diff --git a/providers/grpcclient/examples/examples.yaml b/providers/grpcclient/examples/examples.yaml new file mode 100644 index 00000000..229f151b --- /dev/null +++ b/providers/grpcclient/examples/examples.yaml @@ -0,0 +1,11 @@ +examples: + +# insecure_skip_verify: true +grpc-client: + addr: ai-proxy-grpc.erda.cloud:443 + tls: + insecure_skip_verify: true + +# notls (default) +#grpc-client: +# addr: localhost:8082 diff --git a/providers/grpcclient/examples/main.go b/providers/grpcclient/examples/main.go new file mode 100644 index 00000000..d3f64553 --- /dev/null +++ b/providers/grpcclient/examples/main.go @@ -0,0 +1,55 @@ +// Copyright (c) 2021 Terminus, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package main + +import ( + "context" + "fmt" + "os" + + "github.com/erda-project/erda-infra/base/servicehub" + "github.com/erda-project/erda-infra/providers/grpcclient" + _ "github.com/erda-project/erda-infra/providers/grpcclient" +) + +type provider struct { + GRPCClient grpcclient.Interface `optional:"false"` +} + +func (p *provider) Run(ctx context.Context) error { + fmt.Println(p.GRPCClient.Get().Target()) + fmt.Println(p.GRPCClient.Get().GetState()) + return nil +} + +func (p *provider) Init(ctx servicehub.Context) error { + return nil +} + +func init() { + servicehub.Register("examples", &servicehub.Spec{ + Services: []string{"hello"}, + Dependencies: []string{"grpc-client"}, + Description: "hello for example", + Creator: func() servicehub.Provider { + return &provider{} + }, + }) +} + +func main() { + hub := servicehub.New() + hub.Run("examples", "", os.Args...) +} diff --git a/providers/grpcclient/provider.go b/providers/grpcclient/provider.go index 0eb41b7b..32296fc6 100644 --- a/providers/grpcclient/provider.go +++ b/providers/grpcclient/provider.go @@ -16,15 +16,17 @@ package grpcclient import ( "context" + "crypto/tls" "fmt" "reflect" + "google.golang.org/grpc" + "google.golang.org/grpc/credentials" + "github.com/erda-project/erda-infra/base/logs" "github.com/erda-project/erda-infra/base/servicehub" grpccontext "github.com/erda-project/erda-infra/pkg/trace/inject/context/grpc" transgrpc "github.com/erda-project/erda-infra/pkg/transport/grpc" - "google.golang.org/grpc" - "google.golang.org/grpc/credentials" ) // Interface . @@ -44,6 +46,7 @@ type config struct { TLS struct { ServerNameOverride string `file:"cert_file" desc:"the server name used to verify the hostname returned by the TLS handshake"` CAFile string `file:"ca_file" desc:"the file containing the CA root cert file"` + InsecureSkipVerify bool `file:"insecure_skip_verify" desc:"skip verify"` } `file:"tls"` Singleton bool `file:"singleton" default:"true" desc:"one client instance"` Block bool `file:"block" default:"true" desc:"block until the connection is up"` @@ -66,7 +69,17 @@ func (p *provider) Init(ctx servicehub.Context) error { } opts = append(opts, grpc.WithTransportCredentials(creds)) } else { - opts = append(opts, grpc.WithInsecure()) + // distinguish `no tls` or `tls: insecure skip verify` + notls := true // default no tls, compatible with old config + if p.Cfg.TLS.InsecureSkipVerify { + notls = false + } + if notls { + opts = append(opts, grpc.WithInsecure()) + } else { + insecureSkipVerifyTLS := credentials.NewTLS(&tls.Config{InsecureSkipVerify: true}) + opts = append(opts, grpc.WithTransportCredentials(insecureSkipVerifyTLS)) + } } if p.Cfg.TraceEnable { opts = append(opts,