Make TLS config consistent with Prometheus (#1685)

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>

https/README.md

@@ -9,16 +9,17 @@ If the config is kept within the https directory.
 The config file should be written in YAML format, and is reloaded on each connection to check for new certificates and/or authentication policy.
 
 ## Sample Config
+
 ```
-tlsConfig :
+tls_config:
   # Certificate and key files for server to use to authenticate to client
-  tlsCertPath : <filename>
+  cert_file: <filename>
-  tlsKeyPath : <filename>
+  key_file: <filename>
 
   # Server policy for client authentication. Maps to ClientAuth Policies
   # For more detail on clientAuth options: [ClientAuthType](https://golang.org/pkg/crypto/tls/#ClientAuthType)
-  [ clientAuth : <string> | default = "NoClientCert" ]
+  [ client_auth_type: <string> | default = "NoClientCert" ]
 
   # CA certificate for client certificate authentication to the server
-  [ clientCAs : <filename> ]
+  [ client_ca_file: <filename> ]
 ```

https/testdata/tls_config_auth_clientCAs_invalid.bad.yml

@@ -1,4 +1,4 @@
-tlsConfig :
+tls_config :
-  tlsCertPath : "testdata/server.crt"
+  cert_file : "testdata/server.crt"
-  tlsKeyPath : "testdata/server.key"
+  key_file : "testdata/server.key"
-  clientCAs : "somefile"
+  client_ca_file : "somefile"

https/testdata/tls_config_auth_clientCAs_missing.bad.yml

@@ -1,4 +1,4 @@
-tlsConfig :
+tls_config :
-  tlsCertPath : "testdata/server.crt"
+  cert_file : "testdata/server.crt"
-  tlsKeyPath : "testdata/server.key"
+  key_file : "testdata/server.key"
-  clientAuth : "RequireAndVerifyClientCert"
+  client_auth_type : "RequireAndVerifyClientCert"

https/testdata/tls_config_noAuth.bad.yml

@@ -1,4 +1,4 @@
-tlsConfig :
+tls_config :
-  tlsCertPath : "testdata/server.crt"
+  cert_file : "testdata/server.crt"
-  tlsKeyPath : "testdata/server.key"
+  key_file : "testdata/server.key"
-  clientCAs : "testdata/tls-ca-chain.pem" 
+  client_ca_file : "testdata/tls-ca-chain.pem" 

https/testdata/tls_config_noAuth.good.blocking.yml

@@ -1,5 +1,5 @@
-tlsConfig :
+tls_config :
-  tlsCertPath : "testdata/server.crt"
+  cert_file : "testdata/server.crt"
-  tlsKeyPath : "testdata/server.key"
+  key_file : "testdata/server.key"
-  clientAuth : "RequireAndVerifyClientCert"
+  client_auth_type : "RequireAndVerifyClientCert"
-  clientCAs: "testdata/tls-ca-chain.pem"
+  client_ca_file: "testdata/tls-ca-chain.pem"

https/testdata/tls_config_noAuth.good.yml

@@ -1,5 +1,5 @@
-tlsConfig :
+tls_config :
-  tlsCertPath : "testdata/server.crt"
+  cert_file : "testdata/server.crt"
-  tlsKeyPath : "testdata/server.key"
+  key_file : "testdata/server.key"
-  clientAuth : "VerifyClientCertIfGiven"
+  client_auth_type : "VerifyClientCertIfGiven"
-  clientCAs : "testdata/tls-ca-chain.pem"
+  client_ca_file : "testdata/tls-ca-chain.pem"

https/testdata/tls_config_noAuth_certPath_empty.bad.yml

@@ -1,3 +1,3 @@
-tlsConfig :
+tls_config :
-  tlsCertPath : ""
+  cert_file : ""
-  tlsKeyPath : "testdata/server.key"
+  key_file : "testdata/server.key"

https/testdata/tls_config_noAuth_certPath_invalid.bad.yml

@@ -1,3 +1,3 @@
-tlsConfig :
+tls_config :
-  tlsCertPath : "somefile"
+  cert_file : "somefile"
-  tlsKeyPath : "testdata/server.key"
+  key_file : "testdata/server.key"

https/testdata/tls_config_noAuth_certPath_keyPath_empty.bad.yml

@@ -1,3 +1,3 @@
-tlsConfig :
+tls_config :
-  tlsCertPath : ""
+  cert_file : ""
-  tlsKeyPath : ""
+  key_file : ""

https/testdata/tls_config_noAuth_certPath_keyPath_invalid.bad.yml

@@ -1,3 +1,3 @@
-tlsConfig :
+tls_config :
-  tlsCertPath : "somefile"
+  cert_file : "somefile"
-  tlsKeyPath : "somefile"
+  key_file : "somefile"

https/testdata/tls_config_noAuth_keyPath_empty.bad.yml

@@ -1,3 +1,3 @@
-tlsConfig :
+tls_config :
-  tlsCertPath : "testdata/server.crt"
+  cert_file : "testdata/server.crt"
-  tlsKeyPath : ""
+  key_file : ""

https/testdata/tls_config_noAuth_keyPath_invalid.bad.yml

@@ -1,3 +1,3 @@
-tlsConfig :
+tls_config :
-  tlsCertPath : "testdata/server.cert"
+  cert_file : "testdata/server.cert"
-  tlsKeyPath : "somefile"
+  key_file : "somefile"

https/tls_config.go

@@ -25,14 +25,14 @@ import (
 )
 
 type Config struct {
-	TLSConfig TLSStruct `yaml:"tlsConfig"`
+	TLSConfig TLSStruct `yaml:"tls_config"`
 }
 
 type TLSStruct struct {
-	TLSCertPath string `yaml:"tlsCertPath"`
+	TLSCertPath string `yaml:"cert_file"`
-	TLSKeyPath  string `yaml:"tlsKeyPath"`
+	TLSKeyPath  string `yaml:"key_file"`
-	ClientAuth  string `yaml:"clientAuth"`
+	ClientAuth  string `yaml:"client_auth_type"`
-	ClientCAs   string `yaml:"clientCAs"`
+	ClientCAs   string `yaml:"client_ca_file"`
 }
 
 func getTLSConfig(configPath string) (*tls.Config, error) {

https/web-config.yml

@@ -1,10 +1,11 @@
-tlsConfig :
+tls_config:
   # Certificate and key files for server to use to authenticate to client
-  tlsCertPath : <filename>
+  cert_file: <filename>
-  tlsKeyPath : <filename>
+  key_file: <filename>
 
   # Server policy for client authentication. Maps to ClientAuth Policies
-  [ clientAuth : <string> ]
+  # For more detail on clientAuth options: [ClientAuthType](https://golang.org/pkg/crypto/tls/#ClientAuthType)
+  [ client_auth_type: <string> | default = "NoClientCert" ]
 
   # CA certificate for client certificate authentication to the server
-  [ clientCAs : <filename> ]
+  [ client_ca_file: <filename> ]