3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-01 18:33:19 +02:00
Code Issues Projects Releases Packages Wiki Activity

add a simple check for databroker record as a readiness check

Browse source
This commit is contained in:
Ross Smith 2025-02-04 19:19:15 -05:00
parent efe3cef2e4
commit 77d21b681b
1 changed files with 33 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

33
proxy/handlers.go
View file

@ -17,6 +17,7 @@ import (
"github.com/pomerium/pomerium/internal/middleware"
"github.com/pomerium/pomerium/internal/telemetry/trace"
"github.com/pomerium/pomerium/internal/urlutil"
"github.com/pomerium/pomerium/pkg/grpc/databroker"
)
// registerDashboardHandlers returns the proxy service's ServeMux
@ -40,6 +41,15 @@ func (p *Proxy) registerDashboardHandlers(r *mux.Router, opts *config.Options) *
c := r.PathPrefix(dashboardPath + "/callback").Subrouter()
c.Path("/").Handler(httputil.HandlerFunc(p.Callback)).Methods(http.MethodGet)
// Handlers for checking whether the proxy is ready to serve traffic
r.Path(dashboardPath + "/readyz").
Handler(httputil.HandlerFunc(func(w http.ResponseWriter, r *http.Request) error {
if r.Method != http.MethodGet {
http.Error(w, http.StatusText(http.StatusMethodNotAllowed), http.StatusMethodNotAllowed)
}
return p.ReadyZ(w, r)
}))
// Programmatic API handlers and middleware
// gorilla mux has a bug that prevents HTTP 405 errors from being returned properly so we do all this manually
// https://github.com/gorilla/mux/issues/739
@ -122,6 +132,29 @@ func (p *Proxy) Callback(w http.ResponseWriter, r *http.Request) error {
return p.state.Load().authenticateFlow.Callback(w, r)
}
// Readyz provides some information about whether the proxy is configured and ready
// to serve requests
func (p *Proxy) ReadyZ(w http.ResponseWriter, r *http.Request) error {
client := p.state.Load().dataBrokerClient
resp, err := client.Get(r.Context(), &databroker.GetRequest{
Type: "type.googleapis.com/pomerium.config.Config",
Id: "dashboard-settings",
})
if err != nil {
return httputil.NewError(http.StatusInternalServerError, err)
}
if resp.GetRecord().GetData() != nil {
w.WriteHeader(http.StatusOK)
_, _ = io.WriteString(w, "data record from console")
return nil
}
http.Error(w, "No data record from console", http.StatusTeapot)
return nil
}
// ProgrammaticLogin returns a signed url that can be used to login
// using the authenticate service.
func (p *Proxy) ProgrammaticLogin(w http.ResponseWriter, r *http.Request) error {