-
Notifications
You must be signed in to change notification settings - Fork 507
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add validation for tls private key and cert file values #771
Conversation
7a412d0
to
2ff24ca
Compare
Codecov Report
@@ Coverage Diff @@
## master #771 +/- ##
==========================================
+ Coverage 73.78% 74.75% +0.96%
==========================================
Files 110 111 +1
Lines 3285 3324 +39
==========================================
+ Hits 2424 2485 +61
+ Misses 677 654 -23
- Partials 184 185 +1
|
pkg/http-server/start.go
Outdated
@@ -100,3 +116,27 @@ func (g *APIServer) start(routes []*Route, port, certFile, privateKeyFile string | |||
} | |||
logger.Info("server exiting gracefully") | |||
} | |||
|
|||
func validateFiles(privateKeyFile, certFile string) error { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we should add unit tests for the new functions added
pkg/http-server/start.go
Outdated
|
||
if privateKeyFile != "" || certFile != "" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we should add e2e server tests for this case
pkg/http-server/start.go
Outdated
e2 := validateFileName(certFile) | ||
|
||
if e1 != nil && e2 != nil { | ||
return errors.Errorf("error with --key-path filename: %s, error with --cert-path flag value: %s", e1.Error(), e2.Error()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is the go-errors
required?
we could have wrapped errors with %w
pkg/http-server/start.go
Outdated
if privateKeyFile != "" || certFile != "" { | ||
logger.Debugf("certfile is %s, privateKeyFile is %s", certFile, privateKeyFile) | ||
|
||
if err := validateFiles(privateKeyFile, certFile); err != nil { | ||
logger.Fatal(err) | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good change!
This piece of code can be moved into it's own function, this function can have more server related validations in the future.
Also, we can associate the newly created function with APIServer{}
, since these are API server validations.
pkg/http-server/helpers_test.go
Outdated
@@ -0,0 +1,58 @@ | |||
package httpserver |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Kindly add headers to all the newly added files!
pkg/utils/file.go
Outdated
"strings" | ||
) | ||
|
||
func ValidateFileName(file string) error { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I feel, we can get rid of this method!
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
fixes #769