syncer/server/convert.go - servicecomb-service-center - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package server

 import (
 	"crypto/tls"
 	"strconv"
 	"strings"

 	"github.com/apache/servicecomb-service-center/pkg/tlsutil"
 	"github.com/apache/servicecomb-service-center/syncer/config"
 	"github.com/apache/servicecomb-service-center/syncer/etcd"
 	"github.com/apache/servicecomb-service-center/syncer/grpc"
 	"github.com/apache/servicecomb-service-center/syncer/pkg/utils"
 	"github.com/apache/servicecomb-service-center/syncer/plugins"
 	"github.com/apache/servicecomb-service-center/syncer/serf"
 	"github.com/apache/servicecomb-service-center/syncer/task"
 )

 const (
 	tagKeyClusterName = "syncer-cluster-name"
 	tagKeyClusterPort = "syncer-cluster-port"
 	tagKeyRPCPort     = "syncer-rpc-port"
 	tagKeyTLSEnabled  = "syncer-tls-enabled"

 	groupExpect = 3
 )

 func convertSerfOptions(c *config.Config) []serf.Option {
 	bindHost, bindPort, _ := utils.ResolveAddr(c.Listener.BindAddr)
 	_, rpcPort, _ := utils.ResolveAddr(c.Listener.RPCAddr)
 	opts := []serf.Option{
 		serf.WithNode(c.Node),
 		serf.WithBindAddr(bindHost),
 		serf.WithBindPort(bindPort),
 		serf.WithAddTag(tagKeyRPCPort, strconv.Itoa(rpcPort)),
 		serf.WithAddTag(tagKeyTLSEnabled, strconv.FormatBool(c.Listener.TLSMount.Enabled)),
 	}

 	if c.Cluster != "" {
 		_, peerPort, _ := utils.ResolveAddr(c.Listener.PeerAddr)
 		opts = append(opts,
 			serf.WithAddTag(tagKeyClusterName, c.Cluster),
 			serf.WithAddTag(tagKeyClusterPort, strconv.Itoa(peerPort)),
 		)
 	}
 	return opts
 }

 func convertEtcdOptions(c *config.Config) []etcd.Option {
 	return []etcd.Option{
 		etcd.WithName(c.Node),
 		etcd.WithDataDir(c.DataDir),
 		etcd.WithPeerAddr(c.Listener.PeerAddr),
 	}
 }

 func convertGRPCOptions(c *config.Config) []grpc.Option {
 	opts := []grpc.Option{
 		grpc.WithAddr(c.Listener.RPCAddr),
 	}
 	if c.Listener.TLSMount.Enabled {
 		conf := c.GetTLSConfig(c.Listener.TLSMount.Name)
 		sslOps := append(tlsutil.DefaultServerTLSOptions(), tlsConfigToOptions(conf)...)
 		tlsConf, err := tlsutil.GetServerTLSConfig(sslOps...)
 		if err != nil {

 		}
 		opts = append(opts, grpc.WithTLSConfig(tlsConf))
 	}
 	return opts
 }

 func convertTaskOptions(c *config.Config) []task.Option {
 	opts := make([]task.Option, 0, len(c.Task.Params))
 	for _, label := range c.Task.Params {
 		opts = append(opts, task.WithAddKV(label.Key, label.Value))
 	}
 	return opts
 }

 func convertSCConfigOption(c *config.Config) []plugins.SCConfigOption {
 	endpoints := make([]string, 0, 10)
 	for _, endpoint := range strings.Split(c.Registry.Address, ",") {
 		endpoints = append(endpoints, endpoint)
 	}
 	opts := []plugins.SCConfigOption{plugins.WithEndpoints(endpoints)}

 	if c.Registry.TLSMount.Enabled {
 		tlsConf := c.GetTLSConfig(c.Registry.TLSMount.Name)
 		opts = append(
 			opts, plugins.WithTLSEnabled(c.Registry.TLSMount.Enabled),
 			plugins.WithTLSVerifyPeer(tlsConf.VerifyPeer),
 			plugins.WithTLSPassphrase(tlsConf.Passphrase),
 			plugins.WithTLSCAFile(tlsConf.CAFile),
 			plugins.WithTLSCertFile(tlsConf.CertFile),
 			plugins.WithTLSKeyFile(tlsConf.KeyFile),
 		)
 	}
 	return opts
 }

 func tlsConfigToOptions(t *config.TLSConfig) []tlsutil.SSLConfigOption {
 	return []tlsutil.SSLConfigOption{
 		tlsutil.WithVerifyPeer(t.VerifyPeer),
 		tlsutil.WithVersion(tlsutil.ParseSSLProtocol(t.MinVersion), tls.VersionTLS12),
 		tlsutil.WithCipherSuits(
 			tlsutil.ParseDefaultSSLCipherSuites(strings.Join(t.Ciphers, ","))),
 		tlsutil.WithKeyPass(t.Passphrase),
 		tlsutil.WithCA(t.CAFile),
 		tlsutil.WithCert(t.CertFile),
 		tlsutil.WithKey(t.KeyFile),
 	}
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package server

	import (
	"crypto/tls"
	"strconv"
	"strings"

