Improve InternalTLSEnabled util function (#847)

* Improve InternalTLSEnabled util function Currently `InternalTLSEnabled()` has two issues such as: * `true` is returned when `dataplane-trust` is not configured. * `controlplane-trust` is not considered. This patch improves these issues. * Add InternalTLSEnabled
knative · Aug 28, 2023 · 1e4e183 · 1e4e183
1 parent 1d7920d
commit 1e4e183
Showing 1 changed file with 11 additions and 3 deletions.
diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -134,7 +134,7 @@ const (
 	// hostname for a Route's tag.
 	TagTemplateKey = "tag-template"
 
-	// InternalEncryptionKey is deprecated and replaced by InternalDataplaneTrustKey and internal-controlplane-trust
+	// InternalEncryptionKey is deprecated and replaced by InternalDataplaneTrustKey and ControlplaneTrustKey.
 	// InternalEncryptionKey is the name of the configuration whether
 	// internal traffic is encrypted or not.
 	InternalEncryptionKey = "internal-encryption"
@@ -445,9 +445,17 @@ func NewConfigFromMap(data map[string]string) (*Config, error) {
 	return nc, nil
 }
 
-// InternalTLSEnabled returns whether or not dataplane-trust is disabled
+// InternalTLSEnabled returns whether or not InternalEncyrption is enabled.
+// Currently only DataplaneTrust is considered.
 func (c *Config) InternalTLSEnabled() bool {
-	return c.DataplaneTrust != TrustDisabled
+	return tlsEnabled(c.DataplaneTrust)
+}
+
+func tlsEnabled(trust Trust) bool {
+	return trust == TrustMinimal ||
+		trust == TrustEnabled ||
+		trust == TrustMutual ||
+		trust == TrustIdentity
 }
 
 // GetDomainTemplate returns the golang Template from the config map