diff --git a/command/connect/envoy/bootstrap_tpl.go b/command/connect/envoy/bootstrap_tpl.go index f93cb0ac7..3270c0fe8 100644 --- a/command/connect/envoy/bootstrap_tpl.go +++ b/command/connect/envoy/bootstrap_tpl.go @@ -25,7 +25,7 @@ type BootstrapTplArgs struct { // AgentCAPEM is the CA to use to verify the local agent gRPC service if // TLS is enabled. - AgentCAPEM []byte + AgentCAPEM string // AgentSocket is the path to a Unix Socket for communicating with the // local agent's gRPC endpoint. Disabled if the empty (the default), @@ -119,7 +119,7 @@ const bootstrapTemplate = `{ "common_tls_context": { "validation_context": { "trusted_ca": { - "inline_bytes": "{{ .AgentCAPEM }}" + "inline_string": "{{ .AgentCAPEM }}" } } } diff --git a/command/connect/envoy/envoy.go b/command/connect/envoy/envoy.go index daafbd93a..2a6fee819 100644 --- a/command/connect/envoy/envoy.go +++ b/command/connect/envoy/envoy.go @@ -494,13 +494,13 @@ func (c *cmd) templateArgs() (*BootstrapTplArgs, error) { adminAccessLogPath = DefaultAdminAccessLogPath } - var caPEM []byte + var caPEM string if httpCfg.TLSConfig.CAFile != "" { content, err := ioutil.ReadFile(httpCfg.TLSConfig.CAFile) if err != nil { return nil, fmt.Errorf("Failed to read CA file: %s", err) } - caPEM = content + caPEM = strings.Replace(string(content), "\n", "\\n", -1) } return &BootstrapTplArgs{ diff --git a/command/connect/envoy/envoy_test.go b/command/connect/envoy/envoy_test.go index 3e5962c12..3e58f8679 100644 --- a/command/connect/envoy/envoy_test.go +++ b/command/connect/envoy/envoy_test.go @@ -285,38 +285,10 @@ func TestGenerateConfig(t *testing.T) { // Should resolve IP, note this might not resolve the same way // everywhere which might make this test brittle but not sure what else // to do. - AgentAddress: "127.0.0.1", - AgentPort: "8502", - AgentTLS: true, - AgentCAPEM: []byte(`-----BEGIN CERTIFICATE----- -MIIEtzCCA5+gAwIBAgIJAIewRMI8OnvTMA0GCSqGSIb3DQEBBQUAMIGYMQswCQYD -VQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xHDAa -BgNVBAoTE0hhc2hpQ29ycCBUZXN0IENlcnQxDDAKBgNVBAsTA0RldjEWMBQGA1UE -AxMNdGVzdC5pbnRlcm5hbDEgMB4GCSqGSIb3DQEJARYRdGVzdEBpbnRlcm5hbC5j -b20wHhcNMTQwNDA3MTkwMTA4WhcNMjQwNDA0MTkwMTA4WjCBmDELMAkGA1UEBhMC -VVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRwwGgYDVQQK -ExNIYXNoaUNvcnAgVGVzdCBDZXJ0MQwwCgYDVQQLEwNEZXYxFjAUBgNVBAMTDXRl -c3QuaW50ZXJuYWwxIDAeBgkqhkiG9w0BCQEWEXRlc3RAaW50ZXJuYWwuY29tMIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrs6JK4NpiOItxrpNR/1ppUU -mH7p2BgLCBZ6eHdclle9J56i68adt8J85zaqphCfz6VDP58DsFx+N50PZyjQaDsU -d0HejRqfHRMtg2O+UQkv4Z66+Vo+gc6uGuANi2xMtSYDVTAqqzF48OOPQDgYkzcG -xcFZzTRFFZt2vPnyHj8cHcaFo/NMNVh7C3yTXevRGNm9u2mrbxCEeiHzFC2WUnvg -U2jQuC7Fhnl33Zd3B6d3mQH6O23ncmwxTcPUJe6xZaIRrDuzwUcyhLj5Z3faag/f -pFIIcHSiHRfoqHLGsGg+3swId/zVJSSDHr7pJUu7Cre+vZa63FqDaooqvnisrQID -AQABo4IBADCB/TAdBgNVHQ4EFgQUo/nrOfqvbee2VklVKIFlyQEbuJUwgc0GA1Ud -IwSBxTCBwoAUo/nrOfqvbee2VklVKIFlyQEbuJWhgZ6kgZswgZgxCzAJBgNVBAYT -AlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEcMBoGA1UE -ChMTSGFzaGlDb3JwIFRlc3QgQ2VydDEMMAoGA1UECxMDRGV2MRYwFAYDVQQDEw10 -ZXN0LmludGVybmFsMSAwHgYJKoZIhvcNAQkBFhF0ZXN0QGludGVybmFsLmNvbYIJ -AIewRMI8OnvTMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADa9fV9h -gjapBlkNmu64WX0Ufub5dsJrdHS8672P30S7ILB7Mk0W8sL65IezRsZnG898yHf9 -2uzmz5OvNTM9K380g7xFlyobSVq+6yqmmSAlA/ptAcIIZT727P5jig/DB7fzJM3g -jctDlEGOmEe50GQXc25VKpcpjAsNQi5ER5gowQ0v3IXNZs+yU+LvxLHc0rUJ/XSp -lFCAMOqd5uRoMOejnT51G6krvLNzPaQ3N9jQfNVY4Q0zfs0M+6dRWvqfqB9Vyq8/ -POLMld+HyAZEBk9zK3ZVIXx6XS4dkDnSNR91njLq7eouf6M7+7s/oMQZZRtAfQ6r -wlW975rYa1ZqEdA= ------END CERTIFICATE----- -`), + AgentAddress: "127.0.0.1", + AgentPort: "8502", + AgentTLS: true, + AgentCAPEM: `-----BEGIN CERTIFICATE-----\nMIIEtzCCA5+gAwIBAgIJAIewRMI8OnvTMA0GCSqGSIb3DQEBBQUAMIGYMQswCQYD\nVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xHDAa\nBgNVBAoTE0hhc2hpQ29ycCBUZXN0IENlcnQxDDAKBgNVBAsTA0RldjEWMBQGA1UE\nAxMNdGVzdC5pbnRlcm5hbDEgMB4GCSqGSIb3DQEJARYRdGVzdEBpbnRlcm5hbC5j\nb20wHhcNMTQwNDA3MTkwMTA4WhcNMjQwNDA0MTkwMTA4WjCBmDELMAkGA1UEBhMC\nVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRwwGgYDVQQK\nExNIYXNoaUNvcnAgVGVzdCBDZXJ0MQwwCgYDVQQLEwNEZXYxFjAUBgNVBAMTDXRl\nc3QuaW50ZXJuYWwxIDAeBgkqhkiG9w0BCQEWEXRlc3RAaW50ZXJuYWwuY29tMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrs6JK4NpiOItxrpNR/1ppUU\nmH7p2BgLCBZ6eHdclle9J56i68adt8J85zaqphCfz6VDP58DsFx+N50PZyjQaDsU\nd0HejRqfHRMtg2O+UQkv4Z66+Vo+gc6uGuANi2xMtSYDVTAqqzF48OOPQDgYkzcG\nxcFZzTRFFZt2vPnyHj8cHcaFo/NMNVh7C3yTXevRGNm9u2mrbxCEeiHzFC2WUnvg\nU2jQuC7Fhnl33Zd3B6d3mQH6O23ncmwxTcPUJe6xZaIRrDuzwUcyhLj5Z3faag/f\npFIIcHSiHRfoqHLGsGg+3swId/zVJSSDHr7pJUu7Cre+vZa63FqDaooqvnisrQID\nAQABo4IBADCB/TAdBgNVHQ4EFgQUo/nrOfqvbee2VklVKIFlyQEbuJUwgc0GA1Ud\nIwSBxTCBwoAUo/nrOfqvbee2VklVKIFlyQEbuJWhgZ6kgZswgZgxCzAJBgNVBAYT\nAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEcMBoGA1UE\nChMTSGFzaGlDb3JwIFRlc3QgQ2VydDEMMAoGA1UECxMDRGV2MRYwFAYDVQQDEw10\nZXN0LmludGVybmFsMSAwHgYJKoZIhvcNAQkBFhF0ZXN0QGludGVybmFsLmNvbYIJ\nAIewRMI8OnvTMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADa9fV9h\ngjapBlkNmu64WX0Ufub5dsJrdHS8672P30S7ILB7Mk0W8sL65IezRsZnG898yHf9\n2uzmz5OvNTM9K380g7xFlyobSVq+6yqmmSAlA/ptAcIIZT727P5jig/DB7fzJM3g\njctDlEGOmEe50GQXc25VKpcpjAsNQi5ER5gowQ0v3IXNZs+yU+LvxLHc0rUJ/XSp\nlFCAMOqd5uRoMOejnT51G6krvLNzPaQ3N9jQfNVY4Q0zfs0M+6dRWvqfqB9Vyq8/\nPOLMld+HyAZEBk9zK3ZVIXx6XS4dkDnSNR91njLq7eouf6M7+7s/oMQZZRtAfQ6r\nwlW975rYa1ZqEdA=\n-----END CERTIFICATE-----\n`, AdminAccessLogPath: "/dev/null", AdminBindAddress: "127.0.0.1", AdminBindPort: "19000", diff --git a/command/connect/envoy/testdata/existing-ca-file.golden b/command/connect/envoy/testdata/existing-ca-file.golden index b5952b1fd..4f24963e9 100644 --- a/command/connect/envoy/testdata/existing-ca-file.golden +++ b/command/connect/envoy/testdata/existing-ca-file.golden @@ -22,7 +22,7 @@ "common_tls_context": { "validation_context": { "trusted_ca": { - "inline_bytes": "[45 45 45 45 45 66 69 71 73 78 32 67 69 82 84 73 70 73 67 65 84 69 45 45 45 45 45 10 77 73 73 69 116 122 67 67 65 53 43 103 65 119 73 66 65 103 73 74 65 73 101 119 82 77 73 56 79 110 118 84 77 65 48 71 67 83 113 71 83 73 98 51 68 81 69 66 66 81 85 65 77 73 71 89 77 81 115 119 67 81 89 68 10 86 81 81 71 69 119 74 86 85 122 69 76 77 65 107 71 65 49 85 69 67 66 77 67 81 48 69 120 70 106 65 85 66 103 78 86 66 65 99 84 68 86 78 104 98 105 66 71 99 109 70 117 89 50 108 122 89 50 56 120 72 68 65 97 10 66 103 78 86 66 65 111 84 69 48 104 104 99 50 104 112 81 50 57 121 99 67 66 85 90 88 78 48 73 69 78 108 99 110 81 120 68 68 65 75 66 103 78 86 66 65 115 84 65 48 82 108 100 106 69 87 77 66 81 71 65 49 85 69 10 65 120 77 78 100 71 86 122 100 67 53 112 98 110 82 108 99 109 53 104 98 68 69 103 77 66 52 71 67 83 113 71 83 73 98 51 68 81 69 74 65 82 89 82 100 71 86 122 100 69 66 112 98 110 82 108 99 109 53 104 98 67 53 106 10 98 50 48 119 72 104 99 78 77 84 81 119 78 68 65 51 77 84 107 119 77 84 65 52 87 104 99 78 77 106 81 119 78 68 65 48 77 84 107 119 77 84 65 52 87 106 67 66 109 68 69 76 77 65 107 71 65 49 85 69 66 104 77 67 10 86 86 77 120 67 122 65 74 66 103 78 86 66 65 103 84 65 107 78 66 77 82 89 119 70 65 89 68 86 81 81 72 69 119 49 84 89 87 52 103 82 110 74 104 98 109 78 112 99 50 78 118 77 82 119 119 71 103 89 68 86 81 81 75 10 69 120 78 73 89 88 78 111 97 85 78 118 99 110 65 103 86 71 86 122 100 67 66 68 90 88 74 48 77 81 119 119 67 103 89 68 86 81 81 76 69 119 78 69 90 88 89 120 70 106 65 85 66 103 78 86 66 65 77 84 68 88 82 108 10 99 51 81 117 97 87 53 48 90 88 74 117 89 87 119 120 73 68 65 101 66 103 107 113 104 107 105 71 57 119 48 66 67 81 69 87 69 88 82 108 99 51 82 65 97 87 53 48 90 88 74 117 89 87 119 117 89 50 57 116 77 73 73 66 10 73 106 65 78 66 103 107 113 104 107 105 71 57 119 48 66 65 81 69 70 65 65 79 67 65 81 56 65 77 73 73 66 67 103 75 67 65 81 69 65 120 114 115 54 74 75 52 78 112 105 79 73 116 120 114 112 78 82 47 49 112 112 85 85 10 109 72 55 112 50 66 103 76 67 66 90 54 101 72 100 99 108 108 101 57 74 53 54 105 54 56 97 100 116 56 74 56 53 122 97 113 112 104 67 102 122 54 86 68 80 53 56 68 115 70 120 43 78 53 48 80 90 121 106 81 97 68 115 85 10 100 48 72 101 106 82 113 102 72 82 77 116 103 50 79 43 85 81 107 118 52 90 54 54 43 86 111 43 103 99 54 117 71 117 65 78 105 50 120 77 116 83 89 68 86 84 65 113 113 122 70 52 56 79 79 80 81 68 103 89 107 122 99 71 10 120 99 70 90 122 84 82 70 70 90 116 50 118 80 110 121 72 106 56 99 72 99 97 70 111 47 78 77 78 86 104 55 67 51 121 84 88 101 118 82 71 78 109 57 117 50 109 114 98 120 67 69 101 105 72 122 70 67 50 87 85 110 118 103 10 85 50 106 81 117 67 55 70 104 110 108 51 51 90 100 51 66 54 100 51 109 81 72 54 79 50 51 110 99 109 119 120 84 99 80 85 74 101 54 120 90 97 73 82 114 68 117 122 119 85 99 121 104 76 106 53 90 51 102 97 97 103 47 102 10 112 70 73 73 99 72 83 105 72 82 102 111 113 72 76 71 115 71 103 43 51 115 119 73 100 47 122 86 74 83 83 68 72 114 55 112 74 85 117 55 67 114 101 43 118 90 97 54 51 70 113 68 97 111 111 113 118 110 105 115 114 81 73 68 10 65 81 65 66 111 52 73 66 65 68 67 66 47 84 65 100 66 103 78 86 72 81 52 69 70 103 81 85 111 47 110 114 79 102 113 118 98 101 101 50 86 107 108 86 75 73 70 108 121 81 69 98 117 74 85 119 103 99 48 71 65 49 85 100 10 73 119 83 66 120 84 67 66 119 111 65 85 111 47 110 114 79 102 113 118 98 101 101 50 86 107 108 86 75 73 70 108 121 81 69 98 117 74 87 104 103 90 54 107 103 90 115 119 103 90 103 120 67 122 65 74 66 103 78 86 66 65 89 84 10 65 108 86 84 77 81 115 119 67 81 89 68 86 81 81 73 69 119 74 68 81 84 69 87 77 66 81 71 65 49 85 69 66 120 77 78 85 50 70 117 73 69 90 121 89 87 53 106 97 88 78 106 98 122 69 99 77 66 111 71 65 49 85 69 10 67 104 77 84 83 71 70 122 97 71 108 68 98 51 74 119 73 70 82 108 99 51 81 103 81 50 86 121 100 68 69 77 77 65 111 71 65 49 85 69 67 120 77 68 82 71 86 50 77 82 89 119 70 65 89 68 86 81 81 68 69 119 49 48 10 90 88 78 48 76 109 108 117 100 71 86 121 98 109 70 115 77 83 65 119 72 103 89 74 75 111 90 73 104 118 99 78 65 81 107 66 70 104 70 48 90 88 78 48 81 71 108 117 100 71 86 121 98 109 70 115 76 109 78 118 98 89 73 74 10 65 73 101 119 82 77 73 56 79 110 118 84 77 65 119 71 65 49 85 100 69 119 81 70 77 65 77 66 65 102 56 119 68 81 89 74 75 111 90 73 104 118 99 78 65 81 69 70 66 81 65 68 103 103 69 66 65 68 97 57 102 86 57 104 10 103 106 97 112 66 108 107 78 109 117 54 52 87 88 48 85 102 117 98 53 100 115 74 114 100 72 83 56 54 55 50 80 51 48 83 55 73 76 66 55 77 107 48 87 56 115 76 54 53 73 101 122 82 115 90 110 71 56 57 56 121 72 102 57 10 50 117 122 109 122 53 79 118 78 84 77 57 75 51 56 48 103 55 120 70 108 121 111 98 83 86 113 43 54 121 113 109 109 83 65 108 65 47 112 116 65 99 73 73 90 84 55 50 55 80 53 106 105 103 47 68 66 55 102 122 74 77 51 103 10 106 99 116 68 108 69 71 79 109 69 101 53 48 71 81 88 99 50 53 86 75 112 99 112 106 65 115 78 81 105 53 69 82 53 103 111 119 81 48 118 51 73 88 78 90 115 43 121 85 43 76 118 120 76 72 99 48 114 85 74 47 88 83 112 10 108 70 67 65 77 79 113 100 53 117 82 111 77 79 101 106 110 84 53 49 71 54 107 114 118 76 78 122 80 97 81 51 78 57 106 81 102 78 86 89 52 81 48 122 102 115 48 77 43 54 100 82 87 118 113 102 113 66 57 86 121 113 56 47 10 80 79 76 77 108 100 43 72 121 65 90 69 66 107 57 122 75 51 90 86 73 88 120 54 88 83 52 100 107 68 110 83 78 82 57 49 110 106 76 113 55 101 111 117 102 54 77 55 43 55 115 47 111 77 81 90 90 82 116 65 102 81 54 114 10 119 108 87 57 55 53 114 89 97 49 90 113 69 100 65 61 10 45 45 45 45 45 69 78 68 32 67 69 82 84 73 70 73 67 65 84 69 45 45 45 45 45 10]" + "inline_string": "-----BEGIN CERTIFICATE-----\nMIIEtzCCA5+gAwIBAgIJAIewRMI8OnvTMA0GCSqGSIb3DQEBBQUAMIGYMQswCQYD\nVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xHDAa\nBgNVBAoTE0hhc2hpQ29ycCBUZXN0IENlcnQxDDAKBgNVBAsTA0RldjEWMBQGA1UE\nAxMNdGVzdC5pbnRlcm5hbDEgMB4GCSqGSIb3DQEJARYRdGVzdEBpbnRlcm5hbC5j\nb20wHhcNMTQwNDA3MTkwMTA4WhcNMjQwNDA0MTkwMTA4WjCBmDELMAkGA1UEBhMC\nVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRwwGgYDVQQK\nExNIYXNoaUNvcnAgVGVzdCBDZXJ0MQwwCgYDVQQLEwNEZXYxFjAUBgNVBAMTDXRl\nc3QuaW50ZXJuYWwxIDAeBgkqhkiG9w0BCQEWEXRlc3RAaW50ZXJuYWwuY29tMIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrs6JK4NpiOItxrpNR/1ppUU\nmH7p2BgLCBZ6eHdclle9J56i68adt8J85zaqphCfz6VDP58DsFx+N50PZyjQaDsU\nd0HejRqfHRMtg2O+UQkv4Z66+Vo+gc6uGuANi2xMtSYDVTAqqzF48OOPQDgYkzcG\nxcFZzTRFFZt2vPnyHj8cHcaFo/NMNVh7C3yTXevRGNm9u2mrbxCEeiHzFC2WUnvg\nU2jQuC7Fhnl33Zd3B6d3mQH6O23ncmwxTcPUJe6xZaIRrDuzwUcyhLj5Z3faag/f\npFIIcHSiHRfoqHLGsGg+3swId/zVJSSDHr7pJUu7Cre+vZa63FqDaooqvnisrQID\nAQABo4IBADCB/TAdBgNVHQ4EFgQUo/nrOfqvbee2VklVKIFlyQEbuJUwgc0GA1Ud\nIwSBxTCBwoAUo/nrOfqvbee2VklVKIFlyQEbuJWhgZ6kgZswgZgxCzAJBgNVBAYT\nAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEcMBoGA1UE\nChMTSGFzaGlDb3JwIFRlc3QgQ2VydDEMMAoGA1UECxMDRGV2MRYwFAYDVQQDEw10\nZXN0LmludGVybmFsMSAwHgYJKoZIhvcNAQkBFhF0ZXN0QGludGVybmFsLmNvbYIJ\nAIewRMI8OnvTMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADa9fV9h\ngjapBlkNmu64WX0Ufub5dsJrdHS8672P30S7ILB7Mk0W8sL65IezRsZnG898yHf9\n2uzmz5OvNTM9K380g7xFlyobSVq+6yqmmSAlA/ptAcIIZT727P5jig/DB7fzJM3g\njctDlEGOmEe50GQXc25VKpcpjAsNQi5ER5gowQ0v3IXNZs+yU+LvxLHc0rUJ/XSp\nlFCAMOqd5uRoMOejnT51G6krvLNzPaQ3N9jQfNVY4Q0zfs0M+6dRWvqfqB9Vyq8/\nPOLMld+HyAZEBk9zK3ZVIXx6XS4dkDnSNR91njLq7eouf6M7+7s/oMQZZRtAfQ6r\nwlW975rYa1ZqEdA=\n-----END CERTIFICATE-----\n" } } }