Not allow ACME provider initialization if storage is empty
This commit is contained in:
parent
157580c232
commit
a777c3553c
3 changed files with 66 additions and 7 deletions
|
@ -187,11 +187,13 @@ func runCmd(globalConfiguration *configuration.GlobalConfiguration, configFile s
|
||||||
|
|
||||||
providerAggregator := configuration.NewProviderAggregator(globalConfiguration)
|
providerAggregator := configuration.NewProviderAggregator(globalConfiguration)
|
||||||
|
|
||||||
acmeprovider := globalConfiguration.InitACMEProvider()
|
acmeprovider, err := globalConfiguration.InitACMEProvider()
|
||||||
if acmeprovider != nil {
|
|
||||||
err := providerAggregator.AddProvider(acmeprovider)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Errorf("Error initializing provider ACME: %v", err)
|
log.Errorf("Unable to initialize ACME provider: %v", err)
|
||||||
|
} else if acmeprovider != nil {
|
||||||
|
err = providerAggregator.AddProvider(acmeprovider)
|
||||||
|
if err != nil {
|
||||||
|
log.Errorf("Unable to add ACME provider to the providers list: %v", err)
|
||||||
acmeprovider = nil
|
acmeprovider = nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -33,6 +33,7 @@ import (
|
||||||
"github.com/containous/traefik/provider/zk"
|
"github.com/containous/traefik/provider/zk"
|
||||||
"github.com/containous/traefik/tls"
|
"github.com/containous/traefik/tls"
|
||||||
"github.com/containous/traefik/types"
|
"github.com/containous/traefik/types"
|
||||||
|
"github.com/pkg/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -419,8 +420,13 @@ func (gc *GlobalConfiguration) initACMEProvider() {
|
||||||
}
|
}
|
||||||
|
|
||||||
// InitACMEProvider create an acme provider from the ACME part of globalConfiguration
|
// InitACMEProvider create an acme provider from the ACME part of globalConfiguration
|
||||||
func (gc *GlobalConfiguration) InitACMEProvider() *acmeprovider.Provider {
|
func (gc *GlobalConfiguration) InitACMEProvider() (*acmeprovider.Provider, error) {
|
||||||
if gc.ACME != nil {
|
if gc.ACME != nil {
|
||||||
|
if len(gc.ACME.Storage) == 0 {
|
||||||
|
// Delete the ACME configuration to avoid starting ACME in cluster mode
|
||||||
|
gc.ACME = nil
|
||||||
|
return nil, errors.New("unable to initialize ACME provider with no storage location for the certificates")
|
||||||
|
}
|
||||||
// TODO: Remove when Provider ACME will replace totally ACME
|
// TODO: Remove when Provider ACME will replace totally ACME
|
||||||
// If provider file, use Provider ACME instead of ACME
|
// If provider file, use Provider ACME instead of ACME
|
||||||
if gc.Cluster == nil {
|
if gc.Cluster == nil {
|
||||||
|
@ -444,10 +450,10 @@ func (gc *GlobalConfiguration) InitACMEProvider() *acmeprovider.Provider {
|
||||||
provider.Store = store
|
provider.Store = store
|
||||||
acme.ConvertToNewFormat(provider.Storage)
|
acme.ConvertToNewFormat(provider.Storage)
|
||||||
gc.ACME = nil
|
gc.ACME = nil
|
||||||
return provider
|
return provider, nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func getSafeACMECAServer(caServerSrc string) string {
|
func getSafeACMECAServer(caServerSrc string) string {
|
||||||
|
|
|
@ -5,10 +5,12 @@ import (
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/containous/flaeg"
|
"github.com/containous/flaeg"
|
||||||
|
"github.com/containous/traefik/acme"
|
||||||
"github.com/containous/traefik/middlewares/tracing"
|
"github.com/containous/traefik/middlewares/tracing"
|
||||||
"github.com/containous/traefik/middlewares/tracing/jaeger"
|
"github.com/containous/traefik/middlewares/tracing/jaeger"
|
||||||
"github.com/containous/traefik/middlewares/tracing/zipkin"
|
"github.com/containous/traefik/middlewares/tracing/zipkin"
|
||||||
"github.com/containous/traefik/provider"
|
"github.com/containous/traefik/provider"
|
||||||
|
acmeprovider "github.com/containous/traefik/provider/acme"
|
||||||
"github.com/containous/traefik/provider/file"
|
"github.com/containous/traefik/provider/file"
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
)
|
)
|
||||||
|
@ -215,3 +217,52 @@ func TestSetEffectiveConfigurationTracing(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestInitACMEProvider(t *testing.T) {
|
||||||
|
testCases := []struct {
|
||||||
|
desc string
|
||||||
|
acmeConfiguration *acme.ACME
|
||||||
|
expectedConfiguration *acmeprovider.Provider
|
||||||
|
noError bool
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
desc: "No ACME configuration",
|
||||||
|
acmeConfiguration: nil,
|
||||||
|
expectedConfiguration: nil,
|
||||||
|
noError: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "ACME configuration with storage",
|
||||||
|
acmeConfiguration: &acme.ACME{Storage: "foo/acme.json"},
|
||||||
|
expectedConfiguration: &acmeprovider.Provider{Configuration: &acmeprovider.Configuration{Storage: "foo/acme.json"}},
|
||||||
|
noError: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "ACME configuration with no storage",
|
||||||
|
acmeConfiguration: &acme.ACME{},
|
||||||
|
expectedConfiguration: nil,
|
||||||
|
noError: false,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, test := range testCases {
|
||||||
|
test := test
|
||||||
|
t.Run(test.desc, func(t *testing.T) {
|
||||||
|
t.Parallel()
|
||||||
|
|
||||||
|
gc := &GlobalConfiguration{
|
||||||
|
ACME: test.acmeConfiguration,
|
||||||
|
}
|
||||||
|
|
||||||
|
configuration, err := gc.InitACMEProvider()
|
||||||
|
|
||||||
|
assert.True(t, (err == nil) == test.noError)
|
||||||
|
|
||||||
|
if test.expectedConfiguration == nil {
|
||||||
|
assert.Nil(t, configuration)
|
||||||
|
} else {
|
||||||
|
assert.Equal(t, test.expectedConfiguration.Storage, configuration.Storage)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue