Improve code

Signed-off-by: Ruben Vargas <[email protected]>

Author: rubenvp8510

tls/cert_watcher.go

@@ -68,7 +68,7 @@ func (w *CertWatcher) isModified() bool {
 	hash, err := w.hashFile(w.CAPath)
 	if err != nil {
 		level.Error(w.logger).Log("unable to read the file", "error", err.Error())
-		return true
+		return false
 	}
 	changed := w.fileHashContent != hash
 	w.fileHashContent = hash

tls/options.go

@@ -22,58 +22,80 @@ type UpstreamOptions struct {
 func NewUpstreamOptions(upstreamCertFile, upstreamKeyFile, upstreamCAFile string,
 	interval *time.Duration, logger log.Logger, ctx context.Context, g run.Group) (*UpstreamOptions, error) {
 
+	if interval != nil {
+		return newWithWatchers(upstreamCertFile, upstreamKeyFile, upstreamCAFile, interval, logger, ctx, g)
+	}
+
+	return newNoWatchers(upstreamCertFile, upstreamKeyFile, upstreamCAFile)
+}
+
+func newWithWatchers(upstreamCertFile, upstreamKeyFile, upstreamCAFile string,
+	interval *time.Duration, logger log.Logger, ctx context.Context, g run.Group) (*UpstreamOptions, error) {
 	options := &UpstreamOptions{}
 
-	if interval != nil {
-		if upstreamCertFile != "" && upstreamKeyFile != "" {
-			certReloader, err := rbacproxytls.NewCertReloader(
-				upstreamKeyFile,
-				upstreamCertFile,
-				*interval,
-			)
-			if err != nil {
-				return nil, err
-			}
-			options.certReloader = certReloader
-			ctx, cancel := context.WithCancel(ctx)
-			g.Add(func() error {
-				return certReloader.Watch(ctx)
-			}, func(error) {
-				cancel()
-			})
-		}
-		if upstreamCAFile != "" {
-			caReloader := NewCertWatcher(upstreamCAFile, logger)
-			options.caReloader = caReloader
-			ctx, cancel := context.WithCancel(ctx)
-			g.Add(func() error {
-				return caReloader.Watch(ctx)
-			}, func(error) {
-				cancel()
-			})
+	if upstreamCertFile != "" && upstreamKeyFile != "" {
+		certReloader, err := startCertReloader(ctx, g, upstreamCertFile, upstreamKeyFile, *interval)
+		if err != nil {
+			return nil, err
 		}
-	} else {
-		if upstreamCertFile != "" && upstreamKeyFile != "" {
-			cert, err := stdtls.LoadX509KeyPair(upstreamCertFile, upstreamKeyFile)
-			if err != nil {
-				return nil, err
-			}
-			options.cert = &cert
+		options.certReloader = certReloader
+	}
+	if upstreamCAFile != "" {
+		options.caReloader = startCAReloader(ctx, g, upstreamCertFile, logger)
+	}
+	return options, nil
+}
 
+func newNoWatchers(upstreamCertFile, upstreamKeyFile, upstreamCAFile string) (*UpstreamOptions, error) {
+	options := &UpstreamOptions{}
+	if upstreamCertFile != "" && upstreamKeyFile != "" {
+		cert, err := stdtls.LoadX509KeyPair(upstreamCertFile, upstreamKeyFile)
+		if err != nil {
+			return nil, err
 		}
+		options.cert = &cert
+	}
 
-		if upstreamCAFile != "" {
-			ca, err := os.ReadFile(upstreamCAFile)
-			if err != nil {
-				return nil, err
-			}
-			options.ca = ca
+	if upstreamCAFile != "" {
+		ca, err := os.ReadFile(upstreamCAFile)
+		if err != nil {
+			return nil, err
 		}
-
+		options.ca = ca
 	}
 	return options, nil
 }
 
+func startCertReloader(ctx context.Context, g run.Group,
+	upstreamKeyFile, upstreamCertFile string, interval time.Duration) (*rbacproxytls.CertReloader, error) {
+	certReloader, err := rbacproxytls.NewCertReloader(
+		upstreamKeyFile,
+		upstreamCertFile,
+		interval,
+	)
+	if err != nil {
+		return nil, err
+	}
+	ctx, cancel := context.WithCancel(ctx)
+	g.Add(func() error {
+		return certReloader.Watch(ctx)
+	}, func(error) {
+		cancel()
+	})
+	return certReloader, nil
+}
+
+func startCAReloader(ctx context.Context, g run.Group, upstreamCAFile string, logger log.Logger) *CertWatcher {
+	caReloader := NewCertWatcher(upstreamCAFile, logger)
+	ctx, cancel := context.WithCancel(ctx)
+	g.Add(func() error {
+		return caReloader.Watch(ctx)
+	}, func(error) {
+		cancel()
+	})
+	return caReloader
+}
+
 func (uo *UpstreamOptions) hasCA() bool {
 	return len(uo.ca) != 0 || uo.caReloader != nil
 }