Skip to content

Commit

Permalink
feat: support connected services (#1874)
Browse files Browse the repository at this point in the history 
Add support to mount repositories from external sources in session. This requires `connected services` support from `renku-data-services`. Also, the API for starting Renku 2.0 sessions has been modified to accept external repositories.

Changes in `notebooks`:
* Refactored the `UserServer` class to be an abstract class. `Renku1UserServer` and `Renku2UserServer` inherit from `UserServer` and contain the corresponding adaptations needed to support Renku 1.0 and Renku 2.0 sessions respectively.
* Changed the `amalthea` patches to reflect changes in `git-clone` and `git-proxy`.
* Updated the `patch_statefulset_tokens()` method invoked when resuming sessions.

Changes in `git-clone`:
* Refactored the `git-clone` container to support cloning repositories from any source.
* Cloning is done optimistically. The `git-clone` container will not crash if a repository cannot be cloned.
* For private repositories, a `git provider` must be configured and will be used to clone.
* The container now only uses the `renku_access_token`.

Changes in `git-proxy`:
* Refactored the `git-proxy` container to support injecting credentials from external services.
* The `git-proxy` is a simple pass-through for anonymous sessions (meaning it should probably not run for anonymous sessions).
* Repositories matching a configured `git provider` will have credentials injected:
  - From `renku-gateway-auth` for the internal GitLab
  - From `renku-data-services` for other services
* The container now only uses the `renku_access_token` and the `renku_refresh_token`.
  • Loading branch information
@leafty
leafty authored May 16, 2024
1 parent 09f6017 commit 2adec8d
Show file tree
Hide file tree
Showing 30 changed files with 1,745 additions and 1,296 deletions.
401 changes: 150 additions & 251 deletions git-https-proxy/config/config.go
View file

Large diffs are not rendered by default.

26 changes: 22 additions & 4 deletions git-https-proxy/go.mod
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,33 @@
module github.com/SwissDataScienceCenter/renku-notebooks/git-https-proxy

go 1.19
go 1.21

require (
github.com/elazarl/goproxy v0.0.0-20220328115640-894aeddb713e
github.com/elazarl/goproxy v0.0.0-20231117061959-7cc037d33fb5
github.com/golang-jwt/jwt/v4 v4.5.0
github.com/mitchellh/mapstructure v1.5.0
github.com/spf13/viper v1.18.2
github.com/stretchr/testify v1.9.0
)

require (
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/fsnotify/fsnotify v1.7.0 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/magiconair/properties v1.8.7 // indirect
github.com/pelletier/go-toml/v2 v2.2.2 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/sagikazarmark/locafero v0.4.0 // indirect
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
github.com/sourcegraph/conc v0.3.0 // indirect
github.com/spf13/afero v1.11.0 // indirect
github.com/spf13/cast v1.6.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/subosito/gotenv v1.6.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 // indirect
golang.org/x/sys v0.20.0 // indirect
golang.org/x/text v0.15.0 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
74 changes: 69 additions & 5 deletions git-https-proxy/go.sum
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,81 @@
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/elazarl/goproxy v0.0.0-20220328115640-894aeddb713e h1:99KFda6F/mw8xSfceY2JEVCrYWX7l+Ms6BcO5wEct+Q=
github.com/elazarl/goproxy v0.0.0-20220328115640-894aeddb713e/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/elazarl/goproxy v0.0.0-20231117061959-7cc037d33fb5 h1:m62nsMU279qRD9PQSWD1l66kmkXzuYcnVJqL4XLeV2M=
github.com/elazarl/goproxy v0.0.0-20231117061959-7cc037d33fb5/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM=
github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2 h1:dWB6v3RcOy03t/bUadywsbyrQwCqZeNIEX6M1OtSZOM=
github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8=
github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM=
github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc=
github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ=
github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4=
github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE=
github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ=
github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo=
github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0=
github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8=
github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY=
github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0=
github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo=
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
github.com/spf13/viper v1.18.2 h1:LUXCnvUvSM6FXAsj6nnfc8Q2tp1dIgUfY9Kc8GsSOiQ=
github.com/spf13/viper v1.18.2/go.mod h1:EKmWIqdnk5lOcmR72yw6hS+8OPYcwD0jteitLMVB+yk=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f h1:99ci1mjWVBWwJiEKYY6jWa4d2nTQVIEhZIptnrVb1XY=
golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f/go.mod h1:/lliqkxwWAhPjf5oSOIJup2XcqJaw8RGS6k3TGEc7GI=
golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 h1:vr/HnozRka3pE4EsMEg1lgkXJkTFJCVUX+S/ZT6wYzM=
golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842/go.mod h1:XtvwrStGgqGPLc4cjQfWqZHG1YFdYs6swckp8vpsjnc=
golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk=
golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
134 changes: 31 additions & 103 deletions git-https-proxy/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,146 +9,74 @@ import (
"net/url"
"os"
"os/signal"
"regexp"
"strings"
"syscall"

