optional ssl (#4)

* feat: Configure SSL certificate optional * fix: throw error when config badly * feat: add unit test
paion-data · Apr 16, 2024 · 8e97cf1 · 8e97cf1
1 parent 680c518
commit 8e97cf1
Show file tree

Hide file tree

Showing 4 changed files with 116 additions and 28 deletions.
diff --git a/go.mod b/go.mod
@@ -5,6 +5,7 @@ go 1.20
 require (
 	github.com/hashicorp/hcl/v2 v2.19.1
 	github.com/hashicorp/packer-plugin-sdk v0.5.2
+	github.com/stretchr/testify v1.8.3
 	github.com/zclconf/go-cty v1.13.3
 )
 
@@ -16,6 +17,7 @@ require (
 	github.com/aws/aws-sdk-go v1.44.114 // indirect
 	github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
 	github.com/cenkalti/backoff/v3 v3.2.2 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/fatih/color v1.14.1 // indirect
 	github.com/go-jose/go-jose/v3 v3.0.0 // indirect
 	github.com/google/uuid v1.3.0 // indirect
@@ -49,6 +51,7 @@ require (
 	github.com/mitchellh/iochan v1.0.0 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.0 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/ryanuber/go-glob v1.0.0 // indirect
 	github.com/ugorji/go/codec v1.2.6 // indirect
 	github.com/ulikunitz/xz v0.5.10 // indirect
@@ -59,6 +62,7 @@ require (
 	golang.org/x/text v0.13.0 // indirect
 	golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect
 	gopkg.in/yaml.v2 v2.3.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
 replace github.com/zclconf/go-cty => github.com/nywilken/go-cty v1.13.3 // added by packer-sdc fix as noted in github.com/hashicorp/packer-plugin-sdk/issues/187
diff --git a/go.sum b/go.sum
@@ -32,6 +32,7 @@ github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
+github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
 github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
@@ -136,8 +137,10 @@ github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYs
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
 github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
 github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
@@ -190,6 +193,7 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
+github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
 github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s=
 github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
@@ -221,6 +225,7 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=
 github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
+github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM=
 github.com/ugorji/go v1.2.6/go.mod h1:anCg0y61KIhDlPZmnH+so+RQbysYVyDko0IMgJv0Nn0=
 github.com/ugorji/go/codec v1.2.6 h1:7kbGefxLoDBuYXOms4yD7223OpNMMPNPZxXk5TvFcyQ=
@@ -294,6 +299,7 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=

diff --git a/provisioner/kong-api-gateway/provisioner.go b/provisioner/kong-api-gateway/provisioner.go
@@ -8,21 +8,22 @@ package kongApiGateway
 import (
 	"context"
 	"fmt"
+	"path/filepath"
+	"strings"
+
 	"github.com/QubitPi/packer-plugin-hashicorp-aws/provisioner"
 	"github.com/hashicorp/hcl/v2/hcldec"
 	packersdk "github.com/hashicorp/packer-plugin-sdk/packer"
 	"github.com/hashicorp/packer-plugin-sdk/template/config"
 	"github.com/hashicorp/packer-plugin-sdk/template/interpolate"
 	"github.com/hashicorp/packer-plugin-sdk/tmp"
-	"path/filepath"
-	"strings"
 )
 
 type Config struct {
-	SslCertSource    string `mapstructure:"sslCertSource" required:"true"`
-	SslCertKeySource string `mapstructure:"sslCertKeySource" required:"true"`
+	SslCertSource    string `mapstructure:"sslCertSource" required:"false"`
+	SslCertKeySource string `mapstructure:"sslCertKeySource" required:"false"`
 
-	KongApiGatewayDomain string `mapstructure:"kongApiGatewayDomain" required:"true"`
+	KongApiGatewayDomain string `mapstructure:"kongApiGatewayDomain" required:"false"`
 	HomeDir              string `mapstructure:"homeDir" required:"false"`
 
 	ctx interpolate.Context
@@ -45,35 +46,53 @@ func (p *Provisioner) Prepare(raws ...interface{}) error {
 	return nil
 }
 
+func (p *Provisioner) skipConfigSSL() (bool, error) {
+	if p.config.SslCertSource != "" && p.config.SslCertKeySource != "" && p.config.KongApiGatewayDomain != "" {
+		return false, nil
+	}
+	if p.config.SslCertSource == "" && p.config.SslCertKeySource == "" && p.config.KongApiGatewayDomain == "" {
+		return true, nil
+	}
+	return false, fmt.Errorf("sslCertSource, sslCertKeySource and kongApiGatewayDomain must be set together")
+}
+
 func (p *Provisioner) Provision(ctx context.Context, ui packersdk.Ui, communicator packersdk.Communicator, generatedData map[string]interface{}) error {
 	p.config.HomeDir = getHomeDir(p.config.HomeDir)
+	skipConfigSSL, err := p.skipConfigSSL()
 
-	sslCertDestination := fmt.Sprintf(filepath.Join(p.config.HomeDir, "ssl.crt"))
-	err := p.ProvisionUpload(ui, communicator, p.config.SslCertSource, sslCertDestination)
 	if err != nil {
-		return fmt.Errorf("error uploading '%s' to '%s': %s", p.config.SslCertSource, sslCertDestination, err)
+		return err
 	}
 
