Make TLS mandatory by default when unmarshalling remote wallet options (#8133)

Co-authored-by: Raul Jordan <raul@prysmaticlabs.com>
Co-authored-by: Nishant Das <nishdas93@gmail.com>

validator/keymanager/remote/keymanager.go

@@ -137,7 +137,9 @@ func UnmarshalOptionsFile(r io.ReadCloser) (*KeymanagerOpts, error) {
 			log.Errorf("Could not close keymanager config file: %v", err)
 		}
 	}()
-	opts := &KeymanagerOpts{}
+	opts := &KeymanagerOpts{
+		RemoteCertificate: &CertificateConfig{RequireTls: true},
+	}
 	if err := json.Unmarshal(enc, opts); err != nil {
 		return nil, errors.Wrap(err, "could not JSON unmarshal")
 	}

validator/keymanager/remote/keymanager_test.go

@@ -1,7 +1,9 @@
 package remote
 
 import (
+	"bytes"
 	"context"
+	"encoding/json"
 	"errors"
 	"fmt"
 	"io/ioutil"
@@ -306,3 +308,23 @@ func TestRemoteKeymanager_FetchValidatingPublicKeys(t *testing.T) {
 	}
 	assert.DeepEqual(t, pubKeys, rawKeys)
 }
+
+func TestUnmarshalOptionsFile_DefaultRequireTls(t *testing.T) {
+	optsWithoutTls := struct {
+		RemoteCertificate struct {
+			ClientCertPath string
+			ClientKeyPath  string
+			CACertPath     string
+		}
+	}{}
+	var buffer bytes.Buffer
+	b, err := json.Marshal(optsWithoutTls)
+	require.NoError(t, err)
+	_, err = buffer.Write(b)
+	require.NoError(t, err)
+	r := ioutil.NopCloser(&buffer)
+
+	opts, err := UnmarshalOptionsFile(r)
+	assert.NoError(t, err)
+	assert.Equal(t, true, opts.RemoteCertificate.RequireTls)
+}