Skip to content

Certificatee talks to the haproxy admin api #15

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ananthb merged 12 commits into from
Jan 20, 2026
Merged

Certificatee talks to the haproxy admin api #15

ananthb merged 12 commits into from
Jan 20, 2026

Conversation

@ananthb
Copy link
Member

@ananthb ananthb commented Jan 13, 2026

Certificatee updates certs in the haproxy admin api over the network. It does not need disk access anymore.

This lets us run one certificatee to update many haproxys.

@ananthb
Certificatee talks to the haproxy admin api
a55b84b 
Certificatee updates certs in the haproxy admin api
over the network. It does not need disk access anymore.

This lets us run one certificatee to update many haproxys.
@ananthb
Better retries and haproxy connection handling
8d37782 
Retry a few times with backoff.
Don't fail if any haproxy is unreachable.
@ananthb
lint
1ecb106
@ananthb
Switch over to dataplane api
bf56b3c 
Use the dataplane api instead of the runtime api
@ananthb
Add command to list certificates
5feea5f 
certificatee gains a command to list certificates from a running haproxy.
This allows us to add an integration test using a real haproxy
and dataplane api.
@ananthb
Run integration test
42a474f
@ananthb
fix
6580a33
@ananthb
coverage reports
10562c7
@github-actions
Copy link

github-actions bot commented Jan 20, 2026
edited
Loading

Code Coverage Report

Total Coverage: total: (statements) 30.1%

Coverage by function 

==========================================
  Certificator Development Environment
==========================================

Go version (from go.mod): 1.25.5
Go version (active):      go1.25.5
HAProxy version:          HAProxy version 3.3.0-7832fb2 2025/11/26 - https://haproxy.org/
Data Plane API:           2026/01/20 19:15:29 maxprocs: Leaving GOMAXPROCS=4: CPU quota undefined

Available commands:
  build            - Build certificator and certificatee
  run-tests        - Run unit tests
  test-coverage    - Run tests with coverage report
  test-watch       - Watch for changes and run tests
  tidy             - Tidy go.mod dependencies
  check            - Run all checks (fmt, vet, lint, test)
  clean            - Clean build artifacts
  integration-test - Run HAProxy integration tests

