Skip to content

Commit

Permalink
remove tlsPath
Browse files Browse the repository at this point in the history
  • Loading branch information
vgonkivs committed Nov 25, 2024
1 parent 8db528f commit 3ce38b2
Show file tree
Hide file tree
Showing 4 changed files with 3 additions and 57 deletions.
6 changes: 1 addition & 5 deletions nodebuilder/core/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,12 +20,8 @@ type Config struct {
RPCPort string
GRPCPort string
// TLSEnabled specifies whether the connection is secure or not.
// PLEASE NOTE: it should be set to true in order to handle TLSPath and/or XTokenPath.
// PLEASE NOTE: it should be set to true in order to handle XTokenPath.
TLSEnabled bool
// TLSPath specifies the directory path where the TLS certificates are stored.
// It should not include file names('cert.pem' and 'key.pem').
// If left empty, the client will be configured for an insecure (non-TLS) connection.
TLSPath string
// XTokenPath specifies the path to the directory with JSON file containing the X-Token for gRPC authentication.
// The JSON file should have a key-value pair where the key is "x-token" and the value is the authentication token.
// If left empty, the client will not include the X-Token in its requests.
Expand Down
15 changes: 0 additions & 15 deletions nodebuilder/core/flags.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ var (
coreRPCFlag = "core.rpc.port"
coreGRPCFlag = "core.grpc.port"
coreTLS = "core.tls"
coreTLSPathFlag = "core.tls.path"
coreXTokenPathFlag = "core.xtoken.path" //nolint:gosec
)

Expand Down Expand Up @@ -42,15 +41,6 @@ func Flags() *flag.FlagSet {
false,
"Specifies whether TLS is enabled or not. Default: false",
)
flags.String(
coreTLSPathFlag,
"",
"specifies the directory path where the TLS certificates are stored. "+
"It should not include file names ('cert.pem' and 'key.pem'). "+
"NOTE: the path is parsed only if coreTLS enabled."+
"If left empty, with disabled coreTLS, the client will be configured for "+
"an insecure (non-TLS) connection",
)
flags.String(
coreXTokenPathFlag,
"",
Expand Down Expand Up @@ -92,11 +82,6 @@ func ParseFlags(

if enabled {
cfg.TLSEnabled = true
if cmd.Flag(coreTLSPathFlag).Changed {
path := cmd.Flag(coreTLSPathFlag).Value.String()
cfg.TLSPath = path
}

if cmd.Flag(coreXTokenPathFlag).Changed {
path := cmd.Flag(coreXTokenPathFlag).Value.String()
cfg.XTokenPath = path
Expand Down
27 changes: 0 additions & 27 deletions nodebuilder/core/tls.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,33 +20,6 @@ func EmptyTLSConfig() *tls.Config {
return &tls.Config{MinVersion: tls.VersionTLS12}
}

// TLS creates a TLS configuration using the certificate and key files from the specified path.
// It constructs the full paths to the certificate and key files by joining the provided directory path
// with their respective file names.
// If either file is missing, it returns an os.ErrNotExist error.
// If the files exist, it loads the X.509 key pair from the specified files and sets up a tls.Config.
// Parameters:
// * tlsPath: The directory path where the TLS certificate ("cert.pem") and key ("key.pem") files are located.
// Returns:
// * A tls.Config structure configured with the provided certificate and key.
// * An error if the certificate or key file does not exist, or if loading the key pair fails.
func TLS(tlsPath string) (*tls.Config, error) {
certPath := filepath.Join(tlsPath, cert)
keyPath := filepath.Join(tlsPath, key)
exist := utils.Exists(certPath) && utils.Exists(keyPath)
if !exist {
return nil, os.ErrNotExist
}

cfg := EmptyTLSConfig()
cert, err := tls.LoadX509KeyPair(certPath, keyPath)
if err != nil {
return nil, err
}
cfg.Certificates = append(cfg.Certificates, cert)
return cfg, nil
}

type AuthToken struct {
Token string `json:"x-token"`
}
Expand Down
12 changes: 2 additions & 10 deletions nodebuilder/state/core.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,16 +34,8 @@ func coreAccessor(
error,
) {
if corecfg.TLSEnabled {
tlsCfg, err := core.TLS(corecfg.TLSPath)
switch {
case err == nil:
case errors.Is(err, os.ErrNotExist):
// set an empty config if path is empty under `TLSEnabled=true`
tlsCfg = core.EmptyTLSConfig()
default:
return nil, nil, nil, err
}

// set an empty config if path is empty under `TLSEnabled=true`
tlsCfg := core.EmptyTLSConfig()
xtoken, err := core.XToken(corecfg.XTokenPath)
if err != nil && !errors.Is(err, os.ErrNotExist) {
return nil, nil, nil, err
Expand Down

0 comments on commit 3ce38b2

Please sign in to comment.