fix configuration validation
This commit is contained in:
parent
1746653453
commit
d1ac68c4f7
SSH key fingerprint:
SHA256:3XrkbR8ikAZJVtYfaUliX1MhmJYVAe/ocIb/MiDHBJ8
3 changed files with 17 additions and 11 deletions
|
|
@ -102,6 +102,9 @@ func (c *GenericCertificate) Rollout(logger *slog.Logger, baseUrl string, skipIn
|
|||
if fileNeedsRollout {
|
||||
logger.Info("New file deployed", "path", c.FilePath)
|
||||
return true, nil
|
||||
} else if configuration.Force {
|
||||
logger.Info("File deployed", "path", c.FilePath)
|
||||
return true, nil
|
||||
} else {
|
||||
logger.Info("File not changed, skipping...", "path", c.FilePath)
|
||||
return false, nil
|
||||
|
|
@ -192,22 +195,25 @@ func (c *GenericCertificate) writeToDisk(logger *slog.Logger) error {
|
|||
// Returns error or nil on success.
|
||||
func (c *GenericCertificate) fetchFromServer(logger *slog.Logger, baseUrl string, skipInsecure bool) error {
|
||||
var url string
|
||||
var fileType string
|
||||
if c.IsKey {
|
||||
url = baseUrl + constants.CertificateApiPath + c.Name
|
||||
url = baseUrl + constants.KeyApiPath + c.Name
|
||||
fileType = "privatekey"
|
||||
} else {
|
||||
url = baseUrl + constants.CertificateApiPath + c.Name
|
||||
fileType = "certificate"
|
||||
}
|
||||
|
||||
logger.Debug("Certificate request URL: " + url)
|
||||
logger.Debug("Data request URL: "+url, "file-type", fileType)
|
||||
var transport http.RoundTripper
|
||||
|
||||
if skipInsecure {
|
||||
logger.Debug("TLS Certificate Validation is disabled")
|
||||
logger.Debug("Upstream Server TLS Certificate Validation is disabled")
|
||||
transport = &http.Transport{
|
||||
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
|
||||
}
|
||||
} else {
|
||||
logger.Debug("TLS Certificate Validation is enabled")
|
||||
logger.Debug("Upstream Server HTTP TLS Certificate Validation is enabled")
|
||||
}
|
||||
|
||||
client := &http.Client{
|
||||
|
|
@ -216,7 +222,7 @@ func (c *GenericCertificate) fetchFromServer(logger *slog.Logger, baseUrl string
|
|||
}
|
||||
req, err := http.NewRequest("GET", url, nil)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to prepare to request certificate from server: %w", err)
|
||||
return fmt.Errorf("failed to prepare to request data from server: %w", err)
|
||||
}
|
||||
|
||||
req.Header.Set("User-Agent", constants.UserAgent)
|
||||
|
|
@ -224,7 +230,7 @@ func (c *GenericCertificate) fetchFromServer(logger *slog.Logger, baseUrl string
|
|||
|
||||
res, err := client.Do(req)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to request certificate from server: %w", err)
|
||||
return fmt.Errorf("failed to request data from server: %w", err)
|
||||
}
|
||||
|
||||
defer func(l *slog.Logger) {
|
||||
|
|
@ -234,15 +240,15 @@ func (c *GenericCertificate) fetchFromServer(logger *slog.Logger, baseUrl string
|
|||
}(logger)
|
||||
|
||||
if res.StatusCode == http.StatusUnauthorized {
|
||||
logger.Error("API-Key for Certificate is invalid, skipping certificate!", "name", c.Name)
|
||||
logger.Error("API-Key for request is invalid, skipping certificate!", "name", c.Name, "file-type", fileType)
|
||||
return errors.New("API-Key invalid")
|
||||
} else if res.StatusCode != http.StatusOK {
|
||||
logger.Error("failed to get certificate from server", "name", c.Name, "http-response", res.Status)
|
||||
logger.Error("failed to get data from server", "name", c.Name, "http-response", res.Status, "file-type", fileType)
|
||||
}
|
||||
|
||||
bodyBytes, err := io.ReadAll(res.Body)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to read certificate response from server: %w", err)
|
||||
return fmt.Errorf("failed to read response from server: %w", err)
|
||||
}
|
||||
|
||||
c.serverBytes = bodyBytes
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ func handleRootCmd(cmd *cobra.Command, args []string) {
|
|||
if validation.HasMessages() {
|
||||
validation.Print(log)
|
||||
slog.Error("The configuration file has errors! Application cannot start unless all errors are corrected!")
|
||||
panic(1)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
certificates.HandleCertificates(log, config)
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@ func (e *ConfigValidationError) Add(msg string) {
|
|||
}
|
||||
|
||||
func (e *ConfigValidationError) HasMessages() bool {
|
||||
return len(e.ErrorMessages) == 0
|
||||
return len(e.ErrorMessages) != 0
|
||||
}
|
||||
|
||||
func (e *ConfigValidationError) Print(logger *slog.Logger) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue