Rename internal/config to config (#380)

authenticate/authenticate.go

@@ -9,7 +9,7 @@ import (
 	"net/url"
 	"time"
 
-	"github.com/pomerium/pomerium/internal/config"
+	"github.com/pomerium/pomerium/config"
 	"github.com/pomerium/pomerium/internal/cryptutil"
 	"github.com/pomerium/pomerium/internal/encoding"
 	"github.com/pomerium/pomerium/internal/encoding/ecjson"

authenticate/authenticate_test.go

@@ -3,7 +3,7 @@ package authenticate
 import (
 	"testing"
 
-	"github.com/pomerium/pomerium/internal/config"
+	"github.com/pomerium/pomerium/config"
 )
 
 func newTestOptions(t *testing.T) *config.Options {

authorize/authorize.go

@@ -4,7 +4,7 @@ import (
 	"encoding/base64"
 	"fmt"
 
-	"github.com/pomerium/pomerium/internal/config"
+	"github.com/pomerium/pomerium/config"
 	"github.com/pomerium/pomerium/internal/log"
 	"github.com/pomerium/pomerium/internal/telemetry/metrics"
 )

authorize/authorize_test.go

@@ -3,7 +3,7 @@ package authorize
 import (
 	"testing"
 
-	"github.com/pomerium/pomerium/internal/config"
+	"github.com/pomerium/pomerium/config"
 )
 
 func TestNew(t *testing.T) {

authorize/identity.go

@@ -5,7 +5,7 @@ import (
 	"strings"
 	"sync"
 
-	"github.com/pomerium/pomerium/internal/config"
+	"github.com/pomerium/pomerium/config"
 	"github.com/pomerium/pomerium/internal/log"
 )
 

authorize/identity_test.go

@@ -3,7 +3,7 @@ package authorize
 import (
 	"testing"
 
-	"github.com/pomerium/pomerium/internal/config"
+	"github.com/pomerium/pomerium/config"
 )
 
 func TestIdentity_EmailDomain(t *testing.T) {

cmd/pomerium/main.go

@@ -13,7 +13,7 @@ import (
 
 	"github.com/pomerium/pomerium/authenticate"
 	"github.com/pomerium/pomerium/authorize"
-	"github.com/pomerium/pomerium/internal/config"
+	"github.com/pomerium/pomerium/config"
 	"github.com/pomerium/pomerium/internal/grpcutil"
 	"github.com/pomerium/pomerium/internal/httputil"
 	"github.com/pomerium/pomerium/internal/log"

cmd/pomerium/main_test.go

@@ -14,7 +14,7 @@ import (
 	"time"
 
 	"github.com/google/go-cmp/cmp"
-	"github.com/pomerium/pomerium/internal/config"
+	"github.com/pomerium/pomerium/config"
 	"github.com/pomerium/pomerium/internal/httputil"
 )
 

config/helpers.go

@@ -1,4 +1,4 @@
-package config // import "github.com/pomerium/pomerium/internal/config"
+package config // import "github.com/pomerium/pomerium/config"
 
 const (
 	// ServiceAll represents running all services in "all-in-one" mode

config/helpers_test.go

@@ -1,4 +1,4 @@
-package config // import "github.com/pomerium/pomerium/internal/config"
+package config // import "github.com/pomerium/pomerium/config"
 
 import (
 	"testing"

config/options.go

@@ -1,4 +1,4 @@
-package config // import "github.com/pomerium/pomerium/internal/config"
+package config // import "github.com/pomerium/pomerium/config"
 
 import (
 	"crypto/tls"
@@ -218,7 +218,7 @@ func NewDefaultOptions() *Options {
 func NewOptionsFromConfig(configFile string) (*Options, error) {
 	o, err := optionsFromViper(configFile)
 	if err != nil {
-		return nil, fmt.Errorf("internal/config: options from viper %w", err)
+		return nil, fmt.Errorf("config: options from viper %w", err)
 	}
 	if o.Debug {
 		log.SetDebugMode()
@@ -232,7 +232,7 @@ func NewOptionsFromConfig(configFile string) (*Options, error) {
 
 	checksumDec, err := strconv.ParseUint(o.Checksum(), 16, 64)
 	if err != nil {
-		log.Warn().Err(err).Msg("internal/config: could not parse config checksum into decimal")
+		log.Warn().Err(err).Msg("config: could not parse config checksum into decimal")
 	}
 	metrics.SetConfigChecksum(o.Services, checksumDec)
 
@@ -381,7 +381,7 @@ func (o *Options) Validate() error {
 	var err error
 
 	if !IsValidService(o.Services) {
-		return fmt.Errorf("internal/config: %s is an invalid service type", o.Services)
+		return fmt.Errorf("config: %s is an invalid service type", o.Services)
 	}
 
 	if IsAll(o.Services) {
@@ -407,18 +407,18 @@ func (o *Options) Validate() error {
 		// the HTTP health check api
 		if o.Addr == o.GRPCAddr {
 			o.Addr = DefaultAlternativeAddr
-			log.Warn().Str("Addr", o.Addr).Str("GRPCAddr", o.Addr).Msg("internal/config: default http handler changed")
+			log.Warn().Str("Addr", o.Addr).Str("GRPCAddr", o.Addr).Msg("config: default http handler changed")
 		}
 	}
 
 	if o.SharedKey == "" {
-		return errors.New("internal/config: shared-key cannot be empty")
+		return errors.New("config: shared-key cannot be empty")
 	}
 
 	if o.AuthenticateURLString != "" {
 		u, err := urlutil.ParseAndValidateURL(o.AuthenticateURLString)
 		if err != nil {
-			return fmt.Errorf("internal/config: bad authenticate-url %s : %v", o.AuthenticateURLString, err)
+			return fmt.Errorf("config: bad authenticate-url %s : %v", o.AuthenticateURLString, err)
 		}
 		o.AuthenticateURL = u
 	}
@@ -426,7 +426,7 @@ func (o *Options) Validate() error {
 	if o.AuthorizeURLString != "" {
 		u, err := urlutil.ParseAndValidateURL(o.AuthorizeURLString)
 		if err != nil {
-			return fmt.Errorf("internal/config: bad authorize-url %s : %w", o.AuthorizeURLString, err)
+			return fmt.Errorf("config: bad authorize-url %s : %w", o.AuthorizeURLString, err)
 		}
 		o.AuthorizeURL = u
 	}
@@ -434,20 +434,20 @@ func (o *Options) Validate() error {
 	if o.ForwardAuthURLString != "" {
 		u, err := urlutil.ParseAndValidateURL(o.ForwardAuthURLString)
 		if err != nil {
-			return fmt.Errorf("internal/config: bad forward-auth-url %s : %w", o.ForwardAuthURLString, err)
+			return fmt.Errorf("config: bad forward-auth-url %s : %w", o.ForwardAuthURLString, err)
 		}
 		o.ForwardAuthURL = u
 	}
 
 	if o.PolicyFile != "" {
-		return errors.New("internal/config: policy file setting is deprecated")
+		return errors.New("config: policy file setting is deprecated")
 	}
 	if err := o.parsePolicy(); err != nil {
-		return fmt.Errorf("internal/config: failed to parse policy: %w", err)
+		return fmt.Errorf("config: failed to parse policy: %w", err)
 	}
 
 	if err := o.parseHeaders(); err != nil {
-		return fmt.Errorf("internal/config: failed to parse headers: %w", err)
+		return fmt.Errorf("config: failed to parse headers: %w", err)
 	}
 
 	if _, disable := o.Headers[DisableHeaderKey]; disable {
@@ -455,13 +455,13 @@ func (o *Options) Validate() error {
 	}
 
 	if o.InsecureServer {
-		log.Warn().Msg("internal/config: insecure mode enabled")
+		log.Warn().Msg("config: insecure mode enabled")
 	} else if o.Cert != "" || o.Key != "" {
 		o.TLSCertificate, err = cryptutil.CertifcateFromBase64(o.Cert, o.Key)
 	} else if o.CertFile != "" || o.KeyFile != "" {
 		o.TLSCertificate, err = cryptutil.CertificateFromFile(o.CertFile, o.KeyFile)
 	} else {
-		err = errors.New("internal/config:no certificates supplied nor was insecure mode set")
+		err = errors.New("config:no certificates supplied nor was insecure mode set")
 	}
 	if err != nil {
 		return err
@@ -478,7 +478,7 @@ type OptionsUpdater interface {
 func (o *Options) Checksum() string {
 	hash, err := hashstructure.Hash(o, nil)
 	if err != nil {
-		log.Warn().Err(err).Msg("internal/config: checksum failure")
+		log.Warn().Err(err).Msg("config: checksum failure")
 		return "no checksum available"
 	}
 	return fmt.Sprintf("%x", hash)
@@ -487,24 +487,24 @@ func (o *Options) Checksum() string {
 func HandleConfigUpdate(configFile string, opt *Options, services []OptionsUpdater) *Options {
 	newOpt, err := NewOptionsFromConfig(configFile)
 	if err != nil {
-		log.Error().Err(err).Msg("internal/config: could not reload configuration")
+		log.Error().Err(err).Msg("config: could not reload configuration")
 		metrics.SetConfigInfo(opt.Services, false, "")
 		return opt
 	}
 	optChecksum := opt.Checksum()
 	newOptChecksum := newOpt.Checksum()
 
