baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Update valkeyrie to v1.0.0

Browse source
This commit is contained in:
Ludovic Fernandez 2022-09-12 17:40:09 +02:00 committed by GitHub
parent d578ed7327
commit d531963f95
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
18 changed files with 254 additions and 289 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

63
docs/content/reference/static-configuration/cli-ref.md
View file

@ -400,7 +400,7 @@ Terminating status code (Default: ```503```)
Enable Consul backend with default settings. (Default: ```false```)
`--providers.consul.endpoints`:
KV store endpoints (Default: ```127.0.0.1:8500```)
KV store endpoints. (Default: ```127.0.0.1:8500```)
`--providers.consul.namespace`:
Sets the namespace used to discover the configuration (Consul Enterprise only).
@ -408,11 +408,8 @@ Sets the namespace used to discover the configuration (Consul Enterprise only).
`--providers.consul.namespaces`:
Sets the namespaces used to discover the configuration (Consul Enterprise only).
`--providers.consul.password`:
KV Password
`--providers.consul.rootkey`:
Root key used for KV store (Default: ```traefik```)
Root key used for KV store. (Default: ```traefik```)
`--providers.consul.tls.ca`:
TLS CA
@ -430,10 +427,7 @@ TLS insecure skip verify (Default: ```false```)
TLS key
`--providers.consul.token`:
KV Token
`--providers.consul.username`:
KV Username
Per-request ACL token.
`--providers.consulcatalog`:
Enable ConsulCatalog backend with default settings. (Default: ```false```)
@ -601,13 +595,13 @@ The AWS credentials access key to use for making requests
Enable Etcd backend with default settings. (Default: ```false```)
`--providers.etcd.endpoints`:
KV store endpoints (Default: ```127.0.0.1:2379```)
KV store endpoints. (Default: ```127.0.0.1:2379```)
`--providers.etcd.password`:
KV Password
Password for authentication.
`--providers.etcd.rootkey`:
Root key used for KV store (Default: ```traefik```)
Root key used for KV store. (Default: ```traefik```)
`--providers.etcd.tls.ca`:
TLS CA
@ -624,11 +618,8 @@ TLS insecure skip verify (Default: ```false```)
`--providers.etcd.tls.key`:
TLS key
`--providers.etcd.token`:
KV Token
`--providers.etcd.username`:
KV Username
Username for authentication.
`--providers.file.debugloggeneratedtemplate`:
Enable debug logging of generated configuration template. (Default: ```false```)
@ -912,14 +903,17 @@ Watch provider. (Default: ```true```)
`--providers.redis`:
Enable Redis backend with default settings. (Default: ```false```)
`--providers.redis.db`:
Database to be selected after connecting to the server. (Default: ```0```)
`--providers.redis.endpoints`:
KV store endpoints (Default: ```127.0.0.1:6379```)
KV store endpoints. (Default: ```127.0.0.1:6379```)
`--providers.redis.password`:
KV Password
Password for authentication.
`--providers.redis.rootkey`:
Root key used for KV store (Default: ```traefik```)
Root key used for KV store. (Default: ```traefik```)
`--providers.redis.tls.ca`:
TLS CA
@ -936,11 +930,8 @@ TLS insecure skip verify (Default: ```false```)
`--providers.redis.tls.key`:
TLS key
`--providers.redis.token`:
KV Token
`--providers.redis.username`:
KV Username
Username for authentication.
`--providers.rest`:
Enable Rest backend with default settings. (Default: ```false```)
@ -952,34 +943,16 @@ Activate REST Provider directly on the entryPoint named traefik. (Default: ```fa
Enable ZooKeeper backend with default settings. (Default: ```false```)
`--providers.zookeeper.endpoints`:
KV store endpoints (Default: ```127.0.0.1:2181```)
KV store endpoints. (Default: ```127.0.0.1:2181```)
`--providers.zookeeper.password`:
KV Password
Password for authentication.
`--providers.zookeeper.rootkey`:
Root key used for KV store (Default: ```traefik```)
`--providers.zookeeper.tls.ca`:
TLS CA
`--providers.zookeeper.tls.caoptional`:
TLS CA.Optional (Default: ```false```)
`--providers.zookeeper.tls.cert`:
TLS cert
`--providers.zookeeper.tls.insecureskipverify`:
TLS insecure skip verify (Default: ```false```)
`--providers.zookeeper.tls.key`:
TLS key
`--providers.zookeeper.token`:
KV Token
Root key used for KV store. (Default: ```traefik```)
`--providers.zookeeper.username`:
KV Username
Username for authentication.
`--serverstransport.forwardingtimeouts.dialtimeout`:
The amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists. (Default: ```30```)

