mirror of https://github.com/hashicorp/consul
connect: use inline_string instead for envoy ca(#7024)
Hans Hasselberg
GitHub
parent
10f04a8c4a
commit
ab2f2484ad
|
|
@ -25,7 +25,7 @@ type BootstrapTplArgs struct {
|
||||||
|
|
||||||
// AgentCAPEM is the CA to use to verify the local agent gRPC service if
|
// AgentCAPEM is the CA to use to verify the local agent gRPC service if
|
||||||
// TLS is enabled.
|
// TLS is enabled.
|
||||||
AgentCAPEM []byte
|
AgentCAPEM string
|
||||||
|
|
||||||
// AgentSocket is the path to a Unix Socket for communicating with the
|
// AgentSocket is the path to a Unix Socket for communicating with the
|
||||||
// local agent's gRPC endpoint. Disabled if the empty (the default),
|
// local agent's gRPC endpoint. Disabled if the empty (the default),
|
||||||
|
|
@ -119,7 +119,7 @@ const bootstrapTemplate = `{
|
||||||
"common_tls_context": {
|
"common_tls_context": {
|
||||||
"validation_context": {
|
"validation_context": {
|
||||||
"trusted_ca": {
|
"trusted_ca": {
|
||||||
"inline_bytes": "{{ .AgentCAPEM }}"
|
"inline_string": "{{ .AgentCAPEM }}"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -494,13 +494,13 @@ func (c *cmd) templateArgs() (*BootstrapTplArgs, error) {
|
||||||
adminAccessLogPath = DefaultAdminAccessLogPath
|
adminAccessLogPath = DefaultAdminAccessLogPath
|
||||||
}
|
}
|
||||||
|
|
||||||
var caPEM []byte
|
var caPEM string
|
||||||
if httpCfg.TLSConfig.CAFile != "" {
|
if httpCfg.TLSConfig.CAFile != "" {
|
||||||
content, err := ioutil.ReadFile(httpCfg.TLSConfig.CAFile)
|
content, err := ioutil.ReadFile(httpCfg.TLSConfig.CAFile)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("Failed to read CA file: %s", err)
|
return nil, fmt.Errorf("Failed to read CA file: %s", err)
|
||||||
}
|
}
|
||||||
caPEM = content
|
caPEM = strings.Replace(string(content), "\n", "\\n", -1)
|
||||||
}
|
}
|
||||||
|
|
||||||
return &BootstrapTplArgs{
|
return &BootstrapTplArgs{
|
||||||
|
|
|
||||||
|
|
@ -285,38 +285,10 @@ func TestGenerateConfig(t *testing.T) {
|
||||||
// Should resolve IP, note this might not resolve the same way
|
// Should resolve IP, note this might not resolve the same way
|
||||||
// everywhere which might make this test brittle but not sure what else
|
// everywhere which might make this test brittle but not sure what else
|
||||||
// to do.
|
// to do.
|
||||||
AgentAddress: "127.0.0.1",
|
AgentAddress: "127.0.0.1",
|
||||||
AgentPort: "8502",
|
AgentPort: "8502",
|
||||||
AgentTLS: true,
|
AgentTLS: true,
|
||||||
AgentCAPEM: []byte(`-----BEGIN CERTIFICATE-----
|
AgentCAPEM: `-----BEGIN CERTIFICATE-----\nMIIEtzCCA5+gAwIBAgIJAIewRMI8OnvTMA0GCSqGSIb3DQEBBQUAMIGYMQswCQYD\nVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xHDAa\nBgNVBAoTE0hhc2hpQ29ycCBUZXN0IENlcnQxDDAKBgNVBAsTA0RldjEWMBQGA1UE\nAxMNdGVzdC5pbnRlcm5hbDEgMB4GCSqGSIb3DQEJARYRdGVzdEBpbnRlcm5hbC5j\nb20wHhcNMTQwNDA3MTkwMTA4WhcNMjQwNDA0MTkwMTA4WjCBmDELMAkGA1UEBhMC\nVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRwwGgYDVQQK\nExNIYXNoaUNvcnAgVGVzdCBDZXJ0MQwwCgYDVQQLEwNEZXYxFjAUBgNVBAMTDXRl\nc3QuaW50ZXJuYWwxIDAeBgkqhkiG9w0BCQEWEXRlc3RAaW50ZXJuYWwuY29tMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrs6JK4NpiOItxrpNR/1ppUU\nmH7p2BgLCBZ6eHdclle9J56i68adt8J85zaqphCfz6VDP58DsFx+N50PZyjQaDsU\nd0HejRqfHRMtg2O+UQkv4Z66+Vo+gc6uGuANi2xMtSYDVTAqqzF48OOPQDgYkzcG\nxcFZzTRFFZt2vPnyHj8cHcaFo/NMNVh7C3yTXevRGNm9u2mrbxCEeiHzFC2WUnvg\nU2jQuC7Fhnl33Zd3B6d3mQH6O23ncmwxTcPUJe6xZaIRrDuzwUcyhLj5Z3faag/f\npFIIcHSiHRfoqHLGsGg+3swId/zVJSSDHr7pJUu7Cre+vZa63FqDaooqvnisrQID\nAQABo4IBADCB/TAdBgNVHQ4EFgQUo/nrOfqvbee2VklVKIFlyQEbuJUwgc0GA1Ud\nIwSBxTCBwoAUo/nrOfqvbee2VklVKIFlyQEbuJWhgZ6kgZswgZgxCzAJBgNVBAYT\nAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEcMBoGA1UE\nChMTSGFzaGlDb3JwIFRlc3QgQ2VydDEMMAoGA1UECxMDRGV2MRYwFAYDVQQDEw10\nZXN0LmludGVybmFsMSAwHgYJKoZIhvcNAQkBFhF0ZXN0QGludGVybmFsLmNvbYIJ\nAIewRMI8OnvTMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADa9fV9h\ngjapBlkNmu64WX0Ufub5dsJrdHS8672P30S7ILB7Mk0W8sL65IezRsZnG898yHf9\n2uzmz5OvNTM9K380g7xFlyobSVq+6yqmmSAlA/ptAcIIZT727P5jig/DB7fzJM3g\njctDlEGOmEe50GQXc25VKpcpjAsNQi5ER5gowQ0v3IXNZs+yU+LvxLHc0rUJ/XSp\nlFCAMOqd5uRoMOejnT51G6krvLNzPaQ3N9jQfNVY4Q0zfs0M+6dRWvqfqB9Vyq8/\nPOLMld+HyAZEBk9zK3ZVIXx6XS4dkDnSNR91njLq7eouf6M7+7s/oMQZZRtAfQ6r\nwlW975rYa1ZqEdA=\n-----END CERTIFICATE-----\n`,
|
||||||
MIIEtzCCA5+gAwIBAgIJAIewRMI8OnvTMA0GCSqGSIb3DQEBBQUAMIGYMQswCQYD
|
|
||||||
VQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xHDAa
|
|
||||||
BgNVBAoTE0hhc2hpQ29ycCBUZXN0IENlcnQxDDAKBgNVBAsTA0RldjEWMBQGA1UE
|
|
||||||
AxMNdGVzdC5pbnRlcm5hbDEgMB4GCSqGSIb3DQEJARYRdGVzdEBpbnRlcm5hbC5j
|
|
||||||
b20wHhcNMTQwNDA3MTkwMTA4WhcNMjQwNDA0MTkwMTA4WjCBmDELMAkGA1UEBhMC
|
|
||||||
VVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRwwGgYDVQQK
|
|
||||||
ExNIYXNoaUNvcnAgVGVzdCBDZXJ0MQwwCgYDVQQLEwNEZXYxFjAUBgNVBAMTDXRl
|
|
||||||
c3QuaW50ZXJuYWwxIDAeBgkqhkiG9w0BCQEWEXRlc3RAaW50ZXJuYWwuY29tMIIB
|
|
||||||
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrs6JK4NpiOItxrpNR/1ppUU
|
|
||||||
mH7p2BgLCBZ6eHdclle9J56i68adt8J85zaqphCfz6VDP58DsFx+N50PZyjQaDsU
|
|
||||||
d0HejRqfHRMtg2O+UQkv4Z66+Vo+gc6uGuANi2xMtSYDVTAqqzF48OOPQDgYkzcG
|
|
||||||
xcFZzTRFFZt2vPnyHj8cHcaFo/NMNVh7C3yTXevRGNm9u2mrbxCEeiHzFC2WUnvg
|
|
||||||
U2jQuC7Fhnl33Zd3B6d3mQH6O23ncmwxTcPUJe6xZaIRrDuzwUcyhLj5Z3faag/f
|
|
||||||
pFIIcHSiHRfoqHLGsGg+3swId/zVJSSDHr7pJUu7Cre+vZa63FqDaooqvnisrQID
|
|
||||||
AQABo4IBADCB/TAdBgNVHQ4EFgQUo/nrOfqvbee2VklVKIFlyQEbuJUwgc0GA1Ud
|
|
||||||
IwSBxTCBwoAUo/nrOfqvbee2VklVKIFlyQEbuJWhgZ6kgZswgZgxCzAJBgNVBAYT
|
|
||||||
AlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEcMBoGA1UE
|
|
||||||
ChMTSGFzaGlDb3JwIFRlc3QgQ2VydDEMMAoGA1UECxMDRGV2MRYwFAYDVQQDEw10
|
|
||||||
ZXN0LmludGVybmFsMSAwHgYJKoZIhvcNAQkBFhF0ZXN0QGludGVybmFsLmNvbYIJ
|
|
||||||
AIewRMI8OnvTMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADa9fV9h
|
|
||||||
gjapBlkNmu64WX0Ufub5dsJrdHS8672P30S7ILB7Mk0W8sL65IezRsZnG898yHf9
|
|
||||||
2uzmz5OvNTM9K380g7xFlyobSVq+6yqmmSAlA/ptAcIIZT727P5jig/DB7fzJM3g
|
|
||||||
jctDlEGOmEe50GQXc25VKpcpjAsNQi5ER5gowQ0v3IXNZs+yU+LvxLHc0rUJ/XSp
|
|
||||||
lFCAMOqd5uRoMOejnT51G6krvLNzPaQ3N9jQfNVY4Q0zfs0M+6dRWvqfqB9Vyq8/
|
|
||||||
POLMld+HyAZEBk9zK3ZVIXx6XS4dkDnSNR91njLq7eouf6M7+7s/oMQZZRtAfQ6r
|
|
||||||
wlW975rYa1ZqEdA=
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
`),
|
|
||||||
AdminAccessLogPath: "/dev/null",
|
AdminAccessLogPath: "/dev/null",
|
||||||
AdminBindAddress: "127.0.0.1",
|
AdminBindAddress: "127.0.0.1",
|
||||||
AdminBindPort: "19000",
|
AdminBindPort: "19000",
|
||||||
|
|
|
||||||
File diff suppressed because one or more lines are too long
Loading…
Reference in New Issue