add yaml tags to all pointers in config (#397)

config/options.go

@@ -66,7 +66,7 @@ type Options struct {
 	KeyFile  string `mapstructure:"certificate_key_file" yaml:"certificate_key_file,omitempty"`
 
 	// TLSCertificate is the hydrated tls.Certificate.
-	TLSCertificate *tls.Certificate
+	TLSCertificate *tls.Certificate `yaml:",omitempty"`
 
 	// HttpRedirectAddr, if set, specifies the host and port to run the HTTP
 	// to HTTPS redirect server on. If empty, no redirect server is started.
@@ -80,13 +80,13 @@ type Options struct {
 
 	// Policies define per-route configuration and access control policies.
 	Policies   []Policy
-	PolicyEnv  string
+	PolicyEnv  string `yaml:",omitempty"`
 	PolicyFile string `mapstructure:"policy_file" yaml:"policy_file,omitempty"`
 
 	// AuthenticateURL represents the externally accessible http endpoints
 	// used for authentication requests and callbacks
-	AuthenticateURLString string `mapstructure:"authenticate_service_url" yaml:"authenticate_service_url,omitempty"`
+	AuthenticateURLString string   `mapstructure:"authenticate_service_url" yaml:"authenticate_service_url,omitempty"`
-	AuthenticateURL       *url.URL
+	AuthenticateURL       *url.URL `yaml:"-,omitempty"`
 
 	// Session/Cookie management
 	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie
@@ -114,8 +114,8 @@ type Options struct {
 	// AuthorizeURL is the routable destination of the authorize service's
 	// gRPC endpoint. NOTE: As many load balancers do not support
 	// externally routed gRPC so this may be an internal location.
-	AuthorizeURLString string `mapstructure:"authorize_service_url" yaml:"authorize_service_url,omitempty"`
+	AuthorizeURLString string   `mapstructure:"authorize_service_url" yaml:"authorize_service_url,omitempty"`
-	AuthorizeURL       *url.URL
+	AuthorizeURL       *url.URL `yaml:",omitempty"`
 
 	// Settings to enable custom behind-the-ingress service communication
 	OverrideCertificateName string `mapstructure:"override_certificate_name" yaml:"override_certificate_name,omitempty"`
@@ -127,8 +127,8 @@ type Options struct {
 	SigningKey string `mapstructure:"signing_key" yaml:"signing_key,omitempty"`
 
 	// Headers to set on all proxied requests. Add a 'disable' key map to turn off.
-	HeadersEnv string
+	HeadersEnv string            `yaml:",omitempty"`
-	Headers    map[string]string
+	Headers    map[string]string `yaml:",omitempty"`
 
 	// RefreshCooldown limits the rate a user can refresh her session
 	RefreshCooldown time.Duration `mapstructure:"refresh_cooldown" yaml:"refresh_cooldown,omitempty"`
@@ -171,8 +171,8 @@ type Options struct {
 	// allow you to delegate and authenticate each request to your website
 	// with an external server or service. Pomerium can be configured to accept
 	// these requests with this switch
-	ForwardAuthURLString string `mapstructure:"forward_auth_url" yaml:"forward_auth_url,omitempty"`
+	ForwardAuthURLString string   `mapstructure:"forward_auth_url" yaml:"forward_auth_url,omitempty"`
-	ForwardAuthURL       *url.URL
+	ForwardAuthURL       *url.URL `yaml:",omitempty"`
 
 	viper *viper.Viper
 }

config/policy.go

@@ -20,8 +20,8 @@ type Policy struct {
 	AllowedGroups  []string `mapstructure:"allowed_groups" yaml:"allowed_groups,omitempty"`
 	AllowedDomains []string `mapstructure:"allowed_domains" yaml:"allowed_domains,omitempty"`
 
-	Source      *url.URL
+	Source      *url.URL `yaml:",omitempty"`
-	Destination *url.URL
+	Destination *url.URL `yaml:",omitempty"`
 
 	// Allow unauthenticated HTTP OPTIONS requests as per the CORS spec
 	// https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Preflighted_requests
@@ -54,17 +54,17 @@ type Policy struct {
 
 	// TLSCustomCA defines the  root certificate to use with a given
 	// route when verifying server certificates.
-	TLSCustomCA     string `mapstructure:"tls_custom_ca" yaml:"tls_custom_ca,omitempty"`
+	TLSCustomCA     string         `mapstructure:"tls_custom_ca" yaml:"tls_custom_ca,omitempty"`
-	TLSCustomCAFile string `mapstructure:"tls_custom_ca_file" yaml:"tls_custom_ca_file,omitempty"`
+	TLSCustomCAFile string         `mapstructure:"tls_custom_ca_file" yaml:"tls_custom_ca_file,omitempty"`
-	RootCAs         *x509.CertPool
+	RootCAs         *x509.CertPool `yaml:",omitempty"`
 
 	// Contains the x.509 client certificate to to present to the downstream
 	// host.
-	TLSClientCert     string `mapstructure:"tls_client_cert" yaml:"tls_client_cert,omitempty"`
+	TLSClientCert     string           `mapstructure:"tls_client_cert" yaml:"tls_client_cert,omitempty"`
-	TLSClientKey      string `mapstructure:"tls_client_key" yaml:"tls_client_key,omitempty"`
+	TLSClientKey      string           `mapstructure:"tls_client_key" yaml:"tls_client_key,omitempty"`
-	TLSClientCertFile string `mapstructure:"tls_client_cert_file" yaml:"tls_client_cert_file,omitempty"`
+	TLSClientCertFile string           `mapstructure:"tls_client_cert_file" yaml:"tls_client_cert_file,omitempty"`
-	TLSClientKeyFile  string `mapstructure:"tls_client_key_file" yaml:"tls_client_key_file,omitempty"`
+	TLSClientKeyFile  string           `mapstructure:"tls_client_key_file" yaml:"tls_client_key_file,omitempty"`
-	ClientCertificate *tls.Certificate
+	ClientCertificate *tls.Certificate `yaml:",omitempty"`
 
 	// SetRequestHeaders adds a collection of headers to the downstream request
 	// in the form of key value pairs. Note bene, this will overwrite the

docs/docs/CHANGELOG.md

@@ -6,7 +6,9 @@
 
 ### Changed
 
-- Added yaml tags to all options structs [GH-394](https://github.com/pomerium/pomerium/pull/394)
+- Added yaml tags to all options struct fields
+  - [GH-394](https://github.com/pomerium/pomerium/pull/394)
+  - [GH-397](https://github.com/pomerium/pomerium/pull/397)
 
 ### Fixed