From 320cd0f1acd767c9b105eafac06e9ba875fe145a Mon Sep 17 00:00:00 2001 From: Mahesh Shekhar <mahesh.shekhar@equalexperts.com> Date: Thu, 6 Jun 2024 17:57:21 +0530 Subject: [PATCH 1/3] Added Mtls binding for cloudflare --- .changelog/2366.txt | 3 +++ workers_bindings.go | 29 +++++++++++++++++++++++++++++ workers_bindings_test.go | 22 +++++++++++++++++++--- workers_test.go | 5 +++++ 4 files changed, 56 insertions(+), 3 deletions(-) create mode 100644 .changelog/2366.txt diff --git a/.changelog/2366.txt b/.changelog/2366.txt new file mode 100644 index 00000000000..dc8b52f0ea3 --- /dev/null +++ b/.changelog/2366.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +workers: Add mTLS cert binding for Cloudflare Workers +``` \ No newline at end of file diff --git a/workers_bindings.go b/workers_bindings.go index 0516c5b3f72..d152542a066 100644 --- a/workers_bindings.go +++ b/workers_bindings.go @@ -46,6 +46,8 @@ const ( DispatchNamespaceBindingType WorkerBindingType = "dispatch_namespace" // WorkerD1DataseBindingType is for D1 databases. WorkerD1DataseBindingType WorkerBindingType = "d1" + // WorkerMtlsCertificateBindingType is for mtls certificates. + WorkerMtlsCertificateBindingType WorkerBindingType = "mtls_certificate" ) type ListWorkerBindingsParams struct { @@ -433,6 +435,28 @@ func (b WorkerD1DatabaseBinding) serialize(bindingName string) (workerBindingMet }, nil, nil } +// WorkerMtlsCertificateBinding is a binding to a mtls certificate. +type WorkerMtlsCertificateBinding struct { + CertificateID string +} + +// Type returns the type of the binding. +func (b WorkerMtlsCertificateBinding) Type() WorkerBindingType { + return WorkerMtlsCertificateBindingType +} + +func (b WorkerMtlsCertificateBinding) serialize(bindingName string) (workerBindingMeta, workerBindingBodyWriter, error) { + if b.CertificateID == "" { + return nil, nil, fmt.Errorf(`certificate ID for binding "%s" cannot be empty`, bindingName) + } + + return workerBindingMeta{ + "name": bindingName, + "type": b.Type(), + "id": b.CertificateID, + }, nil, nil +} + // UnsafeBinding is for experimental or deprecated bindings, and allows specifying any binding type or property. type UnsafeBinding map[string]interface{} @@ -562,6 +586,11 @@ func (api *API) ListWorkerBindings(ctx context.Context, rc *ResourceContainer, p bindingListItem.Binding = WorkerD1DatabaseBinding{ DatabaseID: database_id, } + case WorkerMtlsCertificateBindingType: + certificate_id := jsonBinding["certificate_id"].(string) + bindingListItem.Binding = WorkerMtlsCertificateBinding{ + CertificateID: certificate_id, + } default: bindingListItem.Binding = WorkerInheritBinding{} } diff --git a/workers_bindings_test.go b/workers_bindings_test.go index bb7f141fa8b..9573d41b1c6 100644 --- a/workers_bindings_test.go +++ b/workers_bindings_test.go @@ -35,7 +35,7 @@ func TestListWorkerBindings(t *testing.T) { assert.NoError(t, err) assert.Equal(t, successResponse, res.Response) - assert.Equal(t, 9, len(res.BindingList)) + assert.Equal(t, 10, len(res.BindingList)) assert.Equal(t, res.BindingList[0], WorkerBindingListItem{ Name: "MY_KV", @@ -106,6 +106,15 @@ func TestListWorkerBindings(t *testing.T) { }, }) assert.Equal(t, WorkerD1DataseBindingType, res.BindingList[8].Binding.Type()) + + assert.Equal(t, res.BindingList[9], WorkerBindingListItem{ + Name: "MY_CERTIFICATE", + Binding: WorkerMtlsCertificateBinding{ + CertificateID: "e0eeaf74-279a-45e3-8d27-65f336b94161", + }, + }) + + assert.Equal(t, WorkerMtlsCertificateBindingType, res.BindingList[9].Binding.Type()) } func TestListWorkerBindings_Wfp(t *testing.T) { @@ -125,7 +134,7 @@ func TestListWorkerBindings_Wfp(t *testing.T) { assert.NoError(t, err) assert.Equal(t, successResponse, res.Response) - assert.Equal(t, 9, len(res.BindingList)) + assert.Equal(t, 10, len(res.BindingList)) assert.Equal(t, res.BindingList[0], WorkerBindingListItem{ Name: "MY_KV", @@ -181,7 +190,6 @@ func TestListWorkerBindings_Wfp(t *testing.T) { Dataset: "my_dataset", }, }) - assert.Equal(t, WorkerAnalyticsEngineBindingType, res.BindingList[7].Binding.Type()) assert.Equal(t, res.BindingList[8], WorkerBindingListItem{ @@ -191,6 +199,14 @@ func TestListWorkerBindings_Wfp(t *testing.T) { }, }) assert.Equal(t, WorkerD1DataseBindingType, res.BindingList[8].Binding.Type()) + + assert.Equal(t, res.BindingList[9], WorkerBindingListItem{ + Name: "MY_CERTIFICATE", + Binding: WorkerMtlsCertificateBinding{ + CertificateID: "e0eeaf74-279a-45e3-8d27-65f336b94161", + }, + }) + assert.Equal(t, WorkerMtlsCertificateBindingType, res.BindingList[9].Binding.Type()) } func ExampleUnsafeBinding() { diff --git a/workers_test.go b/workers_test.go index 6175440a130..261c108f64b 100644 --- a/workers_test.go +++ b/workers_test.go @@ -145,6 +145,11 @@ const ( "name": "MY_DATABASE", "type": "d1", "database_id": "cef5331f-e5c7-4c8a-a415-7908ae45f92a" + }, + { + "name": "MY_CERTIFICATE", + "type": "mtls_certificate", + "certificate_id": "e0eeaf74-279a-45e3-8d27-65f336b94161" } ], "success": true, From ba1417eb6612bb311107776f337fbcd9bb87e54a Mon Sep 17 00:00:00 2001 From: Mahesh Shekhar <mahesh.shekhar@equalexperts.com> Date: Thu, 6 Jun 2024 22:13:19 +0530 Subject: [PATCH 2/3] Added Mtls binding for cloudflare --- .changelog/{2366.txt => 2387.txt} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .changelog/{2366.txt => 2387.txt} (100%) diff --git a/.changelog/2366.txt b/.changelog/2387.txt similarity index 100% rename from .changelog/2366.txt rename to .changelog/2387.txt From 79d53366cbdb03f69d844c6e29d2f3592e24269a Mon Sep 17 00:00:00 2001 From: Mahesh Shekhar <mahesh.shekhar@equalexperts.com> Date: Thu, 6 Jun 2024 22:16:03 +0530 Subject: [PATCH 3/3] Added Mtls binding for cloudflare --- .changelog/{2387.txt => 2394.txt} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .changelog/{2387.txt => 2394.txt} (100%) diff --git a/.changelog/2387.txt b/.changelog/2394.txt similarity index 100% rename from .changelog/2387.txt rename to .changelog/2394.txt