fix: TLS configuration from directory.
This commit is contained in:
parent
68c349bbfa
commit
4dc448056c
4 changed files with 47 additions and 13 deletions
|
@ -295,9 +295,31 @@ func (p *Provider) loadFileConfigFromDirectory(ctx context.Context, directory st
|
||||||
configTLSMaps[conf] = struct{}{}
|
configTLSMaps[conf] = struct{}{}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
for name, conf := range c.TLS.Options {
|
||||||
|
if _, exists := configuration.TLS.Options[name]; exists {
|
||||||
|
logger.Warnf("TLS options %v already configured, skipping", name)
|
||||||
|
} else {
|
||||||
|
if configuration.TLS.Options == nil {
|
||||||
|
configuration.TLS.Options = map[string]tls.Options{}
|
||||||
|
}
|
||||||
|
configuration.TLS.Options[name] = conf
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
for name, conf := range c.TLS.Stores {
|
||||||
|
if _, exists := configuration.TLS.Stores[name]; exists {
|
||||||
|
logger.Warnf("TLS store %v already configured, skipping", name)
|
||||||
|
} else {
|
||||||
|
if configuration.TLS.Stores == nil {
|
||||||
|
configuration.TLS.Stores = map[string]tls.Store{}
|
||||||
|
}
|
||||||
|
configuration.TLS.Stores[name] = conf
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(configTLSMaps) > 0 {
|
if len(configTLSMaps) > 0 && configuration.TLS == nil {
|
||||||
configuration.TLS = &dynamic.TLSConfiguration{}
|
configuration.TLS = &dynamic.TLSConfiguration{}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -17,12 +17,13 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
type ProvideTestCase struct {
|
type ProvideTestCase struct {
|
||||||
desc string
|
desc string
|
||||||
directoryPaths []string
|
directoryPaths []string
|
||||||
filePath string
|
filePath string
|
||||||
expectedNumRouter int
|
expectedNumRouter int
|
||||||
expectedNumService int
|
expectedNumService int
|
||||||
expectedNumTLSConf int
|
expectedNumTLSConf int
|
||||||
|
expectedNumTLSOptions int
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestTLSContent(t *testing.T) {
|
func TestTLSContent(t *testing.T) {
|
||||||
|
@ -94,6 +95,7 @@ func TestProvideWithoutWatch(t *testing.T) {
|
||||||
assert.Len(t, conf.Configuration.HTTP.Routers, test.expectedNumRouter)
|
assert.Len(t, conf.Configuration.HTTP.Routers, test.expectedNumRouter)
|
||||||
require.NotNil(t, conf.Configuration.TLS)
|
require.NotNil(t, conf.Configuration.TLS)
|
||||||
assert.Len(t, conf.Configuration.TLS.Certificates, test.expectedNumTLSConf)
|
assert.Len(t, conf.Configuration.TLS.Certificates, test.expectedNumTLSConf)
|
||||||
|
assert.Len(t, conf.Configuration.TLS.Options, test.expectedNumTLSOptions)
|
||||||
case <-timeout:
|
case <-timeout:
|
||||||
t.Errorf("timeout while waiting for config")
|
t.Errorf("timeout while waiting for config")
|
||||||
}
|
}
|
||||||
|
@ -192,9 +194,10 @@ func getTestCases() []ProvideTestCase {
|
||||||
"./fixtures/toml/dir01_file02.toml",
|
"./fixtures/toml/dir01_file02.toml",
|
||||||
"./fixtures/toml/dir01_file03.toml",
|
"./fixtures/toml/dir01_file03.toml",
|
||||||
},
|
},
|
||||||
expectedNumRouter: 2,
|
expectedNumRouter: 2,
|
||||||
expectedNumService: 3,
|
expectedNumService: 3,
|
||||||
expectedNumTLSConf: 4,
|
expectedNumTLSConf: 4,
|
||||||
|
expectedNumTLSOptions: 1,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
desc: "simple directory yaml",
|
desc: "simple directory yaml",
|
||||||
|
@ -203,9 +206,10 @@ func getTestCases() []ProvideTestCase {
|
||||||
"./fixtures/yaml/dir01_file02.yml",
|
"./fixtures/yaml/dir01_file02.yml",
|
||||||
"./fixtures/yaml/dir01_file03.yml",
|
"./fixtures/yaml/dir01_file03.yml",
|
||||||
},
|
},
|
||||||
expectedNumRouter: 2,
|
expectedNumRouter: 2,
|
||||||
expectedNumService: 3,
|
expectedNumService: 3,
|
||||||
expectedNumTLSConf: 4,
|
expectedNumTLSConf: 4,
|
||||||
|
expectedNumTLSOptions: 1,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
desc: "template in directory",
|
desc: "template in directory",
|
||||||
|
|
|
@ -15,3 +15,7 @@
|
||||||
[[tls.certificates]]
|
[[tls.certificates]]
|
||||||
certFile = "integration/fixtures/https/snitest4.com.cert"
|
certFile = "integration/fixtures/https/snitest4.com.cert"
|
||||||
keyFile = "integration/fixtures/https/snitest4.com.key"
|
keyFile = "integration/fixtures/https/snitest4.com.key"
|
||||||
|
|
||||||
|
[tls.options]
|
||||||
|
[tls.options.mintls13]
|
||||||
|
minVersion = "VersionTLS13"
|
||||||
|
|
|
@ -8,3 +8,7 @@ tls:
|
||||||
keyFile: integration/fixtures/https/snitest3.com.key
|
keyFile: integration/fixtures/https/snitest3.com.key
|
||||||
- certFile: integration/fixtures/https/snitest4.com.cert
|
- certFile: integration/fixtures/https/snitest4.com.cert
|
||||||
keyFile: integration/fixtures/https/snitest4.com.key
|
keyFile: integration/fixtures/https/snitest4.com.key
|
||||||
|
|
||||||
|
options:
|
||||||
|
mintls13:
|
||||||
|
minVersion: VersionTLS13
|
||||||
|
|
Loading…
Reference in a new issue