-	sslCertKeyDestination := fmt.Sprintf(filepath.Join(p.config.HomeDir, "ssl.key"))
-	err = p.ProvisionUpload(ui, communicator, p.config.SslCertKeySource, sslCertKeyDestination)
-	if err != nil {
-		return fmt.Errorf("error uploading '%s' to '%s': %s", p.config.SslCertKeySource, sslCertKeyDestination, err)
-	}
+	if !skipConfigSSL {
+		fmt.Println("skip config ssl")
+		sslCertDestination := fmt.Sprintf(filepath.Join(p.config.HomeDir, "ssl.crt"))
+		err := p.ProvisionUpload(ui, communicator, p.config.SslCertSource, sslCertDestination)
+		if err != nil {
+			return fmt.Errorf("error uploading '%s' to '%s': %s", p.config.SslCertSource, sslCertDestination, err)
+		}
 
-	nginxConfig := strings.Replace(getNginxConfigTemplate(), "kong.domain.com", p.config.KongApiGatewayDomain, -1)
-	file, err := tmp.File("nginx-config-file")
-	if err != nil {
-		return err
-	}
-	defer file.Close()
-	if _, err := file.WriteString(nginxConfig); err != nil {
-		return err
-	}
-	nginxConfig = ""
-	nginxDst := fmt.Sprintf(filepath.Join(p.config.HomeDir, "nginx-ssl.conf"))
-	err = p.ProvisionUpload(ui, communicator, file.Name(), nginxDst)
-	if err != nil {
-		return fmt.Errorf("error uploading '%s' to '%s': %s", file.Name(), nginxDst, err)
+		sslCertKeyDestination := fmt.Sprintf(filepath.Join(p.config.HomeDir, "ssl.key"))
+		err = p.ProvisionUpload(ui, communicator, p.config.SslCertKeySource, sslCertKeyDestination)
+		if err != nil {
+			return fmt.Errorf("error uploading '%s' to '%s': %s", p.config.SslCertKeySource, sslCertKeyDestination, err)
+		}
+
+		nginxConfig := strings.Replace(getNginxConfigTemplate(), "kong.domain.com", p.config.KongApiGatewayDomain, -1)
+		file, err := tmp.File("nginx-config-file")
+		if err != nil {
+			return err
+		}
+		defer file.Close()
+		if _, err := file.WriteString(nginxConfig); err != nil {
+			return err
+		}
+		nginxConfig = ""
+		nginxDst := fmt.Sprintf(filepath.Join(p.config.HomeDir, "nginx-ssl.conf"))
+		err = p.ProvisionUpload(ui, communicator, file.Name(), nginxDst)
+		if err != nil {
+			return fmt.Errorf("error uploading '%s' to '%s': %s", file.Name(), nginxDst, err)
+		}
 	}
 
 	for _, command := range getCommands(p.config.HomeDir) {

diff --git a/provisioner/kong-api-gateway/provisioner_test.go b/provisioner/kong-api-gateway/provisioner_test.go
@@ -3,7 +3,12 @@
 
 package kongApiGateway
 
-import "testing"
+import (
+	"fmt"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
 
 func Test_getHomeDir(t *testing.T) {
 	data := []struct {
@@ -24,3 +29,57 @@ func Test_getHomeDir(t *testing.T) {
 		})
 	}
 }
+
+func Test_skipConfigSSL(t *testing.T) {
+	tests := []struct {
+		name          string
+		config        Config
+		expectedSkip  bool
+		expectedError error
+	}{
+		{
+			name: "All configurations set",
+			config: Config{
+				SslCertSource:        "cert.pem",
+				SslCertKeySource:     "key.pem",
+				KongApiGatewayDomain: "example.com",
+			},
+			expectedSkip:  false,
+			expectedError: nil,
+		},
+		{
+			name: "No configurations set",
+			config: Config{
+				SslCertSource:        "",
+				SslCertKeySource:     "",
+				KongApiGatewayDomain: "",
+			},
+			expectedSkip:  true,
+			expectedError: nil,
+		},
+		{
+			name: "Partial configurations set",
+			config: Config{
+				SslCertSource:        "cert.pem",
+				SslCertKeySource:     "",
+				KongApiGatewayDomain: "",
+			},
+			expectedSkip:  false,
+			expectedError: fmt.Errorf("sslCertSource, sslCertKeySource and kongApiGatewayDomain must be set together"),
+		},
+	}
+
+	for _, tc := range tests {
+		t.Run(tc.name, func(t *testing.T) {
+			provisioner := &Provisioner{config: tc.config}
+			skip, err := provisioner.skipConfigSSL()
+			assert.Equal(t, tc.expectedSkip, skip, "SkipSSL should be %v", tc.expectedSkip)
+			if tc.expectedError != nil {
+				assert.Error(t, err)
+				assert.EqualError(t, err, tc.expectedError.Error(), "Expected error message: %s", tc.expectedError)
+			} else {
+				assert.NoError(t, err)
+			}
+		})
+	}
+}