Merge pull request #39 from openinfradev/support_tls

feature. support tls
openinfradev · Mar 21, 2022 · 3c458b5 · 3c458b5
2 parents cf60c1a + 4a859f7
commit 3c458b5
Show file tree

Hide file tree

Showing 5 changed files with 56 additions and 137 deletions.
diff --git a/cmd/server/server.go b/cmd/server/server.go
@@ -3,71 +3,80 @@ package main
 import (
 	"flag"
 	"fmt"
-	"net"
 
-	"google.golang.org/grpc"
-	"google.golang.org/grpc/credentials"
 	"gorm.io/driver/postgres"
 	"gorm.io/gorm"
 
+	"github.com/openinfradev/tks-common/pkg/grpc_server"
 	"github.com/openinfradev/tks-common/pkg/log"
-	"github.com/openinfradev/tks-info/pkg/cert"
 	pb "github.com/openinfradev/tks-proto/tks_pb"
 )
 
 var (
-	port       = flag.Int("port", 9111, "The gRPC server port")
-	tls        = flag.Bool("tls", false, "Connection uses TLS if true, else plain TCP")
-	certFile   = flag.String("cert_file", "", "The TLS cert file")
-	keyFile    = flag.String("key_file", "", "The TLS key file")
-	dbhost     = flag.String("dbhost", "localhost", "host of postgreSQL")
-	dbport     = flag.String("dbport", "5432", "port of postgreSQL")
-	dbuser     = flag.String("dbuser", "postgres", "postgreSQL user")
-	dbpassword = flag.String("dbpassword", "password", "password for postgreSQL user")
+	port              int
+	tlsEnabled        bool
+	tlsClientCertPath string
+	tlsCertPath       string
+	tlsKeyPath        string
+
+	dbhost     string
+	dbport     string
+	dbuser     string
+	dbpassword string
 )
 
+func init() {
+	flag.IntVar(&port, "port", 9111, "service port")
+	flag.BoolVar(&tlsEnabled, "tlsEnabled", false, "enabled tls")
+	flag.StringVar(&tlsClientCertPath, "tls-client-cert-path", "../../cert/tks-ca.crt", "path of ca cert file for tls")
+	flag.StringVar(&tlsCertPath, "tls-cert-path", "../../cert/tks-server.crt", "path of cert file for tls")
+	flag.StringVar(&tlsKeyPath, "tls-key-path", "../../cert/tks-server.key", "path of key file for tls")
+	flag.StringVar(&dbhost, "dbhost", "localhost", "host of postgreSQL")
+	flag.StringVar(&dbport, "dbport", "5432", "port of postgreSQL")
+	flag.StringVar(&dbuser, "dbuser", "postgres", "postgreSQL user")
+	flag.StringVar(&dbpassword, "dbpassword", "password", "password for postgreSQL user")
+}
+
 func main() {
-	log.Info("tksinfo server is starting...")
 	flag.Parse()
 
-	addr := fmt.Sprintf(":%d", *port)
-	lis, err := net.Listen("tcp", addr)
-	if err != nil {
-		// log.Fatalln("Failed to listen:", err)
-		log.Fatal("failed to listen:", err)
-	}
-
-	var opts []grpc.ServerOption
-	if *tls {
-		if *certFile == "" {
-			*certFile = cert.Path("x509/server_cert.pem")
-		}
-		if *keyFile == "" {
-			*keyFile = cert.Path("x509/server_key.pem")
-		}
-		creds, err := credentials.NewServerTLSFromFile(*certFile, *keyFile)
-		if err != nil {
-			log.Fatal("Failed to generate credentials", err)
-		}
-		opts = []grpc.ServerOption{grpc.Creds(creds)}
-	}
-
-	s := grpc.NewServer(opts...)
+	log.Info("*** Arguments *** ")
+	log.Info("port : ", port)
+	log.Info("tlsEnabled : ", tlsEnabled)
+	log.Info("tlsClientCertPath : ", tlsClientCertPath)
+	log.Info("tlsCertPath : ", tlsCertPath)
+	log.Info("tlsKeyPath : ", tlsKeyPath)
+	log.Info("dbhost : ", dbhost)
+	log.Info("dbport : ", dbport)
+	log.Info("dbuser : ", dbuser)
+	log.Info("dbpassword : ", dbpassword)
+	log.Info("****************** ")
 
+	// initialize database
 	dsn := fmt.Sprintf("host=%s user=%s password=%s dbname=tks port=%s sslmode=disable TimeZone=Asia/Seoul",
-		*dbhost, *dbuser, *dbpassword, *dbport)
-	db, _ := gorm.Open(postgres.Open(dsn), &gorm.Config{})
+		dbhost, dbuser, dbpassword, dbport)
+	db, err := gorm.Open(postgres.Open(dsn), &gorm.Config{})
+	if err != nil {
+		log.Fatal("failed to open database ", err)
+	}
 
