restructure config

Signed-off-by: WashingtonKK <[email protected]>

cmd/agent/main.go

@@ -100,13 +100,13 @@ func main() {
 
 	grpcServerConfig := server.AgentConfig{
 		BaseConfig: grpcClient.BaseConfig{
-			URL: fmt.Sprintf("%s:%s", cfg.AgentConfig.Host, cfg.AgentConfig.Port),
+			URL:          fmt.Sprintf("%s:%s", cfg.AgentConfig.Host, cfg.AgentConfig.Port),
+			CertFile:     cfg.AgentConfig.CertFile,
+			KeyFile:      cfg.AgentConfig.KeyFile,
+			ServerCAFile: cfg.AgentConfig.ServerCAFile,
+			ClientCAFile: cfg.AgentConfig.ClientCAFile,
 		},
-		CertFile:     cfg.AgentConfig.CertFile,
-		KeyFile:      cfg.AgentConfig.KeyFile,
-		ServerCAFile: cfg.AgentConfig.ServerCAFile,
-		ClientCAFile: cfg.AgentConfig.ClientCAFile,
-		AttestedTLS:  cfg.AgentConfig.AttestedTls,
+		AttestedTLS: cfg.AgentConfig.AttestedTls,
 	}
 
 	registerAgentServiceServer := func(srv *grpc.Server) {

internal/server/grpc/grpc_test.go

@@ -94,10 +94,10 @@ func TestServerStartWithTLS(t *testing.T) {
 
 	config := server.AgentConfig{
 		BaseConfig: grpcClient.BaseConfig{
-			URL: "localhost:0",
+			URL:      "localhost:0",
+			CertFile: string(cert),
+			KeyFile:  string(key),
 		},
-		CertFile: string(cert),
-		KeyFile:  string(key),
 	}
 
 	logBuffer := &ThreadSafeBuffer{}

internal/server/server.go

@@ -21,11 +21,7 @@ type Server interface {
 
 type AgentConfig struct {
 	grpc.BaseConfig
-	CertFile     string `env:"SERVER_CERT"        envDefault:""`
-	KeyFile      string `env:"SERVER_KEY"         envDefault:""`
-	ServerCAFile string `env:"SERVER_CA_CERTS"    envDefault:""`
-	ClientCAFile string `env:"CLIENT_CA_CERTS"    envDefault:""`
-	AttestedTLS  bool   `env:"ATTESTED_TLS"       envDefault:"false"`
+	AttestedTLS bool `env:"ATTESTED_TLS"       envDefault:"false"`
 }
 
 type BaseServer struct {

pkg/clients/grpc/connect.go

@@ -50,18 +50,20 @@ var (
 )
 
 type BaseConfig struct {
-	URL     string        `env:"URL"             envDefault:"localhost:7001"`
-	Timeout time.Duration `env:"TIMEOUT"         envDefault:"60s"`
+	URL          string        `env:"URL"             envDefault:"localhost:7001"`
+	Timeout      time.Duration `env:"TIMEOUT"         envDefault:"60s"`
+	ClientCert   string        `env:"CLIENT_CERT"     envDefault:""`
+	ClientKey    string        `env:"CLIENT_KEY"      envDefault:""`
+	ServerCAFile string        `env:"SERVER_CA_CERTS" envDefault:""`
+	CertFile     string        `env:"SERVER_CERT"        envDefault:""`
+	KeyFile      string        `env:"SERVER_KEY"         envDefault:""`
+	ClientCAFile string        `env:"CLIENT_CA_CERTS"    envDefault:""`
 }
 
 type ManagerConfig struct {
 	BaseConfig
-	ClientCert   string `env:"CLIENT_CERT"     envDefault:""`
-	ClientKey    string `env:"CLIENT_KEY"      envDefault:""`
-	ServerCAFile string `env:"SERVER_CA_CERTS" envDefault:""`
-	BackendInfo  string `env:"BACKEND_INFO"    envDefault:""`
-	ClientTLS  bool   `env:"CLIENT_TLS"    envDefault:"false"`
-
+	BackendInfo string `env:"BACKEND_INFO"    envDefault:""`
+	ClientTLS   bool   `env:"CLIENT_TLS"    envDefault:"false"`
 }
 
 type Client interface {

pkg/clients/grpc/connect_test.go

@@ -50,9 +50,9 @@ func TestNewClient(t *testing.T) {
 			name: "Success with TLS",
 			cfg: ManagerConfig{
 				BaseConfig: BaseConfig{
-					URL: "localhost:7001",
+					URL:          "localhost:7001",
+					ServerCAFile: caCertFile,
 				},
-				ServerCAFile: caCertFile,
 			},
 			wantErr: false,
 			err:     nil,
@@ -61,11 +61,11 @@ func TestNewClient(t *testing.T) {
 			name: "Success with mTLS",
 			cfg: ManagerConfig{
 				BaseConfig: BaseConfig{
-					URL: "localhost:7001",
+					URL:          "localhost:7001",
+					ServerCAFile: caCertFile,
+					ClientCert:   clientCertFile,
+					ClientKey:    clientKeyFile,
 				},
-				ServerCAFile: caCertFile,
-				ClientCert:   clientCertFile,
-				ClientKey:    clientKeyFile,
 			},
 			wantErr: false,
 			err:     nil,
@@ -74,9 +74,9 @@ func TestNewClient(t *testing.T) {
 			name: "Fail with invalid ServerCAFile",
 			cfg: ManagerConfig{
 				BaseConfig: BaseConfig{
-					URL: "localhost:7001",
+					URL:          "localhost:7001",
+					ServerCAFile: "nonexistent.pem",
 				},
-				ServerCAFile: "nonexistent.pem",
 			},
 			wantErr: true,
 			err:     errFailedToLoadRootCA,
@@ -85,11 +85,11 @@ func TestNewClient(t *testing.T) {
 			name: "Fail with invalid ClientCert",
 			cfg: ManagerConfig{
 				BaseConfig: BaseConfig{
-					URL: "localhost:7001",
+					URL:          "localhost:7001",
+					ServerCAFile: caCertFile,
+					ClientCert:   "nonexistent.pem",
+					ClientKey:    clientKeyFile,
 				},
-				ServerCAFile: caCertFile,
-				ClientCert:   "nonexistent.pem",
-				ClientKey:    clientKeyFile,
 			},
 			wantErr: true,
 			err:     errFailedToLoadClientCertKey,
@@ -98,11 +98,11 @@ func TestNewClient(t *testing.T) {
 			name: "Fail with invalid ClientKey",
 			cfg: ManagerConfig{
 				BaseConfig: BaseConfig{
-					URL: "localhost:7001",
+					URL:          "localhost:7001",
+					ServerCAFile: caCertFile,
+					ClientCert:   clientCertFile,
+					ClientKey:    "nonexistent.pem",
 				},
-				ServerCAFile: caCertFile,
-				ClientCert:   clientCertFile,
-				ClientKey:    "nonexistent.pem",
 			},
 			wantErr: true,
 			err:     errFailedToLoadClientCertKey,