Skip to content

Commit 557f97f

Browse files
mcorbinmcorbin
committed
Add ServerName to http check + reuse tls config fn
1 parent e6fc7b2 commit 557f97f

File tree

1 file changed

+5
-24
lines changed

1 file changed

+5
-24
lines changed

healthcheck/http.go

Lines changed: 5 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -3,18 +3,16 @@ package healthcheck
33
import (
44
"bytes"
55
"context"
6-
"crypto/tls"
7-
"crypto/x509"
86
"encoding/json"
97
"fmt"
108
"html"
119
"io"
1210
"net"
1311
"net/http"
14-
"os"
1512
"regexp"
1613
"time"
1714

15+
"github.com/appclacks/cabourotte/tls"
1816
"github.com/pkg/errors"
1917
"go.uber.org/zap"
2018

@@ -39,6 +37,7 @@ type HTTPHealthcheckConfiguration struct {
3937
SourceIP IP `json:"source-ip,omitempty" yaml:"source-ip,omitempty"`
4038
BodyRegexp []Regexp `json:"body-regexp,omitempty" yaml:"body-regexp,omitempty"`
4139
Insecure bool `json:"insecure"`
40+
ServerName string `json:"server-name"`
4241
Timeout Duration `json:"timeout"`
4342
Key string `json:"key,omitempty"`
4443
Cert string `json:"cert,omitempty"`
@@ -127,7 +126,6 @@ func (h *HTTPHealthcheck) Initialize() error {
127126
h.buildURL()
128127

129128
dialer := net.Dialer{}
130-
tlsConfig := &tls.Config{}
131129
if h.Config.SourceIP != nil {
132130
srcIP := net.IP(h.Config.SourceIP).String()
133131
addr, err := net.ResolveTCPAddr("tcp", fmt.Sprintf("%s:0", srcIP))
@@ -138,27 +136,10 @@ func (h *HTTPHealthcheck) Initialize() error {
138136
LocalAddr: addr,
139137
}
140138
}
141-
if h.Config.Key != "" {
142-
cert, err := tls.LoadX509KeyPair(h.Config.Cert, h.Config.Key)
143-
if err != nil {
144-
return errors.Wrapf(err, "Fail to load certificates")
145-
}
146-
tlsConfig.Certificates = []tls.Certificate{cert}
147-
}
148-
if h.Config.Cacert != "" {
149-
caCert, err := os.ReadFile(h.Config.Cacert)
150-
if err != nil {
151-
return errors.Wrapf(err, "Fail to load the ca certificate")
152-
}
153-
caCertPool := x509.NewCertPool()
154-
result := caCertPool.AppendCertsFromPEM(caCert)
155-
if !result {
156-
return fmt.Errorf("fail to read ca certificate for healthcheck %s", h.Config.Base.Name)
157-
}
158-
tlsConfig.RootCAs = caCertPool
159-
139+
tlsConfig, err := tls.GetTLSConfig(h.Config.Key, h.Config.Cert, h.Config.Cacert, h.Config.ServerName, h.Config.Insecure)
140+
if err != nil {
141+
return err
160142
}
161-
tlsConfig.InsecureSkipVerify = h.Config.Insecure
162143
h.transport = &http.Transport{
163144
DialContext: dialer.DialContext,
164145
TLSClientConfig: tlsConfig,

0 commit comments

Comments
 (0)