mirror of https://github.com/hashicorp/consul
connect/proxy: remove dev CA settings
parent
eb2a6952ba
commit
11f57ed4f4
|
@ -36,25 +36,11 @@ type Config struct {
|
|||
|
||||
// Upstreams configures outgoing proxies for remote connect services.
|
||||
Upstreams []UpstreamConfig `json:"upstreams" hcl:"upstreams"`
|
||||
|
||||
// DevCAFile, DevServiceCertFile, and DevServiceKeyFile allow configuring
|
||||
// the certificate information from a static file. This is only for testing
|
||||
// purposes. All or none must be specified.
|
||||
DevCAFile string `json:"dev_ca_file" hcl:"dev_ca_file"`
|
||||
DevServiceCertFile string `json:"dev_service_cert_file" hcl:"dev_service_cert_file"`
|
||||
DevServiceKeyFile string `json:"dev_service_key_file" hcl:"dev_service_key_file"`
|
||||
}
|
||||
|
||||
// Service returns the *connect.Service structure represented by this config.
|
||||
func (c *Config) Service(client *api.Client, logger *log.Logger) (*connect.Service, error) {
|
||||
// If we aren't in dev mode, then we return the configured service.
|
||||
if c.DevCAFile == "" {
|
||||
return connect.NewServiceWithLogger(c.ProxiedServiceName, client, logger)
|
||||
}
|
||||
|
||||
// Dev mode
|
||||
return connect.NewDevServiceFromCertFiles(c.ProxiedServiceName,
|
||||
logger, c.DevCAFile, c.DevServiceCertFile, c.DevServiceKeyFile)
|
||||
return connect.NewServiceWithLogger(c.ProxiedServiceName, client, logger)
|
||||
}
|
||||
|
||||
// PublicListenerConfig contains the parameters needed for the incoming mTLS
|
||||
|
|
|
@ -47,9 +47,6 @@ func TestParseConfigFile(t *testing.T) {
|
|||
ConnectTimeoutMs: 10000,
|
||||
},
|
||||
},
|
||||
DevCAFile: "connect/testdata/ca1-ca-consul-internal.cert.pem",
|
||||
DevServiceCertFile: "connect/testdata/ca1-svc-web.cert.pem",
|
||||
DevServiceKeyFile: "connect/testdata/ca1-svc-web.key.pem",
|
||||
}
|
||||
|
||||
require.Equal(t, expect, cfg)
|
||||
|
|
|
@ -5,11 +5,6 @@ token = "11111111-2222-3333-4444-555555555555"
|
|||
proxied_service_name = "web"
|
||||
proxied_service_namespace = "default"
|
||||
|
||||
# Assumes running consul in dev mode from the repo root...
|
||||
dev_ca_file = "connect/testdata/ca1-ca-consul-internal.cert.pem"
|
||||
dev_service_cert_file = "connect/testdata/ca1-svc-web.cert.pem"
|
||||
dev_service_key_file = "connect/testdata/ca1-svc-web.key.pem"
|
||||
|
||||
public_listener {
|
||||
bind_address = "127.0.0.1"
|
||||
bind_port= "9999"
|
||||
|
|
Loading…
Reference in New Issue