zero/grpc: use hostname for proxied grpc calls (#5520)

2025-04-28 09:56:31 +02:00 · 2025-03-11 17:37:01 -04:00 · 2025-03-11 17:37:01 -04:00 · 9cd5160468
commit 9cd5160468
parent ad183873f4
4 changed files with 18 additions and 11 deletions
--- a/go.mod
+++ b/go.mod
@ -96,7 +96,7 @@ require (
 	golang.org/x/time v0.10.0
 	google.golang.org/api v0.223.0
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20250219182151-9fdb1cabc7b2
-	google.golang.org/grpc v1.70.0
+	google.golang.org/grpc v1.71.0
 	google.golang.org/protobuf v1.36.5
 	gopkg.in/yaml.v3 v3.0.1
 	sigs.k8s.io/yaml v1.4.0
@ -230,7 +230,7 @@ require (
 	github.com/zeebo/assert v1.3.1 // indirect
 	github.com/zeebo/blake3 v0.2.4 // indirect
 	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
-	go.opentelemetry.io/contrib/detectors/gcp v1.32.0 // indirect
+	go.opentelemetry.io/contrib/detectors/gcp v1.34.0 // indirect
 	go.opentelemetry.io/contrib/propagators/aws v1.34.0 // indirect
 	go.opentelemetry.io/contrib/propagators/b3 v1.34.0 // indirect
 	go.opentelemetry.io/contrib/propagators/jaeger v1.34.0 // indirect
--- a/go.sum
+++ b/go.sum
@ -690,8 +690,8 @@ go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
 go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
 go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
 go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
-go.opentelemetry.io/contrib/detectors/gcp v1.32.0 h1:P78qWqkLSShicHmAzfECaTgvslqHxblNE9j62Ws1NK8=
-go.opentelemetry.io/contrib/detectors/gcp v1.32.0/go.mod h1:TVqo0Sda4Cv8gCIixd7LuLwW4EylumVWfhjZJjDD4DU=
+go.opentelemetry.io/contrib/detectors/gcp v1.34.0 h1:JRxssobiPg23otYU5SbWtQC//snGVIM3Tx6QRzlQBao=
+go.opentelemetry.io/contrib/detectors/gcp v1.34.0/go.mod h1:cV4BMFcscUR/ckqLkbfQmF0PRsq8w/lMGzdbCSveBHo=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.59.0 h1:rgMkmiGfix9vFJDcDi1PK8WEQP4FLQwLDfhp5ZLpFeE=
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.59.0/go.mod h1:ijPqXp5P6IRRByFVVg9DY8P5HkxkHE5ARIa+86aXPf4=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.59.0 h1:CV7UdSGJt/Ao6Gp4CXckLxVRRsRgDHoI8XjbL3PDl8s=
@ -1061,8 +1061,8 @@ google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3Iji
 google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
 google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
 google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
-google.golang.org/grpc v1.70.0 h1:pWFv03aZoHzlRKHWicjsZytKAiYCtNS0dHbXnIdq7jQ=
-google.golang.org/grpc v1.70.0/go.mod h1:ofIJqVKDXx/JiXrwr2IG4/zwdH9txy3IlF40RmcJSQw=
+google.golang.org/grpc v1.71.0 h1:kF77BGdPTQ4/JZWMlb9VpJ5pa25aqvVqogsxNHHdeBg=
+google.golang.org/grpc v1.71.0/go.mod h1:H0GRtasmQOh9LkFoCPDu3ZrwUtD1YGE+b2vYBYd/8Ec=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
--- a/internal/zero/grpcconn/client.go
+++ b/internal/zero/grpcconn/client.go
@ -48,6 +48,7 @@ func New(
 func (c *client) getGRPCConn(ctx context.Context) (*grpc.ClientConn, error) {
 	opts := append(
 		c.config.GetDialOptions(),
+		grpc.WithAuthority(c.config.GetAuthority()),
 		grpc.WithPerRPCCredentials(c),
 		grpc.WithDefaultCallOptions(
 			grpc.UseCompressor("gzip"),
@ -60,7 +61,7 @@ func (c *client) getGRPCConn(ctx context.Context) (*grpc.ClientConn, error) {
 		),
 	)

-	conn, err := grpc.DialContext(ctx, c.config.GetConnectionURI(), opts...)
+	conn, err := grpc.NewClient(c.config.GetConnectionURI(), opts...)
 	if err != nil {
 		return nil, fmt.Errorf("error dialing grpc server: %w", err)
 	}
@ -92,7 +93,7 @@ func (c *client) logConnectionState(ctx context.Context, conn *grpc.ClientConn)
 		_ = conn.WaitForStateChange(ctx, state)
 		state = conn.GetState()
 		log.Ctx(ctx).Debug().
-			Str("endpoint", c.config.connectionURI).
+			Str("endpoint", c.config.GetConnectionURI()).
 			Str("state", state.String()).
 			Msg("grpc connection state")
 	}
--- a/internal/zero/grpcconn/config.go
+++ b/internal/zero/grpcconn/config.go
@ -17,7 +17,8 @@ import (

 // config is the configuration for the gRPC client
 type config struct {
-	connectionURI string
+	// authority is a host:port string that will be used as the :authority pseudo-header
+	authority string
 	// requireTLS is whether TLS should be used or cleartext
 	requireTLS bool
 	// opts are additional options to pass to the gRPC client
@ -41,9 +42,14 @@ func getConfig(
 	return c, nil
 }

+// GetAuthority returns the authority to use in the :authority pseudo-header
+func (c *config) GetAuthority() string {
+	return c.authority
+}
+
 // GetConnectionURI returns connection string conforming to https://github.com/grpc/grpc/blob/master/doc/naming.md
 func (c *config) GetConnectionURI() string {
-	return c.connectionURI
+	return "dns:" + c.authority
 }

 // GetDialTimeout returns the timeout for the dial operation
@ -101,7 +107,7 @@ func (c *config) parseEndpoint(endpoint string) error {
 		return fmt.Errorf("unsupported url scheme: %s", u.Scheme)
 	}

-	c.connectionURI = fmt.Sprintf("dns:%s:%s", host, port)
+	c.authority = host + ":" + port
 	c.requireTLS = requireTLS

 	return nil