diff options
author | John Cai <jcai@gitlab.com> | 2023-08-27 03:29:57 +0300 |
---|---|---|
committer | John Cai <jcai@gitlab.com> | 2023-08-29 00:42:17 +0300 |
commit | fe082d3e2a0ccd10c8734e61d0254b153b36432f (patch) | |
tree | a502fa2a9d57e31209f6eee7c2e0e7101060cec4 | |
parent | 9f2f30a0958bdba9fd09c194a65051c5ce7aeb01 (diff) |
gitlab: Modify http client to have a cert passed in directly
Now that the TLS config knows how to retrieve a certificate, let's just
pass this in directly instead of having the http client do that work.
-rw-r--r-- | internal/gitlab/client/httpclient.go | 13 | ||||
-rw-r--r-- | internal/gitlab/http_client.go | 4 | ||||
-rw-r--r-- | internal/praefect/server_factory.go | 2 |
3 files changed, 8 insertions, 11 deletions
diff --git a/internal/gitlab/client/httpclient.go b/internal/gitlab/client/httpclient.go index dfa01e544..bd37de947 100644 --- a/internal/gitlab/client/httpclient.go +++ b/internal/gitlab/client/httpclient.go @@ -35,19 +35,16 @@ type HTTPClient struct { } type httpClientCfg struct { - keyPath, certPath string - caFile, caPath string - cert tls.Certificate + caFile, caPath string + cert *tls.Certificate } -func (hcc httpClientCfg) HaveCertAndKey() bool { return hcc.keyPath != "" && hcc.certPath != "" } - // HTTPClientOpt provides options for configuring an HttpClient type HTTPClientOpt func(*httpClientCfg) // WithClientCert will configure the HttpClient to provide client certificates // when connecting to a server. -func WithClientCert(cert tls.Certificate) HTTPClientOpt { +func WithClientCert(cert *tls.Certificate) HTTPClientOpt { return func(hcc *httpClientCfg) { hcc.cert = cert } @@ -155,8 +152,8 @@ func buildHTTPSTransport(hcc httpClientCfg, gitlabURL string) (*http.Transport, MinVersion: tls.VersionTLS12, } - if hcc.cert.Certificate != nil { - tlsConfig.Certificates = []tls.Certificate{hcc.cert} + if hcc.cert != nil { + tlsConfig.Certificates = []tls.Certificate{*hcc.cert} } transport := &http.Transport{ diff --git a/internal/gitlab/http_client.go b/internal/gitlab/http_client.go index de91ab26a..6a1fbf642 100644 --- a/internal/gitlab/http_client.go +++ b/internal/gitlab/http_client.go @@ -45,11 +45,11 @@ func NewHTTPClient( var opts []client.HTTPClientOpt if tlsCfg.CertPath != "" && tlsCfg.KeyPath != "" || tlsCfg.Key != "" { - cert, err := tlsCfg.GetCert() + cert, err := tlsCfg.Certificate() if err != nil { return nil, fmt.Errorf("getting certificate: %w", err) } - opts = append(opts, client.WithClientCert(cert)) + opts = append(opts, client.WithClientCert(&cert)) } httpClient, err := client.NewHTTPClientWithOpts( diff --git a/internal/praefect/server_factory.go b/internal/praefect/server_factory.go index f358da178..eae1271dd 100644 --- a/internal/praefect/server_factory.go +++ b/internal/praefect/server_factory.go @@ -72,7 +72,7 @@ func (s *ServerFactory) Create(secure bool) (*grpc.Server, error) { return s.insecure[len(s.insecure)-1], nil } - cert, err := s.deps.Config.TLS.GetCert() + cert, err := s.deps.Config.TLS.Certificate() if err != nil { return nil, fmt.Errorf("load certificate key pair: %w", err) } |