	"github.com/apache/servicecomb-service-center/pkg/tlsutil"
	"github.com/apache/servicecomb-service-center/syncer/config"
	"github.com/apache/servicecomb-service-center/syncer/etcd"
	"github.com/apache/servicecomb-service-center/syncer/grpc"
	"github.com/apache/servicecomb-service-center/syncer/pkg/utils"
	"github.com/apache/servicecomb-service-center/syncer/plugins"
	"github.com/apache/servicecomb-service-center/syncer/serf"
	"github.com/apache/servicecomb-service-center/syncer/task"
	)

	const (
	tagKeyClusterName = "syncer-cluster-name"
	tagKeyClusterPort = "syncer-cluster-port"
	tagKeyRPCPort = "syncer-rpc-port"
	tagKeyTLSEnabled = "syncer-tls-enabled"

	groupExpect = 3
	)

	func convertSerfOptions(c *config.Config) []serf.Option {
	bindHost, bindPort, _ := utils.ResolveAddr(c.Listener.BindAddr)
	_, rpcPort, _ := utils.ResolveAddr(c.Listener.RPCAddr)
	opts := []serf.Option{
	serf.WithNode(c.Node),
	serf.WithBindAddr(bindHost),
	serf.WithBindPort(bindPort),
	serf.WithAddTag(tagKeyRPCPort, strconv.Itoa(rpcPort)),
	serf.WithAddTag(tagKeyTLSEnabled, strconv.FormatBool(c.Listener.TLSMount.Enabled)),
	}

	if c.Cluster != "" {
	_, peerPort, _ := utils.ResolveAddr(c.Listener.PeerAddr)
	opts = append(opts,
	serf.WithAddTag(tagKeyClusterName, c.Cluster),
	serf.WithAddTag(tagKeyClusterPort, strconv.Itoa(peerPort)),
	)
	}
	return opts
	}

	func convertEtcdOptions(c *config.Config) []etcd.Option {
	return []etcd.Option{
	etcd.WithName(c.Node),
	etcd.WithDataDir(c.DataDir),
	etcd.WithPeerAddr(c.Listener.PeerAddr),
	}
	}

	func convertGRPCOptions(c *config.Config) []grpc.Option {
	opts := []grpc.Option{
	grpc.WithAddr(c.Listener.RPCAddr),
	}
	if c.Listener.TLSMount.Enabled {
	conf := c.GetTLSConfig(c.Listener.TLSMount.Name)
	sslOps := append(tlsutil.DefaultServerTLSOptions(), tlsConfigToOptions(conf)...)
	tlsConf, err := tlsutil.GetServerTLSConfig(sslOps...)
	if err != nil {

	}
	opts = append(opts, grpc.WithTLSConfig(tlsConf))
	}
	return opts
	}

	func convertTaskOptions(c *config.Config) []task.Option {
	opts := make([]task.Option, 0, len(c.Task.Params))
	for _, label := range c.Task.Params {
	opts = append(opts, task.WithAddKV(label.Key, label.Value))
	}
	return opts
	}

	func convertSCConfigOption(c *config.Config) []plugins.SCConfigOption {
	endpoints := make([]string, 0, 10)
	for _, endpoint := range strings.Split(c.Registry.Address, ",") {
	endpoints = append(endpoints, endpoint)
	}
	opts := []plugins.SCConfigOption{plugins.WithEndpoints(endpoints)}

	if c.Registry.TLSMount.Enabled {
	tlsConf := c.GetTLSConfig(c.Registry.TLSMount.Name)
	opts = append(
	opts, plugins.WithTLSEnabled(c.Registry.TLSMount.Enabled),
	plugins.WithTLSVerifyPeer(tlsConf.VerifyPeer),
	plugins.WithTLSPassphrase(tlsConf.Passphrase),
	plugins.WithTLSCAFile(tlsConf.CAFile),
	plugins.WithTLSCertFile(tlsConf.CertFile),
	plugins.WithTLSKeyFile(tlsConf.KeyFile),
	)
	}
	return opts
	}

	func tlsConfigToOptions(t *config.TLSConfig) []tlsutil.SSLConfigOption {
	return []tlsutil.SSLConfigOption{
	tlsutil.WithVerifyPeer(t.VerifyPeer),
	tlsutil.WithVersion(tlsutil.ParseSSLProtocol(t.MinVersion), tls.VersionTLS12),
	tlsutil.WithCipherSuits(
	tlsutil.ParseDefaultSSLCipherSuites(strings.Join(t.Ciphers, ","))),
	tlsutil.WithKeyPass(t.Passphrase),
	tlsutil.WithCA(t.CAFile),
	tlsutil.WithCert(t.CertFile),
	tlsutil.WithKey(t.KeyFile),
	}
	}