review: minor changes.

traefik · Jun 27, 2019 · 0622215 · 0622215
1 parent 249fefd
commit 0622215
Show file tree

Hide file tree

Showing 13 changed files with 52 additions and 66 deletions.
diff --git a/integration/https_test.go b/integration/https_test.go
@@ -800,7 +800,7 @@ func modifyCertificateConfFileContent(c *check.C, certFileName, confFileName, en
 	if len(certFileName) > 0 {
 		tlsConf := config.Configuration{
 			TLS: &config.TLSConfiguration{
-				Certificates: []*traefiktls.Configuration{{
+				Certificates: []*traefiktls.CertAndStores{{
 					Certificate: traefiktls.Certificate{
 						CertFile: traefiktls.FileOrContent("fixtures/https/" + certFileName + ".cert"),
 						KeyFile:  traefiktls.FileOrContent("fixtures/https/" + certFileName + ".key"),

diff --git a/pkg/config/dyn_config.go b/pkg/config/dyn_config.go
@@ -220,7 +220,7 @@ type Configuration struct {
 
 // TLSConfiguration contains all the configuration parameters of a TLS connection.
 type TLSConfiguration struct {
-	Certificates []*traefiktls.Configuration `json:"-" label:"-" yaml:"certificates"`
+	Certificates []*traefiktls.CertAndStores `json:"-" label:"-" yaml:"certificates"`
 	Options      map[string]traefiktls.Options
 	Stores       map[string]traefiktls.Store
 }

diff --git a/pkg/provider/acme/provider.go b/pkg/provider/acme/provider.go
@@ -589,14 +589,12 @@ func (p *Provider) refreshCertificates() {
 				Middlewares: map[string]*config.Middleware{},
 				Services:    map[string]*config.Service{},
 			},
-			TLS: &config.TLSConfiguration{
-				Certificates: []*traefiktls.Configuration{},
-			},
+			TLS: &config.TLSConfiguration{},
 		},
 	}
 
 	for _, cert := range p.certificates {
-		certConf := &traefiktls.Configuration{
+		certConf := &traefiktls.CertAndStores{
 			Certificate: traefiktls.Certificate{
 				CertFile: traefiktls.FileOrContent(cert.Certificate),
 				KeyFile:  traefiktls.FileOrContent(cert.Key),

diff --git a/pkg/provider/file/file.go b/pkg/provider/file/file.go
@@ -189,8 +189,8 @@ func (p *Provider) loadFileConfig(filename string, parseTemplate bool) (*config.
 	return configuration, nil
 }
 
-func flattenCertificates(tlsConfig *config.TLSConfiguration) []*tls.Configuration {
-	var certs []*tls.Configuration
+func flattenCertificates(tlsConfig *config.TLSConfiguration) []*tls.CertAndStores {
+	var certs []*tls.CertAndStores
 	for _, cert := range tlsConfig.Certificates {
 		content, err := cert.Certificate.CertFile.Read()
 		if err != nil {
@@ -238,7 +238,7 @@ func (p *Provider) loadFileConfigFromDirectory(ctx context.Context, directory st
 		}
 	}
 
-	configTLSMaps := make(map[*tls.Configuration]struct{})
+	configTLSMaps := make(map[*tls.CertAndStores]struct{})
 
 	for _, item := range fileList {
 		if item.IsDir() {
@@ -302,7 +302,6 @@ func (p *Provider) loadFileConfigFromDirectory(ctx context.Context, directory st
 			}
 		}
 
-		// FIXME nil
 		for _, conf := range c.TLS.Certificates {
 			if _, exists := configTLSMaps[conf]; exists {
 				logger.Warnf("TLS configuration %v already configured, skipping", conf)

diff --git a/pkg/provider/kubernetes/crd/kubernetes.go b/pkg/provider/kubernetes/crd/kubernetes.go
@@ -340,7 +340,7 @@ func buildTLSOptions(ctx context.Context, client Client) map[string]tls.Options
 	return tlsOptions
 }
 
-func (p *Provider) loadIngressRouteConfiguration(ctx context.Context, client Client, tlsConfigs map[string]*tls.Configuration) *config.HTTPConfiguration {
+func (p *Provider) loadIngressRouteConfiguration(ctx context.Context, client Client, tlsConfigs map[string]*tls.CertAndStores) *config.HTTPConfiguration {
 	conf := &config.HTTPConfiguration{
 		Routers:     map[string]*config.Router{},
 		Middlewares: map[string]*config.Middleware{},
@@ -465,7 +465,7 @@ func (p *Provider) loadIngressRouteConfiguration(ctx context.Context, client Cli
 	return conf
 }
 
