Skip to content
This repository was archived by the owner on Jun 14, 2023. It is now read-only.

Commit e61c0b1

Browse files
authored
Support TLS with gRPCReporter (#62)
1 parent 7ba623d commit e61c0b1

File tree

8 files changed

+117
-8
lines changed

8 files changed

+117
-8
lines changed

Makefile

+1-1
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ deps:
2727

2828
.PHONY: test
2929
test:
30-
go test -v -race -cover -coverprofile=coverage.txt -covermode=atomic `go list ./... | grep -v github.com/SkyAPM/go2sky/reporter/grpc`
30+
go test -v -race -cover -coverprofile=coverage.txt -covermode=atomic `go list ./... | grep -v github.com/SkyAPM/go2sky/reporter/grpc | grep -v github.com/SkyAPM/go2sky/test`
3131

3232
.PHONY: proto-gen
3333
proto-gen:

README.md

+4-3
Original file line numberDiff line numberDiff line change
@@ -17,14 +17,15 @@ The API of this project is still evolving. The use of vendoring tool is recommen
1717
# Quickstart
1818

1919
By completing this quickstart, you will learn how to trace local methods. For more details, please view
20-
[the example](example_trace_test.go)
20+
[the example](example_trace_test.go).
2121

2222
## Configuration
2323

2424
GO2Sky can export traces to Apache SkyWalking OAP server or local logger. In the following example, we configure GO2Sky to export to OAP server,
25-
which is listening on `oap-skywalking` port `11800`, and all of the spans from this program will be associated with a service name `example`.
25+
which is listening on `oap-skywalking` port `11800`, and all the spans from this program will be associated with a service name `example`.
26+
`reporter.GRPCReporter` can also adjust the behavior through `reporter.GRPCReporterOption`, [view all](docs/GRPC-Reporter-Option.md).
2627

27-
```go
28+
```go
2829
r, err := reporter.NewGRPCReporter("oap-skywalking:11800")
2930
if err != nil {
3031
log.Fatalf("new reporter error %v \n", err)

docs/GRPC-Reporter-Option.md

+11
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
### GRPCReporterOption
2+
3+
`GRPCReporterOption` allows for functional options to adjust behaviour of a `gRPC` reporter to be created by `NewGRPCReporter`.
4+
5+
| Function | Describe |
6+
| ---------- | --- |
7+
| `reporter.WithLogger` | setup logger for gRPC reporter |
8+
| `reporter.WithCheckInterval` | setup service and endpoint registry check interval |
9+
| `reporter.WithInstanceProps` | setup service instance properties eg: org=SkyAPM |
10+
| `reporter.WithTransportCredentials` | setup transport layer security |
11+
| `reporter.WithAuthentication` | used Authentication for gRPC |

reporter/grpc.go

+24-4
Original file line numberDiff line numberDiff line change
@@ -30,14 +30,15 @@ import (
3030
managementv3 "github.com/SkyAPM/go2sky/reporter/grpc/management"
3131
"google.golang.org/grpc"
3232
"google.golang.org/grpc/connectivity"
33+
"google.golang.org/grpc/credentials"
3334
"google.golang.org/grpc/metadata"
3435
)
3536

3637
const (
3738
maxSendQueueSize int32 = 30000
3839
defaultCheckInterval = 20 * time.Second
3940
defaultLogPrefix = "go2sky-gRPC"
40-
authKey = "Authentication"
41+
authKey = "Authentication"
4142
)
4243

4344
// NewGRPCReporter create a new reporter to send data to gRPC oap server. Only one backend address is allowed.
@@ -50,7 +51,16 @@ func NewGRPCReporter(serverAddr string, opts ...GRPCReporterOption) (go2sky.Repo
5051
for _, o := range opts {
5152
o(r)
5253
}
53-
conn, err := grpc.Dial(serverAddr, grpc.WithInsecure()) //TODO add TLS
54+
55+
var credsDialOption grpc.DialOption
56+
if r.creds != nil {
57+
// use tls
58+
credsDialOption = grpc.WithTransportCredentials(r.creds)
59+
} else {
60+
credsDialOption = grpc.WithInsecure()
61+
}
62+
63+
conn, err := grpc.Dial(serverAddr, credsDialOption)
5464
if err != nil {
5565
return nil, err
5666
}
@@ -92,9 +102,17 @@ func WithInstanceProps(props map[string]string) GRPCReporterOption {
92102
}
93103
}
94104

105+
// WithTransportCredentials setup transport layer security
106+
func WithTransportCredentials(creds credentials.TransportCredentials) GRPCReporterOption {
107+
return func(r *gRPCReporter) {
108+
r.creds = creds
109+
}
110+
}
111+
112+
// WithAuthentication used Authentication for gRPC
95113
func WithAuthentication(auth string) GRPCReporterOption {
96114
return func(r *gRPCReporter) {
97-
r.md = metadata.New( map[string]string{authKey: auth})
115+
r.md = metadata.New(map[string]string{authKey: auth})
98116
}
99117
}
100118

