Olgun Cengiz · Olgun Cengiz · 966b3437 · 534f7f63 · d927ad77 · a7b32c8e
--- a/config/configs.go

+ 147

− 173
+++ b/config/configs.go

+ 147

− 173
 package config

 import (
-	"bytes"
-	"code.vereign.com/code/viam-apis/clientutils"
-	"code.vereign.com/code/viam-apis/errors"
 	"crypto"
 	"crypto/x509"
+	"io/ioutil"
 	"os"
 	"path/filepath"
 	"strings"

+	"code.vereign.com/code/viam-apis/clientutils"
+	"code.vereign.com/code/viam-apis/config"
+	"code.vereign.com/code/viam-apis/errors"
+
 	"code.vereign.com/code/viam-apis/log"

 	"code.vereign.com/code/viam-apis/authentication"
 @@ -23,76 +25,71 @@ var SystemAuth = &authentication.Authentication{
 	Session: "undefined",
 }

-var CertificationMethod string
-var P PEMReader
-var CertificatePEM []byte
-var PrivateKeyPEM []byte
-var CaCertificatePEM []byte
-var VereignCaCertificatePEM []byte
-
-var EncryptionCert *x509.Certificate
-var EncryptionKey crypto.Signer
-
-var ReplaceKey bool
-
-var MaxMessageSize int
-
-var GrpcListenAddress string
-var RestListenAddress string
-var DataStorageUrl string
-var EntitiesManagerUrl string
-var CertDir string
-var GlobalLogLevel string
-
-var PrometeusListenAddress string
-var MetricEnvPrefix string
-
-func SetConfigValues(configFile, etcdURL string) error {
-	// Set Default Values For Config Variables
-
-	// Vereign API Related
-	viper.SetDefault("grpcListenAddress", ":7877")
-	viper.SetDefault("restListenAddress", ":7878")
-	viper.SetDefault("dataStorageUrl", "data-storage-agent:7777")
-	viper.SetDefault("entitiesManagerUrl", "entities-management-agent:7779")
-
-	viper.SetDefault("replaceKey", false)
-
-	viper.SetDefault("viamUUID", "viam-system")
-	viper.SetDefault("viamSession", "viam-session")
-
-	viper.SetDefault("maxMessageSize", 64)
-
-	// Certification Related
-	// File System Defaults
-	viper.SetDefault("certificationMethod", "1")
-	viper.SetDefault("certificationURL", ".")
-	viper.SetDefault("certificationToken", ".")
-	viper.SetDefault("certificationPath", "cert")
-	viper.SetDefault("certificationCertFile", "server.crt")
-	viper.SetDefault("certificationKeyFile", "server.key")
-	viper.SetDefault("certificationCaCertFile", "ca.crt")
-	viper.SetDefault("certificationVereignCertFile", "vereign_ca.cer")
-	viper.SetDefault("globalLogLevel", "info")
-
-	/*
-			// Vault Defaults
-			viper.SetDefault("certificationMethod", "2")
-			viper.SetDefault("certificationURL", "http://10.6.10.119:8200")
-			viper.SetDefault("certificationToken", "")
-			viper.SetDefault("certificationPath", "/developers/data/devteam/cert")
-		    viper.SetDefault("certificationCertFile", "certificateKey")
-			viper.SetDefault("certificationKeyFile", "privateKey")
-			viper.SetDefault("certificationCaCertFile", "caCertificateKey")
-			viper.SetDefault("certificationVereignCertFile", "vereignCaCertificateKey")
-	*/
-
-	// Encryption/Decryption Related
-	viper.SetDefault("vaultEncryptionURL", "")
-	viper.SetDefault("vaultEncryptionToken", "")
-	viper.SetDefault("vaultEncryptionPath", "")
-	viper.SetDefault("vaultEncryptionCertFile", "encryptionCert")
-	viper.SetDefault("vaultEncryptionKeyFile", "encryptionKey")
+type Configuration struct {
+	ListenAddress        string `required:"false" yaml:"listenAddress"`
+	GrpcListenAddress    string `required:"false" yaml:"grpcListenAddress"`
+	SystemAuthentication struct {
+		UUID    string `required:"false" yaml:"viamUUID"`
+		Session string `required:"false" yaml:"viamSession"`
+	} `required:"false" yaml:"systemAuthentication"`
+	DataStorageAgentURL        string `required:"false" yaml:"dataStorageAgentURL"`
+	EntitiesManagementAgentURL string `required:"false" yaml:"entitiesManagementAgentURL"`
+	MaxMessageSize             int    `required:"false" yaml:"maxMessageSize"`
+	Certification              struct {
+		Path                      string              `required:"true" yaml:"path"`
+		CertificateFile           string              `required:"true" yaml:"certificateFile"`
+		CertificatePEM            []byte              `required:"true"`
+		PrivateKeyFile            string              `required:"true" yaml:"privateKeyFile"`
+		PrivateKeyPEM             []byte              `required:"true"`
+		CaCertificateFile         string              `required:"true" yaml:"caCertificateFile"`
+		CaCertificatePEM          []byte              `required:"true"`
+		EncryptionCertificateFile string              `required:"true" yaml:"encryptionCertificateFile"`
+		EncryptionCertificatePEM  []byte              `required:"true"`
+		EncryptionCertificate     []*x509.Certificate `required:"true"`
+		EncryptionPrivateKeyFile  string              `required:"true" yaml:"encryptionPrivateKeyFile"`
+		EncryptionPrivateKeyPEM   []byte              `required:"true"`
+		EncryptionPrivateKey      crypto.Signer       `required:"true"`
+		VereignCertificateFile    string              `required:"true" yaml:"vereignCertificateFile"`
+		VereignCertificatePEM     []byte              `required:"true"`
+	} `required:"true" yaml:"certification"`
+	PrometeusListenAddress  string `required:"false" yaml:"prometeusListenAddress"`
+	MetricEnvironmentPrefix string `required:"false" yaml:"metricEnvironmentPrefix"`
+	ReplaceKey              bool   `required:"false" yaml:"replaceKey"`
+	GlobalLogLevel          string `required:"false" yaml:"globalLogLevel"`
+}
+
+var Config Configuration
+
+// LoadConfigValues loads config values from config file
+func LoadConfigValues(configFile, etcdURL string) error {
+	setConfigValues(configFile, etcdURL)
+
+	calculateConfigValues()
+
+	err := config.CheckConfigValues(Config)
+	if err != nil {
+		log.Fatalf("Exiting due to wrong configuration: %s", err)
+		return err
+	}
+
+	return nil
+}
+
+// SetConfigValues Sets Values For Config Variable
+func setConfigValues(configFile, etcdURL string) {
+	// Set default values for configuration variable
+	// NOTE: Only for 'required:"false"' fields
+	Config.ListenAddress = ":7878"
+	Config.GrpcListenAddress = ":7877"
+	Config.SystemAuthentication.UUID = "viam-system"
+	Config.SystemAuthentication.Session = "viam-session"
+	Config.DataStorageAgentURL = "data-storage-agent:7777"
+	Config.EntitiesManagementAgentURL = "entities-management-agent:7779"
+	Config.MaxMessageSize = 64
+	Config.PrometeusListenAddress = ":2112"
+	Config.MetricEnvironmentPrefix = "staging_data_storage_agent"
+	Config.ReplaceKey = false
+	Config.GlobalLogLevel = "info"

 	// Read Config File
 	if configFile != "" {
 @@ -113,123 +110,100 @@ func SetConfigValues(configFile, etcdURL string) error {
 		}
 	}

-	// Print all config values to log file
-	log.Printf("All Settings From Config:")
-	as := viper.AllSettings()
-	for key, _ := range as {
-		log.Printf("%s => %s", key, viper.GetString(key))
-	}
+	// Read Config File
+	if configFile != "" {
+		configName := strings.Split(filepath.Base(configFile), ".")[0]
+		configDir := filepath.Dir(configFile)
+		viper.SetConfigName(configName)
+		viper.AddConfigPath(configDir)
+		if err := viper.ReadInConfig(); err != nil {
+			errors.LogFormat(err, "can't read config, will use default values")
+		}
+	} else {
+		log.Printf("requesting config at "+etcdURL, "/"+os.Getenv("ENV_NAME")+"/"+os.Getenv("CI_PROJECT_NAME")+".json")
+		viper.AddRemoteProvider("etcd", etcdURL, "/"+os.Getenv("ENV_NAME")+"/"+os.Getenv("CI_PROJECT_NAME")+".json")
+		viper.SetConfigType("json")

-	CertificationMethod = viper.GetString("certificationMethod")
-	if CertificationMethod == "1" {
-		// Read From File System
-		P = FilePEMReader{certificationURL: viper.GetString("certificationURL"),
-			certificationToken:           viper.GetString("certificationToken"),
-			certificationPath:            viper.GetString("certificationPath"),
-			certificationCertFile:        viper.GetString("certificationCertFile"),
-			certificationKeyFile:         viper.GetString("certificationKeyFile"),
-			certificationCaCertFile:      viper.GetString("certificationCaCertFile"),
-			certificationVereignCertFile: viper.GetString("certificationVereignCertFile")}
-	} else if CertificationMethod == "2" {
-		// Read From Vault
-		P = VaultPEMReader{certificationURL: viper.GetString("certificationURL"),
-			certificationToken:           viper.GetString("certificationToken"),
-			certificationPath:            viper.GetString("certificationPath"),
-			certificationCertFile:        viper.GetString("certificationCertFile"),
-			certificationKeyFile:         viper.GetString("certificationKeyFile"),
-			certificationCaCertFile:      viper.GetString("certificationCaCertFile"),
-			certificationVereignCertFile: viper.GetString("certificationVereignCertFile")}
+		if err := viper.ReadRemoteConfig(); err != nil {
+			errors.LogFormat(err, "can't read config, will use default values")
+		}
 	}

-	// Encryption/Decryption Related
-	if viper.GetString("vaultEncryptionURL") == "" ||
-		viper.GetString("vaultEncryptionToken") == "" ||
-		viper.GetString("vaultEncryptionPath") == "" ||
-		viper.GetString("vaultEncryptionCertFile") == "" ||
-		viper.GetString("vaultEncryptionKeyFile") == "" {
-		log.Error("Some config values for encryption/decryption are missing!")
-		return errors.NewFormat("Some config values for encryption/decryption are missing!")
-	}
-	encryptionCertPEM, err := ReadEncryptionPEMFromVault(
-		viper.GetString("vaultEncryptionURL"),
-		viper.GetString("vaultEncryptionToken"),
-		viper.GetString("vaultEncryptionPath"),
-		viper.GetString("vaultEncryptionCertFile"))
-	if err != nil {
-		errors.LogFormat(err, "Vault Err")
-		return err
-	}
-	encryptionKeyPEM, err := ReadEncryptionPEMFromVault(
-		viper.GetString("vaultEncryptionURL"),
-		viper.GetString("vaultEncryptionToken"),
-		viper.GetString("vaultEncryptionPath"),
-		viper.GetString("vaultEncryptionKeyFile"))
+	err := viper.Unmarshal(&Config)
 	if err != nil {
-		errors.LogFormat(err, "Vault Err")
-		return err
+		log.Printf("unable to decode into config struct, %v", err)
 	}
-	var encryptionCerts []*x509.Certificate
-	encryptionCerts, EncryptionKey, err = clientutils.LoadCertAndKey(encryptionCertPEM, encryptionKeyPEM)
+}
+
+// CalculateConfigValues calculates config values using provided configuraion
+func calculateConfigValues() {
+	SystemAuth.Uuid = Config.SystemAuthentication.UUID
+	SystemAuth.Session = Config.SystemAuthentication.Session
+
+	Config.Certification.CertificatePEM = getCertificatePEM()
+	Config.Certification.PrivateKeyPEM = getPrivateKeyPEM()
+	Config.Certification.CaCertificatePEM = getCaCertificatePEM()
+	Config.Certification.VereignCertificatePEM = getVereignCertificatePEM()
+	Config.Certification.EncryptionCertificatePEM = getEncryptionCertificatePEM()
+	Config.Certification.EncryptionPrivateKeyPEM = getEncryptionPrivateKeyPEM()
+
+	var err error
+	Config.Certification.EncryptionCertificate, Config.Certification.EncryptionPrivateKey, err = clientutils.LoadCertAndKey(Config.Certification.EncryptionCertificatePEM, Config.Certification.EncryptionPrivateKeyPEM)
 	if err != nil {
-		errors.LogFormat(err, "Load Err")
-		return err
-	}
-	if len(encryptionCerts) != 1 {
-		log.Errorf("%d certs found in vaultEncryptionCertFile, 1 expected", len(encryptionCerts))
-		return err
+		log.Printf("Load Err: %v", err)
 	}
-	EncryptionCert = encryptionCerts[0]
-	keyPub, err := x509.MarshalPKIXPublicKey(EncryptionKey.Public())
+}
+
+func getCertificatePEM() []byte {
+	pem, err := ioutil.ReadFile(Config.Certification.Path + "/" + Config.Certification.CertificateFile)
 	if err != nil {
-		return err
+		errors.Log(err)
+		return []byte("")
 	}
-	certPub, err := x509.MarshalPKIXPublicKey(EncryptionCert.PublicKey)
+	return pem
+}
+
+func getCaCertificatePEM() []byte {
+	pem, err := ioutil.ReadFile(Config.Certification.Path + "/" + Config.Certification.CaCertificateFile)
 	if err != nil {
-		return err
-	}
-	if !bytes.Equal(keyPub, certPub) {
-		return errors.New("Encryption certificate public key does not correspond to encryption private key")
+		errors.Log(err)
+		return []byte("")
 	}
-
-	GrpcListenAddress = viper.GetString("grpcListenAddress")
-	RestListenAddress = viper.GetString("restListenAddress")
-
-	DataStorageUrl = viper.GetString("dataStorageUrl")
-	EntitiesManagerUrl = viper.GetString("entitiesManagerUrl")
-
-	ReplaceKey = viper.GetBool("replaceKey")
-
-	SystemAuth.Uuid = viper.GetString("viamUUID")
-	SystemAuth.Session = viper.GetString("viamSession")
-
-	MaxMessageSize = viper.GetInt("maxMessageSize")
-
-	PrometeusListenAddress = viper.GetString("prometeusListenAddress")
-
-	MetricEnvPrefix = viper.GetString("metricEnvPrefix")
-
-	GlobalLogLevel = viper.GetString("globalLogLevel")
-
-	CertificatePEM = GetCertificatePEM()
-	PrivateKeyPEM = GetPrivateKeyPEM()
-	CaCertificatePEM = GetCaCertificatePEM()
-	VereignCaCertificatePEM = GetVereignCaCertificatePEM()
-
-	return nil
+	return pem
 }

-func GetCertificatePEM() []byte {
-	return P.readCertificatePEM()
+func getPrivateKeyPEM() []byte {
+	pem, err := ioutil.ReadFile(Config.Certification.Path + "/" + Config.Certification.PrivateKeyFile)
+	if err != nil {
+		errors.Log(err)
+		return []byte("")
+	}
+	return pem
 }

-func GetPrivateKeyPEM() []byte {
-	return P.readPrivateKeyPEM()
+func getVereignCertificatePEM() []byte {
+	pem, err := ioutil.ReadFile(Config.Certification.Path + "/" + Config.Certification.CaCertificateFile)
+	if err != nil {
+		errors.Log(err)
+		return []byte("")
+	}
+	return pem
 }

-func GetCaCertificatePEM() []byte {
-	return P.readCaCertificatePEM()
+func getEncryptionCertificatePEM() []byte {
+	pem, err := ioutil.ReadFile(Config.Certification.Path + "/" + Config.Certification.EncryptionCertificateFile)
+	if err != nil {
+		errors.Log(err)
+		return []byte("")
+	}
+	return pem
 }

-func GetVereignCaCertificatePEM() []byte {
-	return P.readVereignCaCertificatePEM()
+func getEncryptionPrivateKeyPEM() []byte {
+	pem, err := ioutil.ReadFile(Config.Certification.Path + "/" + Config.Certification.EncryptionPrivateKeyFile)
+	if err != nil {
+		errors.Log(err)
+		return []byte("")
+	}
+	return pem
 }