Add ability to pass TLS certs and keys inline #294
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bboreham
reviewed
Jul 20, 2023
server/server.go
Outdated
| ClientAuth string `yaml:"client_auth_type"` | ||
| ClientCAs string `yaml:"client_ca_file"` | ||
| TLSCert string `yaml:"cert"` | ||
| TLSKey string `yaml:"key"` |
There was a problem hiding this comment.
Would we want to make this a config.Secret to avoid printing the value ?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
With prometheus/exporter-toolkit#158, it is now possible pass forward TLS certificates and keys inline as part of the
TLSConfigfor the Server.This PR also extends the
TLSConfigwithinServer.goto allow the TLS certificate, private key and client CAs to be passed inline as a string. The content of this string is expected to be exactly the as a file, a PEM-encoded sequence of bytes. All parameters are then passed forward toweb.TLSConfigwithinprometheus/exporter-toolkitas before.