@@ -108,7 +126,9 @@ type gRPCReporter struct {
108126
traceClient agentv3.TraceSegmentReportServiceClient
109127
managementClient managementv3.ManagementServiceClient
110128
checkInterval time.Duration
111-
md metadata.MD;
129+
130+
md metadata.MD
131+
creds credentials.TransportCredentials
112132
}
113133

114134
func (r *gRPCReporter) Boot(service string, serviceInstance string) {

reporter/grpc_test.go

+20
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,7 @@ import (
3232
managementv3 "github.com/SkyAPM/go2sky/reporter/grpc/management"
3333
"github.com/SkyAPM/go2sky/reporter/grpc/management/mock_management"
3434
"github.com/golang/mock/gomock"
35+
"google.golang.org/grpc/credentials"
3536
)
3637

3738
const (
@@ -126,9 +127,19 @@ func TestGRPCReporter_Close(t *testing.T) {
126127
}
127128

128129
func TestGRPCReporterOption(t *testing.T) {
130+
// props
129131
instanceProps := make(map[string]string)
130132
instanceProps["org"] = "SkyAPM"
133+
134+
// log
131135
logger := log.New(os.Stderr, "WithLogger", log.LstdFlags)
136+
137+
// tls
138+
creds, err := credentials.NewClientTLSFromFile("../test/test-data/certs/cert.crt", "SkyAPM.org")
139+
if err != nil {
140+
t.Error(err)
141+
}
142+
132143
tests := []struct {
133144
name string
134145
option GRPCReporterOption
@@ -184,6 +195,15 @@ func TestGRPCReporterOption(t *testing.T) {
184195
}
185196
},
186197
},
198+
{
199+
name: "with tls",
200+
option: WithTransportCredentials(creds),
201+
verifyFunc: func(t *testing.T, reporter *gRPCReporter) {
202+
if reporter.creds != creds {
203+
t.Error("error are not set TransportCredentials")
204+
}
205+
},
206+
},
187207
}
188208

189209
for _, tt := range tests {

test/test-data/certs/README.md

+8
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
# Self-signed certificates
2+
3+
openssl genrsa -out cert.key 2048
4+
openssl req -new -x509 -sha256 -key cert.key -out cert.crt -days 3650
5+
6+
For the common name, please type the following FQDN:
7+
8+
SkyAPM.org

test/test-data/certs/cert.crt

+22
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
-----BEGIN CERTIFICATE-----
2+
MIIDlTCCAn2gAwIBAgIUKKpIHrwwKjkL3tfvAyb9Zw/n+A4wDQYJKoZIhvcNAQEL
3+
BQAwWjELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
4+
GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDETMBEGA1UEAwwKU2t5QVBNLm9yZzAe
5+
Fw0yMDA2MDkxNjA3MzBaFw0zMDA2MDcxNjA3MzBaMFoxCzAJBgNVBAYTAkFVMRMw
6+
EQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0
7+
eSBMdGQxEzARBgNVBAMMClNreUFQTS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
8+
DwAwggEKAoIBAQCtgxmr32F3f9GSn4ZeK8+X/LkD9Nu3znWWOYF1Jw2wcYm+8S+4
9+
ru/roz5IQSNQZDmoAXZVkOjLhO8OG+qMwKy/ZKBxVFN8wL0n0Q+EPDkDCeY+9dTJ
10+
c7w/5fIHvvnj2dgEppWdq+mAGaC/XJuGVfxRAEfsckn9EBDmf5XqH0P5emZHnLV2
11+
OoBZOP6H2pjXcy8F2O6+ZUMzn+mQE7mGN8QpUq+odcab2D65WgPyyuaThX56ivWA
12+
MeOB76BMkOZ0G5H6zWQ2HcWHd/oKHMaoCIWvgtMZ51Lj3AaM2UeCjZrLvyTQzCtn
13+
Zyp6KgHpoHYxGk4zBU4/xxruiGdKf2Lc5l2fAgMBAAGjUzBRMB0GA1UdDgQWBBTK
14+
JMnMwE46jfvumrMQTxiZ/I/XDjAfBgNVHSMEGDAWgBTKJMnMwE46jfvumrMQTxiZ
15+
/I/XDjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCkuiKAdOaL
16+
440+5VPHsq+xkno6mEA7qfVznj7CeVMWiMMJYYpsw9dMA9KkJCZB7HrUlj3MqH7m
17+
KZaDcD4Sdkd9ysD+Lhm0uurESpAEi3O6tpZI7xrLKq3LY7lWGQvTKkgAaNtUk7mY
18+
8Kc2rxnj/OJM/5e14OVJZN6cjmhsp3wS5lA5zc3XdYVYj0FRjclIQPx5Cx2uDfQo
19+
GlYK+gD1iOrROM6ydAzwktcer6YN78IFjhWe1jsLAblLJwy05RGMPZYdjvfk58m1
20+
J0IMdYcZ4+iyEuSUlauf7WwreUjwWpfYfVUlhQtTLERqhm3UrI68teh5zD/saeVQ
21+
DHXRlcyKcJK0
22+
-----END CERTIFICATE-----

