Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLS support for HTTP Endpoint of Collector server #2798

Merged
merged 9 commits into from
Feb 8, 2021
Merged

TLS support for HTTP Endpoint of Collector server #2798

merged 9 commits into from
Feb 8, 2021

Conversation

rjs211
Copy link
Contributor

@rjs211 rjs211 commented Feb 7, 2021
edited
Loading

Which problem is this PR solving?

Short description of the changes

  • independent TLS flags are exposed for gRPC and HTTP endpoints, enabling the user to provide different set of key, cert, CA-Cert , etc for each communication channal.

  • provides the option of enabling TLS/mTLS in none, either one or both of HTTP and gRPC endpoints.

Todo

  • CHANGELOG.md entry

@rjs211 rjs211 requested a review from a team as a code owner February 7, 2021 06:31
@rjs211 rjs211 requested a review from vprithvi February 7, 2021 06:31
@mergify mergify bot requested a review from jpkrohling February 7, 2021 06:31
@rjs211 rjs211 marked this pull request as draft February 7, 2021 06:41
yurishkuro
yurishkuro reviewed Feb 7, 2021
View reviewed changes
Copy link
Member

@yurishkuro yurishkuro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall lgtm. The unit tests are failing to compile though.

cmd/collector/app/collector.go Outdated Show resolved Hide resolved
cmd/collector/app/builder_flags.go
@@ -40,12 +40,18 @@ const (
collectorZipkinAllowedHeaders = "collector.zipkin.allowed-headers"
)

var tlsFlagsConfig = tlscfg.ServerFlagsConfig{
var tlsGRPCFlagsConfig = tlscfg.ServerFlagsConfig{
Prefix: "collector.grpc",
ShowEnabled: true,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps we should remove this option, it is never false

$ grx 'ShowEnabled: ' .
./cmd/collector/app/builder_flags.go:45:	ShowEnabled:  true,
./cmd/agent/app/reporter/grpc/flags.go:36:	ShowEnabled:    true,
./cmd/query/app/flags.go:52:	ShowEnabled:  true,
./cmd/query/app/flags.go:58:	ShowEnabled:  true,
./plugin/storage/cassandra/options.go:250:		ShowEnabled:    true,
./plugin/storage/es/options.go:139:		ShowEnabled:    true,
./pkg/config/tlscfg/flags_test.go:51:				ShowEnabled:    true,
./pkg/config/tlscfg/flags_test.go:98:				ShowEnabled:  true,
./pkg/kafka/auth/config.go:94:		ShowEnabled:    true,
./pkg/kafka/auth/options.go:113:		ShowEnabled:    true,

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you want me to do this as a part of the same PR?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

up to you

@rjs211
correcting config mismatch, failing unit test
62b6d79 
Signed-off-by: rjs211 <srivatsa211@gmail.com>
@codecov
Copy link

codecov bot commented Feb 7, 2021
edited
Loading

Codecov Report

Merging #2798 (03107be) into master (169322f) will increase coverage by 0.04%.
The diff coverage is 100.00%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #2798      +/-   ##
==========================================
+ Coverage   95.88%   95.93%   +0.04%     
==========================================
  Files         218      218              
  Lines        9606     9620      +14     
==========================================
+ Hits         9211     9229      +18     
+ Misses        327      323       -4     
  Partials       68       68
Impacted Files Coverage Δ
cmd/collector/app/builder_flags.go 100.00% <100.00%> (ø)
cmd/collector/app/collector.go 78.08% <100.00%> (+3.43%) ⬆️
cmd/collector/app/server/http.go 100.00% <100.00%> (+12.00%) ⬆️
cmd/query/app/static_handler.go 95.16% <0.00%> (-1.62%) ⬇️
cmd/collector/app/server/zipkin.go 76.92% <0.00%> (+3.84%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 169322f...cd29744. Read the comment docs.

@rjs211
minor refactor
d3c2c8d 
Signed-off-by: rjs211 <srivatsa211@gmail.com>
@rjs211
added testcase for collector's HTTP TLS at receiver
5ba777b 
Signed-off-by: rjs211 <srivatsa211@gmail.com>
yurishkuro
yurishkuro reviewed Feb 7, 2021
View reviewed changes
Copy link
Member

@yurishkuro yurishkuro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code lgtm, but coverage will decrease by 0.10%. Can you add tests to exercise the new paths?

@rjs211
rearraging for error logic
0915bca 
Signed-off-by: rjs211 <srivatsa211@gmail.com>
@rjs211
Adding table based test cases
a07970e 
Signed-off-by: rjs211 <srivatsa211@gmail.com>
@rjs211
dummy commit for git resync
473c063 
Signed-off-by: rjs211 <srivatsa211@gmail.com>
@rjs211 rjs211 marked this pull request as ready for review February 8, 2021 16:44
@yurishkuro
Copy link
Member

any other tests could be added to increase the PR coverage above 95%?

rjs211
rjs211 commented Feb 8, 2021
View reviewed changes
cmd/collector/app/collector.go Outdated Show resolved Hide resolved
@davidcmitchell davidcmitchell mentioned this pull request Feb 8, 2021
Closed
2 tasks
@rjs211
removing redundant error capture for TLS certificate watcher close me…
cd29744 
…thod

Signed-off-by: rjs211 <srivatsa211@gmail.com>
@yurishkuro
Copy link
Member

codeov is stuck again, but the report shows +0.04%

https://codecov.io/github/jaegertracing/jaeger/commit/03107bed1254f3fc1b5fa2c6ae6d833856412c64

@yurishkuro yurishkuro merged commit d23b3e2 into jaegertracing:master Feb 8, 2021
@rjs211
Copy link
Contributor Author

rjs211 commented Feb 8, 2021
edited
Loading

@yurishkuro Actually im yet to make CHANGELOG.md entry. Is it possible to revert the commit? I dont want to waste another PR for that..

UPDATE: never mind. Just learnt that reverting creates a new PR as well!! sorry to bother you.

@yurishkuro
Copy link
Member

No need, as this is not a breaking change but a new feature it will be added as part of the release process. Also, we have an abundant number of available PR numbers, so it's ok to waste them 😛

@albertteoh albertteoh mentioned this pull request Feb 23, 2021
Merged
@dependabot dependabot bot mentioned this pull request Mar 8, 2021
Closed
@jannyHou jannyHou mentioned this pull request May 20, 2021
Closed
@Saad-Hussain1 Saad-Hussain1 mentioned this pull request Sep 28, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yurishkuro yurishkuro yurishkuro left review comments

@davidcmitchell davidcmitchell davidcmitchell left review comments

@vprithvi vprithvi Awaiting requested review from vprithvi

@jpkrohling jpkrohling Awaiting requested review from jpkrohling

Assignees

@jpkrohling jpkrohling

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@rjs211 @yurishkuro @davidcmitchell @jpkrohling