) (*pki.Certificate, *pki.PrivateKey, error) {
-	return nil, nil, fmt.Errorf("FindKeypair %q not supported by configserverKeyStore", name)
+// FindPrimaryKeypair implements pki.Keystore
+func (s *configserverKeyStore) FindPrimaryKeypair(name string) (*pki.Certificate, *pki.PrivateKey, error) {
+	return nil, nil, fmt.Errorf("FindPrimaryKeypair %q not supported by configserverKeyStore", name)
 }
 
 // FindKeyset implements fi.Keystore

pkg/kubeconfig/create_kubecfg_test.go

@@ -94,8 +94,8 @@ type fakeKeyStore struct {
 	MirrorToFn func(basedir vfs.Path) error
 }
 
-func (f fakeKeyStore) FindKeypair(name string) (*pki.Certificate, *pki.PrivateKey, error) {
-	return fi.FindKeypair(f, name)
+func (f fakeKeyStore) FindPrimaryKeypair(name string) (*pki.Certificate, *pki.PrivateKey, error) {
+	return fi.FindPrimaryKeypair(f, name)
 }
 
 func (f fakeKeyStore) FindKeyset(name string) (*fi.Keyset, error) {

pkg/pki/issue.go

@@ -56,9 +56,9 @@ type IssueCertRequest struct {
 }
 
 type Keystore interface {
-	// FindKeypair finds a cert & private key, returning nil where either is not found
+	// FindPrimaryKeypair finds a cert & private key, returning nil where either is not found
 	// (if the certificate is found but not keypair, that is not an error: only the cert will be returned).
-	FindKeypair(name string) (*Certificate, *PrivateKey, error)
+	FindPrimaryKeypair(name string) (*Certificate, *PrivateKey, error)
 }
 
 // IssueCert issues a certificate, either a self-signed CA or from a CA in a keystore.
@@ -116,7 +116,7 @@ func IssueCert(request *IssueCertRequest, keystore Keystore) (issuedCertificate
 	var signer *x509.Certificate
 	if !template.IsCA {
 		var err error
-		caCertificate, caPrivateKey, err = keystore.FindKeypair(request.Signer)
+		caCertificate, caPrivateKey, err = keystore.FindPrimaryKeypair(request.Signer)
 		if err != nil {
 			return nil, nil, nil, err
 		}

pkg/pki/issue_test.go

@@ -38,7 +38,7 @@ type mockKeystore struct {
 	invoked bool
 }
 
-func (m *mockKeystore) FindKeypair(name string) (*Certificate, *PrivateKey, error) {
+func (m *mockKeystore) FindPrimaryKeypair(name string) (*Certificate, *PrivateKey, error) {
 	assert.False(m.t, m.invoked, "invoked already")
 	m.invoked = true
 	assert.Equal(m.t, m.signer, name, "name argument")

upup/pkg/fi/ca.go

@@ -157,8 +157,8 @@ func (c *CertificatePool) AsString() (string, error) {
 	return data.String(), nil
 }
 
-// FindKeypair is a common implementation of pki.FindKeypair.
-func FindKeypair(c Keystore, name string) (*pki.Certificate, *pki.PrivateKey, error) {
+// FindPrimaryKeypair is a common implementation of pki.FindPrimaryKeypair.
+func FindPrimaryKeypair(c Keystore, name string) (*pki.Certificate, *pki.PrivateKey, error) {
 	keyset, err := c.FindKeyset(name)
 	if err != nil {
 		return nil, nil, err

upup/pkg/fi/clientset_castore.go

@@ -145,9 +145,9 @@ func FindPrimary(keyset *kops.Keyset) *kops.KeysetItem {
 	return primary
 }
 
-// FindKeypair implements PKI::FindKeypair
-func (c *ClientsetCAStore) FindKeypair(name string) (*pki.Certificate, *pki.PrivateKey, error) {
-	return FindKeypair(c, name)
+// FindPrimaryKeypair implements PKI::FindPrimaryKeypair
+func (c *ClientsetCAStore) FindPrimaryKeypair(name string) (*pki.Certificate, *pki.PrivateKey, error) {
+	return FindPrimaryKeypair(c, name)
 }
 
 // FindKeyset implements CAStore::FindKeyset

upup/pkg/fi/vfs_castore.go

@@ -216,8 +216,8 @@ func removePrivateKeyMaterial(o *kops.Keyset) *kops.Keyset {
 	return c
 }
 
-func (c *VFSCAStore) FindKeypair(name string) (*pki.Certificate, *pki.PrivateKey, error) {
-	return FindKeypair(c, name)
+func (c *VFSCAStore) FindPrimaryKeypair(name string) (*pki.Certificate, *pki.PrivateKey, error) {
+	return FindPrimaryKeypair(c, name)
 }
 
 func (c *VFSCAStore) FindKeyset(id string) (*Keyset, error) {