* Added internal CA bundle for better capability with docker base images

echocat · Aug 8, 2016 · 4b6068d · 4b6068d
1 parent 5408e0c
commit 4b6068d
Show file tree

Hide file tree

Showing 7 changed files with 4,336 additions and 16 deletions.
diff --git a/LICENSE b/LICENSE
@@ -1,4 +1,4 @@
-https-enabler
+site24x7_exporter
 The MIT License (MIT)
 
 Copyright (c) echocat

diff --git a/README.md b/README.md
@@ -10,7 +10,7 @@ Download your version from the [releases page](https://github.com/echocat/site24
 
 Example:
 ```bash
-sudo curl -SL https://github.com/echocat/site24x7_exporter/releases/download/v0.1.0/site24x7_exporter-linux-amd64 \
+sudo curl -SL https://github.com/echocat/site24x7_exporter/releases/download/v0.1.4/site24x7_exporter-linux-amd64 \
     > /usr/bin/site24x7_exporter
 sudo chmod +x /usr/bin/site24x7_exporter
 ```

diff --git a/build.gradle b/build.gradle
@@ -5,7 +5,7 @@ plugins {
 
 final name = 'site24x7_exporter'
 group 'github.com/echocat/site24x7_exporter'
-version '0.1.3'
+version '0.1.4'
 
 dependencies {
     build 'github.com/prometheus/client_golang'

diff --git a/exporter.go b/exporter.go
@@ -10,6 +10,8 @@ import (
 	"net/url"
 	"sync"
 	"time"
+	"crypto/tls"
+	"github.com/echocat/site24x7_exporter/utils"
 )
 
 var (
@@ -44,6 +46,9 @@ func NewSite24x7Exporter(accessToken string, timeout time.Duration) *Site24x7Exp
 		}),
 		client: &http.Client{
 			Transport: &http.Transport{
+				TLSClientConfig: &tls.Config{
+					RootCAs: utils.LoadInternalCaBundle(),
+				},
 				Dial: func(netw, addr string) (net.Conn, error) {
 					c, err := net.DialTimeout(netw, addr, timeout)
 					if err != nil {

diff --git a/server.go b/server.go
@@ -2,23 +2,12 @@ package main
 
 import (
 	"crypto/tls"
-	"crypto/x509"
 	"github.com/prometheus/client_golang/prometheus"
-	"io/ioutil"
 	"log"
 	"net/http"
+	"github.com/echocat/site24x7_exporter/utils"
 )
 
-func loadCertificatesFrom(pemFile string) (*x509.CertPool, error) {
-	caCert, err := ioutil.ReadFile(pemFile)
-	if err != nil {
-		return nil, err
-	}
-	certificates := x509.NewCertPool()
-	certificates.AppendCertsFromPEM(caCert)
-	return certificates, nil
-}
-
 type bufferedLogWriter struct {
 	buf []byte
 }
@@ -49,7 +38,7 @@ func startServer(metricsPath, listenAddress, tlsCert, tlsPrivateKey, tlsClientCa
 	if len(tlsCert) > 0 {
 		clientValidation := "no"
 		if len(tlsClientCa) > 0 && len(tlsCert) > 0 {
-			certificates, err := loadCertificatesFrom(tlsClientCa)
+			certificates, err := utils.LoadCertificatesFrom(tlsClientCa)
 			if err != nil {
 				log.Fatalf("Couldn't load client CAs from %s. Got: %s", tlsClientCa, err)
 			}

diff --git a/utils/caBundle.go b/utils/caBundle.go
diff --git a/utils/tls.go b/utils/tls.go
@@ -0,0 +1,24 @@
+package utils
+
+import (
+	"crypto/x509"
+	"io/ioutil"
+)
+
+func LoadInternalCaBundle() *x509.CertPool {
+	certificates := x509.NewCertPool()
+	certificates.AppendCertsFromPEM([]byte(caBundle))
+	return certificates
+}
+
+func LoadCertificatesFrom(pemFile string) (*x509.CertPool, error) {
+	caCert, err := ioutil.ReadFile(pemFile)
+	if err != nil {
+		return nil, err
+	}
+	certificates := x509.NewCertPool()
+	certificates.AppendCertsFromPEM(caCert)
+	return certificates, nil
+}
+
+