63
docs/content/reference/static-configuration/env-ref.md
View file

@ -481,7 +481,7 @@ Use stale consistency for catalog reads. (Default: ```false```)
Watch Consul API events. (Default: ```false```)
`TRAEFIK_PROVIDERS_CONSUL_ENDPOINTS`:
KV store endpoints (Default: ```127.0.0.1:8500```)
KV store endpoints. (Default: ```127.0.0.1:8500```)
`TRAEFIK_PROVIDERS_CONSUL_NAMESPACE`:
Sets the namespace used to discover the configuration (Consul Enterprise only).
@ -489,11 +489,8 @@ Sets the namespace used to discover the configuration (Consul Enterprise only).
`TRAEFIK_PROVIDERS_CONSUL_NAMESPACES`:
Sets the namespaces used to discover the configuration (Consul Enterprise only).
`TRAEFIK_PROVIDERS_CONSUL_PASSWORD`:
KV Password
`TRAEFIK_PROVIDERS_CONSUL_ROOTKEY`:
Root key used for KV store (Default: ```traefik```)
Root key used for KV store. (Default: ```traefik```)
`TRAEFIK_PROVIDERS_CONSUL_TLS_CA`:
TLS CA
@ -511,10 +508,7 @@ TLS insecure skip verify (Default: ```false```)
TLS key
`TRAEFIK_PROVIDERS_CONSUL_TOKEN`:
KV Token
`TRAEFIK_PROVIDERS_CONSUL_USERNAME`:
KV Username
Per-request ACL token.
`TRAEFIK_PROVIDERS_DOCKER`:
Enable Docker backend with default settings. (Default: ```false```)
@ -601,13 +595,13 @@ The AWS credentials access key to use for making requests
Enable Etcd backend with default settings. (Default: ```false```)
`TRAEFIK_PROVIDERS_ETCD_ENDPOINTS`:
KV store endpoints (Default: ```127.0.0.1:2379```)
KV store endpoints. (Default: ```127.0.0.1:2379```)
`TRAEFIK_PROVIDERS_ETCD_PASSWORD`:
KV Password
Password for authentication.
`TRAEFIK_PROVIDERS_ETCD_ROOTKEY`:
Root key used for KV store (Default: ```traefik```)
Root key used for KV store. (Default: ```traefik```)
`TRAEFIK_PROVIDERS_ETCD_TLS_CA`:
TLS CA
@ -624,11 +618,8 @@ TLS insecure skip verify (Default: ```false```)
`TRAEFIK_PROVIDERS_ETCD_TLS_KEY`:
TLS key
`TRAEFIK_PROVIDERS_ETCD_TOKEN`:
KV Token
`TRAEFIK_PROVIDERS_ETCD_USERNAME`:
KV Username
Username for authentication.
`TRAEFIK_PROVIDERS_FILE_DEBUGLOGGENERATEDTEMPLATE`:
Enable debug logging of generated configuration template. (Default: ```false```)
@ -912,14 +903,17 @@ Watch provider. (Default: ```true```)
`TRAEFIK_PROVIDERS_REDIS`:
Enable Redis backend with default settings. (Default: ```false```)
`TRAEFIK_PROVIDERS_REDIS_DB`:
Database to be selected after connecting to the server. (Default: ```0```)
`TRAEFIK_PROVIDERS_REDIS_ENDPOINTS`:
KV store endpoints (Default: ```127.0.0.1:6379```)
KV store endpoints. (Default: ```127.0.0.1:6379```)
`TRAEFIK_PROVIDERS_REDIS_PASSWORD`:
KV Password
Password for authentication.
`TRAEFIK_PROVIDERS_REDIS_ROOTKEY`:
Root key used for KV store (Default: ```traefik```)
Root key used for KV store. (Default: ```traefik```)
`TRAEFIK_PROVIDERS_REDIS_TLS_CA`:
TLS CA
@ -936,11 +930,8 @@ TLS insecure skip verify (Default: ```false```)
`TRAEFIK_PROVIDERS_REDIS_TLS_KEY`:
TLS key
`TRAEFIK_PROVIDERS_REDIS_TOKEN`:
KV Token
`TRAEFIK_PROVIDERS_REDIS_USERNAME`:
KV Username
Username for authentication.
`TRAEFIK_PROVIDERS_REST`:
Enable Rest backend with default settings. (Default: ```false```)
@ -952,34 +943,16 @@ Activate REST Provider directly on the entryPoint named traefik. (Default: ```fa
Enable ZooKeeper backend with default settings. (Default: ```false```)
`TRAEFIK_PROVIDERS_ZOOKEEPER_ENDPOINTS`:
KV store endpoints (Default: ```127.0.0.1:2181```)
KV store endpoints. (Default: ```127.0.0.1:2181```)
`TRAEFIK_PROVIDERS_ZOOKEEPER_PASSWORD`:
KV Password
Password for authentication.
`TRAEFIK_PROVIDERS_ZOOKEEPER_ROOTKEY`:
Root key used for KV store (Default: ```traefik```)
`TRAEFIK_PROVIDERS_ZOOKEEPER_TLS_CA`:
TLS CA
`TRAEFIK_PROVIDERS_ZOOKEEPER_TLS_CAOPTIONAL`:
TLS CA.Optional (Default: ```false```)
`TRAEFIK_PROVIDERS_ZOOKEEPER_TLS_CERT`:
TLS cert
`TRAEFIK_PROVIDERS_ZOOKEEPER_TLS_INSECURESKIPVERIFY`:
TLS insecure skip verify (Default: ```false```)
`TRAEFIK_PROVIDERS_ZOOKEEPER_TLS_KEY`:
TLS key
`TRAEFIK_PROVIDERS_ZOOKEEPER_TOKEN`:
KV Token
Root key used for KV store. (Default: ```traefik```)
`TRAEFIK_PROVIDERS_ZOOKEEPER_USERNAME`:
KV Username
Username for authentication.
`TRAEFIK_SERVERSTRANSPORT_FORWARDINGTIMEOUTS_DIALTIMEOUT`:
The amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists. (Default: ```30```)

28
docs/content/reference/static-configuration/file.toml
View file

@ -125,8 +125,8 @@
allowExternalNameServices = true
labelSelector = "foobar"
ingressClass = "foobar"
allowEmptyServices = true
throttleDuration = "42s"
allowEmptyServices = true
[providers.kubernetesGateway]
endpoint = "foobar"
token = "foobar"
@ -157,9 +157,9 @@
connectAware = true
connectByDefault = true
serviceName = "foobar"
watch = true
namespace = "foobar"
namespaces = ["foobar", "foobar"]
watch = true
[providers.consulCatalog.endpoint]
address = "foobar"
scheme = "foobar"
@ -176,13 +176,13 @@
username = "foobar"
password = "foobar"
[providers.nomad]
defaultRule = "foobar"
constraints = "foobar"
prefix = "foobar"
refreshInterval = "42s"
stale = true
exposedByDefault = true
defaultRule = "foobar"
namespace = "foobar"
exposedByDefault = true
refreshInterval = "42s"
[providers.nomad.endpoint]
address = "foobar"
region = "foobar"
@ -207,8 +207,6 @@
[providers.consul]
rootKey = "foobar"
endpoints = ["foobar", "foobar"]
username = "foobar"
password = "foobar"
token = "foobar"
namespace = "foobar"
namespaces = ["foobar", "foobar"]
@ -223,7 +221,6 @@
endpoints = ["foobar", "foobar"]
username = "foobar"
password = "foobar"
token = "foobar"
[providers.etcd.tls]
ca = "foobar"
caOptional = true
@ -235,19 +232,12 @@
endpoints = ["foobar", "foobar"]
username = "foobar"
password = "foobar"
token = "foobar"
[providers.zooKeeper.tls]
ca = "foobar"
caOptional = true
cert = "foobar"
key = "foobar"
insecureSkipVerify = true
[providers.redis]
rootKey = "foobar"
endpoints = ["foobar", "foobar"]
username = "foobar"
password = "foobar"
token = "foobar"
db = 42
[providers.redis.tls]
ca = "foobar"
caOptional = true
@ -307,7 +297,8 @@
addRoutersLabels = true
addServicesLabels = true
[metrics.influxDB.additionalLabels]
foobar = "foobar"
name0 = "foobar"
name1 = "foobar"
[metrics.influxDB2]
address = "foobar"
token = "foobar"
@ -318,7 +309,8 @@
addRoutersLabels = true
addServicesLabels = true
[metrics.influxDB2.additionalLabels]
foobar = "foobar"
name0 = "foobar"
name1 = "foobar"
[ping]
entryPoint = "foobar"

