3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-30 02:46:30 +02:00
Code Issues Projects Releases Packages Wiki Activity

move NewGRPCClientConn to public package (#2826)

Browse source
This commit is contained in:
Denis Mishin 2021-12-19 22:10:24 -05:00 committed by GitHub
parent 8f62b06425
commit 5e8fcf8d20
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
internal/tests/xdserr/cmd/main.go
View file

@ -25,6 +25,7 @@ import (
"github.com/pomerium/pomerium/internal/tests/xdserr" "github.com/pomerium/pomerium/internal/tests/xdserr"
"github.com/pomerium/pomerium/pkg/grpc/config" "github.com/pomerium/pomerium/pkg/grpc/config"
"github.com/pomerium/pomerium/pkg/grpc/databroker" "github.com/pomerium/pomerium/pkg/grpc/databroker"
"github.com/pomerium/pomerium/pkg/grpcutil"
"github.com/pomerium/pomerium/pkg/protoutil" "github.com/pomerium/pomerium/pkg/protoutil"
) )
@ -136,9 +137,8 @@ func grpcConn(ctx context.Context, addr, keyTxt string) (*grpc.ClientConn, error
return nil, err return nil, err
} }
fmt.Println(keyTxt) fmt.Println(keyTxt)
return xdserr.NewGRPCClientConn(ctx, &xdserr.Options{ return grpcutil.NewGRPCClientConn(ctx, &grpcutil.Options{
Address: u, Address: u,
WithInsecure: u.Scheme == "http",
InsecureSkipVerify: true, InsecureSkipVerify: true,
SignedJWTKey: key, SignedJWTKey: key,
}) })

13
internal/tests/xdserr/grpc.go → pkg/grpcutil/client.go
View file

@ -1,4 +1,4 @@
package xdserr package grpcutil
import ( import (
"context" "context"
@ -12,7 +12,6 @@ import (
"google.golang.org/grpc/credentials" "google.golang.org/grpc/credentials"
"github.com/pomerium/pomerium/pkg/cryptutil" "github.com/pomerium/pomerium/pkg/cryptutil"
"github.com/pomerium/pomerium/pkg/grpcutil"
) )
const ( const (
@ -37,10 +36,6 @@ type Options struct {
// ClientDNSRoundRobin enables or disables DNS resolver based load balancing // ClientDNSRoundRobin enables or disables DNS resolver based load balancing
ClientDNSRoundRobin bool ClientDNSRoundRobin bool
// WithInsecure disables transport security for this ClientConn.
// Note that transport security is required unless WithInsecure is set.
WithInsecure bool
// InsecureSkipVerify skips destination hostname and ca check // InsecureSkipVerify skips destination hostname and ca check
InsecureSkipVerify bool InsecureSkipVerify bool
@ -68,8 +63,8 @@ func NewGRPCClientConn(ctx context.Context, opts *Options, other ...grpc.DialOpt
} }
streamClientInterceptors := []grpc.StreamClientInterceptor{} streamClientInterceptors := []grpc.StreamClientInterceptor{}
if opts.SignedJWTKey != nil { if opts.SignedJWTKey != nil {
unaryClientInterceptors = append(unaryClientInterceptors, grpcutil.WithUnarySignedJWT(opts.SignedJWTKey)) unaryClientInterceptors = append(unaryClientInterceptors, WithUnarySignedJWT(opts.SignedJWTKey))
streamClientInterceptors = append(streamClientInterceptors, grpcutil.WithStreamSignedJWT(opts.SignedJWTKey)) streamClientInterceptors = append(streamClientInterceptors, WithStreamSignedJWT(opts.SignedJWTKey))
} }
dialOptions := []grpc.DialOption{ dialOptions := []grpc.DialOption{
@ -81,7 +76,7 @@ func NewGRPCClientConn(ctx context.Context, opts *Options, other ...grpc.DialOpt
dialOptions = append(dialOptions, other...) dialOptions = append(dialOptions, other...)
if opts.WithInsecure { if opts.Address.Scheme == "http" {
dialOptions = append(dialOptions, grpc.WithInsecure()) dialOptions = append(dialOptions, grpc.WithInsecure())
} else { } else {
rootCAs, err := cryptutil.GetCertPool(opts.CA, opts.CAFile) rootCAs, err := cryptutil.GetCertPool(opts.CA, opts.CAFile)