github.com/vinted/certificator/cmd/certificatee/helpers.go:9:		createHAProxyClients		0.0%
github.com/vinted/certificator/cmd/certificatee/list_certs.go:14:	listCertsCmd			0.0%
github.com/vinted/certificator/cmd/certificatee/list_certs.go:50:	listCertificates		0.0%
github.com/vinted/certificator/cmd/certificatee/list_certs.go:113:	formatTime			0.0%
github.com/vinted/certificator/cmd/certificatee/list_certs.go:120:	truncate			0.0%
github.com/vinted/certificator/cmd/certificatee/main.go:12:		main				0.0%
github.com/vinted/certificator/cmd/certificatee/main.go:37:		printUsage			0.0%
github.com/vinted/certificator/cmd/certificatee/sync.go:19:		syncCmd				0.0%
github.com/vinted/certificator/cmd/certificatee/sync.go:70:		maybeUpdateCertificates		0.0%
github.com/vinted/certificator/cmd/certificatee/sync.go:86:		processHAProxyEndpoint		0.0%
github.com/vinted/certificator/cmd/certificatee/sync.go:157:		shouldUpdateCertificate		0.0%
github.com/vinted/certificator/cmd/certificatee/sync.go:183:		serialsDiffer			100.0%
github.com/vinted/certificator/cmd/certificatee/sync.go:195:		formatSerial			100.0%
github.com/vinted/certificator/cmd/certificatee/sync.go:199:		updateCertificate		0.0%
github.com/vinted/certificator/cmd/certificatee/sync.go:221:		buildPEMBundle			100.0%
github.com/vinted/certificator/cmd/certificatee/sync.go:247:		endsWith			100.0%
github.com/vinted/certificator/cmd/certificator/main.go:18:		main				0.0%
github.com/vinted/certificator/pkg/acme/acme.go:27:			GetEmail			0.0%
github.com/vinted/certificator/pkg/acme/acme.go:32:			GetRegistration			0.0%
github.com/vinted/certificator/pkg/acme/acme.go:37:			GetPrivateKey			0.0%
github.com/vinted/certificator/pkg/acme/acme.go:42:			NewClient			0.0%
github.com/vinted/certificator/pkg/acme/acme.go:61:			setupClient			0.0%
github.com/vinted/certificator/pkg/acme/acme.go:80:			setupAccount			0.0%
github.com/vinted/certificator/pkg/acme/acme.go:118:			newAccount			0.0%
github.com/vinted/certificator/pkg/acme/acme.go:130:			getAccountKey			0.0%
github.com/vinted/certificator/pkg/acme/acme.go:159:			registerAccount			0.0%
github.com/vinted/certificator/pkg/acme/acme.go:177:			recoverAccount			0.0%
github.com/vinted/certificator/pkg/acme/acme.go:211:			saveAccount			0.0%
github.com/vinted/certificator/pkg/acme/acme.go:221:			saveKey				0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:18:	ObtainCertificate		0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:50:	GetCertificate			0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:68:	NeedsReissuing			0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:96:	arraysEqual			0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:110:	arrayContains			0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:119:	VaultCertLocation		0.0%
github.com/vinted/certificator/pkg/certificate/certificate.go:123:	storeCertificateInVault		0.0%
github.com/vinted/certificator/pkg/certmetrics/metrics.go:61:		StartMetricsServer		0.0%
github.com/vinted/certificator/pkg/certmetrics/metrics.go:81:		PushMetrics			0.0%
github.com/vinted/certificator/pkg/config/config.go:72:			LoadConfig			0.0%
github.com/vinted/certificator/pkg/haproxy/client.go:38:		DefaultRetryConfig		100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:84:		NewClient			100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:118:		NewClients			92.3%
github.com/vinted/certificator/pkg/haproxy/client.go:143:		Endpoint			100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:148:		SetRetryConfig			100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:153:		GetRetryConfig			100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:158:		calculateBackoff		100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:175:		doRequest			77.8%
github.com/vinted/certificator/pkg/haproxy/client.go:229:		doRequestWithBodyBuffer		64.0%
github.com/vinted/certificator/pkg/haproxy/client.go:291:		ListCertificates		100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:305:		ListCertificateRefs		85.7%
github.com/vinted/certificator/pkg/haproxy/client.go:343:		GetCertificateInfo		100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:348:		GetCertificateInfoByPath	89.5%
github.com/vinted/certificator/pkg/haproxy/client.go:383:		GetCertificateInfoByRef		0.0%
github.com/vinted/certificator/pkg/haproxy/client.go:392:		parsePEMCertificate		87.5%
github.com/vinted/certificator/pkg/haproxy/client.go:417:		parseDataPlaneAPITime		100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:438:		UpdateCertificate		80.0%
github.com/vinted/certificator/pkg/haproxy/client.go:474:		CreateCertificate		78.9%
github.com/vinted/certificator/pkg/haproxy/client.go:509:		DeleteCertificate		90.9%
github.com/vinted/certificator/pkg/haproxy/client.go:528:		ExtractDomainFromPath		100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:546:		IsExpiring			100.0%
github.com/vinted/certificator/pkg/haproxy/client.go:557:		NormalizeSerial			100.0%
github.com/vinted/certificator/pkg/vault/vault.go:18:			NewVaultClient			0.0%
github.com/vinted/certificator/pkg/vault/vault.go:27:			KVWrite				0.0%
github.com/vinted/certificator/pkg/vault/vault.go:41:			KVRead				0.0%
github.com/vinted/certificator/pkg/vault/vault.go:62:			vaultFullPath			0.0%
total:									(statements)			30.1%

dllegru
dllegru reviewed Jan 20, 2026
View reviewed changes
Copy link

@dllegru dllegru left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Amazing work 🚀 🙌

@ananthb ananthb merged commit 652e36b into master Jan 20, 2026
1 check passed
@ananthb ananthb deleted the haproxy-admin-api branch January 20, 2026 19:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dllegru dllegru dllegru left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ananthb @dllegru