Certificates uploaded via the dataplane API miss the full path

[awlx]

What I am doing:

docker exec haproxy-1-1 curl -v -u admin:admin --unix-socket /var/run/data-plane-1.sock -X POST 'http://localhost/v3/services/haproxy/runtime/ssl_certs/' -H 'Content-Type: multipart/form-data'  -F "file_upload=@/usr/local/etc/haproxy/ssl/combined.pem"

This results in:

echo "show ssl cert" | docker exec -i haproxy-1-1 socat stdio unix-connect:/tmp/admin.sock
# filename
/usr/local/etc/haproxy/ssl/working.pem
/usr/local/etc/haproxy/ssl/haproxy.pem
combined.pem

And this means the certificate can't be referenced by the crt-list command.

echo "add ssl crt-list /usr/local/etc/haproxy/ssl combined.pem" | docker exec -i haproxy-1-1 socat stdio unix-connect:/tmp/admin.sock        
Can't edit the crt-list: '/usr/local/etc/haproxy/ssl' is a directory, certificate path 'combined.pem' must contain the directory path

The problem here is that for some reason the storage_name attribute is not setable via the dataplane API but is derived from the filepath.Base and thus only uses the ultimate filename which makes the certificate unusable when created.

I have also opened an issue with haproxy itself, as I am not sure who should treat this properly. https://github.com/haproxy/haproxy/issues/3053

[wlallemand]

I think that's important to be able to specify a filename with an arbitrary path. Maybe we need an optional filename field on this endpoint.