-func (p *Provider) loadIngressRouteTCPConfiguration(ctx context.Context, client Client, tlsConfigs map[string]*tls.Configuration) *config.TCPConfiguration {
+func (p *Provider) loadIngressRouteTCPConfiguration(ctx context.Context, client Client, tlsConfigs map[string]*tls.CertAndStores) *config.TCPConfiguration {
 	conf := &config.TCPConfiguration{
 		Routers:  map[string]*config.TCPRouter{},
 		Services: map[string]*config.TCPService{},
@@ -565,7 +565,7 @@ func (p *Provider) loadIngressRouteTCPConfiguration(ctx context.Context, client
 }
 
 func (p *Provider) loadConfigurationFromCRD(ctx context.Context, client Client) *config.Configuration {
-	tlsConfigs := make(map[string]*tls.Configuration)
+	tlsConfigs := make(map[string]*tls.CertAndStores)
 	conf := &config.Configuration{
 		HTTP: p.loadIngressRouteConfiguration(ctx, client, tlsConfigs),
 		TCP:  p.loadIngressRouteTCPConfiguration(ctx, client, tlsConfigs),
@@ -606,7 +606,7 @@ func shouldProcessIngress(ingressClass string, ingressClassAnnotation string) bo
 		(len(ingressClass) == 0 && ingressClassAnnotation == traefikDefaultIngressClass)
 }
 
-func getTLSHTTP(ctx context.Context, ingressRoute *v1alpha1.IngressRoute, k8sClient Client, tlsConfigs map[string]*tls.Configuration) error {
+func getTLSHTTP(ctx context.Context, ingressRoute *v1alpha1.IngressRoute, k8sClient Client, tlsConfigs map[string]*tls.CertAndStores) error {
 	if ingressRoute.Spec.TLS == nil {
 		return nil
 	}
@@ -628,7 +628,7 @@ func getTLSHTTP(ctx context.Context, ingressRoute *v1alpha1.IngressRoute, k8sCli
 	return nil
 }
 
-func getTLSTCP(ctx context.Context, ingressRoute *v1alpha1.IngressRouteTCP, k8sClient Client, tlsConfigs map[string]*tls.Configuration) error {
+func getTLSTCP(ctx context.Context, ingressRoute *v1alpha1.IngressRouteTCP, k8sClient Client, tlsConfigs map[string]*tls.CertAndStores) error {
 	if ingressRoute.Spec.TLS == nil {
 		return nil
 	}
@@ -650,7 +650,7 @@ func getTLSTCP(ctx context.Context, ingressRoute *v1alpha1.IngressRouteTCP, k8sC
 	return nil
 }
 
-func getTLS(k8sClient Client, secretName, namespace string) (*tls.Configuration, error) {
+func getTLS(k8sClient Client, secretName, namespace string) (*tls.CertAndStores, error) {
 	secret, exists, err := k8sClient.GetSecret(namespace, secretName)
 	if err != nil {
 		return nil, fmt.Errorf("failed to fetch secret %s/%s: %v", namespace, secretName, err)
@@ -664,22 +664,22 @@ func getTLS(k8sClient Client, secretName, namespace string) (*tls.Configuration,
 		return nil, err
 	}
 
-	return &tls.Configuration{
+	return &tls.CertAndStores{
 		Certificate: tls.Certificate{
 			CertFile: tls.FileOrContent(cert),
 			KeyFile:  tls.FileOrContent(key),
 		},
 	}, nil
 }
 
-func getTLSConfig(tlsConfigs map[string]*tls.Configuration) []*tls.Configuration {
+func getTLSConfig(tlsConfigs map[string]*tls.CertAndStores) []*tls.CertAndStores {
 	var secretNames []string
 	for secretName := range tlsConfigs {
 		secretNames = append(secretNames, secretName)
 	}
 	sort.Strings(secretNames)
 
-	var configs []*tls.Configuration
+	var configs []*tls.CertAndStores
 	for _, secretName := range secretNames {
 		configs = append(configs, tlsConfigs[secretName])
 	}

diff --git a/pkg/provider/kubernetes/crd/kubernetes_test.go b/pkg/provider/kubernetes/crd/kubernetes_test.go
@@ -225,7 +225,7 @@ func TestLoadIngressRouteTCPs(t *testing.T) {
 			paths: []string{"tcp/services.yml", "tcp/with_tls.yml"},
 			expected: &config.Configuration{
 				TLS: &config.TLSConfiguration{
-					Certificates: []*tls.Configuration{
+					Certificates: []*tls.CertAndStores{
 						{
 							Certificate: tls.Certificate{
 								CertFile: tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"),
@@ -955,7 +955,7 @@ func TestLoadIngressRoutes(t *testing.T) {
 			paths: []string{"services.yml", "with_tls.yml"},
 			expected: &config.Configuration{
 				TLS: &config.TLSConfiguration{
-					Certificates: []*tls.Configuration{
+					Certificates: []*tls.CertAndStores{
 						{
 							Certificate: tls.Certificate{
 								CertFile: tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"),

diff --git a/pkg/provider/kubernetes/ingress/kubernetes.go b/pkg/provider/kubernetes/ingress/kubernetes.go
@@ -257,7 +257,7 @@ func (p *Provider) loadConfigurationFromIngresses(ctx context.Context, client Cl
 
 	ingresses := client.GetIngresses()
 
