fixes #2086 enables file watching on identities

- supporst root identities for controller/router - supports xweb identities for API bindings - supports controller signer identity
openziti · Jun 24, 2024 · e81ea6d · e81ea6d
1 parent 506d9de
commit e81ea6d
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 1 deletion.
diff --git a/controller/config.go b/controller/config.go
@@ -169,6 +169,10 @@ func LoadConfig(path string) (*Config, error) {
 		return nil, fmt.Errorf("unable to load identity (%s)", err)
 	} else {
 		controllerConfig.Id = identity.NewIdentity(id)
+
+		if err := controllerConfig.Id.WatchFiles(); err != nil {
+			pfxlog.Logger().Warn("could not enable file watching on identity: %w", err)
+		}
 	}
 
 	if value, found := cfgmap["network"]; found {

diff --git a/controller/config/config.go b/controller/config/config.go
@@ -351,6 +351,10 @@ func (c *Config) loadEnrollmentSection(edgeConfigMap map[interface{}]interface{}
 
 			if c.Enrollment.SigningCert, err = identity.LoadIdentity(c.Enrollment.SigningCertConfig); err != nil {
 				return fmt.Errorf("error loading [edge.enrollment.signingCert]: %s", err)
+			} else {
+				if err := c.Enrollment.SigningCert.WatchFiles(); err != nil {
+					pfxlog.Logger().Warn("could not enable file watching on enrollment signing cert: %w", err)
+				}
 			}
 
 		} else {

diff --git a/go.mod b/go.mod
@@ -81,6 +81,7 @@ require (
 	go4.org v0.0.0-20180809161055-417644f6feb5
 	golang.org/x/crypto v0.24.0
 	golang.org/x/net v0.26.0
+	golang.org/x/oauth2 v0.21.0
 	golang.org/x/sync v0.7.0
 	golang.org/x/sys v0.21.0
 	golang.org/x/text v0.16.0
@@ -184,7 +185,6 @@ require (
 	golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 // indirect
 	golang.org/x/image v0.13.0 // indirect
 	golang.org/x/mod v0.18.0 // indirect
-	golang.org/x/oauth2 v0.21.0 // indirect
 	golang.org/x/term v0.21.0 // indirect
 	golang.org/x/tools v0.22.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect

diff --git a/router/config.go b/router/config.go
@@ -410,6 +410,10 @@ func LoadConfig(path string) (*Config, error) {
 		return nil, fmt.Errorf("unable to load identity (%w)", err)
 	} else {
 		cfg.Id = identity.NewIdentity(id)
+
+		if err := cfg.Id.WatchFiles(); err != nil {
+			pfxlog.Logger().Warn("could not enable file watching on identity: %w", err)
+		}
 	}
 
 	if value, found := cfgmap[PathMapKey]; found {

diff --git a/router/internal/edgerouter/config.go b/router/internal/edgerouter/config.go
@@ -438,6 +438,10 @@ func (config *Config) ensureIdentity(rootConfigMap map[interface{}]interface{})
 
 	config.RouterConfig.Id = identity.NewIdentity(id)
 
+	if err := config.RouterConfig.Id.WatchFiles(); err != nil {
+		pfxlog.Logger().Warn("could not enable file watching on edge router identity: %w", err)
+	}
+
 	return nil
 }