-
Notifications
You must be signed in to change notification settings - Fork 128
/
consul_cli.go
76 lines (63 loc) · 2.7 KB
/
consul_cli.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
package consul
import (
"flag"
"net/http"
"net/url"
"github.com/hashicorp/go-cleanhttp"
log "github.com/sirupsen/logrus"
"github.com/cossacklabs/acra/network"
"github.com/cossacklabs/acra/utils/args"
)
const defaultConsulConfiPath = "acra/encryptor_config"
// CLIOptions keep command-line options related to Consul encryptor config loader.
type CLIOptions struct {
Address string
EncryptorConfigPath string
CAPath string
ClientCert string
ClientKey string
EnableTLS bool
}
// RegisterCLIParametersWithFlagSet look up for consul_connection_api_string, if none exists, consul_connection_api_string and consul_kv_config_path
// will be added to provided flags.
func RegisterCLIParametersWithFlagSet(flags *flag.FlagSet, prefix, description string) {
if description != "" {
description = " (" + description + ")"
}
if flags.Lookup(prefix+"consul_connection_api_string") == nil {
flags.String(prefix+"consul_connection_api_string", "", "Connection string (http://x.x.x.x:yyyy)for loading encryptor config from HashiCorp Consul"+description)
flags.String(prefix+"consul_kv_config_path", defaultConsulConfiPath, "KV Encryptor Config Path (acra/encryptor_config) for loading encryptor config from HashiCorp Consul"+description)
flags.Bool(prefix+"consul_tls_enable", false, "Use TLS to encrypt transport with HashiCorp Consul"+description)
}
if flags.Lookup(prefix+network.ClientNameConstructorFunc()("consul", "cert", "")) == nil {
network.RegisterTLSArgsForService(flags, true, prefix+"consul", network.ClientNameConstructorFunc())
}
}
// ParseCLIParametersFromFlags CLIOptions from provided FlagSet
func ParseCLIParametersFromFlags(extractor *args.ServiceExtractor, prefix string) *CLIOptions {
return &CLIOptions{
Address: extractor.GetString(prefix+"consul_connection_api_string", ""),
EncryptorConfigPath: extractor.GetString(prefix+"consul_kv_config_path", prefix),
EnableTLS: extractor.GetBool(prefix+"consul_tls_enable", ""),
}
}
// ConsulHTTPClient returns api.Config connection configuration
func (consul *CLIOptions) ConsulHTTPClient(extractor *args.ServiceExtractor) (*http.Client, error) {
transport := cleanhttp.DefaultPooledTransport()
client := &http.Client{
Transport: transport,
}
consulURL, err := url.ParseRequestURI(consul.Address)
if err != nil {
log.WithError(err).WithField("address", consul.Address).Errorln("Invalid Consul address provided")
return nil, err
}
if consul.EnableTLS {
tlsConfig, err := network.NewTLSConfigByName(extractor, "consul", consulURL.Host, network.ClientNameConstructorFunc())
if err != nil {
return nil, err
}
transport.TLSClientConfig = tlsConfig
}
return client, nil
}