status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-10 22:06:20 +00:00
Code Issues Projects Releases Wiki Activity

connect/proxy: remove dev CA settings

Browse Source
This commit is contained in:
Mitchell Hashimoto 2018-05-22 10:45:37 -07:00
parent eb2a6952ba
commit 11f57ed4f4
No known key found for this signature in database
GPG Key ID: 744E147AA52F5B0A
3 changed files with 1 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
connect/proxy/config.go
View File

@ -36,25 +36,11 @@ type Config struct {
// Upstreams configures outgoing proxies for remote connect services. // Upstreams configures outgoing proxies for remote connect services.
Upstreams []UpstreamConfig `json:"upstreams" hcl:"upstreams"` Upstreams []UpstreamConfig `json:"upstreams" hcl:"upstreams"`
// DevCAFile, DevServiceCertFile, and DevServiceKeyFile allow configuring
// the certificate information from a static file. This is only for testing
// purposes. All or none must be specified.
DevCAFile string `json:"dev_ca_file" hcl:"dev_ca_file"`
DevServiceCertFile string `json:"dev_service_cert_file" hcl:"dev_service_cert_file"`
DevServiceKeyFile string `json:"dev_service_key_file" hcl:"dev_service_key_file"`
} }
// Service returns the *connect.Service structure represented by this config. // Service returns the *connect.Service structure represented by this config.
func (c *Config) Service(client *api.Client, logger *log.Logger) (*connect.Service, error) { func (c *Config) Service(client *api.Client, logger *log.Logger) (*connect.Service, error) {
// If we aren't in dev mode, then we return the configured service. return connect.NewServiceWithLogger(c.ProxiedServiceName, client, logger)
if c.DevCAFile == "" {
return connect.NewServiceWithLogger(c.ProxiedServiceName, client, logger)
}
// Dev mode
return connect.NewDevServiceFromCertFiles(c.ProxiedServiceName,
logger, c.DevCAFile, c.DevServiceCertFile, c.DevServiceKeyFile)
} }
// PublicListenerConfig contains the parameters needed for the incoming mTLS // PublicListenerConfig contains the parameters needed for the incoming mTLS

3
connect/proxy/config_test.go
View File

@ -47,9 +47,6 @@ func TestParseConfigFile(t *testing.T) {
ConnectTimeoutMs: 10000, ConnectTimeoutMs: 10000,
}, },
}, },
DevCAFile: "connect/testdata/ca1-ca-consul-internal.cert.pem",
DevServiceCertFile: "connect/testdata/ca1-svc-web.cert.pem",
DevServiceKeyFile: "connect/testdata/ca1-svc-web.key.pem",
} }
require.Equal(t, expect, cfg) require.Equal(t, expect, cfg)

5
connect/proxy/testdata/config-kitchensink.hcl vendored
View File

@ -5,11 +5,6 @@ token = "11111111-2222-3333-4444-555555555555"
proxied_service_name = "web" proxied_service_name = "web"
proxied_service_namespace = "default" proxied_service_namespace = "default"
# Assumes running consul in dev mode from the repo root...
dev_ca_file = "connect/testdata/ca1-ca-consul-internal.cert.pem"
dev_service_cert_file = "connect/testdata/ca1-svc-web.cert.pem"
dev_service_key_file = "connect/testdata/ca1-svc-web.key.pem"
public_listener { public_listener {
bind_address = "127.0.0.1" bind_address = "127.0.0.1"
bind_port= "9999" bind_port= "9999"