+	// initialize handlers
 	InitAppInfoHandler(db)
 	InitClusterInfoHandler(db)
 	InitCspInfoHandler(db)
 	InitKeycloakInfoHandler(db)
+
+	// start server
+	s, conn, err := grpc_server.CreateServer(port, tlsEnabled, tlsCertPath, tlsKeyPath)
+	if err != nil {
+		log.Fatal("failed to crate grpc_server : ", err)
+	}
+
 	pb.RegisterAppInfoServiceServer(s, &AppInfoServer{})
 	pb.RegisterClusterInfoServiceServer(s, &ClusterInfoServer{})
 	pb.RegisterCspInfoServiceServer(s, &CspInfoServer{})
 	pb.RegisterKeycloakInfoServiceServer(s, &KeycloakInfoServer{})
-
-	if err := s.Serve(lis); err != nil {
+	if err := s.Serve(conn); err != nil {
 		log.Fatal("failed to serve: ", err)
 	}
 }
diff --git a/cmd/server/server_main_test.go b/cmd/server/server_main_test.go
@@ -20,7 +20,7 @@ import (
 )
 
 var (
-	db  *gorm.DB
+	db *gorm.DB
 )
 
 func init() {
@@ -45,7 +45,7 @@ func TestMain(m *testing.M) {
 
 	db.Exec(`CREATE EXTENSION IF NOT EXISTS "uuid-ossp"`)
 
- 	if err := db.AutoMigrate(&modelApplication.ApplicationGroup{}); err != nil {
+	if err := db.AutoMigrate(&modelApplication.ApplicationGroup{}); err != nil {
 		os.Exit(-1)
 	}
 	if err := db.AutoMigrate(&modelApplication.Application{}); err != nil {

diff --git a/go.mod b/go.mod
@@ -6,7 +6,7 @@ require (
 	github.com/google/uuid v1.3.0
 	github.com/grpc-ecosystem/go-grpc-middleware v1.3.0
 	github.com/jackc/pgx/v4 v4.15.0 // indirect
-	github.com/openinfradev/tks-common v0.0.0-20220210005751-57d957152e7b
+	github.com/openinfradev/tks-common v0.0.0-20220321044608-105302d33457 // indirect
 	github.com/openinfradev/tks-proto v0.0.6-0.20220318062944-7fccd257bcae
 	github.com/stretchr/testify v1.7.0
 	golang.org/x/crypto v0.0.0-20220210151621-f4118a5b28e2 // indirect
@@ -26,4 +26,5 @@ require (
 replace github.com/openinfradev/tks-info => ./
 
 //replace github.com/openinfradev/tks-proto => ../tks-proto
+//replace github.com/openinfradev/tks-common => ../tks-common
 //replace github.com/openinfradev/tks-contract => ../tks-contract
diff --git a/go.sum b/go.sum
@@ -826,6 +826,9 @@ github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.m
 github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI=
 github.com/openinfradev/tks-common v0.0.0-20220210005751-57d957152e7b h1:4qPjR/0PszGLtijvygdxZHgspydJbZWqaVJh3HPBL2o=
 github.com/openinfradev/tks-common v0.0.0-20220210005751-57d957152e7b/go.mod h1:3d+gW0PPeBzEUtVRoupTTXAFlfdJLyHy2Lzlw4rcnOk=
+github.com/openinfradev/tks-common v0.0.0-20220321044608-105302d33457 h1:yKhmkHl2qi2/pyNBST8zI8fpcjjcpTFzACBwtk2fjik=
+github.com/openinfradev/tks-common v0.0.0-20220321044608-105302d33457/go.mod h1:3d+gW0PPeBzEUtVRoupTTXAFlfdJLyHy2Lzlw4rcnOk=
+github.com/openinfradev/tks-proto v0.0.6-0.20211015003551-ed8f9541f40d h1:ypM1LN+7tjRGzmTBNVegY/25KhJLFuQor2/+DfuhxDM=
 github.com/openinfradev/tks-proto v0.0.6-0.20211015003551-ed8f9541f40d/go.mod h1:ul6kvgOXhNQvXEUmb92Wh5BmsuzknnTCb3wqmVNd/iI=
 github.com/openinfradev/tks-proto v0.0.6-0.20220318052715-6a30f96012a0 h1:hCO/GIolGqGx37ZLy1iRHyGEB4ZYQLakvnmxzSIYdPs=
 github.com/openinfradev/tks-proto v0.0.6-0.20220318052715-6a30f96012a0/go.mod h1:3DrATRNCUJMW0oMLHT6D1teN4hX0vMGH4qOGnadakmo=

diff --git a/pkg/client/client.go b/pkg/client/client.go