Merge pull request #70 from danistrebel/feature/mtls-docs

Feature/mtls docs
apigee · Oct 3, 2022 · a31c04a · a31c04a
2 parents 11c0213 + da2bfa4
commit a31c04a
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 3 deletions.
diff --git a/modules/apigee-x-mtls-mig/main.tf b/modules/apigee-x-mtls-mig/main.tf
@@ -95,6 +95,7 @@ module "apigee-mtls-proxy-template" {
     google_storage_bucket_object.ca_cert,
     google_storage_bucket_object.tls_cert,
     google_storage_bucket_object.tls_key,
+    google_storage_bucket_object.envoy_config,
     module.nat
   ]
 }

diff --git a/modules/sb-psc-attachment/README.md b/modules/sb-psc-attachment/README.md
@@ -31,6 +31,6 @@ No modules.
 
 | Name | Description |
 |------|-------------|
+| <a name="output_endpoint_attachment_connection_state"></a> [endpoint\_attachment\_connection\_state](#output\_endpoint\_attachment\_connection\_state) | Underlying connection state for the endpoint attachment. |
 | <a name="output_endpoint_attachment_host"></a> [endpoint\_attachment\_host](#output\_endpoint\_attachment\_host) | Host for the endpoint attachment to be used in Apigee. |
-| <a name="output_endpoint_attachment_connection_state"></a> [endpoint\_attachment\_connection_state](#output\_endpoint\_attachment\_connection_state) | Underlying connection state for the endpoint attachment. |
 <!-- END_TF_DOCS -->
diff --git a/samples/x-l4xlb-mtls/README.md b/samples/x-l4xlb-mtls/README.md
@@ -34,9 +34,27 @@ tls_key_path  = "./certs/server.key"
 
 ## Setup Instructions
 
-Please see the main [README](https://github.com/apigee/terraform-modules#deploying-end-to-end-samples)
+Ensure that your tf variables file (.apigee_envgroups.test.hostnames[])
+contains the same hostname as you used in the CN of your certificate.
+
+For the rest see the main [README](https://github.com/apigee/terraform-modules#deploying-end-to-end-samples)
 for detailed instructions.
 
+## Testing
+
+If you used a hostname for which you don't have a DNS entry you can use:
+
+```sh
+INGRESS_IP=$(gcloud compute addresses describe apigee-external --global --format="get(address)")
+curl https://test.api.example.com/my-proxy --resolve test.api.example.com:443:$INGRESS_IP --cert ./certs/example-client.crt --key ./certs/example-client.key --cacert ./certs/server-ca.crt -v
+```
+
+Otherwise use:
+
+```sh
+curl https://my-domain.com/my-proxy --cert ./certs/example-client.crt --key ./certs/example-client.key --cacert ./certs/server-ca.crt -v
+```
+
 <!-- BEGIN_TF_DOCS -->
 ## Providers
 

diff --git a/samples/x-sb-psc/README.md b/samples/x-sb-psc/README.md
@@ -69,6 +69,6 @@ psc_endpoint_attachment_connection_state = "ACCEPTED"
 
 | Name | Description |
 |------|-------------|
+| <a name="output_psc_endpoint_attachment_connection_state"></a> [psc\_endpoint\_attachment\_connection\_state](#output\_psc\_endpoint\_attachment\_connection\_state) | Underlying connection state of the PSC endpoint attachment. |
 | <a name="output_psc_endpoint_attachment_host"></a> [psc\_endpoint\_attachment\_host](#output\_psc\_endpoint\_attachment\_host) | Hostname of the PSC endpoint attachment. |
-| <a name="output_psc_endpoint_attachment_connection_state"></a> [psc\_endpoint\_attachment\_connection_state](#output\_psc\_endpoint\_attachment\_connection_state) | Underlying connection state of the PSC endpoint attachment. |
 <!-- END_TF_DOCS -->