31
docs/content/reference/static-configuration/file.yaml
View file

@ -30,8 +30,8 @@ entryPoints:
forwardedHeaders:
insecure: true
trustedIPs:
- foobar
- foobar
- foobar
- foobar
http:
redirections:
entryPoint:
@ -169,11 +169,11 @@ providers:
connectAware: true
connectByDefault: true
serviceName: foobar
watch: true
namespace: foobar
namespaces:
- foobar
- foobar
watch: true
endpoint:
address: foobar
scheme: foobar
@ -190,13 +190,13 @@ providers:
username: foobar
password: foobar
nomad:
defaultRule: foobar
constraints: foobar
prefix: foobar
refreshInterval: 42s
stale: true
exposedByDefault: true
defaultRule: foobar
namespace: foobar
exposedByDefault: true
refreshInterval: 42s
endpoint:
address: foobar
region: foobar
@ -225,8 +225,6 @@ providers:
endpoints:
- foobar
- foobar
username: foobar
password: foobar
token: foobar
namespace: foobar
namespaces:
@ -245,7 +243,6 @@ providers:
- foobar
username: foobar
password: foobar
token: foobar
tls:
ca: foobar
caOptional: true
@ -259,13 +256,6 @@ providers:
- foobar
username: foobar
password: foobar
token: foobar
tls:
ca: foobar
caOptional: true
cert: foobar
key: foobar
insecureSkipVerify: true
redis:
rootKey: foobar
endpoints:
@ -273,7 +263,7 @@ providers:
- foobar
username: foobar
password: foobar
token: foobar
db: 42
tls:
ca: foobar
caOptional: true
@ -333,7 +323,8 @@ metrics:
addRoutersLabels: true
addServicesLabels: true
additionalLabels:
foobar: foobar
name0: foobar
name1: foobar
influxDB2:
address: foobar
token: foobar
@ -344,8 +335,8 @@ metrics:
addRoutersLabels: true
addServicesLabels: true
additionalLabels:
foobar: foobar
name0: foobar
name1: foobar
ping:
entryPoint: foobar
manualRouting: true

16
go.mod
View file

@ -27,7 +27,7 @@ require (
github.com/gorilla/mux v1.8.0
github.com/gorilla/websocket v1.5.0
github.com/hashicorp/consul v1.10.4
github.com/hashicorp/consul/api v1.12.0
github.com/hashicorp/consul/api v1.14.0
github.com/hashicorp/go-hclog v0.16.2
github.com/hashicorp/go-multierror v1.1.1
github.com/hashicorp/go-version v1.3.0
@ -36,7 +36,11 @@ require (
github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d
github.com/instana/go-sensor v1.38.3
github.com/klauspost/compress v1.14.2
github.com/kvtools/valkeyrie v0.4.2-0.20220810161836-a9a70ee3f199
github.com/kvtools/consul v1.0.1
github.com/kvtools/etcdv3 v1.0.1
github.com/kvtools/redis v1.0.1
github.com/kvtools/valkeyrie v1.0.0
github.com/kvtools/zookeeper v1.0.1
github.com/lucas-clemente/quic-go v0.28.1
github.com/mailgun/ttlmap v0.0.0-20170619185759-c1c17f74874f
github.com/miekg/dns v1.1.47
@ -162,7 +166,7 @@ require (
github.com/go-redis/redis/v8 v8.11.5 // indirect
github.com/go-resty/resty/v2 v2.1.1-0.20191201195748-d7b97669fe48 // indirect
github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 // indirect
github.com/go-zookeeper/zk v1.0.2 // indirect
github.com/go-zookeeper/zk v1.0.3 // indirect
github.com/gofrs/flock v0.8.0 // indirect
github.com/gofrs/uuid v4.0.0+incompatible // indirect
github.com/gogo/googleapis v1.4.0 // indirect
@ -183,7 +187,7 @@ require (
github.com/gravitational/trace v1.1.16-0.20220114165159-14a9a7dd6aaf // indirect
github.com/grpc-ecosystem/go-grpc-middleware v1.2.0 // indirect
github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 // indirect
github.com/hashicorp/consul/sdk v0.8.0 // indirect
github.com/hashicorp/consul/sdk v0.10.0 // indirect
github.com/hashicorp/cronexpr v1.1.1 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
@ -195,10 +199,10 @@ require (
github.com/hashicorp/go-uuid v1.0.2 // indirect
github.com/hashicorp/golang-lru v0.5.4 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/hashicorp/memberlist v0.3.0 // indirect
github.com/hashicorp/memberlist v0.3.1 // indirect
github.com/hashicorp/raft v1.3.2 // indirect
github.com/hashicorp/raft-autopilot v0.1.5 // indirect
github.com/hashicorp/serf v0.9.6 // indirect
github.com/hashicorp/serf v0.9.7 // indirect
github.com/hashicorp/yamux v0.0.0-20210826001029-26ff87cf9493 // indirect
github.com/huandu/xstrings v1.3.1 // indirect
github.com/iij/doapi v0.0.0-20190504054126-0bbf12d6d7df // indirect

