From a7a0045cdef13bcbb4d5bcc0fca1d9fcbbf29d04 Mon Sep 17 00:00:00 2001 From: Christopher van de Sande Date: Wed, 18 Sep 2024 23:34:49 +0100 Subject: [PATCH] Update test data --- internal/config/config.go | 37 +++++++++++++++-------- internal/config/config_test.go | 13 ++++---- internal/config/testdata/nginx-agent.conf | 7 +++-- pkg/tls/self_signed_cert.go | 4 +-- pkg/tls/self_signed_cert_test.go | 2 +- 5 files changed, 39 insertions(+), 24 deletions(-) diff --git a/internal/config/config.go b/internal/config/config.go index 86f5df9d38..88624b1644 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -407,29 +407,42 @@ func resolveCollector(allowedDirs []string) (*Collector, error) { // generate self-signed certificate for OTEL receiver // nolint: revive func handleSelfSignedCertificates(col *Collector) error { - sanNames := []string{"127.0.0.1", "::1", "localhost"} - if col.Receivers.OtlpReceivers != nil { for _, receiver := range col.Receivers.OtlpReceivers { if receiver.OtlpTLSConfig != nil && receiver.OtlpTLSConfig.GenerateSelfSignedCert { - if !slices.Contains(sanNames, receiver.Server.Host) { - sanNames = append(sanNames, receiver.Server.Host) + err := processOtlpReceivers(receiver.OtlpTLSConfig) + if err != nil { + return fmt.Errorf("failed to generate self-signed certificate: %w", err) } - - // Update viper's TLS paths with defaults - receiver.OtlpTLSConfig.Ca = DefCollectorTLSCAPath - receiver.OtlpTLSConfig.Cert = DefCollectorTLSCertPath - receiver.OtlpTLSConfig.Key = DefCollectorTLSKeyPath } } } + return nil +} + +func processOtlpReceivers(tlsConfig *OtlpTLSConfig) error { + sanNames := []string{"127.0.0.1", "::1", "localhost"} + + if tlsConfig.Ca == "" { + tlsConfig.Ca = DefCollectorTLSCAPath + } + if tlsConfig.Cert == "" { + tlsConfig.Cert = DefCollectorTLSCertPath + } + if tlsConfig.Key == "" { + tlsConfig.Key = DefCollectorTLSKeyPath + } + + if !slices.Contains(sanNames, tlsConfig.ServerName) { + sanNames = append(sanNames, tlsConfig.ServerName) + } if len(sanNames) > 0 { err := selfsignedcerts.GenerateServerCert( sanNames, - DefCollectorTLSCAPath, - DefCollectorTLSCertPath, - DefCollectorTLSKeyPath, + tlsConfig.Ca, + tlsConfig.Cert, + tlsConfig.Key, ) if err != nil { return fmt.Errorf("failed to generate self-signed certificate: %w", err) diff --git a/internal/config/config_test.go b/internal/config/config_test.go index ff067fea54..3daec1c292 100644 --- a/internal/config/config_test.go +++ b/internal/config/config_test.go @@ -367,18 +367,19 @@ func getAgentConfig() *Config { { Server: &ServerConfig{ Host: "localhost", - Port: 4321, + Port: 4317, Type: 0, }, Auth: &AuthConfig{ Token: "even-secreter-token", }, OtlpTLSConfig: &OtlpTLSConfig{ - Cert: "/path/to/server-cert.pem", - Key: "/path/to/server-cert.pem", - Ca: "/path/to/server-cert.pem", - SkipVerify: true, - ServerName: "local-dataa-plane-server", + GenerateSelfSignedCert: false, + Cert: "/path/to/server-cert.pem", + Key: "/path/to/server-cert.pem", + Ca: "/path/to/server-cert.pem", + SkipVerify: true, + ServerName: "local-data-plane-server", }, }, }, diff --git a/internal/config/testdata/nginx-agent.conf b/internal/config/testdata/nginx-agent.conf index c0e3d51e8b..81ed647b37 100644 --- a/internal/config/testdata/nginx-agent.conf +++ b/internal/config/testdata/nginx-agent.conf @@ -29,10 +29,11 @@ collector: auth: Token: "secret-receiver-token" tls: + generate_self_signed_cert: false server_name: "test-local-server" - ca: /path/to/server-cert.pem - cert: /var/lib/nginx-agent/cert.pem - key: /var/lib/nginx-agent/key.pem + ca: /tmp/ca.pem + cert: /tmp/cert.pem + key: /tmp/key.pem nginx_receivers: - instance_id: cd7b8911-c2c5-4daf-b311-dbead151d938 stub_status: "http://localhost:4321/status" diff --git a/pkg/tls/self_signed_cert.go b/pkg/tls/self_signed_cert.go index 5855f041f5..35ef72c741 100644 --- a/pkg/tls/self_signed_cert.go +++ b/pkg/tls/self_signed_cert.go @@ -116,11 +116,11 @@ func GenerateServerCert(hostnames []string, caPath, certPath, keyPath string) er } // Get the local time zone - location_currentzone, locErr := time.LoadLocation("Local") + locationCurrentzone, locErr := time.LoadLocation("Local") if locErr != nil { return fmt.Errorf("error detecting local timezone: %w", locErr) } - now := time.Now().In(location_currentzone) + now := time.Now().In(locationCurrentzone) // Create CA first caCert, caKeyPair, caErr := GenerateCA(now, caPath) diff --git a/pkg/tls/self_signed_cert_test.go b/pkg/tls/self_signed_cert_test.go index 307d956984..f9a43eb445 100644 --- a/pkg/tls/self_signed_cert_test.go +++ b/pkg/tls/self_signed_cert_test.go @@ -154,7 +154,7 @@ func TestGenerateSelfSignedCert(t *testing.T) { certPath: certPath, keyPath: keyPath, hostNames: hostNames, - expectedError: "error decoding certificate PEM block", + expectedError: "error reading existing certificate data", }, { name: "Test case 7: Error reading existing key file",