Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[v15] Look for a license in the default location if no config is provided #49148

Merged
merged 1 commit into from
Nov 19, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 1 addition & 2 deletions docs/pages/includes/config-reference/auth-service.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -356,8 +356,7 @@ auth_service:
routing_strategy: unambiguous_match

# License file to start auth server with. Note that this setting is ignored
# in the Teleport Community Edition and is required only for Teleport Pro, Business
# and Enterprise subscription plans.
# in the Teleport Community Edition and is required only for Teleport Enterprise.
#
# The path can be either absolute or relative to the configured `data_dir`
# and should point to the license file obtained from Teleport Download
Expand Down
11 changes: 6 additions & 5 deletions lib/config/configuration_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -1923,11 +1923,6 @@ func TestLicenseFile(t *testing.T) {

cfg := servicecfg.MakeDefaultConfig()

// the license file should be empty by default, as we can only fill
// in the default (<datadir>/license.pem) after we know what the
// data dir is supposed to be
require.Empty(t, cfg.Auth.LicenseFile)

for i, tc := range testCases {
t.Run(fmt.Sprintf("test%d", i), func(t *testing.T) {
fc := new(FileConfig)
Expand All @@ -1941,6 +1936,12 @@ func TestLicenseFile(t *testing.T) {
}
}

func TestLicenseFileNoConfig(t *testing.T) {
cfg := servicecfg.MakeDefaultConfig()
require.NoError(t, Configure(new(CommandLineFlags), cfg, false /* legacy app flags */))
require.Equal(t, filepath.Join(defaults.DataDir, defaults.LicenseFile), cfg.Auth.LicenseFile)
}

// TestFIPS makes sure configuration is correctly updated/enforced when in
// FedRAMP/FIPS 140-2 mode.
func TestFIPS(t *testing.T) {
Expand Down
1 change: 1 addition & 0 deletions lib/service/servicecfg/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -564,6 +564,7 @@ func ApplyDefaults(cfg *Config) {
cfg.Auth.NetworkingConfig = types.DefaultClusterNetworkingConfig()
cfg.Auth.SessionRecordingConfig = types.DefaultSessionRecordingConfig()
cfg.Auth.Preference = types.DefaultAuthPreference()
cfg.Auth.LicenseFile = filepath.Join(cfg.DataDir, defaults.LicenseFile)
defaults.ConfigureLimiter(&cfg.Auth.Limiter)

cfg.Proxy.WebAddr = *defaults.ProxyWebListenAddr()
Expand Down
2 changes: 2 additions & 0 deletions lib/service/servicecfg/config_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import (
"fmt"
"io"
"log/slog"
"path/filepath"
"regexp"
"strings"
"testing"
Expand Down Expand Up @@ -90,6 +91,7 @@ func TestDefaultConfig(t *testing.T) {
require.Equal(t, defaults.LimiterMaxConcurrentUsers, auth.Limiter.MaxNumberOfUsers)
require.Equal(t, lite.GetName(), config.Auth.StorageConfig.Type)
require.Empty(t, auth.StorageConfig.Params[defaults.BackendPath])
require.Equal(t, filepath.Join(defaults.DataDir, defaults.LicenseFile), config.Auth.LicenseFile)

// SSH section
ssh := config.SSH
Expand Down
Loading