From 7dbeb08c580f7cdc76cd505ea20e9a69d008ab48 Mon Sep 17 00:00:00 2001 From: Pavel Karpy Date: Tue, 1 Jun 2021 21:50:01 +0300 Subject: [PATCH] [#579] cmd/node: Add grpc section to config Signed-off-by: Pavel Karpy --- cmd/neofs-node/config/grpc/config.go | 76 +++++++++++++++++++++++ cmd/neofs-node/config/grpc/config_test.go | 63 +++++++++++++++++++ config/example/node.env | 6 ++ config/example/node.json | 8 +++ config/example/node.yaml | 7 +++ 5 files changed, 160 insertions(+) create mode 100644 cmd/neofs-node/config/grpc/config.go create mode 100644 cmd/neofs-node/config/grpc/config_test.go diff --git a/cmd/neofs-node/config/grpc/config.go b/cmd/neofs-node/config/grpc/config.go new file mode 100644 index 0000000000..fd35860545 --- /dev/null +++ b/cmd/neofs-node/config/grpc/config.go @@ -0,0 +1,76 @@ +package grpcconfig + +import ( + "errors" + + "github.com/nspcc-dev/neofs-node/cmd/neofs-node/config" +) + +const ( + subsection = "grpc" + tlsSubsection = "tls" +) + +var ( + errEndpointNotSet = errors.New("empty/not set endpoint, see `grpc.endpoint` section") + errTLSKeyNotSet = errors.New("empty/not set TLS key file path, see `grpc.tls.key` section") + errTLSCertNotSet = errors.New("empty/not set TLS certificate file path, see `grpc.tls.certificate` section") +) + +// TLSConfig is a wrapper over "tls" config section which provides access +// to TLS configuration of gRPC connection. +type TLSConfig struct { + cfg *config.Config +} + +// Endpoint returns value of "endpoint" config parameter +// from "grpc" section. +// +// Panics if value is not a non-empty string. +func Endpoint(c *config.Config) string { + v := config.StringSafe(c.Sub(subsection), "endpoint") + if v == "" { + panic(errEndpointNotSet) + } + + return v +} + +// TLS returns structure that provides access to "tls" subsection of +// "grpc" section. +func TLS(c *config.Config) TLSConfig { + return TLSConfig{ + cfg: c.Sub(subsection).Sub(tlsSubsection), + } +} + +// Enabled returns value of "enabled" config parameter. +// +// Returns false if value is not set. +func (tls TLSConfig) Enabled() bool { + return config.BoolSafe(tls.cfg, "enabled") +} + +// KeyFile returns value of "key" config parameter. +// +// Panics if value is not a non-empty string. +func (tls TLSConfig) KeyFile() string { + v := config.StringSafe(tls.cfg, "key") + if v == "" { + panic(errTLSKeyNotSet) + } + + return v +} + +// CertificateFile returns value of "certificate" config parameter. +// +// Panics if value is not a non-empty string. +func (tls TLSConfig) CertificateFile() string { + v := config.StringSafe(tls.cfg, "certificate") + if v == "" { + panic(errTLSCertNotSet) + } + + return v +} diff --git a/cmd/neofs-node/config/grpc/config_test.go b/cmd/neofs-node/config/grpc/config_test.go new file mode 100644 index 0000000000..5c6d50144a --- /dev/null +++ b/cmd/neofs-node/config/grpc/config_test.go @@ -0,0 +1,63 @@ +package grpcconfig + +import ( + "testing" + + "github.com/nspcc-dev/neofs-node/cmd/neofs-node/config" + configtest "github.com/nspcc-dev/neofs-node/cmd/neofs-node/config/test" + "github.com/stretchr/testify/require" +) + +func TestGRPCSection(t *testing.T) { + t.Run("defaults", func(t *testing.T) { + empty := configtest.EmptyConfig() + + tlsEnabled := TLS(empty).Enabled() + + require.Equal(t, false, tlsEnabled) + + require.PanicsWithError( + t, + errEndpointNotSet.Error(), + func() { + Endpoint(empty) + }, + ) + + require.PanicsWithError( + t, + errTLSKeyNotSet.Error(), + func() { + TLS(empty).KeyFile() + }, + ) + + require.PanicsWithError( + t, + errTLSCertNotSet.Error(), + func() { + TLS(empty).CertificateFile() + }, + ) + }) + + const path = "../../../../config/example/node" + + var fileConfigTest = func(c *config.Config) { + addr := Endpoint(c) + tlsEnabled := TLS(c).Enabled() + tlsCert := TLS(c).CertificateFile() + tlsKey := TLS(c).KeyFile() + + require.Equal(t, "s01.neofs.devenv:8080", addr) + require.Equal(t, true, tlsEnabled) + require.Equal(t, "/path/to/cert", tlsCert) + require.Equal(t, "/path/to/key", tlsKey) + } + + configtest.ForEachFileType(path, fileConfigTest) + + t.Run("ENV", func(t *testing.T) { + configtest.ForEnvFileType(path, fileConfigTest) + }) +} diff --git a/config/example/node.env b/config/example/node.env index b6070680aa..6827679a39 100644 --- a/config/example/node.env +++ b/config/example/node.env @@ -13,6 +13,12 @@ NEOFS_NODE_ATTRIBUTE_0=Price:11 NEOFS_NODE_ATTRIBUTE_1=UN-LOCODE:RU MSK NEOFS_NODE_RELAY=true +# gRPC section +NEOFS_GRPC_ENDPOINT=s01.neofs.devenv:8080 +NEOFS_GRPC_TLS_ENABLED=true +NEOFS_GRPC_TLS_CERTIFICATE=/path/to/cert +NEOFS_GRPC_TLS_KEY=/path/to/key + # Storage engine section NEOFS_STORAGE_SHARD_NUM=2 ## 0 shard diff --git a/config/example/node.json b/config/example/node.json index 45cbfaa03b..cc80c7551d 100644 --- a/config/example/node.json +++ b/config/example/node.json @@ -17,6 +17,14 @@ "attribute_1": "UN-LOCODE:RU MSK", "relay": true }, + "grpc": { + "endpoint": "s01.neofs.devenv:8080", + "tls": { + "enabled": true, + "certificate": "/path/to/cert", + "key": "/path/to/key" + } + }, "storage": { "shard_num": 2, "shard": { diff --git a/config/example/node.yaml b/config/example/node.yaml index a62da5c6b1..b7b7c83a6f 100644 --- a/config/example/node.yaml +++ b/config/example/node.yaml @@ -16,6 +16,13 @@ node: attribute_1: UN-LOCODE:RU MSK relay: true +grpc: + endpoint: s01.neofs.devenv:8080 + tls: + enabled: true + certificate: /path/to/cert + key: /path/to/key + storage: shard_num: 2 shard: