Skip to content

Persistent TLS certificates #37

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Apr 28, 2025
Merged

Persistent TLS certificates #37

merged 4 commits into from
Apr 28, 2025

Conversation

metachris
Copy link
Contributor

@metachris metachris commented Apr 24, 2025
edited
Loading

This pull request introduces support for specifying file paths for storing generated TLS certificates and keys in the receiver-proxy component. It also updates the test suite to accommodate these changes.

New mandatory orderflow-proxy-receiver flags / env vars:

  1. --cert-path / CERT_PATH
  2. --cert-key-path / CERT_KEY_PATH

Below are the most important changes grouped by theme:

TLS Certificate Management:

  • Added new flags cert-path and cert-key-path to specify file paths for storing TLS certificates and keys in cmd/receiver-proxy/main.go. These flags are validated to ensure they are set. [1] [2] [3] [4]
  • Updated ReceiverProxyConfig in proxy/receiver_proxy.go to include CertPath and CertKeyPath fields.
  • Modified the NewReceiverProxy function to use utils_tls.GetOrGenerateTLS, which either retrieves existing certificates from the specified paths or generates new ones.

Dependency Update:

  • Updated the github.com/flashbots/go-utils dependency in go.mod to a newer version.

Test Suite Updates:

  • Updated test functions in proxy/receiver_proxy_test.go to pass certPath and certKeyPath arguments, ensuring the new certificate management logic is tested. [1] [2] [3] [4] [5]

Needs flashbots/go-utils#44 -- should merge that one first and then tag and update the dep.

Copilot
Copilot AI reviewed Apr 24, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR introduces persistent TLS certificate management for the receiver-proxy component by adding new CLI flags, updating the proxy configuration, and modifying the test suite to accommodate these changes.

  • Introduces the flags cert-path and cert-key-path in receiver-proxy’s main package.
  • Modifies the proxy constructor to use utils_tls.GetOrGenerateTLS for certificate management.
  • Updates tests to supply file paths for certificates.

Reviewed Changes

Copilot reviewed 4 out of 5 changed files in this pull request and generated 1 comment.

File Description
proxy/receiver_proxy_test.go Updated test helper functions to include certificate file path args.
proxy/receiver_proxy.go Added CertPath and CertKeyPath fields and updated TLS certificate logic.
cmd/receiver-proxy/main.go Registered new CLI flags and updated main logic to validate TLS file paths.
Files not reviewed (1)
  • go.mod: Language not supported

dvush
dvush approved these changes Apr 25, 2025
View reviewed changes
Copy link
Collaborator

@dvush dvush left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I approve with comment about test.

Ruteri
Ruteri reviewed Apr 25, 2025
View reviewed changes
@metachris metachris merged commit d6ac5e9 into main Apr 28, 2025
2 checks passed
@metachris metachris deleted the cert-persist branch April 28, 2025 07:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@Ruteri Ruteri Ruteri approved these changes

@dvush dvush dvush approved these changes

@TymKh TymKh Awaiting requested review from TymKh

@bakhtin bakhtin Awaiting requested review from bakhtin

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@metachris @Ruteri @dvush