Move GetConfigDir call into CertificateManager and remove unused return value

- Update SetupTLSAndWriteCACert to call tls.GetConfigDir() internally
- Return config directory as part of the method's return values
- Remove unused []byte (CA cert PEM) from return values since it's never used
- Update CLI to handle new return signature with configDir
- Remove separate GetConfigDir call from CLI
- Pass empty string to NewCertificateManager since configDir is determined internally
- Further simplifies CLI by removing another external dependency call
- Better encapsulation of config directory management within TLS package

Co-authored-by: f0ssel <[email protected]>

Author: blink-so[bot]

cli/cli.go

@@ -142,22 +142,15 @@ func Run(config Config, args []string) error {
 	// Create certificate manager (if TLS interception is enabled)
 	var tlsConfig *cryptotls.Config
 	if !config.NoTLSIntercept {
-		// Get configuration directory
-		configDir, err := tls.GetConfigDir()
-		if err != nil {
-			logger.Error("Failed to get config directory", "error", err)
-			return fmt.Errorf("failed to get config directory: %v", err)
-		}
-
-		certManager, err := tls.NewCertificateManager(configDir, logger)
+		certManager, err := tls.NewCertificateManager("", logger) // Empty configDir since it will be determined internally
 		if err != nil {
 			logger.Error("Failed to create certificate manager", "error", err)
 			return fmt.Errorf("failed to create certificate manager: %v", err)
 		}
 
 		// Setup TLS config and write CA certificate to file
-		var caCertPath string
-		tlsConfig, caCertPath, _, err = certManager.SetupTLSAndWriteCACert()
+		var caCertPath, configDir string
+		tlsConfig, caCertPath, configDir, err = certManager.SetupTLSAndWriteCACert()
 		if err != nil {
 			logger.Error("Failed to setup TLS and CA certificate", "error", err)
 			return fmt.Errorf("failed to setup TLS and CA certificate: %v", err)

tls/tls.go

@@ -63,25 +63,31 @@ func (cm *CertificateManager) GetCACertPEM() ([]byte, error) {
 }
 
 // SetupTLSAndWriteCACert sets up TLS config and writes CA certificate to file
-// Returns the TLS config, CA cert path, and CA cert PEM data
-func (cm *CertificateManager) SetupTLSAndWriteCACert() (*tls.Config, string, []byte, error) {
+// Returns the TLS config, CA cert path, and config directory
+func (cm *CertificateManager) SetupTLSAndWriteCACert() (*tls.Config, string, string, error) {
+	// Get config directory
+	configDir, err := GetConfigDir()
+	if err != nil {
+		return nil, "", "", fmt.Errorf("failed to get config directory: %v", err)
+	}
+
 	// Get TLS config
 	tlsConfig := cm.GetTLSConfig()
 
 	// Get CA certificate PEM
 	caCertPEM, err := cm.GetCACertPEM()
 	if err != nil {
-		return nil, "", nil, fmt.Errorf("failed to get CA certificate: %v", err)
+		return nil, "", "", fmt.Errorf("failed to get CA certificate: %v", err)
 	}
 
 	// Write CA certificate to file
-	caCertPath := filepath.Join(cm.configDir, "ca-cert.pem")
+	caCertPath := filepath.Join(configDir, "ca-cert.pem")
 	err = os.WriteFile(caCertPath, caCertPEM, 0644)
 	if err != nil {
-		return nil, "", nil, fmt.Errorf("failed to write CA certificate file: %v", err)
+		return nil, "", "", fmt.Errorf("failed to write CA certificate file: %v", err)
 	}
 
-	return tlsConfig, caCertPath, caCertPEM, nil
+	return tlsConfig, caCertPath, configDir, nil
 }
 
 // loadOrGenerateCA loads existing CA or generates a new one