feat: INFRA-764 Added support for a single file containing both clien…

…t cert and key
Ferlab-Ste-Justine · Dec 4, 2024 · 813b948 · 813b948
1 parent 90a1ed4
commit 813b948
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 6 deletions.
diff --git a/client/connect.go b/client/connect.go
@@ -4,9 +4,11 @@ import (
 	"context"
 	"crypto/tls"
 	"crypto/x509"
+	"encoding/pem"
 	"errors"
 	"fmt"
 	"io/ioutil"
+	"os"
 	"time"
 
 	"google.golang.org/grpc/connectivity"
@@ -21,6 +23,8 @@ type EtcdClientOptions struct {
 	ClientCertPath    string
 	//If tls is enabled and certificate authentication is used, path to the client private key file
 	ClientKeyPath     string
+	//If tls is enabled and certificate authentication is used, alternate argument to provide a path to a file containing the client cert and the client key concatenanted after
+	ClientCertKeyPath string
 	//If tls is enabled, path to the CA certificate used to sign etcd's server certificates. 
 	CaCertPath        string
 	//If password authentication is used, name of the user.
@@ -46,11 +50,34 @@ func getTlsConfigs(opts EtcdClientOptions) (*tls.Config, error) {
 
 	//User credentials
 	if opts.Username == "" {
-		certData, err := tls.LoadX509KeyPair(opts.ClientCertPath, opts.ClientKeyPath)
-		if err != nil {
-			return nil, errors.New(fmt.Sprintf("Failed to load user credentials: %s", err.Error()))
+		if opts.ClientCertKeyPath != "" {
+			fData, fileErr := os.ReadFile(opts.ClientCertKeyPath)
+			if fileErr != nil {
+				return nil, errors.New(fmt.Sprintf("Failed to load file containing client cert and key: %s", fileErr.Error()))
+			}
+
+			certBlock, rest := pem.Decode(fData)
+			if certBlock == nil {
+				return nil, errors.New("Failed to read certificate from file containing client cert and key")
+			}
+
+			keyBlock, _ := pem.Decode(rest)
+			if keyBlock == nil {
+				return nil, errors.New("Failed to read key from file containing client cert and key")
+			}
+
+			certData, err := tls.X509KeyPair(pem.EncodeToMemory(certBlock), pem.EncodeToMemory(keyBlock))
+			if err != nil {
+				return nil, errors.New(fmt.Sprintf("Failed to load user credentials: %s", err.Error()))
+			}
+			(*tlsConf).Certificates = []tls.Certificate{certData}
+		} else {
+			certData, err := tls.LoadX509KeyPair(opts.ClientCertPath, opts.ClientKeyPath)
+			if err != nil {
+				return nil, errors.New(fmt.Sprintf("Failed to load user credentials: %s", err.Error()))
+			}
+			(*tlsConf).Certificates = []tls.Certificate{certData}
 		}
-		(*tlsConf).Certificates = []tls.Certificate{certData}
 	}
 
 	(*tlsConf).InsecureSkipVerify = false

diff --git a/go.mod b/go.mod
@@ -1,11 +1,14 @@
 module github.com/Ferlab-Ste-Justine/etcd-sdk
 
-go 1.20
+go 1.21
+
+toolchain go1.23.2
 
 require (
 	go.etcd.io/etcd/api/v3 v3.5.11
 	go.etcd.io/etcd/client/v3 v3.5.11
 	go.etcd.io/raft/v3 v3.0.0-20240110140044-f1c02c9909c0
+	go.uber.org/zap v1.26.0
 	google.golang.org/grpc v1.60.1
 	google.golang.org/protobuf v1.32.0
 )
@@ -18,7 +21,6 @@ require (
 	github.com/golang/protobuf v1.5.3 // indirect
 	go.etcd.io/etcd/client/pkg/v3 v3.5.11 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	go.uber.org/zap v1.26.0 // indirect
 	golang.org/x/net v0.20.0 // indirect
 	golang.org/x/sys v0.16.0 // indirect
 	golang.org/x/text v0.14.0 // indirect

diff --git a/go.sum b/go.sum
@@ -1,9 +1,11 @@
 github.com/cockroachdb/datadriven v1.0.2 h1:H9MtNqVoVhvd9nCBwOyDjUEdZCREqbIdCJD93PBm/jA=
+github.com/cockroachdb/datadriven v1.0.2/go.mod h1:a9RdTaap04u637JoCzcUoIcDmvwSUtcUFtT/C3kJlTU=
 github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4=
 github.com/coreos/go-semver v0.3.1/go.mod h1:irMmmIw/7yzSRPWryHsK7EYSg09caPQL03VsM8rvUec=
 github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs=
 github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo=
 github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
 github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
@@ -14,10 +16,13 @@ github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg
 github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
+github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 go.etcd.io/etcd/api/v3 v3.5.11 h1:B54KwXbWDHyD3XYAwprxNzTe7vlhR69LuBgZnMVvS7E=
@@ -29,6 +34,7 @@ go.etcd.io/etcd/client/v3 v3.5.11/go.mod h1:a6xQUEqFJ8vztO1agJh/KQKOMfFI8og52Zco
 go.etcd.io/raft/v3 v3.0.0-20240110140044-f1c02c9909c0 h1:tP1kfn9haDROvwd3VdalJptBM4PSVGI/5UXqEVDD3Qw=
 go.etcd.io/raft/v3 v3.0.0-20240110140044-f1c02c9909c0/go.mod h1:QpxpKeYmocQQFHP75LxNrdJTukZmqQig9lotwYLsUJY=
 go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk=
+go.uber.org/goleak v1.2.0/go.mod h1:XJYK+MuIchqpmGmUSAzotztawfKvYLUIgg7guXrwVUo=
 go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
 go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo=