From 983c6787c05fc896b535655e2afc2e1db0144dd6 Mon Sep 17 00:00:00 2001 From: Silvestre Zabala Date: Fri, 3 Nov 2023 17:37:52 +0100 Subject: [PATCH] Unify HTTP server creation All HTTP servers can be configured with mTLS and the creation is unified in one helper function --- jobs/eventgenerator/spec | 10 ++++ .../templates/eventgenerator.yml.erb | 7 +++ .../templates/healthendpoint.crt.erb | 3 + .../templates/healthendpoint.key.erb | 3 + .../templates/healthendpoint_ca.crt.erb | 3 + jobs/golangapiserver/spec | 9 +++ .../templates/apiserver.yml.erb | 6 ++ .../templates/healthendpoint.crt.erb | 3 + .../templates/healthendpoint.key.erb | 3 + .../templates/healthendpoint_ca.crt.erb | 3 + jobs/metricsforwarder/spec | 14 +++++ .../templates/healthendpoint.crt.erb | 3 + .../templates/healthendpoint.key.erb | 3 + .../templates/healthendpoint_ca.crt.erb | 3 + .../templates/metricsforwarder.yml.erb | 6 ++ jobs/metricsgateway/spec | 10 ++++ .../templates/healthendpoint.crt.erb | 3 + .../templates/healthendpoint.key.erb | 3 + .../templates/healthendpoint_ca.crt.erb | 3 + .../templates/metricsgateway.yml.erb | 6 ++ jobs/metricsserver/spec | 10 ++++ .../templates/healthendpoint.crt.erb | 3 + .../templates/healthendpoint.key.erb | 3 + .../templates/healthendpoint_ca.crt.erb | 3 + .../templates/metricsserver.yml.erb | 6 ++ jobs/operator/spec | 10 ++++ .../operator/templates/healthendpoint.crt.erb | 3 + .../operator/templates/healthendpoint.key.erb | 3 + .../templates/healthendpoint_ca.crt.erb | 3 + jobs/operator/templates/operator.yml.erb | 7 +++ jobs/scalingengine/spec | 14 ++++- .../templates/healthendpoint.crt.erb | 3 + .../templates/healthendpoint.key.erb | 3 + .../templates/healthendpoint_ca.crt.erb | 3 + .../templates/scalingengine.yml.erb | 7 +++ spec/jobs/{cf => common}/cf_spec.rb | 0 spec/jobs/common/health_endpoint_spec.rb | 57 +++++++++++++++++++ .../api/brokerserver/broker_server.go | 34 ++--------- .../brokerserver/broker_server_suite_test.go | 3 +- src/autoscaler/api/cmd/api/api_suite_test.go | 11 ++-- src/autoscaler/api/cmd/api/api_test.go | 8 +-- src/autoscaler/api/config/config.go | 15 ++--- .../api/publicapiserver/public_api_server.go | 27 +-------- .../publicapiserver_suite_test.go | 2 +- .../eventgenerator_suite_test.go | 18 +++--- .../eventgenerator/config/config.go | 19 ++++--- .../eventgenerator/config/config_test.go | 30 ++++++---- .../eventgenerator/server/server.go | 27 ++------- .../server/server_suite_test.go | 5 +- .../healthendpoint/health_readiness_test.go | 5 +- src/autoscaler/healthendpoint/server.go | 24 +++----- src/autoscaler/{models => helpers}/health.go | 4 +- .../{models => helpers}/health_test.go | 22 ++++--- src/autoscaler/helpers/http_server.go | 39 +++++++++++++ src/autoscaler/integration/components_test.go | 20 ++++--- .../metricsforwarder/config/config.go | 16 +++--- .../forwarder/forwarder_test.go | 2 +- .../server/auth/auth_suite_test.go | 2 +- .../metricsforwarder/server/server.go | 14 +---- .../server/server_suite_test.go | 2 +- .../metricsgateway_suite_test.go | 6 +- .../metricsgateway/config/config.go | 2 +- .../metricsgateway/config/config_test.go | 6 +- .../collector/collector_suite_test.go | 5 +- .../metricsserver/collector/config.go | 15 ++--- .../metricsserver/collector/server.go | 27 ++------- .../metricsserver/collector/ws_server.go | 27 ++------- src/autoscaler/metricsserver/config/config.go | 17 +++--- src/autoscaler/operator/config/config.go | 8 ++- .../cmd/scalingengine/scalingengine_test.go | 2 +- src/autoscaler/scalingengine/config/config.go | 18 +++--- src/autoscaler/scalingengine/server/server.go | 24 +------- .../scalingengine/server/server_test.go | 3 +- 73 files changed, 459 insertions(+), 292 deletions(-) create mode 100644 jobs/eventgenerator/templates/healthendpoint.crt.erb create mode 100644 jobs/eventgenerator/templates/healthendpoint.key.erb create mode 100644 jobs/eventgenerator/templates/healthendpoint_ca.crt.erb create mode 100644 jobs/golangapiserver/templates/healthendpoint.crt.erb create mode 100644 jobs/golangapiserver/templates/healthendpoint.key.erb create mode 100644 jobs/golangapiserver/templates/healthendpoint_ca.crt.erb create mode 100644 jobs/metricsforwarder/templates/healthendpoint.crt.erb create mode 100644 jobs/metricsforwarder/templates/healthendpoint.key.erb create mode 100644 jobs/metricsforwarder/templates/healthendpoint_ca.crt.erb create mode 100644 jobs/metricsgateway/templates/healthendpoint.crt.erb create mode 100644 jobs/metricsgateway/templates/healthendpoint.key.erb create mode 100644 jobs/metricsgateway/templates/healthendpoint_ca.crt.erb create mode 100644 jobs/metricsserver/templates/healthendpoint.crt.erb create mode 100644 jobs/metricsserver/templates/healthendpoint.key.erb create mode 100644 jobs/metricsserver/templates/healthendpoint_ca.crt.erb create mode 100644 jobs/operator/templates/healthendpoint.crt.erb create mode 100644 jobs/operator/templates/healthendpoint.key.erb create mode 100644 jobs/operator/templates/healthendpoint_ca.crt.erb create mode 100644 jobs/scalingengine/templates/healthendpoint.crt.erb create mode 100644 jobs/scalingengine/templates/healthendpoint.key.erb create mode 100644 jobs/scalingengine/templates/healthendpoint_ca.crt.erb rename spec/jobs/{cf => common}/cf_spec.rb (100%) create mode 100644 spec/jobs/common/health_endpoint_spec.rb rename src/autoscaler/{models => helpers}/health.go (96%) rename src/autoscaler/{models => helpers}/health_test.go (81%) create mode 100644 src/autoscaler/helpers/http_server.go diff --git a/jobs/eventgenerator/spec b/jobs/eventgenerator/spec index 74b63e36ea..1a8363b1eb 100644 --- a/jobs/eventgenerator/spec +++ b/jobs/eventgenerator/spec @@ -8,6 +8,9 @@ templates: eventgenerator_ca.crt.erb: config/certs/eventgenerator/ca.crt eventgenerator_server.crt.erb: config/certs/eventgenerator/server.crt eventgenerator_server.key.erb: config/certs/eventgenerator/server.key + healthendpoint_ca.crt.erb: config/certs/healthendpoint/ca.crt + healthendpoint.crt.erb: config/certs/healthendpoint/server.crt + healthendpoint.key.erb: config/certs/healthendpoint/server.key metricscollector_ca.crt.erb: config/certs/metricscollector/ca.crt metricscollector_client.crt.erb: config/certs/metricscollector/client.crt metricscollector_client.key.erb: config/certs/metricscollector/client.key @@ -227,6 +230,13 @@ properties: autoscaler.eventgenerator.health.port: description: "the listening port of health endpoint" default: 6204 + autoscaler.eventgenerator.health.ca_cert: + description: "PEM-encoded CA certificate for the health endpoint" + autoscaler.eventgenerator.health.server_cert: + description: "PEM-encoded server certificate for the health endpoint" + autoscaler.eventgenerator.health.server_key: + description: "PEM-encoded server key for the health endpoint" + autoscaler.eventgenerator.health.username: description: "the username for the health endpoint" default: '' diff --git a/jobs/eventgenerator/templates/eventgenerator.yml.erb b/jobs/eventgenerator/templates/eventgenerator.yml.erb index 441038960e..570d5809b1 100644 --- a/jobs/eventgenerator/templates/eventgenerator.yml.erb +++ b/jobs/eventgenerator/templates/eventgenerator.yml.erb @@ -76,6 +76,13 @@ health: port: <%= p("autoscaler.eventgenerator.health.port") %> username: <%= p("autoscaler.eventgenerator.health.username") %> password: <%= p("autoscaler.eventgenerator.health.password") %> + <% if_p("autoscaler.eventgenerator.health.ca_cert", "autoscaler.eventgenerator.health.server_cert", "autoscaler.eventgenerator.health.server_key") do %> + tls: + ca_file: /var/vcap/jobs/eventgenerator/config/certs/healthendpoint/ca.crt + cert_file: /var/vcap/jobs/eventgenerator/config/certs/healthendpoint/server.crt + key_file: /var/vcap/jobs/eventgenerator/config/certs/healthendpoint/server.key + <% end %> + db: policy_db: url: <%= policy_db_url %> diff --git a/jobs/eventgenerator/templates/healthendpoint.crt.erb b/jobs/eventgenerator/templates/healthendpoint.crt.erb new file mode 100644 index 0000000000..587e7147fc --- /dev/null +++ b/jobs/eventgenerator/templates/healthendpoint.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.eventgenerator.health.server_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/eventgenerator/templates/healthendpoint.key.erb b/jobs/eventgenerator/templates/healthendpoint.key.erb new file mode 100644 index 0000000000..0a6ae38281 --- /dev/null +++ b/jobs/eventgenerator/templates/healthendpoint.key.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.eventgenerator.health.server_key") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/eventgenerator/templates/healthendpoint_ca.crt.erb b/jobs/eventgenerator/templates/healthendpoint_ca.crt.erb new file mode 100644 index 0000000000..1164360610 --- /dev/null +++ b/jobs/eventgenerator/templates/healthendpoint_ca.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.eventgenerator.health.ca_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/golangapiserver/spec b/jobs/golangapiserver/spec index a35c0906fe..78512a9cfb 100644 --- a/jobs/golangapiserver/spec +++ b/jobs/golangapiserver/spec @@ -12,6 +12,9 @@ templates: brokerserver_ca.crt.erb: config/certs/brokerserver/ca.crt brokerserver.crt.erb: config/certs/brokerserver/server.crt brokerserver.key.erb: config/certs/brokerserver/server.key + healthendpoint_ca.crt.erb: config/certs/healthendpoint/ca.crt + healthendpoint.crt.erb: config/certs/healthendpoint/server.crt + healthendpoint.key.erb: config/certs/healthendpoint/server.key scalingengine_ca.crt.erb: config/certs/scalingengine/ca.crt scalingengine_client.crt.erb: config/certs/scalingengine/client.crt scalingengine_client.key.erb: config/certs/scalingengine/client.key @@ -78,6 +81,12 @@ properties: description: "PEM-encoded server key" autoscaler.apiserver.health.port: default: 1080 + autoscaler.apiserver.health.ca_cert: + description: "PEM-encoded CA certificate for the health endpoint" + autoscaler.apiserver.health.server_cert: + description: "PEM-encoded server certificate for the health endpoint" + autoscaler.apiserver.health.server_key: + description: "PEM-encoded server key for the health endpoint" autoscaler.apiserver.use_buildin_mode: default: true description: "" diff --git a/jobs/golangapiserver/templates/apiserver.yml.erb b/jobs/golangapiserver/templates/apiserver.yml.erb index 87a02f4671..5acaeff718 100644 --- a/jobs/golangapiserver/templates/apiserver.yml.erb +++ b/jobs/golangapiserver/templates/apiserver.yml.erb @@ -96,6 +96,12 @@ use_buildin_mode: <%= p("autoscaler.apiserver.use_buildin_mode") %> health: port: <%= p("autoscaler.apiserver.health.port") %> + <% if_p("autoscaler.apiserver.health.ca_cert", "autoscaler.apiserver.health.server_cert", "autoscaler.apiserver.health.server_key") do %> + tls: + ca_file: /var/vcap/jobs/golangapiserver/config/certs/healthendpoint/ca.crt + cert_file: /var/vcap/jobs/golangapiserver/config/certs/healthendpoint/server.crt + key_file: /var/vcap/jobs/golangapiserver/config/certs/healthendpoint/server.key + <% end %> db: policy_db: diff --git a/jobs/golangapiserver/templates/healthendpoint.crt.erb b/jobs/golangapiserver/templates/healthendpoint.crt.erb new file mode 100644 index 0000000000..a474a980a2 --- /dev/null +++ b/jobs/golangapiserver/templates/healthendpoint.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.apiserver.health.server_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/golangapiserver/templates/healthendpoint.key.erb b/jobs/golangapiserver/templates/healthendpoint.key.erb new file mode 100644 index 0000000000..57de031a0a --- /dev/null +++ b/jobs/golangapiserver/templates/healthendpoint.key.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.apiserver.health.server_key") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/golangapiserver/templates/healthendpoint_ca.crt.erb b/jobs/golangapiserver/templates/healthendpoint_ca.crt.erb new file mode 100644 index 0000000000..022d2a67fa --- /dev/null +++ b/jobs/golangapiserver/templates/healthendpoint_ca.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.apiserver.health.ca_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/metricsforwarder/spec b/jobs/metricsforwarder/spec index c8623fc0d5..6759adc521 100644 --- a/jobs/metricsforwarder/spec +++ b/jobs/metricsforwarder/spec @@ -4,6 +4,14 @@ templates: bpm.yml.erb: config/bpm.yml metricsforwarder.yml.erb: config/metricsforwarder.yml + metricsforwarder_ca.crt.erb: config/certs/metricsforwarder/ca.crt + metricsforwarder_server.crt.erb: config/certs/metricsforwarder/server.crt + metricsforwarder_server.key.erb: config/certs/metricsforwarder/server.key + + healthendpoint_ca.crt.erb: config/certs/healthendpoint/ca.crt + healthendpoint.crt.erb: config/certs/healthendpoint/server.crt + healthendpoint.key.erb: config/certs/healthendpoint/server.key + metron_client_ca.crt.erb: config/certs/metron_client/ca.crt metron_client.crt.erb: config/certs/metron_client/client.crt metron_client.key.erb: config/certs/metron_client/client.key @@ -137,6 +145,12 @@ properties: autoscaler.metricsforwarder.health.port: description: "The listening port of health endpoint" default: 6403 + autoscaler.metricsforwarder.health.ca_cert: + description: "PEM-encoded CA certificate for the health endpoint" + autoscaler.metricsforwarder.health.server_cert: + description: "PEM-encoded server certificate for the health endpoint" + autoscaler.metricsforwarder.health.server_key: + description: "PEM-encoded server key for the health endpoint" autoscaler.metricsforwarder.health.username: description: "the username of health endpoint" default: '' diff --git a/jobs/metricsforwarder/templates/healthendpoint.crt.erb b/jobs/metricsforwarder/templates/healthendpoint.crt.erb new file mode 100644 index 0000000000..661720b8ea --- /dev/null +++ b/jobs/metricsforwarder/templates/healthendpoint.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.metricsforwarder.health.server_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/metricsforwarder/templates/healthendpoint.key.erb b/jobs/metricsforwarder/templates/healthendpoint.key.erb new file mode 100644 index 0000000000..6b295aeee4 --- /dev/null +++ b/jobs/metricsforwarder/templates/healthendpoint.key.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.metricsforwarder.health.server_key") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/metricsforwarder/templates/healthendpoint_ca.crt.erb b/jobs/metricsforwarder/templates/healthendpoint_ca.crt.erb new file mode 100644 index 0000000000..258983f9bc --- /dev/null +++ b/jobs/metricsforwarder/templates/healthendpoint_ca.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.metricsforwarder.health.ca_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/metricsforwarder/templates/metricsforwarder.yml.erb b/jobs/metricsforwarder/templates/metricsforwarder.yml.erb index 33c04fac6b..3e590e9c1b 100644 --- a/jobs/metricsforwarder/templates/metricsforwarder.yml.erb +++ b/jobs/metricsforwarder/templates/metricsforwarder.yml.erb @@ -74,6 +74,12 @@ health: port: <%= p("autoscaler.metricsforwarder.health.port") %> username: <%= p("autoscaler.metricsforwarder.health.username") %> password: <%= p("autoscaler.metricsforwarder.health.password") %> + <% if_p("autoscaler.metricsforwarder.health.ca_cert", "autoscaler.metricsforwarder.health.server_cert", "autoscaler.metricsforwarder.health.server_key") do %> + tls: + ca_file: /var/vcap/jobs/metricsforwarder/config/certs/healthendpoint/ca.crt + cert_file: /var/vcap/jobs/metricsforwarder/config/certs/healthendpoint/server.crt + key_file: /var/vcap/jobs/metricsforwarder/config/certs/healthendpoint/server.key + <% end %> rate_limit: valid_duration: <%= p("autoscaler.metricsforwarder.rate_limit.valid_duration") %> diff --git a/jobs/metricsgateway/spec b/jobs/metricsgateway/spec index 69ee2302f7..cd9a204ec9 100644 --- a/jobs/metricsgateway/spec +++ b/jobs/metricsgateway/spec @@ -5,6 +5,10 @@ templates: bpm.yml.erb: config/bpm.yml metricsgateway.yml.erb: config/metricsgateway.yml + healthendpoint_ca.crt.erb: config/certs/healthendpoint/ca.crt + healthendpoint.crt.erb: config/certs/healthendpoint/server.crt + healthendpoint.key.erb: config/certs/healthendpoint/server.key + metricsserver_client_ca.crt.erb: config/certs/metricsserver_client/ca.crt metricsserver_client.crt.erb: config/certs/metricsserver_client/server.crt metricsserver_client.key.erb: config/certs/metricsserver_client/server.key @@ -111,6 +115,12 @@ properties: autoscaler.metricsgateway.health.port: description: "The listening port of health endpoint" default: 6503 + autoscaler.metricsgateway.health.ca_cert: + description: "PEM-encoded CA certificate for the health endpoint" + autoscaler.metricsgateway.health.server_cert: + description: "PEM-encoded server certificate for the health endpoint" + autoscaler.metricsgateway.health.server_key: + description: "PEM-encoded server key for the health endpoint" autoscaler.metricsgateway.health.username: description: "the username of health endpoint" default: '' diff --git a/jobs/metricsgateway/templates/healthendpoint.crt.erb b/jobs/metricsgateway/templates/healthendpoint.crt.erb new file mode 100644 index 0000000000..c2d7a747bc --- /dev/null +++ b/jobs/metricsgateway/templates/healthendpoint.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.metricsgateway.health.server_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/metricsgateway/templates/healthendpoint.key.erb b/jobs/metricsgateway/templates/healthendpoint.key.erb new file mode 100644 index 0000000000..4209051e45 --- /dev/null +++ b/jobs/metricsgateway/templates/healthendpoint.key.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.metricsgateway.health.server_key") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/metricsgateway/templates/healthendpoint_ca.crt.erb b/jobs/metricsgateway/templates/healthendpoint_ca.crt.erb new file mode 100644 index 0000000000..6b4ac56d20 --- /dev/null +++ b/jobs/metricsgateway/templates/healthendpoint_ca.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.metricsgateway.health.ca_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/metricsgateway/templates/metricsgateway.yml.erb b/jobs/metricsgateway/templates/metricsgateway.yml.erb index 87611139b0..7ada15e5dc 100644 --- a/jobs/metricsgateway/templates/metricsgateway.yml.erb +++ b/jobs/metricsgateway/templates/metricsgateway.yml.erb @@ -80,3 +80,9 @@ health: port: <%= p("autoscaler.metricsgateway.health.port") %> username: <%= p("autoscaler.metricsgateway.health.username") %> password: <%= p("autoscaler.metricsgateway.health.password") %> + <% if_p("autoscaler.metricsgateway.health.ca_cert", "autoscaler.metricsgateway.health.server_cert", "autoscaler.metricsgateway.health.server_key") do %> + tls: + ca_file: /var/vcap/jobs/metricsgateway/config/certs/healthendpoint/ca.crt + cert_file: /var/vcap/jobs/metricsgateway/config/certs/healthendpoint/server.crt + key_file: /var/vcap/jobs/metricsgateway/config/certs/healthendpoint/server.key + <% end %> diff --git a/jobs/metricsserver/spec b/jobs/metricsserver/spec index 52a15be819..a0dc33d4e0 100644 --- a/jobs/metricsserver/spec +++ b/jobs/metricsserver/spec @@ -10,6 +10,10 @@ templates: metricsserver_server.crt.erb: config/certs/metricsserver/server.crt metricsserver_server.key.erb: config/certs/metricsserver/server.key + healthendpoint_ca.crt.erb: config/certs/healthendpoint/ca.crt + healthendpoint.crt.erb: config/certs/healthendpoint/server.crt + healthendpoint.key.erb: config/certs/healthendpoint/server.key + policy_db_ca.crt.erb: config/certs/policy_db/ca.crt policy_db.crt.erb: config/certs/policy_db/crt policy_db.key.erb: config/certs/policy_db/key @@ -150,6 +154,12 @@ properties: autoscaler.metricsserver.health.port: description: "The listening port of health endpoint" default: 6303 + autoscaler.metricsserver.health.ca_cert: + description: "PEM-encoded CA certificate for the health endpoint" + autoscaler.metricsserver.health.server_cert: + description: "PEM-encoded server certificate for the health endpoint" + autoscaler.metricsserver.health.server_key: + description: "PEM-encoded server key for the health endpoint" autoscaler.metricsserver.health.username: description: "the username of health endpoint" default: '' diff --git a/jobs/metricsserver/templates/healthendpoint.crt.erb b/jobs/metricsserver/templates/healthendpoint.crt.erb new file mode 100644 index 0000000000..5ae94caaef --- /dev/null +++ b/jobs/metricsserver/templates/healthendpoint.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.metricsserver.health.server_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/metricsserver/templates/healthendpoint.key.erb b/jobs/metricsserver/templates/healthendpoint.key.erb new file mode 100644 index 0000000000..693519b384 --- /dev/null +++ b/jobs/metricsserver/templates/healthendpoint.key.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.metricsserver.health.server_key") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/metricsserver/templates/healthendpoint_ca.crt.erb b/jobs/metricsserver/templates/healthendpoint_ca.crt.erb new file mode 100644 index 0000000000..d4c40e255e --- /dev/null +++ b/jobs/metricsserver/templates/healthendpoint_ca.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.metricsserver.health.ca_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/metricsserver/templates/metricsserver.yml.erb b/jobs/metricsserver/templates/metricsserver.yml.erb index c149de2377..3d79c62f23 100644 --- a/jobs/metricsserver/templates/metricsserver.yml.erb +++ b/jobs/metricsserver/templates/metricsserver.yml.erb @@ -89,6 +89,12 @@ health: port: <%= p("autoscaler.metricsserver.health.port") %> username: <%= p("autoscaler.metricsserver.health.username") %> password: <%= p("autoscaler.metricsserver.health.password") %> + <% if_p("autoscaler.metricsserver.health.ca_cert", "autoscaler.metricsserver.health.server_cert", "autoscaler.metricsserver.health.server_key") do %> + tls: + ca_file: /var/vcap/jobs/metricsserver/config/certs/healthendpoint/ca.crt + cert_file: /var/vcap/jobs/metricsserver/config/certs/healthendpoint/server.crt + key_file: /var/vcap/jobs/metricsserver/config/certs/healthendpoint/server.key + <% end %> diff --git a/jobs/operator/spec b/jobs/operator/spec index d093fb08bb..9da22934f4 100644 --- a/jobs/operator/spec +++ b/jobs/operator/spec @@ -6,6 +6,10 @@ templates: operator.yml.erb: config/operator.yml liquibase.properties: bin/liquibase.properties + healthendpoint_ca.crt.erb: config/certs/healthendpoint/ca.crt + healthendpoint.crt.erb: config/certs/healthendpoint/server.crt + healthendpoint.key.erb: config/certs/healthendpoint/server.key + scalingengine_ca.crt.erb: config/certs/scalingengine/ca.crt scalingengine_client.crt.erb: config/certs/scalingengine/client.crt scalingengine_client.key.erb: config/certs/scalingengine/client.key @@ -311,6 +315,12 @@ properties: autoscaler.operator.health.port: description: "the listening port of health endpoint" default: 6208 + autoscaler.operator.health.ca_cert: + description: "PEM-encoded CA certificate for the health endpoint" + autoscaler.operator.health.server_cert: + description: "PEM-encoded server certificate for the health endpoint" + autoscaler.operator.health.server_key: + description: "PEM-encoded server key for the health endpoint" autoscaler.operator.health.username: description: "the username of health endpoint" default: '' diff --git a/jobs/operator/templates/healthendpoint.crt.erb b/jobs/operator/templates/healthendpoint.crt.erb new file mode 100644 index 0000000000..d405886cf2 --- /dev/null +++ b/jobs/operator/templates/healthendpoint.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.operator.health.server_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/operator/templates/healthendpoint.key.erb b/jobs/operator/templates/healthendpoint.key.erb new file mode 100644 index 0000000000..fa8fa1a20a --- /dev/null +++ b/jobs/operator/templates/healthendpoint.key.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.operator.health.server_key") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/operator/templates/healthendpoint_ca.crt.erb b/jobs/operator/templates/healthendpoint_ca.crt.erb new file mode 100644 index 0000000000..79340ebd94 --- /dev/null +++ b/jobs/operator/templates/healthendpoint_ca.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.operator.health.ca_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/operator/templates/operator.yml.erb b/jobs/operator/templates/operator.yml.erb index 20119d01ad..599a407074 100644 --- a/jobs/operator/templates/operator.yml.erb +++ b/jobs/operator/templates/operator.yml.erb @@ -62,6 +62,13 @@ health: port: <%= p("autoscaler.operator.health.port") %> username: <%= p("autoscaler.operator.health.username") %> password: <%= p("autoscaler.operator.health.password") %> + <% if_p("autoscaler.operator.health.ca_cert", "autoscaler.operator.health.server_cert", "autoscaler.operator.health.server_key") do %> + tls: + ca_file: /var/vcap/jobs/operator/config/certs/healthendpoint/ca.crt + cert_file: /var/vcap/jobs/operator/config/certs/healthendpoint/server.crt + key_file: /var/vcap/jobs/operator/config/certs/healthendpoint/server.key + <% end %> + http_client_timeout: <%= p("autoscaler.operator.http_client_timeout") %> instance_metrics_db: db: diff --git a/jobs/scalingengine/spec b/jobs/scalingengine/spec index 878c830ae2..93e06c340c 100644 --- a/jobs/scalingengine/spec +++ b/jobs/scalingengine/spec @@ -10,14 +10,18 @@ templates: policy_db.key.erb: config/certs/policy_db/key policy_db_ca.crt.erb: config/certs/policy_db/ca.crt - scalingengine_ca.crt.erb: config/certs/scalingengine/ca.crt + scalingengine_db_ca.crt.erb: config/certs/scalingengine_db/ca.crt scalingengine_db.crt.erb: config/certs/scalingengine_db/crt scalingengine_db.key.erb: config/certs/scalingengine_db/key - scalingengine_db_ca.crt.erb: config/certs/scalingengine_db/ca.crt + scalingengine_ca.crt.erb: config/certs/scalingengine/ca.crt scalingengine_server.crt.erb: config/certs/scalingengine/server.crt scalingengine_server.key.erb: config/certs/scalingengine/server.key + healthendpoint_ca.crt.erb: config/certs/healthendpoint/ca.crt + healthendpoint.crt.erb: config/certs/healthendpoint/server.crt + healthendpoint.key.erb: config/certs/healthendpoint/server.key + scheduler_db.crt.erb: config/certs/scheduler_db/crt scheduler_db.key.erb: config/certs/scheduler_db/key scheduler_db_ca.crt.erb: config/certs/scheduler_db/ca.crt @@ -169,6 +173,12 @@ properties: autoscaler.scalingengine.health.port: description: "the listening port of health endpoint" default: 6204 + autoscaler.scalingengine.health.ca_cert: + description: "PEM-encoded CA certificate for the health endpoint" + autoscaler.scalingengine.health.server_cert: + description: "PEM-encoded server certificate for the health endpoint" + autoscaler.scalingengine.health.server_key: + description: "PEM-encoded server key for the health endpoint" autoscaler.scalingengine.health.username: description: "the username of health endpoint" default: '' diff --git a/jobs/scalingengine/templates/healthendpoint.crt.erb b/jobs/scalingengine/templates/healthendpoint.crt.erb new file mode 100644 index 0000000000..806dccca08 --- /dev/null +++ b/jobs/scalingengine/templates/healthendpoint.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.scalingengine.health.server_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/scalingengine/templates/healthendpoint.key.erb b/jobs/scalingengine/templates/healthendpoint.key.erb new file mode 100644 index 0000000000..9175a797bf --- /dev/null +++ b/jobs/scalingengine/templates/healthendpoint.key.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.scalingengine.health.server_key") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/scalingengine/templates/healthendpoint_ca.crt.erb b/jobs/scalingengine/templates/healthendpoint_ca.crt.erb new file mode 100644 index 0000000000..565a1334bc --- /dev/null +++ b/jobs/scalingengine/templates/healthendpoint_ca.crt.erb @@ -0,0 +1,3 @@ +<% if_p("autoscaler.scalingengine.health.ca_cert") do |value| %> +<%= value %> +<% end %> \ No newline at end of file diff --git a/jobs/scalingengine/templates/scalingengine.yml.erb b/jobs/scalingengine/templates/scalingengine.yml.erb index ff559b6267..38c913d67a 100644 --- a/jobs/scalingengine/templates/scalingengine.yml.erb +++ b/jobs/scalingengine/templates/scalingengine.yml.erb @@ -66,6 +66,13 @@ health: port: <%= p("autoscaler.scalingengine.health.port") %> username: <%= p("autoscaler.scalingengine.health.username") %> password: <%= p("autoscaler.scalingengine.health.password") %> + <% if_p("autoscaler.scalingengine.health.ca_cert", "autoscaler.scalingengine.health.server_cert", "autoscaler.scalingengine.health.server_key") do %> + tls: + ca_file: /var/vcap/jobs/scalingengine/config/certs/healthendpoint/ca.crt + cert_file: /var/vcap/jobs/scalingengine/config/certs/healthendpoint/server.crt + key_file: /var/vcap/jobs/scalingengine/config/certs/healthendpoint/server.key + <% end %> + db: policy_db: diff --git a/spec/jobs/cf/cf_spec.rb b/spec/jobs/common/cf_spec.rb similarity index 100% rename from spec/jobs/cf/cf_spec.rb rename to spec/jobs/common/cf_spec.rb diff --git a/spec/jobs/common/health_endpoint_spec.rb b/spec/jobs/common/health_endpoint_spec.rb new file mode 100644 index 0000000000..73da8be068 --- /dev/null +++ b/spec/jobs/common/health_endpoint_spec.rb @@ -0,0 +1,57 @@ +require "rspec" +require "json" +require "bosh/template/test" +require "rspec/file_fixtures" +require "yaml" + +describe "health endpoint sections relevant specs" do + let(:release) { Bosh::Template::Test::ReleaseDir.new(File.join(File.dirname(__FILE__), "../../..")) } + [ + %w[apiserver golangapiserver config/apiserver.yml apiserver.yml], + %w[eventgenerator eventgenerator config/eventgenerator.yml eventgenerator.yml], + %w[metricsforwarder metricsforwarder config/metricsforwarder.yml metricsforwarder.yml], + %w[metricsgateway metricsgateway config/metricsgateway.yml metricsgateway.yml], + %w[metricsserver metricsserver config/metricsserver.yml metricsserver.yml], + %w[operator operator config/operator.yml operator.yml], + %w[scalingengine scalingengine config/scalingengine.yml scalingengine.yml] + ].each do |service, release_job, config_file, properties_file| + context service do + context "health endpoint" do + before(:each) do + @properties = YAML.safe_load(fixture(properties_file).read) + @template = release.job(release_job).template(config_file) + @links = case service + when "eventgenerator" + [ Bosh::Template::Test::Link.new(name: "eventgenerator") ] + when "metricsgateway", "metricsserver" + [ Bosh::Template::Test::Link.new(name: "metricsserver") ] + else + [] + end + @rendered_template = YAML.safe_load(@template.render(@properties, consumes: @links)) + end + it "by default TLS is not configured" do + expect(@rendered_template["health"]["tls"]).to be_nil + end + + it "TLS can be enabled" do + service_config = (@properties["autoscaler"][service] ||= {}) + service_config["health"] = { + "ca_cert" => "SOME_CA", + "server_cert" => "SOME_CERT", + "server_key" => "SOME_KEY" + } + + rendered_template = YAML.safe_load(@template.render(@properties, consumes: @links)) + + expect(rendered_template["health"]["tls"]).not_to be_nil + expect(rendered_template["health"]["tls"]).to include({ + "key_file" => "/var/vcap/jobs/#{release_job}/config/certs/healthendpoint/server.key", + "ca_file" => "/var/vcap/jobs/#{release_job}/config/certs/healthendpoint/ca.crt", + "cert_file" => "/var/vcap/jobs/#{release_job}/config/certs/healthendpoint/server.crt" + }) + end + end + end + end +end diff --git a/src/autoscaler/api/brokerserver/broker_server.go b/src/autoscaler/api/brokerserver/broker_server.go index 148e98d595..bdd41c0773 100644 --- a/src/autoscaler/api/brokerserver/broker_server.go +++ b/src/autoscaler/api/brokerserver/broker_server.go @@ -2,28 +2,24 @@ package brokerserver import ( "encoding/json" - "fmt" "net/http" "os" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/api/broker" - - "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers/handlers" - "code.cloudfoundry.org/app-autoscaler/src/autoscaler/routes" - + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/api/config" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/cf" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/cred_helper" - - "code.cloudfoundry.org/app-autoscaler/src/autoscaler/api/config" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/db" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/healthendpoint" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers/handlers" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/routes" "github.com/pivotal-cf/brokerapi/v10" "github.com/pivotal-cf/brokerapi/v10/domain" "code.cloudfoundry.org/lager/v3" "github.com/go-chi/chi/v5" "github.com/tedsuo/ifrit" - "github.com/tedsuo/ifrit/http_server" "golang.org/x/crypto/bcrypt" ) @@ -124,27 +120,7 @@ func NewBrokerServer(logger lager.Logger, conf *config.Config, bindingdb db.Bind r.HandleFunc(routes.BrokerHealthPath, GetHealth) - var addr string - if os.Getenv("APP_AUTOSCALER_TEST_RUN") == "true" { - addr = fmt.Sprintf("localhost:%d", conf.BrokerServer.Port) - } else { - addr = fmt.Sprintf("0.0.0.0:%d", conf.BrokerServer.Port) - } - - var runner ifrit.Runner - if (conf.BrokerServer.TLS.KeyFile == "") || (conf.BrokerServer.TLS.CertFile == "") { - runner = http_server.New(addr, r) - } else { - tlsConfig, err := conf.BrokerServer.TLS.CreateServerConfig() - if err != nil { - logger.Error("failed-new-server-new-tls-config", err, lager.Data{"tls": conf.BrokerServer.TLS}) - return nil, fmt.Errorf("broker server tls error: %w", err) - } - runner = http_server.NewTLSServer(addr, r, tlsConfig) - } - - logger.Info("broker-http-server-created", lager.Data{"serverConfig": conf.BrokerServer}) - return runner, nil + return helpers.NewHTTPServer(logger, conf.BrokerServer, r) } func restrictToMaxBcryptLength(logger lager.Logger, brokerCredential config.BrokerCredentialsConfig) config.BrokerCredentialsConfig { diff --git a/src/autoscaler/api/brokerserver/broker_server_suite_test.go b/src/autoscaler/api/brokerserver/broker_server_suite_test.go index 445f56a144..9101b44928 100644 --- a/src/autoscaler/api/brokerserver/broker_server_suite_test.go +++ b/src/autoscaler/api/brokerserver/broker_server_suite_test.go @@ -7,6 +7,7 @@ import ( "os" "strconv" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" "github.com/pivotal-cf/brokerapi/v10/domain" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/api/brokerserver" @@ -107,7 +108,7 @@ var _ = BeforeSuite(func() { brokerCreds = append(brokerCreds, brokerCred1, brokerCred2) conf = &config.Config{ - BrokerServer: config.ServerConfig{ + BrokerServer: helpers.ServerConfig{ Port: port, }, BrokerCredentials: brokerCreds, diff --git a/src/autoscaler/api/cmd/api/api_suite_test.go b/src/autoscaler/api/cmd/api/api_suite_test.go index c428510c63..9ff19646c3 100644 --- a/src/autoscaler/api/cmd/api/api_suite_test.go +++ b/src/autoscaler/api/cmd/api/api_suite_test.go @@ -10,6 +10,7 @@ import ( "time" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/cf/mocks" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" . "code.cloudfoundry.org/app-autoscaler/src/autoscaler/testhelpers" @@ -116,7 +117,7 @@ var _ = SynchronizedBeforeSuite(func() []byte { publicApiPort = 9000 + GinkgoParallelProcess() healthport = 7000 + GinkgoParallelProcess() - cfg.BrokerServer = config.ServerConfig{ + cfg.BrokerServer = helpers.ServerConfig{ Port: brokerPort, TLS: models.TLSCerts{ KeyFile: filepath.Join(testCertDir, "servicebroker.key"), @@ -124,7 +125,7 @@ var _ = SynchronizedBeforeSuite(func() []byte { CACertFile: filepath.Join(testCertDir, "autoscaler-ca.crt"), }, } - cfg.PublicApiServer = config.ServerConfig{ + cfg.PublicApiServer = helpers.ServerConfig{ Port: publicApiPort, TLS: models.TLSCerts{ KeyFile: filepath.Join(testCertDir, "api.key"), @@ -198,8 +199,10 @@ var _ = SynchronizedBeforeSuite(func() []byte { cfg.CF.ClientID = "client-id" cfg.CF.Secret = "client-secret" cfg.CF.SkipSSLValidation = true - cfg.Health = models.HealthConfig{ - Port: healthport, + cfg.Health = helpers.HealthConfig{ + ServerConfig: helpers.ServerConfig{ + Port: healthport, + }, HealthCheckUsername: "healthcheckuser", HealthCheckPassword: "healthcheckpassword", } diff --git a/src/autoscaler/api/cmd/api/api_test.go b/src/autoscaler/api/cmd/api/api_test.go index 65a18001d6..4dca136b86 100644 --- a/src/autoscaler/api/cmd/api/api_test.go +++ b/src/autoscaler/api/cmd/api/api_test.go @@ -122,8 +122,8 @@ var _ = Describe("Api", func() { runner.Start() }) It("should start both broker and public-api", func() { - Eventually(runner.Session.Buffer, 2*time.Second).Should(Say("api.broker_http_server.broker-http-server-created")) - Eventually(runner.Session.Buffer, 2*time.Second).Should(Say("api.public_api_http_server.public-api-http-server-created")) + Eventually(runner.Session.Buffer, 2*time.Second).Should(Say("api.broker_http_server.new-http-server")) + Eventually(runner.Session.Buffer, 2*time.Second).Should(Say("api.public_api_http_server.new-http-server")) Eventually(runner.Session.Buffer, 2*time.Second).Should(Say("api.started")) }) }) @@ -136,8 +136,8 @@ var _ = Describe("Api", func() { runner.Start() }) It("should start not start broker ", func() { - Eventually(runner.Session.Buffer, 2*time.Second).ShouldNot(Say("api.broker_http_server.broker-http-server-created")) - Eventually(runner.Session.Buffer, 2*time.Second).Should(Say("api.public_api_http_server.public-api-http-server-created")) + Eventually(runner.Session.Buffer, 2*time.Second).ShouldNot(Say("api.broker_http_server.new-http-server")) + Eventually(runner.Session.Buffer, 2*time.Second).Should(Say("api.public_api_http_server.new-http-server")) Eventually(runner.Session.Buffer, 2*time.Second).Should(Say("api.started")) }) }) diff --git a/src/autoscaler/api/config/config.go b/src/autoscaler/api/config/config.go index 06ddc09a59..c3b75f2321 100644 --- a/src/autoscaler/api/config/config.go +++ b/src/autoscaler/api/config/config.go @@ -26,16 +26,11 @@ const ( DefaultCPUUpperThreshold = 100 ) -type ServerConfig struct { - Port int `yaml:"port"` - TLS models.TLSCerts `yaml:"tls"` -} - -var defaultBrokerServerConfig = ServerConfig{ +var defaultBrokerServerConfig = helpers.ServerConfig{ Port: 8080, } -var defaultPublicApiServerConfig = ServerConfig{ +var defaultPublicApiServerConfig = helpers.ServerConfig{ Port: 8081, } @@ -86,8 +81,8 @@ type CPUConfig struct { type Config struct { Logging helpers.LoggingConfig `yaml:"logging"` - BrokerServer ServerConfig `yaml:"broker_server"` - PublicApiServer ServerConfig `yaml:"public_api_server"` + BrokerServer helpers.ServerConfig `yaml:"broker_server"` + PublicApiServer helpers.ServerConfig `yaml:"public_api_server"` DB map[string]db.DatabaseConfig `yaml:"db"` BrokerCredentials []BrokerCredentialsConfig `yaml:"broker_credentials"` APIClientId string `yaml:"api_client_id"` @@ -103,7 +98,7 @@ type Config struct { UseBuildInMode bool `yaml:"use_buildin_mode"` InfoFilePath string `yaml:"info_file_path"` MetricsForwarder MetricsForwarderConfig `yaml:"metrics_forwarder"` - Health models.HealthConfig `yaml:"health"` + Health helpers.HealthConfig `yaml:"health"` RateLimit models.RateLimitConfig `yaml:"rate_limit"` CredHelperImpl string `yaml:"cred_helper_impl"` StoredProcedureConfig *models.StoredProcedureConfig `yaml:"stored_procedure_binding_credential_config"` diff --git a/src/autoscaler/api/publicapiserver/public_api_server.go b/src/autoscaler/api/publicapiserver/public_api_server.go index a64454fed8..bd070f2f90 100644 --- a/src/autoscaler/api/publicapiserver/public_api_server.go +++ b/src/autoscaler/api/publicapiserver/public_api_server.go @@ -3,9 +3,9 @@ package publicapiserver import ( "fmt" "net/http" - "os" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/cred_helper" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers/apis/scalinghistory" "go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux" @@ -20,7 +20,6 @@ import ( "code.cloudfoundry.org/lager/v3" "github.com/gorilla/mux" "github.com/tedsuo/ifrit" - "github.com/tedsuo/ifrit/http_server" ) type VarsFunc func(w http.ResponseWriter, r *http.Request, vars map[string]string) @@ -81,29 +80,7 @@ func NewPublicApiServer(logger lager.Logger, conf *config.Config, policydb db.Po rcredential.Get(routes.PublicApiCreateCredentialRouteName).Handler(VarsFunc(pah.CreateCredential)) rcredential.Get(routes.PublicApiDeleteCredentialRouteName).Handler(VarsFunc(pah.DeleteCredential)) - var addr string - if os.Getenv("APP_AUTOSCALER_TEST_RUN") == "true" { - addr = fmt.Sprintf("localhost:%d", conf.PublicApiServer.Port) - } else { - addr = fmt.Sprintf("0.0.0.0:%d", conf.PublicApiServer.Port) - } - - var runner ifrit.Runner - if (conf.PublicApiServer.TLS.KeyFile == "") || (conf.PublicApiServer.TLS.CertFile == "") { - logger.Info("creating-public-api-http-server") - runner = http_server.New(addr, r) - } else { - logger.Info("creating-public-api-https-server") - tlsConfig, err := conf.PublicApiServer.TLS.CreateServerConfig() - if err != nil { - logger.Error("failed-new-server-new-tls-config", err, lager.Data{"tls": conf.PublicApiServer.TLS}) - return nil, err - } - runner = http_server.NewTLSServer(addr, r, tlsConfig) - } - - logger.Info("public-api-http-server-created", lager.Data{"serverConfig": conf.PublicApiServer}) - return runner, nil + return helpers.NewHTTPServer(logger, conf.PublicApiServer, r) } func newScalingHistoryHandler(logger lager.Logger, conf *config.Config) (http.Handler, error) { diff --git a/src/autoscaler/api/publicapiserver/publicapiserver_suite_test.go b/src/autoscaler/api/publicapiserver/publicapiserver_suite_test.go index 2dd2e8c5bc..361b6412ba 100644 --- a/src/autoscaler/api/publicapiserver/publicapiserver_suite_test.go +++ b/src/autoscaler/api/publicapiserver/publicapiserver_suite_test.go @@ -181,7 +181,7 @@ func CreateConfig(useBuildInMode bool, apiServerPort int) *config.Config { Logging: helpers.LoggingConfig{ Level: "debug", }, - PublicApiServer: config.ServerConfig{ + PublicApiServer: helpers.ServerConfig{ Port: apiServerPort, }, PolicySchemaPath: "../policyvalidator/policy_json.schema.json", diff --git a/src/autoscaler/eventgenerator/cmd/eventgenerator/eventgenerator_suite_test.go b/src/autoscaler/eventgenerator/cmd/eventgenerator/eventgenerator_suite_test.go index 3da000bf6d..9f30510557 100644 --- a/src/autoscaler/eventgenerator/cmd/eventgenerator/eventgenerator_suite_test.go +++ b/src/autoscaler/eventgenerator/cmd/eventgenerator/eventgenerator_suite_test.go @@ -182,11 +182,13 @@ func initConfig() { Level: "debug", }, Server: config.ServerConfig{ - Port: egPort, - TLS: models.TLSCerts{ - KeyFile: filepath.Join(testCertDir, "eventgenerator.key"), - CertFile: filepath.Join(testCertDir, "eventgenerator.crt"), - CACertFile: filepath.Join(testCertDir, "autoscaler-ca.crt"), + ServerConfig: helpers.ServerConfig{ + Port: egPort, + TLS: models.TLSCerts{ + KeyFile: filepath.Join(testCertDir, "eventgenerator.key"), + CertFile: filepath.Join(testCertDir, "eventgenerator.crt"), + CACertFile: filepath.Join(testCertDir, "autoscaler-ca.crt"), + }, }, NodeAddrs: []string{"localhost"}, NodeIndex: 0, @@ -243,8 +245,10 @@ func initConfig() { DefaultBreachDurationSecs: 600, DefaultStatWindowSecs: 300, HttpClientTimeout: 10 * time.Second, - Health: models.HealthConfig{ - Port: healthport, + Health: helpers.HealthConfig{ + ServerConfig: helpers.ServerConfig{ + Port: healthport, + }, HealthCheckUsername: "healthcheckuser", HealthCheckPassword: "healthcheckpassword", }, diff --git a/src/autoscaler/eventgenerator/config/config.go b/src/autoscaler/eventgenerator/config/config.go index 4f04a19fe6..2374263ae6 100644 --- a/src/autoscaler/eventgenerator/config/config.go +++ b/src/autoscaler/eventgenerator/config/config.go @@ -34,10 +34,9 @@ const ( ) type ServerConfig struct { - Port int `yaml:"port"` - TLS models.TLSCerts `yaml:"tls"` - NodeAddrs []string `yaml:"node_addrs"` - NodeIndex int `yaml:"node_index"` + helpers.ServerConfig `yaml:",inline"` + NodeAddrs []string `yaml:"node_addrs"` + NodeIndex int `yaml:"node_index"` } type DBConfig struct { PolicyDB db.DatabaseConfig `yaml:"policy_db"` @@ -80,7 +79,7 @@ type CircuitBreakerConfig struct { type Config struct { Logging helpers.LoggingConfig `yaml:"logging"` Server ServerConfig `yaml:"server"` - Health models.HealthConfig `yaml:"health"` + Health helpers.HealthConfig `yaml:"health"` DB DBConfig `yaml:"db"` Aggregator AggregatorConfig `yaml:"aggregator"` Evaluator EvaluatorConfig `yaml:"evaluator"` @@ -98,10 +97,14 @@ func LoadConfig(config []byte) (*Config, error) { Level: DefaultLoggingLevel, }, Server: ServerConfig{ - Port: DefaultServerPort, + ServerConfig: helpers.ServerConfig{ + Port: DefaultServerPort, + }, }, - Health: models.HealthConfig{ - Port: DefaultHealthServerPort, + Health: helpers.HealthConfig{ + ServerConfig: helpers.ServerConfig{ + Port: DefaultHealthServerPort, + }, }, Aggregator: AggregatorConfig{ AggregatorExecuteInterval: DefaultAggregatorExecuteInterval, diff --git a/src/autoscaler/eventgenerator/config/config_test.go b/src/autoscaler/eventgenerator/config/config_test.go index 463f1651d4..9396f53254 100644 --- a/src/autoscaler/eventgenerator/config/config_test.go +++ b/src/autoscaler/eventgenerator/config/config_test.go @@ -94,17 +94,21 @@ circuitBreaker: Logging: helpers.LoggingConfig{Level: "info"}, HttpClientTimeout: 10 * time.Second, Server: ServerConfig{ - Port: 9080, - TLS: models.TLSCerts{ - KeyFile: "/var/vcap/jobs/autoscaler/config/certs/server.key", - CertFile: "/var/vcap/jobs/autoscaler/config/certs/server.crt", - CACertFile: "/var/vcap/jobs/autoscaler/config/certs/ca.crt", + ServerConfig: helpers.ServerConfig{ + Port: 9080, + TLS: models.TLSCerts{ + KeyFile: "/var/vcap/jobs/autoscaler/config/certs/server.key", + CertFile: "/var/vcap/jobs/autoscaler/config/certs/server.crt", + CACertFile: "/var/vcap/jobs/autoscaler/config/certs/ca.crt", + }, }, NodeAddrs: []string{"address1", "address2"}, NodeIndex: 1, }, - Health: models.HealthConfig{ - Port: 9999, + Health: helpers.HealthConfig{ + ServerConfig: helpers.ServerConfig{ + Port: 9999, + }, }, DB: DBConfig{ PolicyDB: db.DatabaseConfig{ @@ -225,11 +229,15 @@ defaultBreachDurationSecs: 600 Logging: helpers.LoggingConfig{Level: "info"}, HttpClientTimeout: 5 * time.Second, Server: ServerConfig{ - Port: 8080, - TLS: models.TLSCerts{}, + ServerConfig: helpers.ServerConfig{ + Port: 8080, + TLS: models.TLSCerts{}, + }, }, - Health: models.HealthConfig{ - Port: 8081, + Health: helpers.HealthConfig{ + ServerConfig: helpers.ServerConfig{ + Port: 8081, + }, }, DB: DBConfig{ PolicyDB: db.DatabaseConfig{ diff --git a/src/autoscaler/eventgenerator/server/server.go b/src/autoscaler/eventgenerator/server/server.go index 5ad5f5279e..440c688920 100644 --- a/src/autoscaler/eventgenerator/server/server.go +++ b/src/autoscaler/eventgenerator/server/server.go @@ -1,11 +1,10 @@ package server import ( - "fmt" "net/http" - "os" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/eventgenerator/aggregator" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/eventgenerator/config" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/healthendpoint" @@ -14,7 +13,6 @@ import ( "code.cloudfoundry.org/lager/v3" "github.com/gorilla/mux" "github.com/tedsuo/ifrit" - "github.com/tedsuo/ifrit/http_server" ) type VarsFunc func(w http.ResponseWriter, r *http.Request, vars map[string]string) @@ -31,25 +29,10 @@ func NewServer(logger lager.Logger, conf *config.Config, queryAppMetric aggregat r.Use(httpStatusCollectMiddleware.Collect) r.Get(routes.GetAggregatedMetricHistoriesRouteName).Handler(VarsFunc(eh.GetAggregatedMetricHistories)) - var addr string - if os.Getenv("APP_AUTOSCALER_TEST_RUN") == "true" { - addr = fmt.Sprintf("localhost:%d", conf.Server.Port) - } else { - addr = fmt.Sprintf("0.0.0.0:%d", conf.Server.Port) + httpServerConfig := helpers.ServerConfig{ + Port: conf.Server.Port, + TLS: conf.Server.TLS, } - var runner ifrit.Runner - if (conf.Server.TLS.KeyFile == "") || (conf.Server.TLS.CertFile == "") { - runner = http_server.New(addr, r) - } else { - tlsConfig, err := conf.Server.TLS.CreateServerConfig() - if err != nil { - logger.Error("failed-new-server-new-tls-config", err, lager.Data{"tls": conf.Server.TLS}) - return nil, fmt.Errorf("eventGenerator tls config error: %w", err) - } - runner = http_server.NewTLSServer(addr, r, tlsConfig) - } - - logger.Info("http-server-created", lager.Data{"serverConfig": conf.Server}) - return runner, nil + return helpers.NewHTTPServer(logger, httpServerConfig, r) } diff --git a/src/autoscaler/eventgenerator/server/server_suite_test.go b/src/autoscaler/eventgenerator/server/server_suite_test.go index 4269ca08e5..0868c4d8c4 100644 --- a/src/autoscaler/eventgenerator/server/server_suite_test.go +++ b/src/autoscaler/eventgenerator/server/server_suite_test.go @@ -5,6 +5,7 @@ import ( "code.cloudfoundry.org/app-autoscaler/src/autoscaler/eventgenerator/config" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/eventgenerator/server" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/fakes" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/models" "net/url" @@ -32,7 +33,9 @@ var _ = BeforeSuite(func() { port := 1111 + GinkgoParallelProcess() conf := &config.Config{ Server: config.ServerConfig{ - Port: port, + ServerConfig: helpers.ServerConfig{ + Port: port, + }, }, } queryAppMetrics := func(appID string, metricType string, start int64, end int64, orderType db.OrderType) ([]*models.AppMetric, error) { diff --git a/src/autoscaler/healthendpoint/health_readiness_test.go b/src/autoscaler/healthendpoint/health_readiness_test.go index d552880454..bc8ba15c6f 100644 --- a/src/autoscaler/healthendpoint/health_readiness_test.go +++ b/src/autoscaler/healthendpoint/health_readiness_test.go @@ -8,8 +8,7 @@ import ( "sync/atomic" "time" - "code.cloudfoundry.org/app-autoscaler/src/autoscaler/models" - + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" "github.com/pkg/errors" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/healthendpoint" @@ -40,7 +39,7 @@ var _ = Describe("Health Readiness", func() { healthRoute *mux.Router logger lager.Logger checkers []healthendpoint.Checker - config models.HealthConfig + config helpers.HealthConfig timesetter *time.Time ) diff --git a/src/autoscaler/healthendpoint/server.go b/src/autoscaler/healthendpoint/server.go index 6ab165237d..81d4d3186f 100644 --- a/src/autoscaler/healthendpoint/server.go +++ b/src/autoscaler/healthendpoint/server.go @@ -1,14 +1,11 @@ package healthendpoint import ( - "fmt" "net/http" "net/http/pprof" - "os" "time" - "code.cloudfoundry.org/app-autoscaler/src/autoscaler/models" - + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/metricsforwarder/server/common" "code.cloudfoundry.org/lager/v3" @@ -16,7 +13,6 @@ import ( "github.com/prometheus/client_golang/prometheus" "github.com/prometheus/client_golang/prometheus/promhttp" "github.com/tedsuo/ifrit" - "github.com/tedsuo/ifrit/http_server" "golang.org/x/crypto/bcrypt" ) @@ -41,23 +37,19 @@ func (bam *basicAuthenticationMiddleware) middleware(next http.Handler) http.Han // NewServerWithBasicAuth open the healthcheck port with basic authentication. // Make sure that username and password is not empty -func NewServerWithBasicAuth(conf models.HealthConfig, healthCheckers []Checker, logger lager.Logger, gatherer prometheus.Gatherer, time func() time.Time) (ifrit.Runner, error) { +func NewServerWithBasicAuth(conf helpers.HealthConfig, healthCheckers []Checker, logger lager.Logger, gatherer prometheus.Gatherer, time func() time.Time) (ifrit.Runner, error) { healthRouter, err := NewHealthRouter(conf, healthCheckers, logger, gatherer, time) if err != nil { return nil, err } - var addr string - if os.Getenv("APP_AUTOSCALER_TEST_RUN") == "true" { - addr = fmt.Sprintf("localhost:%d", conf.Port) - } else { - addr = fmt.Sprintf("0.0.0.0:%d", conf.Port) + httpServerConfig := helpers.ServerConfig{ + Port: conf.Port, + TLS: conf.TLS, } - - logger.Info("new-health-server-basic-auth", lager.Data{"addr": addr}) - return http_server.New(addr, healthRouter), nil + return helpers.NewHTTPServer(logger, httpServerConfig, healthRouter) } -func NewHealthRouter(conf models.HealthConfig, healthCheckers []Checker, logger lager.Logger, gatherer prometheus.Gatherer, time func() time.Time) (*mux.Router, error) { +func NewHealthRouter(conf helpers.HealthConfig, healthCheckers []Checker, logger lager.Logger, gatherer prometheus.Gatherer, time func() time.Time) (*mux.Router, error) { var healthRouter *mux.Router var err error username := conf.HealthCheckUsername @@ -80,7 +72,7 @@ func NewHealthRouter(conf models.HealthConfig, healthCheckers []Checker, logger return healthRouter, nil } -func healthBasicAuthRouter(conf models.HealthConfig, healthCheckers []Checker, logger lager.Logger, gatherer prometheus.Gatherer, time func() time.Time) (*mux.Router, error) { +func healthBasicAuthRouter(conf helpers.HealthConfig, healthCheckers []Checker, logger lager.Logger, gatherer prometheus.Gatherer, time func() time.Time) (*mux.Router, error) { basicAuthentication, err := createBasicAuthMiddleware(logger, conf.HealthCheckUsernameHash, conf.HealthCheckUsername, conf.HealthCheckPasswordHash, conf.HealthCheckPassword) if err != nil { return nil, err diff --git a/src/autoscaler/models/health.go b/src/autoscaler/helpers/health.go similarity index 96% rename from src/autoscaler/models/health.go rename to src/autoscaler/helpers/health.go index 30d073e7ce..6631359ba7 100644 --- a/src/autoscaler/models/health.go +++ b/src/autoscaler/helpers/health.go @@ -1,4 +1,4 @@ -package models +package helpers import ( "fmt" @@ -7,7 +7,7 @@ import ( ) type HealthConfig struct { - Port int `yaml:"port"` + ServerConfig `yaml:",inline"` HealthCheckUsername string `yaml:"username"` HealthCheckUsernameHash string `yaml:"username_hash"` HealthCheckPassword string `yaml:"password"` diff --git a/src/autoscaler/models/health_test.go b/src/autoscaler/helpers/health_test.go similarity index 81% rename from src/autoscaler/models/health_test.go rename to src/autoscaler/helpers/health_test.go index eb2c9799ff..5a3a411b88 100644 --- a/src/autoscaler/models/health_test.go +++ b/src/autoscaler/helpers/health_test.go @@ -1,11 +1,11 @@ -package models_test +package helpers_test import ( "errors" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" . "code.cloudfoundry.org/app-autoscaler/src/autoscaler/testhelpers" - "code.cloudfoundry.org/app-autoscaler/src/autoscaler/models" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" "gopkg.in/yaml.v3" @@ -13,13 +13,13 @@ import ( var ( healthConfigBytes []byte - healthConfig models.HealthConfig + healthConfig helpers.HealthConfig ) var _ = Describe("Health Config", func() { BeforeEach(func() { healthConfigBytes = []byte{} - healthConfig = models.HealthConfig{} + healthConfig = helpers.HealthConfig{} }) When("Readiness is not supplied", func() { @@ -37,8 +37,10 @@ readiness_enabled: false err = healthConfig.Validate() Expect(err).ToNot(HaveOccurred()) - Expect(healthConfig).To(Equal(models.HealthConfig{ - Port: 9999, + Expect(healthConfig).To(Equal(helpers.HealthConfig{ + ServerConfig: helpers.ServerConfig{ + Port: 9999, + }, HealthCheckUsername: "test-username", HealthCheckPassword: "password", ReadinessCheckEnabled: false, @@ -60,8 +62,10 @@ readiness_enabled: true err = healthConfig.Validate() Expect(err).ToNot(HaveOccurred()) - Expect(healthConfig).To(Equal(models.HealthConfig{ - Port: 9999, + Expect(healthConfig).To(Equal(helpers.HealthConfig{ + ServerConfig: helpers.ServerConfig{ + Port: 9999, + }, HealthCheckUsername: "test-username", HealthCheckPassword: "password", ReadinessCheckEnabled: true, @@ -83,7 +87,7 @@ password_hash: password_hash FailOnError("unable to unmarshal to health config", err) err = healthConfig.Validate() Expect(err).To(HaveOccurred()) - Expect(errors.Is(err, models.ErrConfiguration)).To(BeTrue()) + Expect(errors.Is(err, helpers.ErrConfiguration)).To(BeTrue()) Expect(err.Error()).To(Equal("configuration error: both healthcheck password and healthcheck password_hash are provided, please provide only one of them")) }) }) diff --git a/src/autoscaler/helpers/http_server.go b/src/autoscaler/helpers/http_server.go new file mode 100644 index 0000000000..20651246ca --- /dev/null +++ b/src/autoscaler/helpers/http_server.go @@ -0,0 +1,39 @@ +package helpers + +import ( + "fmt" + "net/http" + "os" + + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/models" + "code.cloudfoundry.org/lager/v3" + "github.com/tedsuo/ifrit" + "github.com/tedsuo/ifrit/http_server" +) + +type ServerConfig struct { + Port int `yaml:"port"` + TLS models.TLSCerts `yaml:"tls"` +} + +func NewHTTPServer(logger lager.Logger, conf ServerConfig, handler http.Handler) (ifrit.Runner, error) { + var addr string + if os.Getenv("APP_AUTOSCALER_TEST_RUN") == "true" { + addr = fmt.Sprintf("localhost:%d", conf.Port) + } else { + addr = fmt.Sprintf("0.0.0.0:%d", conf.Port) + } + + logger.Info("new-http-server", lager.Data{"serverConfig": conf}) + + if (conf.TLS.KeyFile != "") && (conf.TLS.CertFile != "") { + tlsConfig, err := conf.TLS.CreateServerConfig() + if err != nil { + logger.Error("failed-new-server-new-tls-config", err, lager.Data{"tls": conf.TLS}) + return nil, fmt.Errorf("server tls config error: %w", err) + } + return http_server.NewTLSServer(addr, handler, tlsConfig), nil + } + + return http_server.New(addr, handler), nil +} diff --git a/src/autoscaler/integration/components_test.go b/src/autoscaler/integration/components_test.go index 79419cb79b..6031ed1587 100644 --- a/src/autoscaler/integration/components_test.go +++ b/src/autoscaler/integration/components_test.go @@ -213,7 +213,7 @@ func (components *Components) PrepareGolangApiServerConfig(dbURI string, publicA Logging: helpers.LoggingConfig{ Level: LOGLEVEL, }, - PublicApiServer: apiConfig.ServerConfig{ + PublicApiServer: helpers.ServerConfig{ Port: publicApiPort, TLS: models.TLSCerts{ KeyFile: filepath.Join(testCertDir, "api.key"), @@ -221,7 +221,7 @@ func (components *Components) PrepareGolangApiServerConfig(dbURI string, publicA CACertFile: filepath.Join(testCertDir, "autoscaler-ca.crt"), }, }, - BrokerServer: apiConfig.ServerConfig{ + BrokerServer: helpers.ServerConfig{ Port: brokerPort, TLS: models.TLSCerts{ KeyFile: filepath.Join(testCertDir, "servicebroker.key"), @@ -392,11 +392,13 @@ func (components *Components) PrepareEventGeneratorConfig(dbUri string, port int Level: LOGLEVEL, }, Server: egConfig.ServerConfig{ - Port: port, - TLS: models.TLSCerts{ - KeyFile: filepath.Join(testCertDir, "eventgenerator.key"), - CertFile: filepath.Join(testCertDir, "eventgenerator.crt"), - CACertFile: filepath.Join(testCertDir, "autoscaler-ca.crt"), + ServerConfig: helpers.ServerConfig{ + Port: port, + TLS: models.TLSCerts{ + KeyFile: filepath.Join(testCertDir, "eventgenerator.key"), + CertFile: filepath.Join(testCertDir, "eventgenerator.crt"), + CACertFile: filepath.Join(testCertDir, "autoscaler-ca.crt"), + }, }, NodeAddrs: []string{"localhost"}, NodeIndex: 0, @@ -453,7 +455,7 @@ func (components *Components) PrepareScalingEngineConfig(dbURI string, port int, ClientID: "admin", Secret: "admin", }, - Server: seConfig.ServerConfig{ + Server: helpers.ServerConfig{ Port: port, TLS: models.TLSCerts{ KeyFile: filepath.Join(testCertDir, "scalingengine.key"), @@ -632,7 +634,7 @@ func (components *Components) PrepareMetricsServerConfig(dbURI string, httpClien EnvelopeChannelSize: 100, MetricChannelSize: 100, }, - Server: msConfig.ServerConfig{ + Server: helpers.ServerConfig{ Port: httpServerPort, TLS: models.TLSCerts{ KeyFile: filepath.Join(testCertDir, "metricserver.key"), diff --git a/src/autoscaler/metricsforwarder/config/config.go b/src/autoscaler/metricsforwarder/config/config.go index d6e6f3b9d0..60c6e6d164 100644 --- a/src/autoscaler/metricsforwarder/config/config.go +++ b/src/autoscaler/metricsforwarder/config/config.go @@ -23,28 +23,26 @@ const ( type Config struct { Logging helpers.LoggingConfig `yaml:"logging"` - Server ServerConfig `yaml:"server"` + Server helpers.ServerConfig `yaml:"server"` LoggregatorConfig LoggregatorConfig `yaml:"loggregator"` Db map[string]db.DatabaseConfig `yaml:"db"` CacheTTL time.Duration `yaml:"cache_ttl"` CacheCleanupInterval time.Duration `yaml:"cache_cleanup_interval"` PolicyPollerInterval time.Duration `yaml:"policy_poller_interval"` - Health models.HealthConfig `yaml:"health"` + Health helpers.HealthConfig `yaml:"health"` RateLimit models.RateLimitConfig `yaml:"rate_limit"` CredHelperImpl string `yaml:"cred_helper_impl"` StoredProcedureConfig *models.StoredProcedureConfig `yaml:"stored_procedure_binding_credential_config"` } -type ServerConfig struct { - Port int `yaml:"port"` -} - -var defaultServerConfig = ServerConfig{ +var defaultServerConfig = helpers.ServerConfig{ Port: 6110, } -var defaultHealthConfig = models.HealthConfig{ - Port: 8081, +var defaultHealthConfig = helpers.HealthConfig{ + ServerConfig: helpers.ServerConfig{ + Port: 8081, + }, } var defaultLoggingConfig = helpers.LoggingConfig{ diff --git a/src/autoscaler/metricsforwarder/forwarder/forwarder_test.go b/src/autoscaler/metricsforwarder/forwarder/forwarder_test.go index 5891d1f335..2f967a4d99 100644 --- a/src/autoscaler/metricsforwarder/forwarder/forwarder_test.go +++ b/src/autoscaler/metricsforwarder/forwarder/forwarder_test.go @@ -50,7 +50,7 @@ var _ = Describe("MetricForwarder", func() { CACertFile: filepath.Join(testCertDir, "loggregator-ca.crt"), }, } - serverConfig := config.ServerConfig{ + serverConfig := helpers.ServerConfig{ Port: 10000 + GinkgoParallelProcess(), } diff --git a/src/autoscaler/metricsforwarder/server/auth/auth_suite_test.go b/src/autoscaler/metricsforwarder/server/auth/auth_suite_test.go index a5c756d8d4..e6c49bbbc5 100644 --- a/src/autoscaler/metricsforwarder/server/auth/auth_suite_test.go +++ b/src/autoscaler/metricsforwarder/server/auth/auth_suite_test.go @@ -61,7 +61,7 @@ var _ = SynchronizedBeforeSuite(func() []byte { }, MetronAddress: "invalid-host-name-blah:12345", } - serverConfig := config.ServerConfig{ + serverConfig := helpers.ServerConfig{ Port: 2222 + GinkgoParallelProcess(), } diff --git a/src/autoscaler/metricsforwarder/server/server.go b/src/autoscaler/metricsforwarder/server/server.go index 7dedf47a1b..36b531d234 100644 --- a/src/autoscaler/metricsforwarder/server/server.go +++ b/src/autoscaler/metricsforwarder/server/server.go @@ -7,6 +7,7 @@ import ( "code.cloudfoundry.org/app-autoscaler/src/autoscaler/cred_helper" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/db" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/healthendpoint" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/metricsforwarder/config" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/metricsforwarder/forwarder" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/metricsforwarder/server/auth" @@ -17,7 +18,6 @@ import ( "code.cloudfoundry.org/lager/v3" "github.com/patrickmn/go-cache" "github.com/tedsuo/ifrit" - "github.com/tedsuo/ifrit/http_server" ) func NewServer(logger lager.Logger, conf *config.Config, policyDB db.PolicyDB, credentials cred_helper.Credentials, allowedMetricCache cache.Cache, httpStatusCollector healthendpoint.HTTPStatusCollector, rateLimiter ratelimiter.Limiter) (ifrit.Runner, error) { @@ -41,15 +41,5 @@ func NewServer(logger lager.Logger, conf *config.Config, policyDB db.PolicyDB, c r.Use(authenticator.Authenticate) r.Get(routes.PostCustomMetricsRouteName).Handler(common.VarsFunc(mh.VerifyCredentialsAndPublishMetrics)) - var addr string - if os.Getenv("APP_AUTOSCALER_TEST_RUN") == "true" { - addr = fmt.Sprintf("localhost:%d", conf.Server.Port) - } else { - addr = fmt.Sprintf("0.0.0.0:%d", conf.Server.Port) - } - - runner := http_server.New(addr, r) - - logger.Info("metrics-forwarder-http-server-created", lager.Data{"config": conf}) - return runner, nil + return helpers.NewHTTPServer(logger, conf.Server, r) } diff --git a/src/autoscaler/metricsforwarder/server/server_suite_test.go b/src/autoscaler/metricsforwarder/server/server_suite_test.go index 87320ddbe5..827209fd79 100644 --- a/src/autoscaler/metricsforwarder/server/server_suite_test.go +++ b/src/autoscaler/metricsforwarder/server/server_suite_test.go @@ -60,7 +60,7 @@ var _ = SynchronizedBeforeSuite(func() []byte { }, MetronAddress: "invalid-host-name-blah:12345", } - serverConfig := config.ServerConfig{ + serverConfig := helpers.ServerConfig{ Port: 2222 + GinkgoParallelProcess(), } diff --git a/src/autoscaler/metricsgateway/cmd/metricsgateway/metricsgateway_suite_test.go b/src/autoscaler/metricsgateway/cmd/metricsgateway/metricsgateway_suite_test.go index d8b7977cf5..de8c8607b7 100644 --- a/src/autoscaler/metricsgateway/cmd/metricsgateway/metricsgateway_suite_test.go +++ b/src/autoscaler/metricsgateway/cmd/metricsgateway/metricsgateway_suite_test.go @@ -176,8 +176,10 @@ func initConfig() { CACertFile: caPath, }, }, - Health: models.HealthConfig{ - Port: healthport, + Health: helpers.HealthConfig{ + ServerConfig: helpers.ServerConfig{ + Port: healthport, + }, HealthCheckUsername: "metricsgatewayhealthcheckuser", HealthCheckPassword: "metricsgatewayhealthcheckpassword", }, diff --git a/src/autoscaler/metricsgateway/config/config.go b/src/autoscaler/metricsgateway/config/config.go index 300b3a2e8e..232f1a8b9c 100644 --- a/src/autoscaler/metricsgateway/config/config.go +++ b/src/autoscaler/metricsgateway/config/config.go @@ -58,7 +58,7 @@ type Config struct { AppManager AppManagerConfig `yaml:"app_manager"` Emitter EmitterConfig `yaml:"emitter"` Nozzle NozzleConfig `yaml:"nozzle"` - Health models.HealthConfig `yaml:"health"` + Health helpers.HealthConfig `yaml:"health"` } func LoadConfig(config []byte) (*Config, error) { diff --git a/src/autoscaler/metricsgateway/config/config_test.go b/src/autoscaler/metricsgateway/config/config_test.go index 4218d9b3bf..20e3c7fd87 100644 --- a/src/autoscaler/metricsgateway/config/config_test.go +++ b/src/autoscaler/metricsgateway/config/config_test.go @@ -842,8 +842,10 @@ health: CACertFile: "autoscaler_ca.cert", }, }, - Health: models.HealthConfig{ - Port: 8081, + Health: helpers.HealthConfig{ + ServerConfig: helpers.ServerConfig{ + Port: 8081, + }, }, } }) diff --git a/src/autoscaler/metricsserver/collector/collector_suite_test.go b/src/autoscaler/metricsserver/collector/collector_suite_test.go index 029dc194a2..b6fbb059e5 100644 --- a/src/autoscaler/metricsserver/collector/collector_suite_test.go +++ b/src/autoscaler/metricsserver/collector/collector_suite_test.go @@ -6,6 +6,7 @@ import ( "strconv" "time" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" "github.com/tedsuo/ifrit/ginkgomon_v2" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/db" @@ -41,7 +42,9 @@ var _ = BeforeSuite(func() { port := 1111 + GinkgoParallelProcess() serverConf := &collector.ServerConfig{ - Port: port, + ServerConfig: helpers.ServerConfig{ + Port: port, + }, NodeAddrs: []string{fmt.Sprintf("%s:%d", "localhost", port)}, NodeIndex: 0, } diff --git a/src/autoscaler/metricsserver/collector/config.go b/src/autoscaler/metricsserver/collector/config.go index 74c0a8f0a7..aa30608133 100644 --- a/src/autoscaler/metricsserver/collector/config.go +++ b/src/autoscaler/metricsserver/collector/config.go @@ -3,22 +3,23 @@ package collector import ( "fmt" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/metricsserver/config" - "code.cloudfoundry.org/app-autoscaler/src/autoscaler/models" ) // ServerConfig a type to wrap both the config.ServerConfig and config.Config data. type ServerConfig struct { - Port int `yaml:"port"` - TLS models.TLSCerts `yaml:"tls"` - NodeAddrs []string `yaml:"node_addrs"` - NodeIndex int `yaml:"node_index"` + helpers.ServerConfig `yaml:",inline"` + NodeAddrs []string `yaml:"node_addrs"` + NodeIndex int `yaml:"node_index"` } func FromConfig(config *config.Config) ServerConfig { return ServerConfig{ - Port: config.Server.Port, - TLS: config.Server.TLS, + ServerConfig: helpers.ServerConfig{ + Port: config.Server.Port, + TLS: config.Server.TLS, + }, NodeAddrs: withPort(config.NodeAddrs, config.Server.Port), NodeIndex: config.NodeIndex, } diff --git a/src/autoscaler/metricsserver/collector/server.go b/src/autoscaler/metricsserver/collector/server.go index 5236d41fca..802ab74345 100644 --- a/src/autoscaler/metricsserver/collector/server.go +++ b/src/autoscaler/metricsserver/collector/server.go @@ -1,17 +1,15 @@ package collector import ( - "fmt" "net/http" - "os" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/healthendpoint" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/routes" "code.cloudfoundry.org/lager/v3" "github.com/gorilla/mux" "github.com/tedsuo/ifrit" - "github.com/tedsuo/ifrit/http_server" ) type VarsFunc func(w http.ResponseWriter, r *http.Request, vars map[string]string) @@ -29,25 +27,10 @@ func NewServer(logger lager.Logger, serverConfig *ServerConfig, query MetricQuer r.Use(httpStatusCollectMiddleware.Collect) r.Get(routes.GetMetricHistoriesRouteName).Handler(VarsFunc(mh.GetMetricHistories)) - var addr string - if