32
go.sum
View file

@ -737,8 +737,8 @@ github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg78
github.com/go-test/deep v1.0.2-0.20181118220953-042da051cf31/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
github.com/go-zookeeper/zk v1.0.2 h1:4mx0EYENAdX/B/rbunjlt5+4RTA/a9SMHBRuSKdGxPM=
github.com/go-zookeeper/zk v1.0.2/go.mod h1:nOB03cncLtlp4t+UAkGSV+9beXP/akpekBwL+UX1Qcw=
github.com/go-zookeeper/zk v1.0.3 h1:7M2kwOsc//9VeeFiPtf+uSJlVpU66x9Ba5+8XK7/TDg=
github.com/go-zookeeper/zk v1.0.3/go.mod h1:nOB03cncLtlp4t+UAkGSV+9beXP/akpekBwL+UX1Qcw=
github.com/gobs/pretty v0.0.0-20180724170744-09732c25a95b h1:/vQ+oYKu+JoyaMPDsv5FzwuL2wwWBgBbtj/YLCi4LuA=
github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0=
github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY=
@ -965,14 +965,15 @@ github.com/hashicorp/consul/api v1.0.0/go.mod h1:mbFwfRxOTDHZpT3iUsMAFcLNoVm6Xbe
github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q=
github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE=
github.com/hashicorp/consul/api v1.10.0/go.mod h1:sDjTOq0yUyv5G4h+BqSea7Fn6BU+XbolEz1952UB+mk=
github.com/hashicorp/consul/api v1.12.0 h1:k3y1FYv6nuKyNTqj6w9gXOx5r5CfLj/k/euUeBXj1OY=
github.com/hashicorp/consul/api v1.12.0/go.mod h1:6pVBMo0ebnYdt2S3H87XhekM/HHrUoTD2XXb/VrZVy0=
github.com/hashicorp/consul/api v1.14.0 h1:Y64GIJ8hYTu+tuGekwO4G4ardXoiCivX9wv1iP/kihk=
github.com/hashicorp/consul/api v1.14.0/go.mod h1:bcaw5CSZ7NE9qfOfKCI1xb7ZKjzu/MyvQkCLTfqLqxQ=
github.com/hashicorp/consul/internal v0.1.0/go.mod h1:zi9bMZYbiPHyAjgBWo7kCUcy5l2NrTdrkVupCc7Oo6c=
github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
github.com/hashicorp/consul/sdk v0.7.0/go.mod h1:fY08Y9z5SvJqevyZNy6WWPXiG3KwBPAvlcdx16zZ0fM=
github.com/hashicorp/consul/sdk v0.8.0 h1:OJtKBtEjboEZvG6AOUdh4Z1Zbyu0WcxQ0qatRrZHTVU=
github.com/hashicorp/consul/sdk v0.8.0/go.mod h1:GBvyrGALthsZObzUGsfgHZQDXjg4lOjagTIwIR1vPms=
github.com/hashicorp/consul/sdk v0.10.0 h1:rGLEh2AWK4K0KCMvqWAz2EYxQqgciIfMagWZ0nVe5MI=
github.com/hashicorp/consul/sdk v0.10.0/go.mod h1:yPkX5Q6CsxTFMjQQDJwzeNmUUF5NUGGbrDsv9wTb8cw=
github.com/hashicorp/cronexpr v1.1.1 h1:NJZDd87hGXjoZBdvyCF9mX4DCq5Wy7+A/w+A7q0wn6c=
github.com/hashicorp/cronexpr v1.1.1/go.mod h1:P4wA0KBl9C5q2hABiMO7cp6jcIg96CDh1Efb3g1PWA4=
github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
@ -1052,8 +1053,9 @@ github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2p
github.com/hashicorp/memberlist v0.1.6/go.mod h1:5VDNHjqFMgEcclnwmkCnC99IPwxBmIsxwY8qn+Nl0H4=
github.com/hashicorp/memberlist v0.2.2/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE=
github.com/hashicorp/memberlist v0.2.4/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE=
github.com/hashicorp/memberlist v0.3.0 h1:8+567mCcFDnS5ADl7lrpxPMWiFCElyUEeW0gtj34fMA=
github.com/hashicorp/memberlist v0.3.0/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE=
github.com/hashicorp/memberlist v0.3.1 h1:MXgUXLqva1QvpVEDQW1IQLG0wivQAtmFlHRQ+1vWZfM=
github.com/hashicorp/memberlist v0.3.1/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE=
github.com/hashicorp/net-rpc-msgpackrpc v0.0.0-20151116020338-a14192a58a69/go.mod h1:/z+jUGRBlwVpUZfjute9jWaF6/HuhjuFQuL1YXzVD1Q=
github.com/hashicorp/nomad/api v0.0.0-20220506174431-b5665129cd1f h1:jSBbBJcPca465gK6XfwdXRQnFCd63e0oJmqllZTsawI=
github.com/hashicorp/nomad/api v0.0.0-20220506174431-b5665129cd1f/go.mod h1:b/AoT79m3PEpb6tKCFKva/M+q1rKJNUk5mdu1S8DymM=
@ -1067,8 +1069,8 @@ github.com/hashicorp/raft-boltdb v0.0.0-20171010151810-6e5ba93211ea/go.mod h1:pN
github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc=
github.com/hashicorp/serf v0.8.6/go.mod h1:P/AVgr4UHsUYqVHG1y9eFhz8S35pqhGhLZaDpfGKIMo=
github.com/hashicorp/serf v0.9.5/go.mod h1:UWDWwZeL5cuWDJdl0C6wrvrUwEqtQ4ZKBKKENpqIUyk=
github.com/hashicorp/serf v0.9.6 h1:uuEX1kLR6aoda1TBttmJQKDLZE1Ob7KN0NPdE7EtCDc=
github.com/hashicorp/serf v0.9.6/go.mod h1:TXZNMjZQijwlDvp+r0b63xZ45H7JmCmgg4gpTwn9UV4=
github.com/hashicorp/serf v0.9.7 h1:hkdgbqizGQHuU5IPqYM1JdSMV8nKfpuOnZYXssk9muY=
github.com/hashicorp/serf v0.9.7/go.mod h1:TXZNMjZQijwlDvp+r0b63xZ45H7JmCmgg4gpTwn9UV4=
github.com/hashicorp/uuid v0.0.0-20160311170451-ebb0a03e909c/go.mod h1:fHzc09UnyJyqyW+bFuq864eh+wC7dj65aXmXLRe5to0=
github.com/hashicorp/vault/api v1.0.5-0.20200717191844-f687267c8086/go.mod h1:R3Umvhlxi2TN7Ex2hzOowyeNb+SfbVWI973N+ctaFMk=
github.com/hashicorp/vault/api v1.1.0/go.mod h1:R3Umvhlxi2TN7Ex2hzOowyeNb+SfbVWI973N+ctaFMk=
@ -1272,8 +1274,16 @@ github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/kvtools/valkeyrie v0.4.2-0.20220810161836-a9a70ee3f199 h1:SF+ZjtFyUPxkkCLYowtWzTeEMeziEKdW0Qhg9siq9b8=
github.com/kvtools/valkeyrie v0.4.2-0.20220810161836-a9a70ee3f199/go.mod h1:6gM2lOTGIFQxcIioo3/EEeOS0knFB8+AFKydVIN/nAU=
github.com/kvtools/consul v1.0.1 h1:RHwW0qTPL8Gwb+ueH6kpAIZ3fuNnSdAZaydfKjMIr/4=
github.com/kvtools/consul v1.0.1/go.mod h1:bFnzfGJ5ZIRRXCBGBmwhJlLdEWOlrjOcS1WjyAQzaJA=
github.com/kvtools/etcdv3 v1.0.1 h1:Ugr5ryI+FIeZQh0RCmtGFJptgSlbrVGjAnJWk9r//WI=
github.com/kvtools/etcdv3 v1.0.1/go.mod h1:Xr6DbwqjuCEcXAIWmXxw0DX+N5BhuvablXgN90XeqMM=
github.com/kvtools/redis v1.0.1 h1:vtLE3D3xfMbXfenRGuclDU8pe64OiqcBMmKm2RY4Wuo=
github.com/kvtools/redis v1.0.1/go.mod h1:wuUNwwKOHi2TYxDxj1sGF74Jdg0jywydnatXtnOR3hA=
github.com/kvtools/valkeyrie v1.0.0 h1:LAITop2wPoYCMitR24GZZsW0b57hmI+ePD18VRTtOf0=
github.com/kvtools/valkeyrie v1.0.0/go.mod h1:bDi/OdhJCSbGPMsCgUQl881yuEweKCSItAtTBI+ZjpU=
github.com/kvtools/zookeeper v1.0.1 h1:CBKNOuesj4CgW5PisK2jVx1+XP+T51bVgYHrZPQL5OM=
github.com/kvtools/zookeeper v1.0.1/go.mod h1:6TfxUwJ7IuBk5srgnoe528W0ftanNECHgOiShx/t0Aw=
github.com/kylelemons/go-gypsy v0.0.0-20160905020020-08cad365cd28/go.mod h1:T/T7jsxVqf9k/zYOqbgNAsANsjxTd1Yq3htjDhQ1H0c=
github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k=
github.com/labbsr0x/bindman-dns-webhook v1.0.2 h1:I7ITbmQPAVwrDdhd6dHKi+MYJTJqPCK0jE6YNBAevnk=
@ -2237,6 +2247,7 @@ golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qx
golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211020060615-d418f374d309/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e h1:TsQ7F31D3bUCLeqPT0u+yjp1guoArKaNKmCr22PYgTQ=
@ -2400,6 +2411,7 @@ golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e h1:CsOuNlbOuf0mzxJIefr6Q4uAUetRUwZE4qt7VfzP+xo=
golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=