-	log.Debug().Str("old-checksum", optChecksum).Str("new-checksum", newOptChecksum).Msg("internal/config: checksum change")
+	log.Debug().Str("old-checksum", optChecksum).Str("new-checksum", newOptChecksum).Msg("config: checksum change")
 
 	if newOptChecksum == optChecksum {
-		log.Debug().Msg("internal/config: loaded configuration has not changed")
+		log.Debug().Msg("config: loaded configuration has not changed")
 		return opt
 	}
 
 	var updateFailed bool
 	for _, service := range services {
 		if err := service.UpdateOptions(*newOpt); err != nil {
-			log.Error().Err(err).Msg("internal/config: could not update options")
+			log.Error().Err(err).Msg("config: could not update options")
 			updateFailed = true
 			metrics.SetConfigInfo(opt.Services, false, "")
 		}

config/policy.go

@@ -1,4 +1,4 @@
-package config // import "github.com/pomerium/pomerium/internal/config"
+package config // import "github.com/pomerium/pomerium/config"
 
 import (
 	"crypto/tls"
@@ -77,45 +77,45 @@ func (p *Policy) Validate() error {
 	var err error
 	p.Source, err = urlutil.ParseAndValidateURL(p.From)
 	if err != nil {
-		return fmt.Errorf("internal/config: policy bad source url %s", err)
+		return fmt.Errorf("config: policy bad source url %s", err)
 	}
 
 	p.Destination, err = urlutil.ParseAndValidateURL(p.To)
 	if err != nil {
-		return fmt.Errorf("internal/config: policy bad destination url %s", err)
+		return fmt.Errorf("config: policy bad destination url %s", err)
 	}
 
 	// Only allow public access if no other whitelists are in place
 	if p.AllowPublicUnauthenticatedAccess && (p.AllowedDomains != nil || p.AllowedGroups != nil || p.AllowedEmails != nil) {
-		return fmt.Errorf("internal/config: policy route marked as public but contains whitelists")
+		return fmt.Errorf("config: policy route marked as public but contains whitelists")
 	}
 
 	if (p.TLSClientCert == "" && p.TLSClientKey != "") || (p.TLSClientCert != "" && p.TLSClientKey == "") ||
 		(p.TLSClientCertFile == "" && p.TLSClientKeyFile != "") || (p.TLSClientCertFile != "" && p.TLSClientKeyFile == "") {
-		return fmt.Errorf("internal/config: client certificate key and cert both must be non-empty")
+		return fmt.Errorf("config: client certificate key and cert both must be non-empty")
 	}
 
 	if p.TLSClientCert != "" && p.TLSClientKey != "" {
 		p.ClientCertificate, err = cryptutil.CertifcateFromBase64(p.TLSClientCert, p.TLSClientKey)
 		if err != nil {
-			return fmt.Errorf("internal/config: couldn't decode client cert %v", err)
+			return fmt.Errorf("config: couldn't decode client cert %v", err)
 		}
 	} else if p.TLSClientCertFile != "" && p.TLSClientKeyFile != "" {
 		p.ClientCertificate, err = cryptutil.CertificateFromFile(p.TLSClientCertFile, p.TLSClientKeyFile)
 		if err != nil {
-			return fmt.Errorf("internal/config: couldn't load client cert file %v", err)
+			return fmt.Errorf("config: couldn't load client cert file %v", err)
 		}
 	}
 
 	if p.TLSCustomCA != "" {
 		p.RootCAs, err = cryptutil.CertPoolFromBase64(p.TLSCustomCA)
 		if err != nil {
-			return fmt.Errorf("internal/config: couldn't decode custom ca %v", err)
+			return fmt.Errorf("config: couldn't decode custom ca %v", err)
 		}
 	} else if p.TLSCustomCAFile != "" {
 		p.RootCAs, err = cryptutil.CertPoolFromFile(p.TLSCustomCAFile)
 		if err != nil {
-			return fmt.Errorf("internal/config: couldn't load custom ca file %v", err)
+			return fmt.Errorf("config: couldn't load custom ca file %v", err)
 		}
 	}
 

proxy/handlers_test.go

@@ -11,7 +11,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/pomerium/pomerium/internal/config"
+	"github.com/pomerium/pomerium/config"
 	"github.com/pomerium/pomerium/internal/encoding"
 	"github.com/pomerium/pomerium/internal/encoding/mock"
 	"github.com/pomerium/pomerium/internal/httputil"

proxy/proxy.go

@@ -12,7 +12,7 @@ import (
 
 	"github.com/gorilla/mux"
 
-	"github.com/pomerium/pomerium/internal/config"
+	"github.com/pomerium/pomerium/config"
 	"github.com/pomerium/pomerium/internal/cryptutil"
 	"github.com/pomerium/pomerium/internal/encoding"
 	"github.com/pomerium/pomerium/internal/encoding/jws"

proxy/proxy_test.go

@@ -7,7 +7,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/pomerium/pomerium/internal/config"
+	"github.com/pomerium/pomerium/config"
 )
 
 func testOptions(t *testing.T) config.Options {