Add config option to enable (m)TLS between Poseidon and Nomad
This commit is contained in:

committed by
Jan-Eric Hellenberg

parent
e2d71a11ad
commit
6a60b6cd89
@ -19,19 +19,26 @@ import (
|
||||
var (
|
||||
Config = &configuration{
|
||||
Server: server{
|
||||
Address: "127.0.0.1",
|
||||
Port: 7200,
|
||||
Token: "",
|
||||
TLS: false,
|
||||
CertFile: "",
|
||||
KeyFile: "",
|
||||
Address: "127.0.0.1",
|
||||
Port: 7200,
|
||||
Token: "",
|
||||
TLS: TLS{
|
||||
Active: false,
|
||||
CertFile: "",
|
||||
KeyFile: "",
|
||||
},
|
||||
InteractiveStderr: true,
|
||||
},
|
||||
Nomad: nomad{
|
||||
Address: "127.0.0.1",
|
||||
Port: 4646,
|
||||
Token: "",
|
||||
TLS: false,
|
||||
Nomad: Nomad{
|
||||
Address: "127.0.0.1",
|
||||
Port: 4646,
|
||||
Token: "",
|
||||
TLS: TLS{
|
||||
Active: false,
|
||||
CAFile: "",
|
||||
CertFile: "",
|
||||
KeyFile: "",
|
||||
},
|
||||
Namespace: "default",
|
||||
},
|
||||
Logger: logger{
|
||||
@ -54,21 +61,37 @@ type server struct {
|
||||
Address string
|
||||
Port int
|
||||
Token string
|
||||
TLS bool
|
||||
CertFile string
|
||||
KeyFile string
|
||||
TLS TLS
|
||||
InteractiveStderr bool
|
||||
}
|
||||
|
||||
// nomad configures the used Nomad cluster.
|
||||
type nomad struct {
|
||||
// URL returns the URL of the Poseidon webserver.
|
||||
func (s *server) URL() *url.URL {
|
||||
return parseURL(s.Address, s.Port, s.TLS.Active)
|
||||
}
|
||||
|
||||
// Nomad configures the used Nomad cluster.
|
||||
type Nomad struct {
|
||||
Address string
|
||||
Port int
|
||||
Token string
|
||||
TLS bool
|
||||
TLS TLS
|
||||
Namespace string
|
||||
}
|
||||
|
||||
// URL returns the URL for the configured Nomad cluster.
|
||||
func (n *Nomad) URL() *url.URL {
|
||||
return parseURL(n.Address, n.Port, n.TLS.Active)
|
||||
}
|
||||
|
||||
// TLS configures TLS on a connection.
|
||||
type TLS struct {
|
||||
Active bool
|
||||
CAFile string
|
||||
CertFile string
|
||||
KeyFile string
|
||||
}
|
||||
|
||||
// logger configures the used logger.
|
||||
type logger struct {
|
||||
Level string
|
||||
@ -77,7 +100,7 @@ type logger struct {
|
||||
// configuration contains the complete configuration of Poseidon.
|
||||
type configuration struct {
|
||||
Server server
|
||||
Nomad nomad
|
||||
Nomad Nomad
|
||||
Logger logger
|
||||
}
|
||||
|
||||
@ -96,16 +119,6 @@ func InitConfig() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// NomadAPIURL returns the URL for the configured Nomad cluster.
|
||||
func (c *configuration) NomadAPIURL() *url.URL {
|
||||
return parseURL(Config.Nomad.Address, Config.Nomad.Port, Config.Nomad.TLS)
|
||||
}
|
||||
|
||||
// PoseidonAPIURL returns the URL of the Poseidon webserver.