7
integration/consul_test.go
View file

@ -12,9 +12,9 @@ import (
"time"
"github.com/go-check/check"
"github.com/kvtools/consul"
"github.com/kvtools/valkeyrie"
"github.com/kvtools/valkeyrie/store"
"github.com/kvtools/valkeyrie/store/consul"
"github.com/pmezard/go-difflib/difflib"
"github.com/traefik/traefik/v2/integration/try"
"github.com/traefik/traefik/v2/pkg/api"
@ -35,12 +35,11 @@ func (s *ConsulSuite) setupStore(c *check.C) {
consulAddr := net.JoinHostPort(s.getComposeServiceIP(c, "consul"), "8500")
s.consulURL = fmt.Sprintf("http://%s", consulAddr)
consul.Register()
kv, err := valkeyrie.NewStore(
context.Background(),
store.CONSUL,
consul.StoreName,
[]string{consulAddr},
&store.Config{
&consul.Config{
ConnectionTimeout: 10 * time.Second,
},
)

8
integration/etcd_test.go
View file

@ -11,9 +11,9 @@ import (
"time"
"github.com/go-check/check"
"github.com/kvtools/etcdv3"
"github.com/kvtools/valkeyrie"
"github.com/kvtools/valkeyrie/store"
etcdv3 "github.com/kvtools/valkeyrie/store/etcd/v3"
"github.com/pmezard/go-difflib/difflib"
"github.com/traefik/traefik/v2/integration/try"
"github.com/traefik/traefik/v2/pkg/api"
@ -31,15 +31,13 @@ func (s *EtcdSuite) SetUpSuite(c *check.C) {
s.createComposeProject(c, "etcd")
s.composeUp(c)
etcdv3.Register()
var err error
s.etcdAddr = net.JoinHostPort(s.getComposeServiceIP(c, "etcd"), "2379")
s.kvClient, err = valkeyrie.NewStore(
context.Background(),
store.ETCDV3,
etcdv3.StoreName,
[]string{s.etcdAddr},
&store.Config{
&etcdv3.Config{
ConnectionTimeout: 10 * time.Second,
},
)

10
integration/redis_test.go
View file

@ -11,9 +11,9 @@ import (
"time"
"github.com/go-check/check"
"github.com/kvtools/redis"
"github.com/kvtools/valkeyrie"
"github.com/kvtools/valkeyrie/store"
"github.com/kvtools/valkeyrie/store/redis"
"github.com/pmezard/go-difflib/difflib"
"github.com/traefik/traefik/v2/integration/try"
"github.com/traefik/traefik/v2/pkg/api"
@ -32,14 +32,12 @@ func (s *RedisSuite) setupStore(c *check.C) {
s.composeUp(c)
s.redisAddr = net.JoinHostPort(s.getComposeServiceIP(c, "redis"), "6379")
redis.Register()
kv, err := valkeyrie.NewStore(
context.Background(),
store.REDIS,
redis.StoreName,
[]string{s.redisAddr},
&store.Config{
ConnectionTimeout: 10 * time.Second,
},
&redis.Config{},
)
if err != nil {
c.Fatal("Cannot create store redis")

