github.com/outbrain/consul@v1.4.5/agent/connect/ca/provider_consul_config.go

github.com/outbrain/consul@v1.4.5/agent/connect/ca/provider_consul_config.go (about)

     1  package ca
     2  
     3  import (
     4  	"fmt"
     5  	"time"
     6  
     7  	"github.com/hashicorp/consul/agent/structs"
     8  	"github.com/mitchellh/mapstructure"
     9  )
    10  
    11  func ParseConsulCAConfig(raw map[string]interface{}) (*structs.ConsulCAProviderConfig, error) {
    12  	config := structs.ConsulCAProviderConfig{
    13  		CommonCAProviderConfig: defaultCommonConfig(),
    14  	}
    15  
    16  	decodeConf := &mapstructure.DecoderConfig{
    17  		DecodeHook:       structs.ParseDurationFunc(),
    18  		Result:           &config,
    19  		WeaklyTypedInput: true,
    20  	}
    21  
    22  	decoder, err := mapstructure.NewDecoder(decodeConf)
    23  	if err != nil {
    24  		return nil, err
    25  	}
    26  
    27  	if err := decoder.Decode(raw); err != nil {
    28  		return nil, fmt.Errorf("error decoding config: %s", err)
    29  	}
    30  
    31  	if config.PrivateKey == "" && config.RootCert != "" {
    32  		return nil, fmt.Errorf("must provide a private key when providing a root cert")
    33  	}
    34  
    35  	if err := config.CommonCAProviderConfig.Validate(); err != nil {
    36  		return nil, err
    37  	}
    38  
    39  	return &config, nil
    40  }
    41  
    42  func defaultCommonConfig() structs.CommonCAProviderConfig {
    43  	return structs.CommonCAProviderConfig{
    44  		LeafCertTTL: 3 * 24 * time.Hour,
    45  	}
    46  }