From 153765f99fa9b6bafad57bb1c8e159ad9a94b2f5 Mon Sep 17 00:00:00 2001 From: Kevin Pollet Date: Mon, 26 Feb 2024 10:02:06 +0100 Subject: [PATCH] Allow to configure TLSStore default generated certificate with labels --- .../dynamic-configuration/docker-labels.yml | 6 + .../marathon-labels.json | 6 + pkg/config/dynamic/config.go | 4 +- pkg/config/label/label.go | 4 +- pkg/config/label/label_test.go | 35 +++ pkg/provider/configuration.go | 56 +++- pkg/provider/consulcatalog/config_test.go | 222 ++++++++++++++++ pkg/provider/docker/config_test.go | 243 ++++++++++++++++++ pkg/provider/ecs/config_test.go | 222 ++++++++++++++++ pkg/provider/marathon/config_test.go | 231 +++++++++++++++-- pkg/provider/nomad/config_test.go | 202 +++++++++++++++ pkg/provider/rancher/config_test.go | 132 ++++++++++ pkg/tls/tls.go | 2 +- 13 files changed, 1322 insertions(+), 43 deletions(-) diff --git a/docs/content/reference/dynamic-configuration/docker-labels.yml b/docs/content/reference/dynamic-configuration/docker-labels.yml index 300c4febe..02ac9eb1f 100644 --- a/docs/content/reference/dynamic-configuration/docker-labels.yml +++ b/docs/content/reference/dynamic-configuration/docker-labels.yml @@ -209,6 +209,12 @@ - "traefik.tcp.services.tcpservice01.loadbalancer.proxyprotocol.version=42" - "traefik.tcp.services.tcpservice01.loadbalancer.terminationdelay=42" - "traefik.tcp.services.tcpservice01.loadbalancer.server.port=foobar" +- "traefik.tls.stores.store0.defaultgeneratedcert.domain.main=foobar" +- "traefik.tls.stores.store0.defaultgeneratedcert.domain.sans=foobar, foobar" +- "traefik.tls.stores.store0.defaultgeneratedcert.resolver=foobar" +- "traefik.tls.stores.store1.defaultgeneratedcert.domain.main=foobar" +- "traefik.tls.stores.store1.defaultgeneratedcert.domain.sans=foobar, foobar" +- "traefik.tls.stores.store1.defaultgeneratedcert.resolver=foobar" - "traefik.udp.routers.udprouter0.entrypoints=foobar, foobar" - "traefik.udp.routers.udprouter0.service=foobar" - "traefik.udp.routers.udprouter1.entrypoints=foobar, foobar" diff --git a/docs/content/reference/dynamic-configuration/marathon-labels.json b/docs/content/reference/dynamic-configuration/marathon-labels.json index 55ea30b35..41fa198bd 100644 --- a/docs/content/reference/dynamic-configuration/marathon-labels.json +++ b/docs/content/reference/dynamic-configuration/marathon-labels.json @@ -209,6 +209,12 @@ "traefik.tcp.services.tcpservice01.loadbalancer.proxyprotocol.version": "42", "traefik.tcp.services.tcpservice01.loadbalancer.terminationdelay": "42", "traefik.tcp.services.tcpservice01.loadbalancer.server.port": "foobar", +"traefik.tls.stores.store0.defaultgeneratedcert.domain.main": "foobar", +"traefik.tls.stores.store0.defaultgeneratedcert.domain.sans": "foobar, foobar", +"traefik.tls.stores.store0.defaultgeneratedcert.resolver": "foobar", +"traefik.tls.stores.store1.defaultgeneratedcert.domain.main": "foobar", +"traefik.tls.stores.store1.defaultgeneratedcert.domain.sans": "foobar, foobar", +"traefik.tls.stores.store1.defaultgeneratedcert.resolver": "foobar", "traefik.udp.routers.udprouter0.entrypoints": "foobar, foobar", "traefik.udp.routers.udprouter0.service": "foobar", "traefik.udp.routers.udprouter1.entrypoints": "foobar, foobar", diff --git a/pkg/config/dynamic/config.go b/pkg/config/dynamic/config.go index 469c04acc..eb061c953 100644 --- a/pkg/config/dynamic/config.go +++ b/pkg/config/dynamic/config.go @@ -24,7 +24,7 @@ type Configuration struct { HTTP *HTTPConfiguration `json:"http,omitempty" toml:"http,omitempty" yaml:"http,omitempty" export:"true"` TCP *TCPConfiguration `json:"tcp,omitempty" toml:"tcp,omitempty" yaml:"tcp,omitempty" export:"true"` UDP *UDPConfiguration `json:"udp,omitempty" toml:"udp,omitempty" yaml:"udp,omitempty" export:"true"` - TLS *TLSConfiguration `json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" label:"-" export:"true"` + TLS *TLSConfiguration `json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true"` } // +k8s:deepcopy-gen=true @@ -32,6 +32,6 @@ type Configuration struct { // TLSConfiguration contains all the configuration parameters of a TLS connection. type TLSConfiguration struct { Certificates []*tls.CertAndStores `json:"certificates,omitempty" toml:"certificates,omitempty" yaml:"certificates,omitempty" label:"-" export:"true"` - Options map[string]tls.Options `json:"options,omitempty" toml:"options,omitempty" yaml:"options,omitempty" export:"true"` + Options map[string]tls.Options `json:"options,omitempty" toml:"options,omitempty" yaml:"options,omitempty" label:"-" export:"true"` Stores map[string]tls.Store `json:"stores,omitempty" toml:"stores,omitempty" yaml:"stores,omitempty" export:"true"` } diff --git a/pkg/config/label/label.go b/pkg/config/label/label.go index 1791f735f..0222f9a14 100644 --- a/pkg/config/label/label.go +++ b/pkg/config/label/label.go @@ -12,9 +12,11 @@ func DecodeConfiguration(labels map[string]string) (*dynamic.Configuration, erro HTTP: &dynamic.HTTPConfiguration{}, TCP: &dynamic.TCPConfiguration{}, UDP: &dynamic.UDPConfiguration{}, + TLS: &dynamic.TLSConfiguration{}, } - err := parser.Decode(labels, conf, parser.DefaultRootName, "traefik.http", "traefik.tcp", "traefik.udp") + // When decoding the TLS configuration we are making sure that only the default TLS store can be configured. + err := parser.Decode(labels, conf, parser.DefaultRootName, "traefik.http", "traefik.tcp", "traefik.udp", "traefik.tls.stores.default") if err != nil { return nil, err } diff --git a/pkg/config/label/label_test.go b/pkg/config/label/label_test.go index 04bce464e..a11fb3976 100644 --- a/pkg/config/label/label_test.go +++ b/pkg/config/label/label_test.go @@ -9,6 +9,7 @@ import ( "github.com/stretchr/testify/require" ptypes "github.com/traefik/paerser/types" "github.com/traefik/traefik/v2/pkg/config/dynamic" + "github.com/traefik/traefik/v2/pkg/tls" "github.com/traefik/traefik/v2/pkg/types" ) @@ -205,6 +206,10 @@ func TestDecodeConfiguration(t *testing.T) { "traefik.udp.routers.Router1.service": "foobar", "traefik.udp.services.Service0.loadbalancer.server.Port": "42", "traefik.udp.services.Service1.loadbalancer.server.Port": "42", + + "traefik.tls.stores.default.defaultgeneratedcert.resolver": "foobar", + "traefik.tls.stores.default.defaultgeneratedcert.domain.main": "foobar", + "traefik.tls.stores.default.defaultgeneratedcert.domain.sans": "foobar, fiibar", } configuration, err := DecodeConfiguration(labels) @@ -698,6 +703,19 @@ func TestDecodeConfiguration(t *testing.T) { }, }, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{ + "default": { + DefaultGeneratedCert: &tls.GeneratedCert{ + Resolver: "foobar", + Domain: &types.Domain{ + Main: "foobar", + SANs: []string{"foobar", "fiibar"}, + }, + }, + }, + }, + }, } assert.Nil(t, configuration.HTTP.ServersTransports) @@ -1187,6 +1205,19 @@ func TestEncodeConfiguration(t *testing.T) { }, }, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{ + "default": { + DefaultGeneratedCert: &tls.GeneratedCert{ + Resolver: "foobar", + Domain: &types.Domain{ + Main: "foobar", + SANs: []string{"foobar", "fiibar"}, + }, + }, + }, + }, + }, } labels, err := EncodeConfiguration(configuration) @@ -1375,6 +1406,10 @@ func TestEncodeConfiguration(t *testing.T) { "traefik.TCP.Services.Service1.LoadBalancer.server.Port": "42", "traefik.TCP.Services.Service1.LoadBalancer.TerminationDelay": "42", + "traefik.TLS.Stores.default.DefaultGeneratedCert.Resolver": "foobar", + "traefik.TLS.Stores.default.DefaultGeneratedCert.Domain.Main": "foobar", + "traefik.TLS.Stores.default.DefaultGeneratedCert.Domain.SANs": "foobar, fiibar", + "traefik.UDP.Routers.Router0.EntryPoints": "foobar, fiibar", "traefik.UDP.Routers.Router0.Service": "foobar", "traefik.UDP.Routers.Router1.EntryPoints": "foobar, fiibar", diff --git a/pkg/provider/configuration.go b/pkg/provider/configuration.go index 261d68156..ac1e4b54a 100644 --- a/pkg/provider/configuration.go +++ b/pkg/provider/configuration.go @@ -12,9 +12,10 @@ import ( "github.com/Masterminds/sprig/v3" "github.com/traefik/traefik/v2/pkg/config/dynamic" "github.com/traefik/traefik/v2/pkg/log" + "github.com/traefik/traefik/v2/pkg/tls" ) -// Merge Merges multiple configurations. +// Merge merges multiple configurations. func Merge(ctx context.Context, configurations map[string]*dynamic.Configuration) *dynamic.Configuration { logger := log.FromContext(ctx) @@ -34,6 +35,9 @@ func Merge(ctx context.Context, configurations map[string]*dynamic.Configuration Routers: make(map[string]*dynamic.UDPRouter), Services: make(map[string]*dynamic.UDPService), }, + TLS: &dynamic.TLSConfiguration{ + Stores: make(map[string]tls.Store), + }, } servicesToDelete := map[string]struct{}{} @@ -63,6 +67,9 @@ func Merge(ctx context.Context, configurations map[string]*dynamic.Configuration transportsToDelete := map[string]struct{}{} transports := map[string][]string{} + storesToDelete := map[string]struct{}{} + stores := map[string][]string{} + var sortedKeys []string for key := range configurations { sortedKeys = append(sortedKeys, key) @@ -133,6 +140,13 @@ func Merge(ctx context.Context, configurations map[string]*dynamic.Configuration middlewaresTCPToDelete[middlewareName] = struct{}{} } } + + for storeName, store := range conf.TLS.Stores { + stores[storeName] = append(stores[storeName], root) + if !AddStore(configuration.TLS, storeName, store) { + storesToDelete[storeName] = struct{}{} + } + } } for serviceName := range servicesToDelete { @@ -189,10 +203,16 @@ func Merge(ctx context.Context, configurations map[string]*dynamic.Configuration delete(configuration.TCP.Middlewares, middlewareName) } + for storeName := range storesToDelete { + logger.WithField("storeName", storeName). + Errorf("TLS store defined multiple times with different configurations in %v", stores[storeName]) + delete(configuration.TLS.Stores, storeName) + } + return configuration } -// AddServiceTCP Adds a service to a configurations. +// AddServiceTCP adds a service to a configurations. func AddServiceTCP(configuration *dynamic.TCPConfiguration, serviceName string, service *dynamic.TCPService) bool { if _, ok := configuration.Services[serviceName]; !ok { configuration.Services[serviceName] = service @@ -217,7 +237,7 @@ func AddServiceTCP(configuration *dynamic.TCPConfiguration, serviceName string, return true } -// AddRouterTCP Adds a router to a configurations. +// AddRouterTCP adds a router to a configurations. func AddRouterTCP(configuration *dynamic.TCPConfiguration, routerName string, router *dynamic.TCPRouter) bool { if _, ok := configuration.Routers[routerName]; !ok { configuration.Routers[routerName] = router @@ -227,7 +247,7 @@ func AddRouterTCP(configuration *dynamic.TCPConfiguration, routerName string, ro return reflect.DeepEqual(configuration.Routers[routerName], router) } -// AddMiddlewareTCP Adds a middleware to a configurations. +// AddMiddlewareTCP adds a middleware to a configurations. func AddMiddlewareTCP(configuration *dynamic.TCPConfiguration, middlewareName string, middleware *dynamic.TCPMiddleware) bool { if _, ok := configuration.Middlewares[middlewareName]; !ok { configuration.Middlewares[middlewareName] = middleware @@ -272,7 +292,7 @@ func AddRouterUDP(configuration *dynamic.UDPConfiguration, routerName string, ro return reflect.DeepEqual(configuration.Routers[routerName], router) } -// AddService Adds a service to a configurations. +// AddService adds a service to a configurations. func AddService(configuration *dynamic.HTTPConfiguration, serviceName string, service *dynamic.Service) bool { if _, ok := configuration.Services[serviceName]; !ok { configuration.Services[serviceName] = service @@ -297,7 +317,7 @@ func AddService(configuration *dynamic.HTTPConfiguration, serviceName string, se return true } -// AddRouter Adds a router to a configurations. +// AddRouter adds a router to a configurations. func AddRouter(configuration *dynamic.HTTPConfiguration, routerName string, router *dynamic.Router) bool { if _, ok := configuration.Routers[routerName]; !ok { configuration.Routers[routerName] = router @@ -307,7 +327,7 @@ func AddRouter(configuration *dynamic.HTTPConfiguration, routerName string, rout return