8
integration/zk_test.go
View file

@ -13,7 +13,7 @@ import (
"github.com/go-check/check"
"github.com/kvtools/valkeyrie"
"github.com/kvtools/valkeyrie/store"
"github.com/kvtools/valkeyrie/store/zookeeper"
"github.com/kvtools/zookeeper"
"github.com/pmezard/go-difflib/difflib"
"github.com/traefik/traefik/v2/integration/try"
"github.com/traefik/traefik/v2/pkg/api"
@ -31,16 +31,14 @@ func (s *ZookeeperSuite) setupStore(c *check.C) {
s.createComposeProject(c, "zookeeper")
s.composeUp(c)
zookeeper.Register()
s.zookeeperAddr = net.JoinHostPort(s.getComposeServiceIP(c, "zookeeper"), "2181")
var err error
s.kvClient, err = valkeyrie.NewStore(
context.Background(),
store.ZK,
zookeeper.StoreName,
[]string{s.zookeeperAddr},
&store.Config{
&zookeeper.Config{
ConnectionTimeout: 10 * time.Second,
},
)

31
pkg/provider/kv/consul/consul.go
View file

@ -1,12 +1,16 @@
package consul
import (
"context"
"errors"
"fmt"
"time"
"github.com/kvtools/valkeyrie/store"
"github.com/kvtools/consul"
"github.com/traefik/traefik/v2/pkg/log"
"github.com/traefik/traefik/v2/pkg/provider"
"github.com/traefik/traefik/v2/pkg/provider/kv"
"github.com/traefik/traefik/v2/pkg/types"
)
// providerName is the Consul provider name.
@ -18,6 +22,9 @@ var _ provider.Provider = (*Provider)(nil)
type ProviderBuilder struct {
kv.Provider `yaml:",inline" export:"true"`
Token string `description:"Per-request ACL token." json:"token,omitempty" toml:"token,omitempty" yaml:"token,omitempty" loggable:"false"`
TLS *types.ClientTLS `description:"Enable TLS support." json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true"`
// Deprecated: use Namespaces instead.
Namespace string `description:"Sets the namespace used to discover the configuration (Consul Enterprise only)." json:"namespace,omitempty" toml:"namespace,omitempty" yaml:"namespace,omitempty"`
Namespaces []string `description:"Sets the namespaces used to discover the configuration (Consul Enterprise only)." json:"namespaces,omitempty" toml:"namespaces,omitempty" yaml:"namespaces,omitempty"`
@ -43,6 +50,8 @@ func (p *ProviderBuilder) BuildProviders() []*Provider {
name: providerName,
// p.Namespace could very well be empty.
namespace: p.Namespace,
token: p.Token,
tls: p.TLS,
}}
}
@ -52,6 +61,8 @@ func (p *ProviderBuilder) BuildProviders() []*Provider {
Provider: p.Provider,
name: providerName + "-" + namespace,
namespace: namespace,
token: p.Token,
tls: p.TLS,
})
}
@ -64,6 +75,8 @@ type Provider struct {
name string
namespace string
token string
tls *types.ClientTLS
}
// Init the provider.
@ -79,5 +92,19 @@ func (p *Provider) Init() error {
p.name = providerName
}
return p.Provider.Init(store.CONSUL, p.name, p.namespace)
config := &consul.Config{
ConnectionTimeout: 3 * time.Second,
Token: p.token,
Namespace: p.namespace,
}
if p.tls != nil {
var err error
config.TLS, err = p.tls.CreateTLSConfig(context.Background())
if err != nil {
return fmt.Errorf("unable to create client TLS configuration: %w", err)
}
}
return p.Provider.Init(consul.StoreName, p.name, config)
}

29
pkg/provider/kv/etcd/etcd.go
View file

@ -1,16 +1,25 @@
package etcd
import (
"github.com/kvtools/valkeyrie/store"
"context"
"fmt"
"time"
"github.com/kvtools/etcdv3"
"github.com/traefik/traefik/v2/pkg/provider"
"github.com/traefik/traefik/v2/pkg/provider/kv"
"github.com/traefik/traefik/v2/pkg/types"
)
var _ provider.Provider = (*Provider)(nil)
// Provider holds configurations of the provider.
type Provider struct {
kv.Provider `export:"true"`
kv.Provider `yaml:",inline" export:"true"`
TLS *types.ClientTLS `description:"Enable TLS support." json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true"`
Username string `description:"Username for authentication." json:"username,omitempty" toml:"username,omitempty" yaml:"username,omitempty" loggable:"false"`
Password string `description:"Password for authentication." json:"password,omitempty" toml:"password,omitempty" yaml:"password,omitempty" loggable:"false"`
}
// SetDefaults sets the default values.
@ -21,5 +30,19 @@ func (p *Provider) SetDefaults() {
// Init the provider.
func (p *Provider) Init() error {
return p.Provider.Init(store.ETCDV3, "etcd", "")
config := &etcdv3.Config{
ConnectionTimeout: 3 * time.Second,
Username: p.Username,
Password: p.Password,
}
if p.TLS != nil {
var err error
config.TLS, err = p.TLS.CreateTLSConfig(context.Background())
if err != nil {
return fmt.Errorf("unable to create client TLS configuration: %w", err)
}
}
return p.Provider.Init(etcdv3.StoreName, "etcd", config)
}