-	tlsConfigs := make(map[string]*tls.Configuration)
+	tlsConfigs := make(map[string]*tls.CertAndStores)
 	for _, ingress := range ingresses {
 		ctx = log.With(ctx, log.Str("ingress", ingress.Name), log.Str("namespace", ingress.Namespace))
 
@@ -356,7 +356,7 @@ func shouldProcessIngress(ingressClass string, ingressClassAnnotation string) bo
 		(len(ingressClass) == 0 && ingressClassAnnotation == traefikDefaultIngressClass)
 }
 
-func getTLS(ctx context.Context, ingress *v1beta1.Ingress, k8sClient Client, tlsConfigs map[string]*tls.Configuration) error {
+func getTLS(ctx context.Context, ingress *v1beta1.Ingress, k8sClient Client, tlsConfigs map[string]*tls.CertAndStores) error {
 	for _, t := range ingress.Spec.TLS {
 		if t.SecretName == "" {
 			log.FromContext(ctx).Debugf("Skipping TLS sub-section: No secret name provided")
@@ -378,7 +378,7 @@ func getTLS(ctx context.Context, ingress *v1beta1.Ingress, k8sClient Client, tls
 				return err
 			}
 
-			tlsConfigs[configKey] = &tls.Configuration{
+			tlsConfigs[configKey] = &tls.CertAndStores{
 				Certificate: tls.Certificate{
 					CertFile: tls.FileOrContent(cert),
 					KeyFile:  tls.FileOrContent(key),
@@ -390,14 +390,14 @@ func getTLS(ctx context.Context, ingress *v1beta1.Ingress, k8sClient Client, tls
 	return nil
 }
 
-func getTLSConfig(tlsConfigs map[string]*tls.Configuration) []*tls.Configuration {
+func getTLSConfig(tlsConfigs map[string]*tls.CertAndStores) []*tls.CertAndStores {
 	var secretNames []string
 	for secretName := range tlsConfigs {
 		secretNames = append(secretNames, secretName)
 	}
 	sort.Strings(secretNames)
 
-	var configs []*tls.Configuration
+	var configs []*tls.CertAndStores
 	for _, secretName := range secretNames {
 		configs = append(configs, tlsConfigs[secretName])
 	}

diff --git a/pkg/provider/kubernetes/ingress/kubernetes_test.go b/pkg/provider/kubernetes/ingress/kubernetes_test.go
@@ -703,7 +703,7 @@ func TestLoadConfigurationFromIngresses(t *testing.T) {
 					},
 				},
 				TLS: &config.TLSConfiguration{
-					Certificates: []*tls.Configuration{
+					Certificates: []*tls.CertAndStores{
 						{
 							Certificate: tls.Certificate{
 								CertFile: tls.FileOrContent("-----BEGIN CERTIFICATE-----\n-----END CERTIFICATE-----"),
@@ -975,7 +975,7 @@ func TestGetTLS(t *testing.T) {
 		desc      string
 		ingress   *v1beta1.Ingress
 		client    Client
-		result    map[string]*tls.Configuration
+		result    map[string]*tls.CertAndStores
 		errResult string
 	}{
 		{
@@ -1082,7 +1082,7 @@ func TestGetTLS(t *testing.T) {
 					},
 				},
 			},
-			result: map[string]*tls.Configuration{
+			result: map[string]*tls.CertAndStores{
 				"testing/test-secret": {
 					Certificate: tls.Certificate{
 						CertFile: tls.FileOrContent("tls-crt"),
@@ -1101,7 +1101,7 @@ func TestGetTLS(t *testing.T) {
 			desc:    "return nil when no secret is defined",
 			ingress: testIngressWithoutSecret,
 			client:  clientMock{},
-			result:  map[string]*tls.Configuration{},
+			result:  map[string]*tls.CertAndStores{},
 		},
 	}
 
@@ -1110,7 +1110,7 @@ func TestGetTLS(t *testing.T) {
 		t.Run(test.desc, func(t *testing.T) {
 			t.Parallel()
 
