* metrics: Add nil check for metricsHandler in AdminMetrics.serveHTTP
Prevents panic when the admin metrics endpoint is accessed before
the module is fully provisioned. Returns a proper API error instead
of crashing.
* admin: provision router modules before registering routes
Instead of adding a nil check for metricsHandler, address the root
cause by provisioning admin router modules before calling Routes().
This ensures all handler state is initialized before routes are
registered on the mux.
Merge newAdminHandler and provisionAdminRouters into a single step,
removing the two-phase setup where routes were registered first and
modules provisioned later. The AdminConfig.routers field is no longer
needed since provisioning happens inline.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: go fmt admin.go
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* admin: Redact sensitive request headers in API logs
* Fix govulncheck and typed atomic lint failures
* Sync Go module metadata after dependency downgrade
* admin: Fix tests locally, properly isolate storage
* Fix flaky pki_test
* Drop testdata dir logic
* Safer temp dir
* Test handlers without a full server
The consensus is that host enforcement on unix sockets is ineffective, frustrating, and confusing. (Unix sockets have their own OS-level permissions system.)
* feat/tests: tests for error handling & metrics in admin endpoints
- TestAdminHandlerErrorHandling - Tests the handler.handleError()
functionality by directly verifying error response formatting
- TestAdminHandlerBuiltinRouteErrors - Tests the error
handling pathway by using real admin server routes and verifying
both error responses and prometheus metrics increments
- provisionAdminRouters: add unit tests for admin handler registration and routing for admin.api
- TestAllowedOriginsUnixSocket: checks unix socket with default origins are added
- TestReplaceRemoteAdminServer: test for replaceRemoteAdminServer with certificate validation, custom origins and cleanup
* test: added test for manage manageIdentity
---------
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* httpcaddyfile: Fix `protocols` global option parsing
When checking for a block, the current nesting must be used, otherwise it returns the wrong thing.
* Adjust adapt test to cover the broken behaviour that is now fixed
* Fix some admin tests which suddenly run even with -short
Fixed several bugs and made other improvements. All config changes are
now mediated by the global config state manager. It used to be that
initial configs given at startup weren't tracked, so you could start
caddy with --config caddy.json and then do a GET /config/ and it would
return null. That is fixed, along with several other general flow/API
enhancements, with more to come.