reflect.DeepEqual(configuration.Routers[routerName], router) } -// AddTransport Adds a transport to a configurations. +// AddTransport adds a transport to a configurations. func AddTransport(configuration *dynamic.HTTPConfiguration, transportName string, transport *dynamic.ServersTransport) bool { if _, ok := configuration.ServersTransports[transportName]; !ok { configuration.ServersTransports[transportName] = transport @@ -317,7 +337,7 @@ func AddTransport(configuration *dynamic.HTTPConfiguration, transportName string return reflect.DeepEqual(configuration.ServersTransports[transportName], transport) } -// AddMiddleware Adds a middleware to a configurations. +// AddMiddleware adds a middleware to a configurations. func AddMiddleware(configuration *dynamic.HTTPConfiguration, middlewareName string, middleware *dynamic.Middleware) bool { if _, ok := configuration.Middlewares[middlewareName]; !ok { configuration.Middlewares[middlewareName] = middleware @@ -327,7 +347,17 @@ func AddMiddleware(configuration *dynamic.HTTPConfiguration, middlewareName stri return reflect.DeepEqual(configuration.Middlewares[middlewareName], middleware) } -// MakeDefaultRuleTemplate Creates the default rule template. +// AddStore adds a middleware to a configurations. +func AddStore(configuration *dynamic.TLSConfiguration, storeName string, store tls.Store) bool { + if _, ok := configuration.Stores[storeName]; !ok { + configuration.Stores[storeName] = store + return true + } + + return reflect.DeepEqual(configuration.Stores[storeName], store) +} + +// MakeDefaultRuleTemplate creates the default rule template. func MakeDefaultRuleTemplate(defaultRule string, funcMap template.FuncMap) (*template.Template, error) { defaultFuncMap := sprig.TxtFuncMap() defaultFuncMap["normalize"] = Normalize @@ -339,7 +369,7 @@ func MakeDefaultRuleTemplate(defaultRule string, funcMap template.FuncMap) (*tem return template.New("defaultRule").Funcs(defaultFuncMap).Parse(defaultRule) } -// BuildTCPRouterConfiguration Builds a router configuration. +// BuildTCPRouterConfiguration builds a router configuration. func BuildTCPRouterConfiguration(ctx context.Context, configuration *dynamic.TCPConfiguration) { for routerName, router := range configuration.Routers { loggerRouter := log.FromContext(ctx).WithField(log.RouterName, routerName) @@ -364,7 +394,7 @@ func BuildTCPRouterConfiguration(ctx context.Context, configuration *dynamic.TCP } } -// BuildUDPRouterConfiguration Builds a router configuration. +// BuildUDPRouterConfiguration builds a router configuration. func BuildUDPRouterConfiguration(ctx context.Context, configuration *dynamic.UDPConfiguration) { for routerName, router := range configuration.Routers { loggerRouter := log.FromContext(ctx).WithField(log.RouterName, routerName) @@ -386,7 +416,7 @@ func BuildUDPRouterConfiguration(ctx context.Context, configuration *dynamic.UDP } } -// BuildRouterConfiguration Builds a router configuration. +// BuildRouterConfiguration builds a router configuration. func BuildRouterConfiguration(ctx context.Context, configuration *dynamic.HTTPConfiguration, defaultRouterName string, defaultRuleTpl *template.Template, model interface{}) { if len(configuration.Routers) == 0 { if len(configuration.Services) > 1 { @@ -433,7 +463,7 @@ func BuildRouterConfiguration(ctx context.Context, configuration *dynamic.HTTPCo } } -// Normalize Replace all special chars with `-`. +// Normalize replaces all special chars with `-`. func Normalize(name string) string { fargs := func(c rune) bool { return !unicode.IsLetter(c) && !unicode.IsNumber(c) diff --git a/pkg/provider/consulcatalog/config_test.go b/pkg/provider/consulcatalog/config_test.go index bb6f41846..9039f4697 100644 --- a/pkg/provider/consulcatalog/config_test.go +++ b/pkg/provider/consulcatalog/config_test.go @@ -10,6 +10,7 @@ import ( "github.com/stretchr/testify/require" "github.com/traefik/traefik/v2/pkg/config/dynamic" "github.com/traefik/traefik/v2/pkg/tls" + "github.com/traefik/traefik/v2/pkg/types" ) func Int(v int) *int { return &v } @@ -69,6 +70,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -120,6 +124,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -163,6 +170,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -206,6 +216,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -255,6 +268,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, } @@ -341,6 +357,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -411,6 +430,9 @@ func Test_buildConfiguration(t *testing.T) { }, }, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -498,6 +520,9 @@ func Test_buildConfiguration(t *testing.T) { }, }, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -570,6 +595,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -630,6 +658,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -687,6 +718,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -747,6 +781,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -796,6 +833,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -846,6 +886,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -894,6 +937,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -943,6 +989,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -998,6 +1047,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1045,6 +1097,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1103,6 +1158,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1165,6 +1223,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1220,6 +1281,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1287,6 +1351,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1348,6 +1415,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1425,6 +1495,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1482,6 +1555,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1553,6 +1629,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1616,6 +1695,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1665,6 +1747,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1715,6 +1800,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1769,6 +1857,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1799,6 +1890,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1830,6 +1924,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1861,6 +1958,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1892,6 +1992,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1925,6 +2028,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1975,6 +2081,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2035,6 +2144,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2092,6 +2204,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2142,6 +2257,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2189,6 +2307,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2232,6 +2353,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2285,6 +2409,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2333,6 +2460,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2421,6 +2551,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2505,6 +2638,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2548,6 +2684,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2590,6 +2729,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2634,6 +2776,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2733,6 +2878,9 @@ func Test_buildConfiguration(t *testing.T) { }, }, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2809,6 +2957,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2883,6 +3034,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2934,6 +3088,74 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, + }, + }, + { + desc: "one container with default generated certificate labels", + items: []itemData{ + { + ID: "Test", + Node: "Node1", + Name: "dev/Test", + Labels: map[string]string{ + "traefik.tls.stores.default.defaultgeneratedcert.resolver": "foobar", + "traefik.tls.stores.default.defaultgeneratedcert.domain.main": "foobar", + "traefik.tls.stores.default.defaultgeneratedcert.domain.sans": "foobar, fiibar", + }, + Address: "127.0.0.1", + Port: "80", + Status: api.HealthPassing, + }, + }, + expected: &dynamic.Configuration{ + TCP: &dynamic.TCPConfiguration{ + Routers: map[string]*dynamic.TCPRouter{}, + Middlewares: map[string]*dynamic.TCPMiddleware{}, + Services: map[string]*dynamic.TCPService{}, + }, + UDP: &dynamic.UDPConfiguration{ + Routers: map[string]*dynamic.UDPRouter{}, + Services: map[string]*dynamic.UDPService{}, + }, + HTTP: &dynamic.HTTPConfiguration{ + Routers: map[string]*dynamic.Router{ + "dev-Test": { + Service: "dev-Test", + Rule: "Host(`dev-Test.traefik.wtf`)", + DefaultRule: true, + }, + }, + Middlewares: map[string]*dynamic.Middleware{}, + Services: map[string]*dynamic.Service{ + "dev-Test": { + LoadBalancer: &dynamic.ServersLoadBalancer{ + Servers: []dynamic.Server{ + { + URL: "http://127.0.0.1:80", + }, + }, + PassHostHeader: Bool(true), + }, + }, + }, + ServersTransports: map[string]*dynamic.ServersTransport{}, + }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{ + "default": { + DefaultGeneratedCert: &tls.GeneratedCert{ + Resolver: "foobar", + Domain: &types.Domain{ + Main: "foobar", + SANs: []string{"foobar", "fiibar"}, + }, + }, + }, + }, + }, }, }, } diff --git a/pkg/provider/docker/config_test.go b/pkg/provider/docker/config_test.go index a8fd786e1..0b835c6c4 100644 --- a/pkg/provider/docker/config_test.go +++ b/pkg/provider/docker/config_test.go @@ -11,6 +11,8 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/traefik/traefik/v2/pkg/config/dynamic" + "github.com/traefik/traefik/v2/pkg/tls" + "github.com/traefik/traefik/v2/pkg/types" ) func TestDefaultRule(t *testing.T) { @@ -74,6 +76,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -130,6 +135,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -188,6 +196,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -238,6 +249,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -288,6 +302,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -344,6 +361,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, } @@ -421,6 +441,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -461,6 +484,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -501,6 +527,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -556,6 +585,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -642,6 +674,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -718,6 +753,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -775,6 +813,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -833,6 +874,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -889,6 +933,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -946,6 +993,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1009,6 +1059,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1066,6 +1119,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1132,6 +1188,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1217,6 +1276,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1297,6 +1359,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1360,6 +1425,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1446,6 +1514,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1526,6 +1597,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1628,6 +1702,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1702,6 +1779,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1798,6 +1878,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1877,6 +1960,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1956,6 +2042,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2013,6 +2102,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2071,6 +2163,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2133,6 +2228,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2169,6 +2267,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2207,6 +2308,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2247,6 +2351,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2274,6 +2381,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2314,6 +2424,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2344,6 +2457,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2386,6 +2502,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2416,6 +2535,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2455,6 +2577,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2496,6 +2621,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2554,6 +2682,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2622,6 +2753,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2687,6 +2821,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2745,6 +2882,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2800,6 +2940,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2851,6 +2994,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2912,6 +3058,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2968,6 +3117,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -3069,6 +3221,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -3119,6 +3274,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -3171,6 +3329,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -3236,6 +3397,88 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, + }, + }, + { + desc: "one container with default generated certificate labels", + containers: []dockerData{ + { + ServiceName: "Test", + Name: "Test", + Labels: map[string]string{ + "traefik.tls.stores.default.defaultgeneratedcert.resolver": "foobar", + "traefik.tls.stores.default.defaultgeneratedcert.domain.main": "foobar", + "traefik.tls.stores.default.defaultgeneratedcert.domain.sans": "foobar, fiibar", + }, + NetworkSettings: networkSettings{ + Ports: nat.PortMap{ + nat.Port("79/tcp"): []nat.PortBinding{{ + HostIP: "192.168.0.1", + HostPort: "8080", + }}, + nat.Port("80/tcp"): []nat.PortBinding{{ + HostIP: "192.168.0.1", + HostPort: "8081", + }}, + }, + Networks: map[string]*networkData{ + "bridge": { + Name: "bridge", + Addr: "127.0.0.1", + }, + }, + }, + }, + }, + expected: &dynamic.Configuration{ + HTTP: &dynamic.HTTPConfiguration{ + Routers: map[string]*dynamic.Router{ + "Test": { + Service: "Test", + Rule: "Host(`Test.traefik.wtf`)", + DefaultRule: true, + }, + }, + Middlewares: map[string]*dynamic.Middleware{}, + Services: map[string]*dynamic.Service{ + "Test": { + LoadBalancer: &dynamic.ServersLoadBalancer{ + Servers: []dynamic.Server{ + { + URL: "http://127.0.0.1:79", + }, + }, + PassHostHeader: Bool(true), + }, + }, + }, + ServersTransports: map[string]*dynamic.ServersTransport{}, + }, + TCP: &dynamic.TCPConfiguration{ + Routers: map[string]*dynamic.TCPRouter{}, + Middlewares: map[string]*dynamic.TCPMiddleware{}, + Services: map[string]*dynamic.TCPService{}, + }, + UDP: &dynamic.UDPConfiguration{ + Routers: map[string]*dynamic.UDPRouter{}, + Services: map[string]*dynamic.UDPService{}, + }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{ + "default": { + DefaultGeneratedCert: &tls.GeneratedCert{ + Resolver: "foobar", + Domain: &types.Domain{ + Main: "foobar", + SANs: []string{"foobar", "fiibar"}, + }, + }, + }, + }, + }, }, }, } diff --git a/pkg/provider/ecs/config_test.go b/pkg/provider/ecs/config_test.go index e6a190213..f00506094 100644 --- a/pkg/provider/ecs/config_test.go +++ b/pkg/provider/ecs/config_test.go @@ -8,6 +8,8 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/traefik/traefik/v2/pkg/config/dynamic" + "github.com/traefik/traefik/v2/pkg/tls" + "github.com/traefik/traefik/v2/pkg/types" ) func Int(v int) *int { return &v } @@ -70,6 +72,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -121,6 +126,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -174,6 +182,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -219,6 +230,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -264,6 +278,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -315,6 +332,9 @@ func TestDefaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, } @@ -386,6 +406,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -421,6 +444,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -456,6 +482,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -506,6 +535,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -582,6 +614,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -648,6 +683,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -700,6 +738,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -753,6 +794,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -804,6 +848,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -856,6 +903,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -914,6 +964,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -966,6 +1019,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1022,6 +1078,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1092,6 +1151,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1162,6 +1224,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1220,6 +1285,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1296,6 +1364,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1366,6 +1437,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1453,6 +1527,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1517,6 +1594,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1598,6 +1678,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1668,6 +1751,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1737,6 +1823,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1789,6 +1878,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1842,6 +1934,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1895,6 +1990,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1966,6 +2064,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2023,6 +2124,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2054,6 +2158,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2087,6 +2194,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2122,6 +2232,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2158,6 +2271,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2193,6 +2309,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2229,6 +2348,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2282,6 +2404,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2345,6 +2470,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2405,6 +2533,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2458,6 +2589,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2508,6 +2642,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2554,6 +2691,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2610,6 +2750,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2661,6 +2804,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2752,6 +2898,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2797,6 +2946,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2844,6 +2996,76 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, + }, + }, + { + desc: "one container with default generated certificate", + containers: []ecsInstance{ + instance( + name("Test"), + labels(map[string]string{ + "traefik.tls.stores.default.defaultgeneratedcert.resolver": "foobar", + "traefik.tls.stores.default.defaultgeneratedcert.domain.main": "foobar", + "traefik.tls.stores.default.defaultgeneratedcert.domain.sans": "foobar, fiibar", + }), + iMachine( + mState(ec2.InstanceStateNameRunning), + mPrivateIP("127.0.0.1"), + mPorts( + mPort(0, 80, "tcp"), + ), + ), + ), + }, + expected: &dynamic.Configuration{ + TCP: &dynamic.TCPConfiguration{ + Routers: map[string]*dynamic.TCPRouter{}, + Middlewares: map[string]*dynamic.TCPMiddleware{}, + Services: map[string]*dynamic.TCPService{}, + }, + UDP: &dynamic.UDPConfiguration{ + Routers: map[string]*dynamic.UDPRouter{}, + Services: map[string]*dynamic.UDPService{}, + }, + HTTP: &dynamic.HTTPConfiguration{ + Routers: map[string]*dynamic.Router{ + "Test": { + Service: "Test", + Rule: "Host(`Test.traefik.wtf`)", + DefaultRule: true, + }, + }, + Middlewares: map[string]*dynamic.Middleware{}, + Services: map[string]*dynamic.Service{ + "Test": { + LoadBalancer: &dynamic.ServersLoadBalancer{ + Servers: []dynamic.Server{ + { + URL: "http://127.0.0.1:80", + }, + }, + PassHostHeader: Bool(true), + }, + }, + }, + ServersTransports: map[string]*dynamic.ServersTransport{}, + }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{ + "default": { + DefaultGeneratedCert: &tls.GeneratedCert{ + Resolver: "foobar", + Domain: &types.Domain{ + Main: "foobar", + SANs: []string{"foobar", "fiibar"}, + }, + }, + }, + }, + }, }, }, } diff --git a/pkg/provider/marathon/config_test.go b/pkg/provider/marathon/config_test.go index 8bab4768e..6e78830c5 100644 --- a/pkg/provider/marathon/config_test.go +++ b/pkg/provider/marathon/config_test.go @@ -9,6 +9,8 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/traefik/traefik/v2/pkg/config/dynamic" + "github.com/traefik/traefik/v2/pkg/tls" + "github.com/traefik/traefik/v2/pkg/types" ) func Int(v int) *int { return &v } @@ -76,6 +78,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -102,6 +107,9 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -143,6 +151,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -196,6 +207,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -249,6 +263,9 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -302,6 +319,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -363,6 +383,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -421,6 +444,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -467,6 +493,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -509,6 +538,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -554,6 +586,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -597,6 +632,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -641,6 +679,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -691,6 +732,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -735,6 +779,9 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -806,6 +853,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -871,6 +921,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -925,6 +978,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -976,6 +1032,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1030,6 +1089,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1074,6 +1136,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1119,6 +1184,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1168,6 +1236,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1194,6 +1265,9 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1221,32 +1295,8 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, - }, - }, - { - desc: "one app with traefik.enable=false", - applications: withApplications( - application( - appID("/app"), - appPorts(80, 81), - withTasks(localhostTask()), - withLabel("traefik.enable", "false"), - )), - expected: &dynamic.Configuration{ - TCP: &dynamic.TCPConfiguration{ - Routers: map[string]*dynamic.TCPRouter{}, - Middlewares: map[string]*dynamic.TCPMiddleware{}, - Services: map[string]*dynamic.TCPService{}, - }, - UDP: &dynamic.UDPConfiguration{ - Routers: map[string]*dynamic.UDPRouter{}, - Services: map[string]*dynamic.UDPService{}, - }, - HTTP: &dynamic.HTTPConfiguration{ - Routers: map[string]*dynamic.Router{}, - Middlewares: map[string]*dynamic.Middleware{}, - Services: map[string]*dynamic.Service{}, - ServersTransports: map[string]*dynamic.ServersTransport{}, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, }, }, }, @@ -1275,6 +1325,39 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, + }, + }, + { + desc: "one app with traefik.enable=false", + applications: withApplications( + application( + appID("/app"), + appPorts(80, 81), + withTasks(localhostTask()), + withLabel("traefik.enable", "false"), + )), + expected: &dynamic.Configuration{ + TCP: &dynamic.TCPConfiguration{ + Routers: map[string]*dynamic.TCPRouter{}, + Middlewares: map[string]*dynamic.TCPMiddleware{}, + Services: map[string]*dynamic.TCPService{}, + }, + UDP: &dynamic.UDPConfiguration{ + Routers: map[string]*dynamic.UDPRouter{}, + Services: map[string]*dynamic.UDPService{}, + }, + HTTP: &dynamic.HTTPConfiguration{ + Routers: map[string]*dynamic.Router{}, + Middlewares: map[string]*dynamic.Middleware{}, + Services: map[string]*dynamic.Service{}, + ServersTransports: map[string]*dynamic.ServersTransport{}, + }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1303,6 +1386,9 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1331,6 +1417,9 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1376,6 +1465,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1421,6 +1513,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1465,6 +1560,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1510,6 +1608,9 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1552,6 +1653,9 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1590,6 +1694,9 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1636,6 +1743,9 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1679,6 +1789,9 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1726,6 +1839,9 @@ func TestBuildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1790,6 +1906,9 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1851,6 +1970,66 @@ func TestBuildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, + }, + }, + { + desc: "simple application with default generated certificate labels", + applications: withApplications( + application( + appID("/app"), + appPorts(80), + withTasks(localhostTask(taskPorts(80))), + withLabel("traefik.tls.stores.default.defaultgeneratedcert.resolver", "foobar"), + withLabel("traefik.tls.stores.default.defaultgeneratedcert.domain.main", "foobar"), + withLabel("traefik.tls.stores.default.defaultgeneratedcert.domain.sans", "foobar, fiibar"), + )), + expected: &dynamic.Configuration{ + TCP: &dynamic.TCPConfiguration{ + Routers: map[string]*dynamic.TCPRouter{}, + Middlewares: map[string]*dynamic.TCPMiddleware{}, + Services: map[string]*dynamic.TCPService{}, + }, + UDP: &dynamic.UDPConfiguration{ + Routers: map[string]*dynamic.UDPRouter{}, + Services: map[string]*dynamic.UDPService{}, + }, + HTTP: &dynamic.HTTPConfiguration{ + Routers: map[string]*dynamic.Router{ + "app": { + Service: "app", + Rule: "Host(`app.marathon.localhost`)", + DefaultRule: true, + }, + }, + Middlewares: map[string]*dynamic.Middleware{}, + Services: map[string]*dynamic.Service{ + "app": {LoadBalancer: &dynamic.ServersLoadBalancer{ + Servers: []dynamic.Server{ + { + URL: "http://localhost:80", + }, + }, + PassHostHeader: Bool(true), + }}, + }, + ServersTransports: map[string]*dynamic.ServersTransport{}, + }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{ + "default": { + DefaultGeneratedCert: &tls.GeneratedCert{ + Resolver: "foobar", + Domain: &types.Domain{ + Main: "foobar", + SANs: []string{"foobar", "fiibar"}, + }, + }, + }, + }, + }, }, }, } diff --git a/pkg/provider/nomad/config_test.go b/pkg/provider/nomad/config_test.go index c4047f924..9c964586b 100644 --- a/pkg/provider/nomad/config_test.go +++ b/pkg/provider/nomad/config_test.go @@ -7,6 +7,8 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/traefik/traefik/v2/pkg/config/dynamic" + "github.com/traefik/traefik/v2/pkg/tls" + "github.com/traefik/traefik/v2/pkg/types" ) func Test_defaultRule(t *testing.T) { @@ -62,6 +64,9 @@ func Test_defaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -113,6 +118,9 @@ func Test_defaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -155,6 +163,9 @@ func Test_defaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -203,6 +214,9 @@ func Test_defaultRule(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, } @@ -274,6 +288,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -344,6 +361,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -404,6 +424,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -461,6 +484,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -521,6 +547,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -570,6 +599,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -620,6 +652,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -668,6 +703,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -717,6 +755,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -772,6 +813,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -820,6 +864,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -878,6 +925,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -940,6 +990,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -995,6 +1048,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1063,6 +1119,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1125,6 +1184,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1181,6 +1243,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1242,6 +1307,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1291,6 +1359,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1341,6 +1412,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1395,6 +1469,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1425,6 +1502,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1456,6 +1536,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1488,6 +1571,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1521,6 +1607,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1571,6 +1660,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1631,6 +1723,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1688,6 +1783,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1738,6 +1836,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1785,6 +1886,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1828,6 +1932,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1881,6 +1988,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1929,6 +2039,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2017,6 +2130,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2101,6 +2217,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2144,6 +2263,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2186,6 +2308,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2230,6 +2355,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2311,6 +2439,9 @@ func Test_buildConfig(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2389,6 +2520,9 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -2465,6 +2599,74 @@ func