-			tlsConfigs := map[string]*tls.Configuration{}
+			tlsConfigs := map[string]*tls.CertAndStores{}
 			err := getTLS(context.Background(), test.ingress, test.client, tlsConfigs)
 
 			if test.errResult != "" {

diff --git a/pkg/server/router/tcp/router_test.go b/pkg/server/router/tcp/router_test.go
@@ -214,7 +214,7 @@ func TestRuntimeConfiguration(t *testing.T) {
 						MinVersion: "VersionTLS11",
 					},
 				},
-				[]*tls.Configuration{})
+				[]*tls.CertAndStores{})
 
 			routerManager := NewManager(conf, serviceManager,
 				nil, nil, tlsManager)

diff --git a/pkg/server/server_configuration.go b/pkg/server/server_configuration.go
@@ -66,7 +66,6 @@ func (s *Server) loadConfigurationTCP(configurations config.Configurations) map[
 
 	conf := mergeConfiguration(configurations)
 
-	// FIXME nil
 	s.tlsManager.UpdateConfigs(conf.TLS.Stores, conf.TLS.Options, conf.TLS.Certificates)
 
 	rtConf := config.NewRuntimeConfig(conf)

diff --git a/pkg/tls/tls.go b/pkg/tls/tls.go
@@ -22,9 +22,8 @@ type Store struct {
 	DefaultCertificate *Certificate
 }
 
-// Configuration allows mapping a TLS certificate to a list of entry points.
-// FIXME better name?
-type Configuration struct {
+// CertAndStores allows mapping a TLS certificate to a list of entry points.
+type CertAndStores struct {
 	Certificate `yaml:",inline"`
 	Stores      []string
 }
diff --git a/pkg/tls/tlsmanager.go b/pkg/tls/tlsmanager.go
@@ -18,7 +18,7 @@ type Manager struct {
 	storesConfig  map[string]Store
 	stores        map[string]*CertificateStore
 	configs       map[string]Options
-	certs         []*Configuration
+	certs         []*CertAndStores
 	TLSAlpnGetter func(string) (*tls.Certificate, error)
 	lock          sync.RWMutex
 }
@@ -29,7 +29,7 @@ func NewManager() *Manager {
 }
 
 // UpdateConfigs updates the TLS* configuration options
-func (m *Manager) UpdateConfigs(stores map[string]Store, configs map[string]Options, certs []*Configuration) {
+func (m *Manager) UpdateConfigs(stores map[string]Store, configs map[string]Options, certs []*CertAndStores) {
 	m.lock.Lock()
 	defer m.lock.Unlock()
 

diff --git a/pkg/tls/tlsmanager_test.go b/pkg/tls/tlsmanager_test.go
@@ -46,15 +46,12 @@ f9Oeos0UUothgiDktdQHxdNEwLjQf7lJJBzV+5OtwswCWA==
 )
 
 func TestTLSInStore(t *testing.T) {
-	dynamicConfigs :=
-		[]*Configuration{
-			{
-				Certificate: Certificate{
-					CertFile: localhostCert,
-					KeyFile:  localhostKey,
-				},
-			},
-		}
+	dynamicConfigs := []*CertAndStores{{
+		Certificate: Certificate{
+			CertFile: localhostCert,
+			KeyFile:  localhostKey,
+		},
+	}}
 
 	tlsManager := NewManager()
 	tlsManager.UpdateConfigs(nil, nil, dynamicConfigs)
@@ -66,15 +63,12 @@ func TestTLSInStore(t *testing.T) {
 }
 
 func TestTLSInvalidStore(t *testing.T) {
-	dynamicConfigs :=
-		[]*Configuration{
-			{
-				Certificate: Certificate{
-					CertFile: localhostCert,
-					KeyFile:  localhostKey,
-				},
-			},
-		}
+	dynamicConfigs := []*CertAndStores{{
+		Certificate: Certificate{
+			CertFile: localhostCert,
+			KeyFile:  localhostKey,
+		},
+	}}
 
 	tlsManager := NewManager()
 	tlsManager.UpdateConfigs(map[string]Store{
@@ -93,15 +87,13 @@ func TestTLSInvalidStore(t *testing.T) {
 }
 
 func TestManager_Get(t *testing.T) {
-	dynamicConfigs :=
-		[]*Configuration{
-			{
-				Certificate: Certificate{
-					CertFile: localhostCert,
-					KeyFile:  localhostKey,
-				},
-			},
-		}
+	dynamicConfigs := []*CertAndStores{{
+		Certificate: Certificate{
+			CertFile: localhostCert,
+			KeyFile:  localhostKey,
+		},
+	}}
+
 	tlsConfigs := map[string]Options{
 		"foo": {MinVersion: "VersionTLS12"},
 		"bar": {MinVersion: "VersionTLS11"},
@@ -153,5 +145,4 @@ func TestManager_Get(t *testing.T) {
 			assert.Equal(t, config.MinVersion, test.expectedMinVersion)
 		})
 	}
-
 }