"github.com/SwissDataScienceCenter/renku-notebooks/git-https-proxy/config"
configLib "github.com/SwissDataScienceCenter/renku-notebooks/git-https-proxy/config"
"github.com/elazarl/goproxy"
"github.com/SwissDataScienceCenter/renku-notebooks/git-https-proxy/proxy"
)

func main() {
config := configLib.ParseEnv()
// INFO: Make a channel that will receive the SIGTERM on shutdown
config, err := configLib.GetConfig()
if err != nil {
log.Fatalln(err)
}

if err := config.Validate(); err != nil {
log.Fatalln(err)
}

if config.AnonymousSession {
log.Println("Warning: Starting the git-proxy for an anonymous session, which is essentially useless.")
}

//? INFO: Make a channel that will receive the SIGTERM on shutdown
sigTerm := make(chan os.Signal, 1)
signal.Notify(sigTerm, syscall.SIGTERM, syscall.SIGINT)
ctx := context.Background()

// INFO: Setup servers
proxyHandler := getProxyHandler(config)
//? INFO: Setup servers
proxyHandler := proxy.GetProxyHandler(config)
proxyServer := http.Server{
Addr: fmt.Sprintf(":%s", config.ProxyPort),
Addr: fmt.Sprintf(":%d", config.ProxyPort),
Handler: proxyHandler,
}
healthHandler := getHealthHandler(config)
healthServer := http.Server{
Addr: fmt.Sprintf(":%s", config.HealthPort),
Addr: fmt.Sprintf(":%d", config.HealthPort),
Handler: healthHandler,
}

// INFO: Run servers in the background
//? INFO: Run servers in the background
go func() {
log.Printf("Health server active on port %s\n", config.HealthPort)
log.Printf("Health server active on port %d\n", config.HealthPort)
log.Fatalln(healthServer.ListenAndServe())
}()
go func() {
log.Printf("Git proxy active on port %s\n", config.ProxyPort)
log.Printf("Repo Url: %v, anonymous session: %v\n", config.RepoURL, config.AnonymousSession)
log.Printf("Git proxy active on port %d\n", config.ProxyPort)
log.Fatalln(proxyServer.ListenAndServe())
}()

// INFO: Block until you receive sigTerm to shutdown. All of this is necessary
// because the proxy has to shut down only after all the other containers do so in case
// any other containers (i.e. session or sidecar) need git right before shutting down.
//? INFO: Block until you receive sigTerm to shutdown. All of this is necessary
//? INFO: because the proxy has to shut down only after all the other containers do so in case
//? INFO: any other containers (i.e. session or sidecar) need git right before shutting down.
<-sigTerm
log.Print("SIGTERM received. Shutting down servers.\n")
err := healthServer.Shutdown(ctx)
if err != nil {
log.Fatalln(err)
}
err = proxyServer.Shutdown(ctx)
if err != nil {
log.Fatalln(err)
}
}

// Infer port if not explicitly specified
func getPort(urlAddress *url.URL) string {
if urlAddress.Port() == "" {
if urlAddress.Scheme == "http" {
return "80"
} else if urlAddress.Scheme == "https" {
return "443"
}
}
return urlAddress.Port()
}

// Ensure that hosts name watch with/without. I.e.
// ensure www.hostname.com matches hostname.com and vice versa
func hostsMatch(url1 *url.URL, url2 *url.URL) bool {
var err error
var url1ContainsWww, url2ContainsWww bool
wwwRegex := fmt.Sprintf("^%s", regexp.QuoteMeta("www."))
url1ContainsWww, err = regexp.MatchString(wwwRegex, url1.Hostname())
log.Print("SIGTERM received. Shutting down servers.\n")
err = healthServer.Shutdown(ctx)
if err != nil {
log.Fatalln(err)
}
url2ContainsWww, err = regexp.MatchString(wwwRegex, url2.Hostname())
err = proxyServer.Shutdown(ctx)
if err != nil {
log.Fatalln(err)
}
if url1ContainsWww && !url2ContainsWww {
return url1.Hostname() == fmt.Sprintf("www.%s", url2.Hostname())
} else if !url1ContainsWww && url2ContainsWww {
return fmt.Sprintf("www.%s", url1.Hostname()) == url2.Hostname()
} else {
return url1.Hostname() == url2.Hostname()
}
}