|
||||
func (c *configuration) PoseidonAPIURL() *url.URL {
|
||||
return parseURL(Config.Server.Address, Config.Server.Port, false)
|
||||
}
|
||||
|
||||
func parseURL(address string, port int, tlsEnabled bool) *url.URL {
|
||||
scheme := "http"
|
||||
if tlsEnabled {
|
||||
|
@ -13,9 +13,9 @@ import (
|
||||
)
|
||||
|
||||
var (
|
||||
getServerPort = func(c *configuration) interface{} { return c.Server.Port }
|
||||
getNomadToken = func(c *configuration) interface{} { return c.Nomad.Token }
|
||||
getNomadTLS = func(c *configuration) interface{} { return c.Nomad.TLS }
|
||||
getServerPort = func(c *configuration) interface{} { return c.Server.Port }
|
||||
getNomadToken = func(c *configuration) interface{} { return c.Nomad.Token }
|
||||
getNomadTLSActive = func(c *configuration) interface{} { return c.Nomad.TLS.Active }
|
||||
)
|
||||
|
||||
func newTestConfiguration() *configuration {
|
||||
@ -24,11 +24,13 @@ func newTestConfiguration() *configuration {
|
||||
Address: "127.0.0.1",
|
||||
Port: 3000,
|
||||
},
|
||||
Nomad: nomad{
|
||||
Nomad: Nomad{
|
||||
Address: "127.0.0.2",
|
||||
Port: 4646,
|
||||
Token: "SECRET",
|
||||
TLS: false,
|
||||
TLS: TLS{
|
||||
Active: false,
|
||||
},
|
||||
},
|
||||
Logger: logger{
|
||||
Level: "INFO",
|
||||
@ -87,8 +89,8 @@ func TestReadEnvironmentVariables(t *testing.T) {
|
||||
{"SERVER_PORT", "4000", 4000, getServerPort},
|
||||
{"SERVER_PORT", "hello", 3000, getServerPort},
|
||||
{"NOMAD_TOKEN", "ACCESS", "ACCESS", getNomadToken},
|
||||
{"NOMAD_TLS", "true", true, getNomadTLS},
|
||||
{"NOMAD_TLS", "hello", false, getNomadTLS},
|
||||
{"NOMAD_TLS_ACTIVE", "true", true, getNomadTLSActive},
|
||||
{"NOMAD_TLS_ACTIVE", "hello", false, getNomadTLSActive},
|
||||
}
|
||||
prefix := "POSEIDON_TEST"
|
||||
for _, testCase := range environmentTests {
|
||||
@ -131,8 +133,8 @@ func TestReadYamlConfigFile(t *testing.T) {
|
||||
}{
|
||||
{[]byte("server:\n port: 5000\n"), 5000, getServerPort},
|
||||
{[]byte("nomad:\n token: ACCESS\n"), "ACCESS", getNomadToken},
|
||||
{[]byte("nomad:\n tls: true\n"), true, getNomadTLS},
|
||||
{[]byte(""), false, getNomadTLS},
|
||||
{[]byte("nomad:\n tls:\n active: true\n"), true, getNomadTLSActive},
|
||||
{[]byte(""), false, getNomadTLSActive},
|
||||
{[]byte("nomad:\n token:\n"), "SECRET", getNomadToken},
|
||||
}
|
||||
for _, testCase := range yamlTests {
|
||||
@ -197,12 +199,12 @@ func TestURLParsing(t *testing.T) {
|
||||
|
||||
func TestNomadAPIURL(t *testing.T) {
|
||||
config := newTestConfiguration()
|
||||
assert.Equal(t, "http", config.NomadAPIURL().Scheme)
|
||||
assert.Equal(t, "127.0.0.2:4646", config.NomadAPIURL().Host)
|
||||
assert.Equal(t, "http", config.Nomad.URL().Scheme)
|
||||
assert.Equal(t, "127.0.0.2:4646", config.Nomad.URL().Host)
|
||||
}
|
||||
|
||||
func TestPoseidonAPIURL(t *testing.T) {
|
||||
config := newTestConfiguration()
|
||||
assert.Equal(t, "http", config.PoseidonAPIURL().Scheme)
|
||||
assert.Equal(t, "127.0.0.1:3000", config.PoseidonAPIURL().Host)
|
||||
assert.Equal(t, "http", config.Server.URL().Scheme)
|
||||
assert.Equal(t, "127.0.0.1:3000", config.Server.URL().Host)
|
||||
}
|
||||
|
Reference in New Issue
Block a user