57
pkg/provider/kv/kv.go
View file

@ -10,32 +10,21 @@ import (
"github.com/cenkalti/backoff/v4"
"github.com/kvtools/valkeyrie"
"github.com/kvtools/valkeyrie/store"
"github.com/kvtools/valkeyrie/store/consul"
etcdv3 "github.com/kvtools/valkeyrie/store/etcd/v3"
"github.com/kvtools/valkeyrie/store/redis"
"github.com/kvtools/valkeyrie/store/zookeeper"
"github.com/traefik/traefik/v2/pkg/config/dynamic"
"github.com/traefik/traefik/v2/pkg/config/kv"
"github.com/traefik/traefik/v2/pkg/job"
"github.com/traefik/traefik/v2/pkg/log"
"github.com/traefik/traefik/v2/pkg/safe"
"github.com/traefik/traefik/v2/pkg/types"
)
// Provider holds configurations of the provider.
type Provider struct {
RootKey string `description:"Root key used for KV store" json:"rootKey,omitempty" toml:"rootKey,omitempty" yaml:"rootKey,omitempty"`
RootKey string `description:"Root key used for KV store." json:"rootKey,omitempty" toml:"rootKey,omitempty" yaml:"rootKey,omitempty"`
Endpoints []string `description:"KV store endpoints" json:"endpoints,omitempty" toml:"endpoints,omitempty" yaml:"endpoints,omitempty"`
Username string `description:"KV Username" json:"username,omitempty" toml:"username,omitempty" yaml:"username,omitempty" loggable:"false"`
Password string `description:"KV Password" json:"password,omitempty" toml:"password,omitempty" yaml:"password,omitempty" loggable:"false"`
Token string `description:"KV Token" json:"token,omitempty" toml:"token,omitempty" yaml:"token,omitempty" loggable:"false"`
TLS *types.ClientTLS `description:"Enable TLS support" json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true" `
Endpoints []string `description:"KV store endpoints." json:"endpoints,omitempty" toml:"endpoints,omitempty" yaml:"endpoints,omitempty"`
name string
namespace string
storeType store.Backend
kvClient store.Store
name string
kvClient store.Store
}
// SetDefaults sets the default values.
@ -44,14 +33,12 @@ func (p *Provider) SetDefaults() {
}
// Init the provider.
func (p *Provider) Init(storeType store.Backend, name, namespace string) error {
func (p *Provider) Init(storeType, name string, config valkeyrie.Config) error {
ctx := log.With(context.Background(), log.Str(log.ProviderName, name))
p.name = name
p.namespace = namespace
p.storeType = storeType
kvClient, err := p.createKVClient(ctx)
kvClient, err := p.createKVClient(ctx, storeType, config)
if err != nil {
return fmt.Errorf("failed to Connect to KV store: %w", err)
}
@ -161,36 +148,8 @@ func (p *Provider) buildConfiguration(ctx context.Context) (*dynamic.Configurati
return cfg, nil
}
func (p *Provider) createKVClient(ctx context.Context) (store.Store, error) {
storeConfig := &store.Config{
ConnectionTimeout: 3 * time.Second,
Bucket: "traefik",
Username: p.Username,
Password: p.Password,
Token: p.Token,
Namespace: p.namespace,
}
if p.TLS != nil {
var err error
storeConfig.TLS, err = p.TLS.CreateTLSConfig(ctx)
if err != nil {
return nil, fmt.Errorf("unable to create client TLS configuration: %w", err)
}
}
switch p.storeType {
case store.CONSUL:
consul.Register()
case store.ETCDV3:
etcdv3.Register()
case store.ZK:
zookeeper.Register()
case store.REDIS:
redis.Register()
}
kvStore, err := valkeyrie.NewStore(ctx, p.storeType, p.Endpoints, storeConfig)
func (p *Provider) createKVClient(ctx context.Context, storeType string, config valkeyrie.Config) (store.Store, error) {
kvStore, err := valkeyrie.NewStore(ctx, storeType, p.Endpoints, config)
if err != nil {
return nil, err
}

29
pkg/provider/kv/redis/redis.go
View file

@ -1,16 +1,25 @@
package redis
import (
"github.com/kvtools/valkeyrie/store"
"context"
"fmt"
"github.com/kvtools/redis"
"github.com/traefik/traefik/v2/pkg/provider"
"github.com/traefik/traefik/v2/pkg/provider/kv"
"github.com/traefik/traefik/v2/pkg/types"
)
var _ provider.Provider = (*Provider)(nil)
// Provider holds configurations of the provider.
type Provider struct {
kv.Provider `export:"true"`
kv.Provider `yaml:",inline" export:"true"`
TLS *types.ClientTLS `description:"Enable TLS support." json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true"`
Username string `description:"Username for authentication." json:"username,omitempty" toml:"username,omitempty" yaml:"username,omitempty" loggable:"false"`
Password string `description:"Password for authentication." json:"password,omitempty" toml:"password,omitempty" yaml:"password,omitempty" loggable:"false"`
DB int `description:"Database to be selected after connecting to the server." json:"db,omitempty" toml:"db,omitempty" yaml:"db,omitempty"`
}
// SetDefaults sets the default values.
@ -21,5 +30,19 @@ func (p *Provider) SetDefaults() {
// Init the provider.
func (p *Provider) Init() error {
return p.Provider.Init(store.REDIS, "redis", "")
config := redis.Config{
Username: p.Username,
Password: p.Password,
DB: p.DB,
}
if p.TLS != nil {
var err error
config.TLS, err = p.TLS.CreateTLSConfig(context.Background())
if err != nil {
return fmt.Errorf("unable to create client TLS configuration: %w", err)
}
}
return p.Provider.Init(redis.StoreName, "redis", config)
}

17
pkg/provider/kv/zk/zk.go
View file

@ -1,7 +1,9 @@
package zk
import (
"github.com/kvtools/valkeyrie/store"
"time"
"github.com/kvtools/zookeeper"
"github.com/traefik/traefik/v2/pkg/provider"
"github.com/traefik/traefik/v2/pkg/provider/kv"
)
@ -10,7 +12,10 @@ var _ provider.Provider = (*Provider)(nil)
// Provider holds configurations of the provider.
type Provider struct {
kv.Provider `export:"true"`
kv.Provider `yaml:",inline" export:"true"`
Username string `description:"Username for authentication." json:"username,omitempty" toml:"username,omitempty" yaml:"username,omitempty" loggable:"false"`
Password string `description:"Password for authentication." json:"password,omitempty" toml:"password,omitempty" yaml:"password,omitempty" loggable:"false"`
}
// SetDefaults sets the default values.
@ -21,5 +26,11 @@ func (p *Provider) SetDefaults() {
// Init the provider.
func (p *Provider) Init() error {
return p.Provider.Init(store.ZK, "zookeeper", "")
config := &zookeeper.Config{
ConnectionTimeout: 3 * time.Second,
Username: p.Username,
Password: p.Password,
}
return p.Provider.Init(zookeeper.StoreName, "zookeeper", config)
}

