Override SSL certificate path in landscape.conf

wsl-pro-service/internal/system/landscape.go

@@ -92,6 +92,11 @@ func modifyConfig(ctx context.Context, s *System, landscapeConfig string) (strin
 		return "", err
 	}
 
+	if err := overrideSSLCertificate(ctx, s, data); err != nil {
+		// We log the error but still try to attach to landscape
+		log.Errorf(ctx, "could not override SSL certificate path: %v", err)
+	}
+
 	w := &bytes.Buffer{}
 	if _, err := data.WriteTo(w); err != nil {
 		return "", fmt.Errorf("could not write modified config: %v", err)
@@ -128,3 +133,34 @@ func overrideComputerTitle(ctx context.Context, s *System, data *ini.File) error
 
 	return nil
 }
+
+func overrideSSLCertificate(ctx context.Context, s *System, data *ini.File) error {
+	const section = "client"
+	const key = "ssl_public_key"
+
+	sec, err := data.GetSection(section)
+	if err != nil {
+		// No certificate
+		return nil
+	}
+
+	k, err := sec.GetKey(key)
+	if err != nil {
+		// No certificate
+		return nil
+	}
+
+	pathWindows := k.String()
+
+	cmd, args := s.backend.WslpathExecutable("-ua", pathWindows)
+	//nolint:gosec // In production code, these variables are hard-coded (except for the path).
+	out, err := exec.CommandContext(ctx, cmd, args...).CombinedOutput()
+	if err != nil {
+		return fmt.Errorf("could not translate SSL certificate path %q to a WSL path: %v: %s", pathWindows, err, out)
+	}
+
+	pathLinux := s.Path(strings.TrimSpace(string(out)))
+	k.SetValue(pathLinux)
+
+	return nil
+}

wsl-pro-service/internal/system/system_test.go

@@ -351,11 +351,14 @@ func TestLandscapeEnable(t *testing.T) {
 	testCases := map[string]struct {
 		breakWriteConfig     bool
 		breakLandscapeConfig bool
+		breakWSLPath         bool
 
 		wantErr bool
 	}{
-		"Success":                           {},
-		"Success overriding computer_title": {},
+		"Success":                                    {},
+		"Success overriding computer_title":          {},
+		"Success overriding the SSL certficate path": {},
+		"Success despite failing to override the SSL certficate path": {breakWSLPath: true},
 
 		"Error when the file cannot be parsed":          {wantErr: true},
 		"Error when the config file cannot be written":  {breakWriteConfig: true, wantErr: true},
@@ -379,6 +382,10 @@ func TestLandscapeEnable(t *testing.T) {
 				mock.SetControlArg(testutils.LandscapeEnableErr)
 			}
 
+			if tc.breakWSLPath {
+				mock.SetControlArg(testutils.WslpathErr)
+			}
+
 			config, err := os.ReadFile(filepath.Join(golden.TestFixturePath(t), "landscape.conf"))
 			require.NoError(t, err, "Setup: could not load golden file")
 
@@ -391,11 +398,15 @@ func TestLandscapeEnable(t *testing.T) {
 
 			exeProof := s.Path("/.landscape-enabled")
 			require.FileExists(t, exeProof, "Landscape executable never ran")
-			got, err := os.ReadFile(exeProof)
+			out, err := os.ReadFile(exeProof)
 			require.NoErrorf(t, err, "could not read file %q", exeProof)
 
-			want := golden.LoadWithUpdateFromGolden(t, string(config))
-			require.Equal(t, want, string(got), "Landscape executable did not receive the right config")
+			// We mock the filesystem, and the mocked filesystem root is not the same between
+			// runs, so the golden file would never match. This is the solution:
+			got := strings.ReplaceAll(string(out), mock.FsRoot, "${FILESYSTEM_ROOT}")
+
+			want := golden.LoadWithUpdateFromGolden(t, got)
+			require.Equal(t, want, got, "Landscape executable did not receive the right config")
 		})
 	}
 }

wsl-pro-service/internal/testutils/mock_executables.go

@@ -447,7 +447,12 @@ func WslPathMock(t *testing.T) {
 				return exitError
 			}
 
-			if argv[1] != windowsLocalAppDataDir {
+			stdout, ok := map[string]string{
+				windowsLocalAppDataDir:          linuxLocalAppDataDir,
+				`D:\Users\TestUser\certificate`: filepath.Join(defaultWindowsMount, "Users/TestUser/certificate"),
+			}[argv[1]]
+
+			if !ok {
 				fmt.Fprintf(os.Stderr, "Mock not implemented for args %q\n", argv)
 				return exitBadUsage
 			}
@@ -457,7 +462,7 @@ func WslPathMock(t *testing.T) {
 				return exitOk
 			}
 
-			fmt.Fprintf(os.Stdout, "%s\r\n", linuxLocalAppDataDir)
+			fmt.Fprintf(os.Stdout, "%s\r\n", stdout)
 			return exitOk
 
 		default: