zero: fix bootstrap config path

internal/zero/bootstrap/bootstrap.go

@@ -20,7 +20,6 @@ import (
 
 	"github.com/pomerium/pomerium/internal/log"
 	"github.com/pomerium/pomerium/internal/retry"
-	sdk "github.com/pomerium/pomerium/internal/zero/api"
 	connect_mux "github.com/pomerium/pomerium/internal/zero/connect-mux"
 )
 
@@ -34,17 +33,7 @@ const (
 )
 
 // Run initializes the bootstrap config source
-func (svc *Source) Run(
-	ctx context.Context,
-	api *sdk.API,
-	fileCachePath string,
-) error {
-	log.Ctx(ctx).Info().Str("bootstrap-config-path", fileCachePath).
-		Msg("initializing bootstrap config source")
-
-	svc.api = api
-	svc.fileCachePath = fileCachePath
-
+func (svc *Source) Run(ctx context.Context) error {
 	svc.tryLoadFromFile(ctx)
 
 	eg, ctx := errgroup.WithContext(ctx)
@@ -109,18 +98,27 @@ func (svc *Source) updateAndSave(ctx context.Context) error {
 		return fmt.Errorf("load bootstrap config from API: %w", err)
 	}
 
-	err = SaveBootstrapConfigToFile(cfg, svc.fileCachePath, svc.fileCipher)
+	svc.UpdateBootstrap(ctx, *cfg)
+
+	if svc.fileCachePath == nil {
+		return nil
+	}
+
+	err = SaveBootstrapConfigToFile(cfg, *svc.fileCachePath, svc.fileCipher)
 	if err != nil {
 		log.Ctx(ctx).Error().Err(err).
 			Msg("failed to save bootstrap config to file, note it may prevent Pomerium from starting up in case of connectivity issues")
 	}
 
-	svc.UpdateBootstrap(ctx, *cfg)
 	return nil
 }
 
 func (svc *Source) tryLoadFromFile(ctx context.Context) {
-	cfg, err := LoadBootstrapConfigFromFile(svc.fileCachePath, svc.fileCipher)
+	if svc.fileCachePath == nil {
+		return
+	}
+
+	cfg, err := LoadBootstrapConfigFromFile(*svc.fileCachePath, svc.fileCipher)
 	if err != nil {
 		log.Ctx(ctx).Error().Err(err).Msg("failed to load bootstrap config from file")
 		return

internal/zero/bootstrap/new.go

@@ -25,7 +25,7 @@ type Source struct {
 
 	api *sdk.API
 
-	fileCachePath string
+	fileCachePath *string
 	fileCipher    cipher.AEAD
 
 	checkForUpdate chan struct{}
@@ -33,7 +33,7 @@ type Source struct {
 }
 
 // New creates a new bootstrap config source
-func New(secret []byte) (*Source, error) {
+func New(secret []byte, fileCachePath *string, api *sdk.API) (*Source, error) {
 	cfg := new(config.Config)
 
 	err := setConfigDefaults(cfg)
@@ -54,7 +54,9 @@ func New(secret []byte) (*Source, error) {
 	}
 
 	svc := &Source{
+		api:            api,
 		source:         source{ready: make(chan struct{})},
+		fileCachePath:  fileCachePath,
 		fileCipher:     cipher,
 		checkForUpdate: make(chan struct{}, 1),
 	}

internal/zero/bootstrap/new_test.go

@@ -11,7 +11,7 @@ import (
 func TestConfigDeterministic(t *testing.T) {
 	secret := []byte("secret")
 
-	src, err := bootstrap.New(secret)
+	src, err := bootstrap.New(secret, nil, nil)
 	require.NoError(t, err)
 	cfg := src.GetConfig()
 	require.NotNil(t, cfg)
@@ -20,7 +20,7 @@ func TestConfigDeterministic(t *testing.T) {
 	require.NoError(t, cfg.Options.Validate())
 
 	// test that the config is deterministic
-	src2, err := bootstrap.New(secret)
+	src2, err := bootstrap.New(secret, nil, nil)
 	require.NoError(t, err)
 
 	cfg2 := src2.GetConfig()

internal/zero/bootstrap/source_test.go

@@ -18,7 +18,7 @@ func TestConfigChanges(t *testing.T) {
 
 	secret := []byte("secret")
 
-	src, err := bootstrap.New(secret)
+	src, err := bootstrap.New(secret, nil, nil)
 	require.NoError(t, err)
 
 	ptr := func(s string) *string { return &s }