Test_buildConfig(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, + }, + }, + { + desc: "one service with default generated certificate tags", + items: []item{ + { + ID: "id", + Node: "Node1", + Name: "dev/Test", + Address: "127.0.0.1", + Port: 9999, + ExtraConf: configuration{Enable: true}, + Tags: []string{ + "traefik.tls.stores.default.defaultgeneratedcert.resolver = foobar", + "traefik.tls.stores.default.defaultgeneratedcert.domain.main = foobar", + "traefik.tls.stores.default.defaultgeneratedcert.domain.sans = foobar, fiibar", + }, + }, + }, + expected: &dynamic.Configuration{ + TCP: &dynamic.TCPConfiguration{ + Routers: map[string]*dynamic.TCPRouter{}, + Middlewares: map[string]*dynamic.TCPMiddleware{}, + Services: map[string]*dynamic.TCPService{}, + }, + UDP: &dynamic.UDPConfiguration{ + Routers: map[string]*dynamic.UDPRouter{}, + Services: map[string]*dynamic.UDPService{}, + }, + HTTP: &dynamic.HTTPConfiguration{ + Routers: map[string]*dynamic.Router{ + "dev-Test": { + Service: "dev-Test", + Rule: "Host(`dev-Test.traefik.test`)", + DefaultRule: true, + }, + }, + Middlewares: map[string]*dynamic.Middleware{}, + Services: map[string]*dynamic.Service{ + "dev-Test": { + LoadBalancer: &dynamic.ServersLoadBalancer{ + Servers: []dynamic.Server{ + { + URL: "http://127.0.0.1:9999", + }, + }, + PassHostHeader: Bool(true), + }, + }, + }, + ServersTransports: map[string]*dynamic.ServersTransport{}, + }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{ + "default": { + DefaultGeneratedCert: &tls.GeneratedCert{ + Resolver: "foobar", + Domain: &types.Domain{ + Main: "foobar", + SANs: []string{"foobar", "fiibar"}, + }, + }, + }, + }, + }, }, }, } diff --git a/pkg/provider/rancher/config_test.go b/pkg/provider/rancher/config_test.go index 0db7b955b..dbed070c9 100644 --- a/pkg/provider/rancher/config_test.go +++ b/pkg/provider/rancher/config_test.go @@ -7,6 +7,8 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/traefik/traefik/v2/pkg/config/dynamic" + "github.com/traefik/traefik/v2/pkg/tls" + "github.com/traefik/traefik/v2/pkg/types" ) func Int(v int) *int { return &v } @@ -64,6 +66,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -134,6 +139,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -207,6 +215,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -257,6 +268,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -286,6 +300,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -315,6 +332,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -363,6 +383,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -396,6 +419,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -446,6 +472,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -506,6 +535,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -563,6 +595,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -612,6 +647,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -662,6 +700,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -709,6 +750,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -752,6 +796,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -801,6 +848,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -849,6 +899,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -924,6 +977,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -996,6 +1052,9 @@ func Test_buildConfiguration(t *testing.T) { }, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1039,6 +1098,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1081,6 +1143,9 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, }, }, { @@ -1125,6 +1190,73 @@ func Test_buildConfiguration(t *testing.T) { Services: map[string]*dynamic.Service{}, ServersTransports: map[string]*dynamic.ServersTransport{}, }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{}, + }, + }, + }, + { + desc: "one service with default generated certificate labels", + containers: []rancherData{ + { + Name: "Test", + Labels: map[string]string{ + "traefik.tls.stores.default.defaultgeneratedcert.resolver": "foobar", + "traefik.tls.stores.default.defaultgeneratedcert.domain.main": "foobar", + "traefik.tls.stores.default.defaultgeneratedcert.domain.sans": "foobar, fiibar", + }, + Port: "80/tcp", + Containers: []string{"127.0.0.1"}, + Health: "", + State: "", + }, + }, + expected: &dynamic.Configuration{ + TCP: &dynamic.TCPConfiguration{ + Routers: map[string]*dynamic.TCPRouter{}, + Middlewares: map[string]*dynamic.TCPMiddleware{}, + Services: map[string]*dynamic.TCPService{}, + }, + UDP: &dynamic.UDPConfiguration{ + Routers: map[string]*dynamic.UDPRouter{}, + Services: map[string]*dynamic.UDPService{}, + }, + HTTP: &dynamic.HTTPConfiguration{ + Routers: map[string]*dynamic.Router{ + "Test": { + Service: "Test", + Rule: "Host(`Test.traefik.wtf`)", + DefaultRule: true, + }, + }, + Middlewares: map[string]*dynamic.Middleware{}, + Services: map[string]*dynamic.Service{ + "Test": { + LoadBalancer: &dynamic.ServersLoadBalancer{ + Servers: []dynamic.Server{ + { + URL: "http://127.0.0.1:80", + }, + }, + PassHostHeader: Bool(true), + }, + }, + }, + ServersTransports: map[string]*dynamic.ServersTransport{}, + }, + TLS: &dynamic.TLSConfiguration{ + Stores: map[string]tls.Store{ + "default": { + DefaultGeneratedCert: &tls.GeneratedCert{ + Resolver: "foobar", + Domain: &types.Domain{ + Main: "foobar", + SANs: []string{"foobar", "fiibar"}, + }, + }, + }, + }, + }, }, }, } diff --git a/pkg/tls/tls.go b/pkg/tls/tls.go index 85bbeada1..bacc3e337 100644 --- a/pkg/tls/tls.go +++ b/pkg/tls/tls.go @@ -38,7 +38,7 @@ func (o *Options) SetDefaults() { // Store holds the options for a given Store. type Store struct { - DefaultCertificate *Certificate `json:"defaultCertificate,omitempty" toml:"defaultCertificate,omitempty" yaml:"defaultCertificate,omitempty" export:"true"` + DefaultCertificate *Certificate `json:"defaultCertificate,omitempty" toml:"defaultCertificate,omitempty" yaml:"defaultCertificate,omitempty" label:"-" export:"true"` DefaultGeneratedCert *GeneratedCert `json:"defaultGeneratedCert,omitempty" toml:"defaultGeneratedCert,omitempty" yaml:"defaultGeneratedCert,omitempty" export:"true"` }