LoadConfig load and verify config in config file (Reuse some global config instance values). Should call conf.LoadConfig before use. e.g client.Init
(configPath string)
| 72 | // LoadConfig load and verify config in config file (Reuse some global config instance values). |
| 73 | // Should call conf.LoadConfig before use. e.g client.Init |
| 74 | func LoadConfig(configPath string) (config *Config, err error) { |
| 75 | var workingRoot string |
| 76 | var configBytes []byte |
| 77 | if configBytes, err = ioutil.ReadFile(configPath); err != nil { |
| 78 | log.WithError(err).Error("read config file failed") |
| 79 | } |
| 80 | configWrapper := &confWrapper{} |
| 81 | if err = yaml.Unmarshal(configBytes, configWrapper); err != nil { |
| 82 | log.WithError(err).Error("unmarshal config file failed") |
| 83 | return |
| 84 | } |
| 85 | |
| 86 | config = &configWrapper.Adapter |
| 87 | |
| 88 | if len(config.StorageDriver) == 0 { |
| 89 | config.StorageDriver = "covenantsql" |
| 90 | } |
| 91 | if config.StorageDriver == "covenantsql" { |
| 92 | workingRoot = conf.GConf.WorkingRoot |
| 93 | } else { |
| 94 | if workingRoot, err = os.Getwd(); err != nil { |
| 95 | return |
| 96 | } |
| 97 | } |
| 98 | |
| 99 | if config.CertificatePath == "" || config.PrivateKeyPath == "" { |
| 100 | // http mode |
| 101 | log.Info("running in http mode") |
| 102 | } else { |
| 103 | // tls mode |
| 104 | // init tls config |
| 105 | config.TLSConfig = &tls.Config{} |
| 106 | certPath := filepath.Join(workingRoot, config.CertificatePath) |
| 107 | privateKeyPath := filepath.Join(workingRoot, config.PrivateKeyPath) |
| 108 | |
| 109 | if config.ServerCertificate, err = tls.LoadX509KeyPair(certPath, privateKeyPath); err != nil { |
| 110 | return |
| 111 | } |
| 112 | |
| 113 | config.TLSConfig.Certificates = []tls.Certificate{config.ServerCertificate} |
| 114 | |
| 115 | if config.VerifyCertificate && config.ClientCAPath != "" { |
| 116 | clientCAPath := filepath.Join(workingRoot, config.ClientCAPath) |
| 117 | |
| 118 | // load client CA |
| 119 | caCertPool := x509.NewCertPool() |
| 120 | var caCert []byte |
| 121 | if caCert, err = ioutil.ReadFile(clientCAPath); err != nil { |
| 122 | return |
| 123 | } |
| 124 | caCertPool.AppendCertsFromPEM(caCert) |
| 125 | |
| 126 | config.ClientCertPool = caCertPool |
| 127 | config.TLSConfig.ClientCAs = caCertPool |
| 128 | config.TLSConfig.ClientAuth = tls.RequireAndVerifyClientCert |
| 129 | |
| 130 | // load admin certs |
| 131 | config.AdminCertificates = make([]*x509.Certificate, 0) |
no test coverage detected