mirror of https://github.com/hashicorp/consul
65 lines
2.5 KiB
Go
65 lines
2.5 KiB
Go
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: BUSL-1.1
|
|
|
|
package client
|
|
|
|
import (
|
|
"flag"
|
|
"strings"
|
|
)
|
|
|
|
type GRPCFlags struct {
|
|
address TValue[string]
|
|
grpcTLS TValue[bool]
|
|
certFile TValue[string]
|
|
keyFile TValue[string]
|
|
caFile TValue[string]
|
|
caPath TValue[string]
|
|
}
|
|
|
|
// MergeFlagsIntoGRPCConfig merges flag values into grpc config
|
|
// caller has to parse the CLI args before loading them into flag values
|
|
// The flags take precedence over the environment values
|
|
func (f *GRPCFlags) MergeFlagsIntoGRPCConfig(c *GRPCConfig) {
|
|
if strings.HasPrefix(strings.ToLower(f.address.String()), "https://") {
|
|
c.GRPCTLS = true
|
|
}
|
|
f.address.Set(removeSchemaFromGRPCAddress(f.address.String()))
|
|
f.address.Merge(&c.Address)
|
|
// won't overwrite the value if it's false
|
|
if f.grpcTLS.v != nil && *f.grpcTLS.v {
|
|
f.grpcTLS.Merge(&c.GRPCTLS)
|
|
}
|
|
f.certFile.Merge(&c.CertFile)
|
|
f.keyFile.Merge(&c.KeyFile)
|
|
f.caFile.Merge(&c.CAFile)
|
|
f.caPath.Merge(&c.CAPath)
|
|
}
|
|
|
|
// merge the client flags into command line flags then parse command line flags
|
|
func (f *GRPCFlags) ClientFlags() *flag.FlagSet {
|
|
fs := flag.NewFlagSet("", flag.ContinueOnError)
|
|
fs.Var(&f.address, "grpc-addr",
|
|
"The `address` and `port` of the Consul GRPC agent. The value can be an IP "+
|
|
"address or DNS address, but it must also include the port. This can also be specified "+
|
|
"via the CONSUL_GRPC_ADDR environment variable. The default value is "+
|
|
"127.0.0.1:8502. If you intend to communicate in TLS mode, you have to either "+
|
|
"include https:// schema in the address, use grpc-tls flag or set environment variable "+
|
|
"CONSUL_GRPC_TLS = true, otherwise it uses plaintext mode")
|
|
fs.Var(&f.caFile, "grpc-tls",
|
|
"Set to true if you aim to communicate in TLS mode in the GRPC call.")
|
|
fs.Var(&f.certFile, "client-cert",
|
|
"Path to a client cert file to use for TLS when 'verify_incoming' is enabled. This "+
|
|
"can also be specified via the CONSUL_GRPC_CLIENT_CERT environment variable.")
|
|
fs.Var(&f.keyFile, "client-key",
|
|
"Path to a client key file to use for TLS when 'verify_incoming' is enabled. This "+
|
|
"can also be specified via the CONSUL_GRPC_CLIENT_KEY environment variable.")
|
|
fs.Var(&f.caFile, "ca-file",
|
|
"Path to a CA file to use for TLS when communicating with Consul. This "+
|
|
"can also be specified via the CONSUL_CACERT environment variable.")
|
|
fs.Var(&f.caPath, "ca-path",
|
|
"Path to a directory of CA certificates to use for TLS when communicating "+
|
|
"with Consul. This can also be specified via the CONSUL_CAPATH environment variable.")
|
|
return fs
|
|
}
|