// Return a server handler that contains the proxy that injects the Git aithorization header when
// the conditions for doing so are met.
func getProxyHandler(config *configLib.GitProxyConfig) *goproxy.ProxyHttpServer {
proxyHandler := goproxy.NewProxyHttpServer()
proxyHandler.Verbose = false
gitRepoHostWithWww := fmt.Sprintf("www.%s", config.RepoURL.Hostname())
handlerFunc := func(r *http.Request, ctx *goproxy.ProxyCtx) (*http.Request, *http.Response) {
var validGitRequest bool
validGitRequest = r.URL.Scheme == config.RepoURL.Scheme &&
hostsMatch(r.URL, config.RepoURL) &&
getPort(r.URL) == getPort(config.RepoURL) &&
strings.HasPrefix(strings.TrimLeft(r.URL.Path, "/"), strings.TrimLeft(config.RepoURL.Path, "/"))
if config.AnonymousSession {
log.Print("Anonymous session, not adding auth headers, letting request through without adding auth headers.\n")
return r, nil
}
if !validGitRequest {
// Skip logging healthcheck requests
if r.URL.Path != "/ping" && r.URL.Path != "/ping/" {
log.Printf("The request %s does not match the git repository %s letting request through without adding auth headers\n", r.URL.String(), config.RepoURL.String())
}
return r, nil
}
log.Printf("The request %s matches the git repository %s, adding auth headers\n", r.URL.String(), config.RepoURL.String())
gitToken, err := config.GetGitAccessToken(true)
if err != nil {
log.Printf("The git token cannot be refreshed, returning 401, error: %s\n", err.Error())
return r, goproxy.NewResponse(r, goproxy.ContentTypeText, 401, "The git token could not be refreshed")
}
r.Header.Set("Authorization", fmt.Sprintf("Basic %s", gitToken))
return r, nil
}
// NOTE: We need to eavesdrop on the HTTPS connection to insert the Auth header
// we do this only for the case where the request host matches the host of the git repo
// in all other cases we leave the request alone.
proxyHandler.OnRequest(goproxy.ReqHostIs(
config.RepoURL.Hostname(),
gitRepoHostWithWww,
fmt.Sprintf("%s:443", config.RepoURL.Hostname()),
fmt.Sprintf("%s:443", gitRepoHostWithWww),
)).HandleConnect(goproxy.AlwaysMitm)
proxyHandler.OnRequest().DoFunc(handlerFunc)
return proxyHandler
}

// The proxy does not expose a health endpoint. Therefore the purpose of this server
// handler is to fill that functionality. To ensure that the proxy is fully up
// and running the health server will use the proxy as a proxy for the health endpoint.
// This is necessary because sending any requests directly to the proxy results in a 500
// with a message that the proxy only accepts proxy requests and no direct requests.
func getHealthHandler(config *config.GitProxyConfig) *http.ServeMux {
func getHealthHandler(config configLib.GitProxyConfig) *http.ServeMux {
handler := http.NewServeMux()
handler.HandleFunc("/ping", func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
Expand All @@ -161,12 +89,12 @@ func getHealthHandler(config *config.GitProxyConfig) *http.ServeMux {
w.Write(jsonResp)
})
handler.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) {
proxyUrl, err := url.Parse(fmt.Sprintf("http://localhost:%s", config.ProxyPort))
proxyUrl, err := url.Parse(fmt.Sprintf("http://localhost:%d", config.ProxyPort))
if err != nil {
log.Fatalln(err)
}
client := &http.Client{Transport: &http.Transport{Proxy: http.ProxyURL(proxyUrl)}}
resp, err := client.Get(fmt.Sprintf("http://localhost:%s/ping", config.HealthPort))
resp, err := client.Get(fmt.Sprintf("http://localhost:%d/ping", config.HealthPort))
if err != nil {
log.Println("The GET request to /ping from within /health failed with:", err)
w.WriteHeader(http.StatusBadRequest)
Expand Down
Loading

0 comments on commit 2adec8d

Please sign in to comment.