mirror of
https://github.com/opentofu/opentofu.git
synced 2024-12-27 09:21:14 -06:00
75e5ae27a2
* Add mTLS support for http backend by way of client cert & key, as well as enterprise cacert. * Fix style. * Skip cert validation to be sure error is related to missing client cert; not untrusted server cert. * Remove misplaced err check. * Fix the size of test using http backend. * Just for correctness, include all certs in the pem encoded cert - sometimes certs come with a chain of their signers. * Adjusted names as recommended in PR comments. * Adjusted names to be full-length and more descriptive. * Added full-fledged testing with mTLS http server * Fix goimports. * Fix the names of the backend config. * Exclusive lock for write and delete. * Revert "Fix goimports." This reverts commit 7d40f6099fbbb675fb2e25e35ee40aeafe3d0a22. * goimports just for server test. * Added the go:generation for the mock. * Move the TLS configuration out to make it more readable - don't replace the HTTPClient as the retryablehttp already creates one - just configure its TLS. * Just switch the client/data params - felt more natural this way. * Update internal/backend/remote-state/http/backend.go Co-authored-by: kmoe <5575356+kmoe@users.noreply.github.com> * Update internal/backend/remote-state/http/testdata/gencerts.sh Co-authored-by: kmoe <5575356+kmoe@users.noreply.github.com> * Update internal/backend/remote-state/http/backend.go Co-authored-by: kmoe <5575356+kmoe@users.noreply.github.com> * Update internal/backend/remote-state/http/backend.go Co-authored-by: kmoe <5575356+kmoe@users.noreply.github.com> * Update internal/backend/remote-state/http/backend.go Co-authored-by: kmoe <5575356+kmoe@users.noreply.github.com> * Update internal/backend/remote-state/http/backend.go Co-authored-by: kmoe <5575356+kmoe@users.noreply.github.com> * the location of the file name is not sensitive. * Added error if only one of client_certificate_pem and client_private_key_pem are set. * Remove testify from test cases; use t.Error* for assert and t.Fatal* for require. * Fixed import consistency * Just use default openssl. * Since file(...) is so trivial to use, changed the client cert, key, and ca cert to be the data. See also https://github.com/hashicorp/terraform-provider-http/pull/211 Co-authored-by: Sheridan C Rawlins <scr@ouryahoo.com> Co-authored-by: kmoe <5575356+kmoe@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| addrs | ||
| backend | ||
| builtin | ||
| checks | ||
| cloud | ||
| command | ||
| communicator | ||
| configs | ||
| copy | ||
| dag | ||
| depsfile | ||
| didyoumean | ||
| e2e | ||
| earlyconfig | ||
| experiments | ||
| getmodules | ||
| getproviders | ||
| grpcwrap | ||
| helper/slowmessage | ||
| httpclient | ||
| initwd | ||
| instances | ||
| ipaddr | ||
| lang | ||
| legacy | ||
| logging | ||
| modsdir | ||
| moduledeps | ||
| moduletest | ||
| plans | ||
| plugin | ||
| plugin6 | ||
| provider-simple | ||
| provider-simple-v6 | ||
| provider-terraform/main | ||
| providercache | ||
| providers | ||
| provisioner-local-exec/main | ||
| provisioners | ||
| refactoring | ||
| registry | ||
| repl | ||
| replacefile | ||
| states | ||
| terminal | ||
| terraform | ||
| tfdiags | ||
| tfplugin5 | ||
| tfplugin6 | ||