64
pkg/redactor/redactor_config_test.go
View file

@ -730,15 +730,14 @@ func TestDo_staticConfiguration(t *testing.T) {
Provider: kv.Provider{
RootKey: "RootKey",
Endpoints: nil,
Username: "username",
Password: "password",
TLS: &types.ClientTLS{
CA: "myCa",
CAOptional: true,
Cert: "mycert.pem",
Key: "mycert.key",
InsecureSkipVerify: true,
},
},
Token: "secret",
TLS: &types.ClientTLS{
CA: "myCa",
CAOptional: true,
Cert: "mycert.pem",
Key: "mycert.key",
InsecureSkipVerify: true,
},
Namespace: "ns",
Namespaces: []string{"ns1", "ns2"},
@ -748,15 +747,15 @@ func TestDo_staticConfiguration(t *testing.T) {
Provider: kv.Provider{
RootKey: "RootKey",
Endpoints: nil,
Username: "username",
Password: "password",
TLS: &types.ClientTLS{
CA: "myCa",
CAOptional: true,
Cert: "mycert.pem",
Key: "mycert.key",
InsecureSkipVerify: true,
},
},
Username: "username",
Password: "password",
TLS: &types.ClientTLS{
CA: "myCa",
CAOptional: true,
Cert: "mycert.pem",
Key: "mycert.key",
InsecureSkipVerify: true,
},
}
@ -764,31 +763,24 @@ func TestDo_staticConfiguration(t *testing.T) {
Provider: kv.Provider{
RootKey: "RootKey",
Endpoints: nil,
Username: "username",
Password: "password",
TLS: &types.ClientTLS{
CA: "myCa",
CAOptional: true,
Cert: "mycert.pem",
Key: "mycert.key",
InsecureSkipVerify: true,
},
},
Username: "username",
Password: "password",
}
config.Providers.Redis = &redis.Provider{
Provider: kv.Provider{
RootKey: "RootKey",
Endpoints: nil,
Username: "username",
Password: "password",
TLS: &types.ClientTLS{
CA: "myCa",
CAOptional: true,
Cert: "mycert.pem",
Key: "mycert.key",
InsecureSkipVerify: true,
},
},
Username: "username",
Password: "password",
TLS: &types.ClientTLS{
CA: "myCa",
CAOptional: true,
Cert: "mycert.pem",
Key: "mycert.key",
InsecureSkipVerify: true,
},
}

26
pkg/redactor/testdata/anonymized-static-config.json vendored
View file

@ -229,8 +229,7 @@
},
"consul": {
"rootKey": "xxxx",
"username": "xxxx",
"password": "xxxx",
"token": "xxxx",
"tls": {
"ca": "xxxx",
"caOptional": true,
@ -246,39 +245,32 @@
},
"etcd": {
"rootKey": "xxxx",
"username": "xxxx",
"password": "xxxx",
"tls": {
"ca": "xxxx",
"caOptional": true,
"cert": "xxxx",
"key": "xxxx",
"insecureSkipVerify": true
}
},
"username": "xxxx",
"password": "xxxx"
},
"zooKeeper": {
"rootKey": "xxxx",
"username": "xxxx",
"password": "xxxx",
"tls": {
"ca": "xxxx",
"caOptional": true,
"cert": "xxxx",
"key": "xxxx",
"insecureSkipVerify": true
}
"password": "xxxx"
},
"redis": {
"rootKey": "xxxx",
"username": "xxxx",
"password": "xxxx",
"tls": {
"ca": "xxxx",
"caOptional": true,
"cert": "xxxx",
"key": "xxxx",
"insecureSkipVerify": true
}
},
"username": "xxxx",
"password": "xxxx"
},
"http": {
"endpoint": "xxxx",
@ -476,4 +468,4 @@
}
}
}
}
}

24
pkg/types/tls.go
View file

@ -25,29 +25,29 @@ type ClientTLS struct {
}
// CreateTLSConfig creates a TLS config from ClientTLS structures.
func (clientTLS *ClientTLS) CreateTLSConfig(ctx context.Context) (*tls.Config, error) {
if clientTLS == nil {
func (c *ClientTLS) CreateTLSConfig(ctx context.Context) (*tls.Config, error) {
if c == nil {
log.FromContext(ctx).Warnf("clientTLS is nil")
return nil, nil
}
if clientTLS.CAOptional {
if c.CAOptional {
log.FromContext(ctx).Warn("CAOptional is deprecated, TLS client authentication is a server side option.")
}
// Not initialized, to rely on system bundle.
var caPool *x509.CertPool
if clientTLS.CA != "" {
if c.CA != "" {
var ca []byte
if _, errCA := os.Stat(clientTLS.CA); errCA == nil {
if _, errCA := os.Stat(c.CA); errCA == nil {
var err error
ca, err = os.ReadFile(clientTLS.CA)
ca, err = os.ReadFile(c.CA)
if err != nil {
return nil, fmt.Errorf("failed to read CA. %w", err)
}
} else {
ca = []byte(clientTLS.CA)
ca = []byte(c.CA)
}
caPool = x509.NewCertPool()
@ -56,8 +56,8 @@ func (clientTLS *ClientTLS) CreateTLSConfig(ctx context.Context) (*tls.Config, e
}
}
hasCert := len(clientTLS.Cert) > 0
hasKey := len(clientTLS.Key) > 0
hasCert := len(c.Cert) > 0
hasKey := len(c.Key) > 0
if hasCert != hasKey {
return nil, errors.New("both TLS cert and key must be defined")
@ -66,11 +66,11 @@ func (clientTLS *ClientTLS) CreateTLSConfig(ctx context.Context) (*tls.Config, e
if !hasCert || !hasKey {
return &tls.Config{
RootCAs: caPool,
InsecureSkipVerify: clientTLS.InsecureSkipVerify,
InsecureSkipVerify: c.InsecureSkipVerify,
}, nil
}
cert, err := loadKeyPair(clientTLS.Cert, clientTLS.Key)
cert, err := loadKeyPair(c.Cert, c.Key)
if err != nil {
return nil, err
}
@ -78,7 +78,7 @@ func (clientTLS *ClientTLS) CreateTLSConfig(ctx context.Context) (*tls.Config, e
return &tls.Config{
Certificates: []tls.Certificate{cert},
RootCAs: caPool,
InsecureSkipVerify: clientTLS.InsecureSkipVerify,
InsecureSkipVerify: c.InsecureSkipVerify,
}, nil
}