From 1a863ab90794f18629610052659f246c96f23be7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Norman=20B=C3=B6wing?= Date: Thu, 8 May 2025 06:58:45 +0200 Subject: [PATCH] Update gRPC example to support transport credentials MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Norman Böwing --- grpc/client/main.go | 26 +++++++++++++++++++++++--- grpc/run | 2 +- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/grpc/client/main.go b/grpc/client/main.go index 34a250eda..92caaada8 100644 --- a/grpc/client/main.go +++ b/grpc/client/main.go @@ -2,6 +2,7 @@ package main import ( "context" + "crypto/x509" "encoding/json" "fmt" "log" @@ -13,6 +14,7 @@ import ( "github.com/gorilla/mux" ec "github.com/qu1queee/CodeEngine/grpc/ecommerce" "google.golang.org/grpc" + "google.golang.org/grpc/credentials" "google.golang.org/grpc/credentials/insecure" ) @@ -98,10 +100,28 @@ func BuyHandler(w http.ResponseWriter, r *http.Request, groceryClient ec.Grocery } func main() { - localEndpoint := os.Getenv("LOCAL_ENDPOINT_WITH_PORT") + endpoint := os.Getenv("ENDPOINT_WITH_PORT") + if endpoint == "" { + log.Fatalf("no endpoint set: %s", endpoint) + } + certPool, err := x509.SystemCertPool() + if err != nil { + log.Fatalf("failed to get cert pool: %v", err) + } + creds := credentials.NewClientTLSFromCert(certPool, "") + insArg := os.Getenv("INSECURE") + if insArg != "" { + unencrypted, err := strconv.ParseBool(insArg) + if err != nil { + log.Fatalf("could not parse %v: ", err) + } + if unencrypted { + creds = insecure.NewCredentials() + } + } - fmt.Printf("using local endpoint: %s\n", localEndpoint) - conn, err := grpc.Dial(localEndpoint, grpc.WithTransportCredentials(insecure.NewCredentials())) + fmt.Printf("using endpoint: %s\n", endpoint) + conn, err := grpc.Dial(endpoint, grpc.WithTransportCredentials(creds)) if err != nil { log.Fatalf("failed to connect: %v", err) } diff --git a/grpc/run b/grpc/run index a654880bf..31f747776 100755 --- a/grpc/run +++ b/grpc/run @@ -29,7 +29,7 @@ echo "[INFO] Local endpoint is: ${SERVER_INTERNAL_ENDPOINT}" # Create the client server app echo "[INFO] Creating CE client/server application ${CLIENT_APP_NAME}" -ibmcloud ce app create --name "${CLIENT_APP_NAME}" --image icr.io/codeengine/grpc-client --min-scale 0 --env LOCAL_ENDPOINT_WITH_PORT="${SERVER_INTERNAL_ENDPOINT}:80" +ibmcloud ce app create --name "${CLIENT_APP_NAME}" --image icr.io/codeengine/grpc-client --min-scale 0 --env INSECURE=true --env ENDPOINT_WITH_PORT="${SERVER_INTERNAL_ENDPOINT}:80" # Get the client server public endpoint echo "[INFO] Retrieving client/server public endpoint"