diff options
| author | Jacob Vosmaer (GitLab) <jacob@gitlab.com> | 2018-04-23 18:00:24 +0300 |
|---|---|---|
| committer | Nick Thomas <nick@gitlab.com> | 2018-04-23 18:00:24 +0300 |
| commit | fd06fc02844a15bfaa78502f6b7c36588f66cd42 (patch) | |
| tree | 65bf11c76d4ab6b09f7cbf9dee088e980bcec7c9 /internal/admin | |
| parent | c2fb2a8f8aa79e390b920f7b7c061e2951e69566 (diff) | |
Add gRPC admin health check
Diffstat (limited to 'internal/admin')
| -rw-r--r-- | internal/admin/auth.go | 13 | ||||
| -rw-r--r-- | internal/admin/server.go | 63 |
2 files changed, 76 insertions, 0 deletions
diff --git a/internal/admin/auth.go b/internal/admin/auth.go new file mode 100644 index 00000000..b06770c7 --- /dev/null +++ b/internal/admin/auth.go @@ -0,0 +1,13 @@ +package admin + +import ( + context "golang.org/x/net/context" + + gitalyauth "gitlab.com/gitlab-org/gitaly/auth" +) + +func authFunc(token string) func(context.Context) (context.Context, error) { + return func(ctx context.Context) (context.Context, error) { + return ctx, gitalyauth.CheckToken(ctx, token) + } +} diff --git a/internal/admin/server.go b/internal/admin/server.go new file mode 100644 index 00000000..e7c7cfe6 --- /dev/null +++ b/internal/admin/server.go @@ -0,0 +1,63 @@ +package admin + +import ( + "crypto/tls" + + grpc_middleware "github.com/grpc-ecosystem/go-grpc-middleware" + grpc_auth "github.com/grpc-ecosystem/go-grpc-middleware/auth" + grpc_logrus "github.com/grpc-ecosystem/go-grpc-middleware/logging/logrus" + grpc_recovery "github.com/grpc-ecosystem/go-grpc-middleware/recovery" + grpc_prometheus "github.com/grpc-ecosystem/go-grpc-prometheus" + log "github.com/sirupsen/logrus" + "google.golang.org/grpc" + "google.golang.org/grpc/credentials" + "google.golang.org/grpc/health" + healthpb "google.golang.org/grpc/health/grpc_health_v1" +) + +var logrusEntry *log.Entry + +func init() { + logger := log.StandardLogger() + + logrusEntry = log.NewEntry(logger) + grpc_logrus.ReplaceGrpcLogger(logrusEntry) +} + +// NewServer creates a new unencrypted gRPC server for the gitlab-pages admin API. +func NewServer(secret string) *grpc.Server { + grpcServer := grpc.NewServer(serverOpts(secret)...) + registerServices(grpcServer) + return grpcServer +} + +// NewTLSServer creates a new gRPC server with encryption for the gitlab-pages admin API. +func NewTLSServer(secret string, cert *tls.Certificate) *grpc.Server { + grpcServer := grpc.NewServer(append( + serverOpts(secret), + grpc.Creds(credentials.NewServerTLSFromCert(cert)), + )...) + registerServices(grpcServer) + return grpcServer +} + +func serverOpts(secret string) []grpc.ServerOption { + return []grpc.ServerOption{ + grpc.StreamInterceptor(grpc_middleware.ChainStreamServer( + grpc_prometheus.StreamServerInterceptor, + grpc_logrus.StreamServerInterceptor(logrusEntry), + grpc_auth.StreamServerInterceptor(authFunc(secret)), + grpc_recovery.StreamServerInterceptor(), + )), + grpc.UnaryInterceptor(grpc_middleware.ChainUnaryServer( + grpc_prometheus.UnaryServerInterceptor, + grpc_logrus.UnaryServerInterceptor(logrusEntry), + grpc_auth.UnaryServerInterceptor(authFunc(secret)), + grpc_recovery.UnaryServerInterceptor(), + )), + } +} + +func registerServices(g *grpc.Server) { + healthpb.RegisterHealthServer(g, health.NewServer()) +} |