From 89e861bff24c87c5169cc21baf870ac5e4a1bbdf Mon Sep 17 00:00:00 2001
From: ifindlay-cci <84311346+ifindlay-cci@users.noreply.github.com>
Date: Mon, 4 Nov 2024 15:49:48 +0000
Subject: [PATCH] chore: renamed tlsCertCaBundleProp to tlsCertProp (#1131)

* chore: renamed tlsCertCaBundleProp to tlsCertProp - A certificate chain bundle is not required

* chore: further rename of tlsCertCaBundleFilePath -> tlsCertFilePath
---
 cmd/serve.go                       | 12 ++++++------
 docs/configuration.md              |  2 +-
 internal/testdrive/broker_start.go |  2 +-
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/cmd/serve.go b/cmd/serve.go
index 94ccaf3ff..24471bace 100644
--- a/cmd/serve.go
+++ b/cmd/serve.go
@@ -56,7 +56,7 @@ const (
 	apiPasswordProp     = "api.password"
 	apiPortProp         = "api.port"
 	apiHostProp         = "api.host"
-	tlsCertCaBundleProp = "api.certCaBundle"
+	tlsCertProp         = "api.tlsCert"
 	tlsKeyProp          = "api.tlsKey"
 	encryptionPasswords = "db.encryption.passwords"
 	encryptionEnabled   = "db.encryption.enabled"
@@ -93,7 +93,7 @@ func init() {
 	_ = viper.BindEnv(apiHostProp, "CSB_LISTENER_HOST")
 	_ = viper.BindEnv(encryptionPasswords, "ENCRYPTION_PASSWORDS")
 	_ = viper.BindEnv(encryptionEnabled, "ENCRYPTION_ENABLED")
-	_ = viper.BindEnv(tlsCertCaBundleProp, "TLS_CERT_CHAIN")
+	_ = viper.BindEnv(tlsCertProp, "TLS_CERT")
 	_ = viper.BindEnv(tlsKeyProp, "TLS_PRIVATE_KEY")
 }
 
@@ -230,10 +230,10 @@ func startServer(registry pakBroker.BrokerRegistry, db *sql.DB, brokerapi http.H
 	host := viper.GetString(apiHostProp)
 	logger.Info("Serving", lager.Data{"port": port})
 
-	tlsCertCaBundleFilePath := viper.GetString(tlsCertCaBundleProp)
+	tlsCertFilePath := viper.GetString(tlsCertProp)
 	tlsKeyFilePath := viper.GetString(tlsKeyProp)
 
-	logger.Info("tlsCertCaBundle", lager.Data{"tlsCertCaBundle": tlsCertCaBundleFilePath})
+	logger.Info("tlsCert", lager.Data{"tlsCert": tlsCertFilePath})
 	logger.Info("tlsKey", lager.Data{"tlsKey": tlsKeyFilePath})
 
 	httpServer := &http.Server{
@@ -243,8 +243,8 @@ func startServer(registry pakBroker.BrokerRegistry, db *sql.DB, brokerapi http.H
 	go func() {
 		var err error
 		switch {
-		case tlsCertCaBundleFilePath != "" && tlsKeyFilePath != "":
-			err = httpServer.ListenAndServeTLS(tlsCertCaBundleFilePath, tlsKeyFilePath)
+		case tlsCertFilePath != "" && tlsKeyFilePath != "":
+			err = httpServer.ListenAndServeTLS(tlsCertFilePath, tlsKeyFilePath)
 		default:
 			err = httpServer.ListenAndServe()
 		}
diff --git a/docs/configuration.md b/docs/configuration.md
index a58e7f609..8cb76c2ea 100644
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -84,7 +84,7 @@ Broker service configuration values:
 | <tt>SECURITY_USER_NAME</tt> <b>*</b> | api.user | string | <p>Broker authentication username</p>|
 | <tt>SECURITY_USER_PASSWORD</tt> <b>*</b> | api.password | string | <p>Broker authentication password</p>|
 | <tt>PORT</tt> | api.port | string | <p>Port to bind broker to</p>|
-| <tt>TLS_CERT_CHAIN</tt> | api.certCaBundle | string | <p>File path to a pem encoded certificate chain</p>|
+| <tt>TLS_CERT</tt> | api.tlsCert | string | <p>File path to a pem encoded certificate</p>|
 | <tt>TLS_PRIVATE_KEY</tt> | api.tlsKey | string | <p>File path to a pem encoded private key</p>|
 
 
diff --git a/internal/testdrive/broker_start.go b/internal/testdrive/broker_start.go
index d71986553..db0e48fe3 100644
--- a/internal/testdrive/broker_start.go
+++ b/internal/testdrive/broker_start.go
@@ -217,7 +217,7 @@ func tlsConfig(cfg *startBrokerConfig, valid bool) {
 
 	Expect(os.WriteFile(certFileBuf.Name(), serverCert, 0o644)).To(Succeed())
 
-	cfg.env = append(cfg.env, fmt.Sprintf("TLS_CERT_CHAIN=%s", certFileBuf.Name()))
+	cfg.env = append(cfg.env, fmt.Sprintf("TLS_CERT=%s", certFileBuf.Name()))
 	cfg.env = append(cfg.env, fmt.Sprintf("TLS_PRIVATE_KEY=%s", privKeyFileBuf.Name()))
 }