test/test-data/certs/cert.key

+27
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
-----BEGIN RSA PRIVATE KEY-----
2+
MIIEowIBAAKCAQEArYMZq99hd3/Rkp+GXivPl/y5A/Tbt851ljmBdScNsHGJvvEv
3+
uK7v66M+SEEjUGQ5qAF2VZDoy4TvDhvqjMCsv2SgcVRTfMC9J9EPhDw5AwnmPvXU
4+
yXO8P+XyB77549nYBKaVnavpgBmgv1ybhlX8UQBH7HJJ/RAQ5n+V6h9D+XpmR5y1
5+
djqAWTj+h9qY13MvBdjuvmVDM5/pkBO5hjfEKVKvqHXGm9g+uVoD8srmk4V+eor1
6+
gDHjge+gTJDmdBuR+s1kNh3Fh3f6ChzGqAiFr4LTGedS49wGjNlHgo2ay78k0Mwr
7+
Z2cqeioB6aB2MRpOMwVOP8ca7ohnSn9i3OZdnwIDAQABAoIBAGt6IKWw6bvOxe8P
8+
t3iPpLhdh/EmdA8n6PhTyJfbyAP6YDuRRGEeo2iPpp21E33Rh1FFDpqz9y9RuY5A
9+
xonHM3oeh6+Lb2eAL+sA+Z6MezghoqhvOA5NDVd7RO99YWa84q0Gzvhqq2l49nRy
10+
lbehfXhjNyoEJUaG9CEC+Mab9UwLerXpgOXLHKfDpmUGTyO7PO79lYSWkTFQkYLy
11+
SvFFddl2Klh+4v/kk+dASJnk971liH/ln3UpUvS0wSouYIm/TBwSsdUUCQAUzJ50
12+
iiKzqc9wtaAWwuS5B5SQ84+53gL/bk7TFTRjDczvuvqqCnbEpvxzoaPW8JfL/YDn
13+
xAH7EZkCgYEA4PF1b4J48KmVR8oHcjNe/OGqncGe+CTcUDOP+50y+oaeQ3QVGYb5
14+
a08EV8oumITwxzY1yQWPsXUVzDVr6nDNaqrZV8ZOzEoTe16JWE6L5/YbwVxyzTDZ
15+
lOxEHeu4jHHuWJeuuYP7pfO+7bT2rOyglDBzNZgu8a46qwbOQXn8HfMCgYEAxXfT
16+
v7d0yW0oXRg9FNT8w5+ydaAUS8CJhsLb7anacnPxufZN5kE/8Un1HOsozyrujfpA
17+
yJi4yJds0GhyY3CmQiFW0rezMCDSCQoF1ZY13RnQk+0qV7SCyryCa22K+pTu87k3
18+
c5Gz4uqQSTgrWjxKEOCR8cLqXBMQzZT25xfwsKUCgYAQTa/jSyOU3dWyBFSR1GNY
19+
FMsW8AejmJhXP8V5yST+v28NGIbG+N9vBaUc78x8xXXmGmm/jiWiCQhxapXNwitB
20+
RezGzdq8N8o9sNZnjhnZ0B6m3xp7AMVkY9N0D7eqhj9uMGA7lfNRTd9Sv0D5u5TP
21+
6MsQ4VzVq3kZGD8uw7agPQKBgQCt9DpoSG+sRenp4MFmSZ6FonguoJ9ggDNmsN/X
22+
ROr4KmWGoZDMRyzSHYm9OPfRUIuoLQ3G6KrXonWsPmaObR05Ym8+368NtcvxRJAR
23+
MOswZF5XAfVsH8ucV2Y4xt5IkszRjZdoyrECNAp5Re8C5duFdJ98r22PQQhrYlAD
24+
EhbpNQKBgFH38OszYe/d57Wg6VQ05QeJuvoeh5OurqqwDgUVAJDmsjyRhJIrMk6K
25+
vrPvsoKW6jou8FBFeaFJxvi6LUpBYF3RDFe+d1UTtkDnTDJ+5AqhWPQMfdIsruQI
26+
h/PE5YYkB3GAKNCPlkT8NmhyK0fkzEyXCWjrqeRWAaATTE/F5yiM
27+
-----END RSA PRIVATE KEY-----

0 commit comments

Comments
 (0)