os.Getenv("APP_AUTOSCALER_TEST_RUN") == "true" { - addr = fmt.Sprintf("localhost:%d", serverConfig.Port) - } else { - addr = fmt.Sprintf("0.0.0.0:%d", serverConfig.Port) + httpServerConfig := helpers.ServerConfig{ + Port: serverConfig.Port, + TLS: serverConfig.TLS, } - var runner ifrit.Runner - if (serverConfig.TLS.KeyFile == "") || (serverConfig.TLS.CertFile == "") { - runner = http_server.New(addr, r) - } else { - tlsConfig, err := serverConfig.TLS.CreateServerConfig() - if err != nil { - logger.Error("failed-new-server-new-tls-config", err, lager.Data{"tls": serverConfig.TLS}) - return nil, fmt.Errorf("metrics collector tls error: %w", err) - } - runner = http_server.NewTLSServer(addr, r, tlsConfig) - } - - logger.Info("http-server-created", lager.Data{"serverConfig": serverConfig}) - return runner, nil + return helpers.NewHTTPServer(logger, httpServerConfig, r) } diff --git a/src/autoscaler/metricsserver/collector/ws_server.go b/src/autoscaler/metricsserver/collector/ws_server.go index fc88aacbdf..b788575750 100644 --- a/src/autoscaler/metricsserver/collector/ws_server.go +++ b/src/autoscaler/metricsserver/collector/ws_server.go @@ -1,39 +1,24 @@ package collector import ( - "fmt" - "os" "time" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/healthendpoint" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/models" "code.cloudfoundry.org/go-loggregator/v9/rpc/loggregator_v2" "code.cloudfoundry.org/lager/v3" "github.com/tedsuo/ifrit" - "github.com/tedsuo/ifrit/http_server" ) func NewWSServer(logger lager.Logger, tls models.TLSCerts, port int, keepAlive time.Duration, envelopeChannels []chan *loggregator_v2.Envelope, httpStatusCollector healthendpoint.HTTPStatusCollector) (ifrit.Runner, error) { wsHandler := NewWSMessageHandler(logger.Session("ws_handler"), envelopeChannels, keepAlive) - var addr string - if os.Getenv("APP_AUTOSCALER_TEST_RUN") == "true" { - addr = fmt.Sprintf("localhost:%d", port) - } else { - addr = fmt.Sprintf("0.0.0.0:%d", port) - } - var runner ifrit.Runner - if (tls.KeyFile == "") || (tls.CertFile == "") { - runner = http_server.New(addr, wsHandler) - } else { - tlsConfig, err := tls.CreateServerConfig() - if err != nil { - logger.Error("failed-new-websocket-server-new-tls-config", err) - return nil, fmt.Errorf("ws server tls config error:%w", err) - } - runner = http_server.NewTLSServer(addr, wsHandler, tlsConfig) + httpServerConfig := helpers.ServerConfig{ + Port: port, + TLS: tls, } - logger.Info("websocket-server-created", lager.Data{"port": port}) - return runner, nil + + return helpers.NewHTTPServer(logger, httpServerConfig, wsHandler) } diff --git a/src/autoscaler/metricsserver/config/config.go b/src/autoscaler/metricsserver/config/config.go index 5c86669062..85a5b671f3 100644 --- a/src/autoscaler/metricsserver/config/config.go +++ b/src/autoscaler/metricsserver/config/config.go @@ -49,11 +49,6 @@ type CollectorConfig struct { MetricChannelSize int `yaml:"metric_channel_size"` } -type ServerConfig struct { - Port int `yaml:"port"` - TLS models.TLSCerts `yaml:"tls"` -} - type Config struct { Logging helpers.LoggingConfig `yaml:"logging"` HttpClientTimeout time.Duration `yaml:"http_client_timeout"` @@ -61,8 +56,8 @@ type Config struct { NodeIndex int `yaml:"node_index"` DB DBConfig `yaml:"db"` Collector CollectorConfig `yaml:"collector"` - Server ServerConfig `yaml:"server"` - Health models.HealthConfig `yaml:"health"` + Server helpers.ServerConfig `yaml:"server"` + Health helpers.HealthConfig `yaml:"health"` } func LoadConfig(reader io.Reader) (*Config, error) { @@ -71,8 +66,10 @@ func LoadConfig(reader io.Reader) (*Config, error) { Level: DefaultLoggingLevel, }, HttpClientTimeout: DefaultHttpClientTimeout, - Health: models.HealthConfig{ - Port: DefaultHealthPort, + Health: helpers.HealthConfig{ + ServerConfig: helpers.ServerConfig{ + Port: DefaultHealthPort, + }, }, Collector: CollectorConfig{ WSPort: DefaultWSPort, @@ -86,7 +83,7 @@ func LoadConfig(reader io.Reader) (*Config, error) { EnvelopeChannelSize: DefaultEnvelopeChannelSize, MetricChannelSize: DefaultMetricChannelSize, }, - Server: ServerConfig{ + Server: helpers.ServerConfig{ Port: DefaultHTTPServerPort, }, } diff --git a/src/autoscaler/operator/config/config.go b/src/autoscaler/operator/config/config.go index d7220cd775..b1b25d025e 100644 --- a/src/autoscaler/operator/config/config.go +++ b/src/autoscaler/operator/config/config.go @@ -58,13 +58,15 @@ type AppSyncerConfig struct { SyncInterval time.Duration `yaml:"sync_interval"` } -var defaultHealthConfig = models.HealthConfig{ - Port: 8081, +var defaultHealthConfig = helpers.HealthConfig{ + ServerConfig: helpers.ServerConfig{ + Port: 8081, + }, } type Config struct { CF cf.Config `yaml:"cf"` - Health models.HealthConfig `yaml:"health"` + Health helpers.HealthConfig `yaml:"health"` Logging helpers.LoggingConfig `yaml:"logging"` InstanceMetricsDB DbPrunerConfig `yaml:"instance_metrics_db"` AppMetricsDB DbPrunerConfig `yaml:"app_metrics_db"` diff --git a/src/autoscaler/scalingengine/cmd/scalingengine/scalingengine_test.go b/src/autoscaler/scalingengine/cmd/scalingengine/scalingengine_test.go index 7ecab4a3d8..2da28f1adc 100644 --- a/src/autoscaler/scalingengine/cmd/scalingengine/scalingengine_test.go +++ b/src/autoscaler/scalingengine/cmd/scalingengine/scalingengine_test.go @@ -51,7 +51,7 @@ var _ = Describe("Main", func() { }) It("health server starts directly", func() { - Eventually(runner.Session.Buffer, 2*time.Second).Should(gbytes.Say("scalingengine.health-server.new-health-server")) + Eventually(runner.Session.Buffer, 2*time.Second).Should(gbytes.Say("scalingengine.health-server.new-http-server")) }) }) diff --git a/src/autoscaler/scalingengine/config/config.go b/src/autoscaler/scalingengine/config/config.go index d7c31b5598..15ee855b6e 100644 --- a/src/autoscaler/scalingengine/config/config.go +++ b/src/autoscaler/scalingengine/config/config.go @@ -11,7 +11,6 @@ import ( "code.cloudfoundry.org/app-autoscaler/src/autoscaler/cf" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/db" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" - "code.cloudfoundry.org/app-autoscaler/src/autoscaler/models" ) const ( @@ -22,17 +21,14 @@ var defaultCFConfig = cf.Config{ ClientConfig: cf.ClientConfig{SkipSSLValidation: false}, } -type ServerConfig struct { - Port int `yaml:"port"` - TLS models.TLSCerts `yaml:"tls"` -} - -var defaultServerConfig = ServerConfig{ +var defaultServerConfig = helpers.ServerConfig{ Port: 8080, } -var defaultHealthConfig = models.HealthConfig{ - Port: 8081, +var defaultHealthConfig = helpers.HealthConfig{ + ServerConfig: helpers.ServerConfig{ + Port: 8081, + }, } var defaultLoggingConfig = helpers.LoggingConfig{ @@ -52,8 +48,8 @@ type SynchronizerConfig struct { type Config struct { CF cf.Config `yaml:"cf"` Logging helpers.LoggingConfig `yaml:"logging"` - Server ServerConfig `yaml:"server"` - Health models.HealthConfig `yaml:"health"` + Server helpers.ServerConfig `yaml:"server"` + Health helpers.HealthConfig `yaml:"health"` DB DBConfig `yaml:"db"` DefaultCoolDownSecs int `yaml:"defaultCoolDownSecs"` LockSize int `yaml:"lockSize"` diff --git a/src/autoscaler/scalingengine/server/server.go b/src/autoscaler/scalingengine/server/server.go index e424c36063..b9133179d1 100644 --- a/src/autoscaler/scalingengine/server/server.go +++ b/src/autoscaler/scalingengine/server/server.go @@ -1,10 +1,9 @@ package server import ( - "os" - "code.cloudfoundry.org/app-autoscaler/src/autoscaler/db" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/healthendpoint" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers/apis/scalinghistory" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/routes" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/scalingengine" @@ -14,7 +13,6 @@ import ( "code.cloudfoundry.org/lager/v3" "github.com/gorilla/mux" "github.com/tedsuo/ifrit" - "github.com/tedsuo/ifrit/http_server" "go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux" "fmt" @@ -50,25 +48,7 @@ func NewServer(logger lager.Logger, conf *config.Config, scalingEngineDB db.Scal r.Get(routes.SyncActiveSchedulesRouteName).Handler(VarsFunc(syncHandler.Sync)) - var addr string - if os.Getenv("APP_AUTOSCALER_TEST_RUN") == "true" { - addr = fmt.Sprintf("localhost:%d", conf.Server.Port) - } else { - addr = fmt.Sprintf("0.0.0.0:%d", conf.Server.Port) - } - - logger.Info("new-http-server", lager.Data{"serverConfig": conf.Server}) - - if (conf.Server.TLS.KeyFile != "") && (conf.Server.TLS.CertFile != "") { - tlsConfig, err := conf.Server.TLS.CreateServerConfig() - if err != nil { - logger.Error("failed-new-server-new-tls-config", err, lager.Data{"tls": conf.Server.TLS}) - return nil, fmt.Errorf("scalingengine tls config error: %w", err) - } - return http_server.NewTLSServer(addr, r, tlsConfig), nil - } - - return http_server.New(addr, r), nil + return helpers.NewHTTPServer(logger, conf.Server, r) } func newScalingHistoryHandler(logger lager.Logger, scalingEngineDB db.ScalingEngineDB) (http.Handler, error) { diff --git a/src/autoscaler/scalingengine/server/server_test.go b/src/autoscaler/scalingengine/server/server_test.go index 4f0b17e309..d3fbff3192 100644 --- a/src/autoscaler/scalingengine/server/server_test.go +++ b/src/autoscaler/scalingengine/server/server_test.go @@ -2,6 +2,7 @@ package server_test import ( "code.cloudfoundry.org/app-autoscaler/src/autoscaler/fakes" + "code.cloudfoundry.org/app-autoscaler/src/autoscaler/helpers" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/models" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/routes" "code.cloudfoundry.org/app-autoscaler/src/autoscaler/scalingengine/config" @@ -32,7 +33,7 @@ var _ = SynchronizedBeforeSuite(func() []byte { }, func(_ []byte) { port := 2222 + GinkgoParallelProcess() conf := &config.Config{ - Server: config.ServerConfig{ + Server: helpers.ServerConfig{ Port: port, }, }