diff --git a/gateway/libexec/run b/gateway/libexec/run index 779bb8a13..ee06f4674 100755 --- a/gateway/libexec/run +++ b/gateway/libexec/run @@ -1,10 +1,24 @@ -#!/usr/bin/env sh +#!/usr/bin/env perl +use Cwd qw(getcwd abs_path); +use File::Basename qw(dirname basename); +use File::Temp qw(tempfile); +use File::Spec::Functions qw(catfile); -ssl=$(mktemp -q) +my $libexec = abs_path(dirname(abs_path(__FILE__))); +my $apicast = $ENV{APICAST_DIR} || catfile($libexec, '..'); -certificate=${SSL_CERT_FILE:-"$(pwd)/conf/ca-bundle.crt"} +my $ssl_cert_file = $ENV{SSL_CERT_FILE} || catfile($apicast, 'conf', 'ca-bundle.crt'); +my $lua_file = catfile($libexec, basename(__FILE__) . '.lua'); +my $errlog_level = $ENV{APICAST_LOG_LEVEL} || 'warn'; -echo "lua_ssl_verify_depth 5;" >> "${ssl}" -echo "lua_ssl_trusted_certificate \"${certificate}\";" >> "${ssl}" +my ($fh, $ssl_conf_file) = tempfile(); -exec resty --http-include "${ssl}" "libexec/$(basename "$0").lua" "$@" +print $fh <<_NGINX_; +lua_ssl_verify_depth 5; +lua_ssl_trusted_certificate "${ssl_cert_file}"; +_NGINX_ + +exec 'resty', + '--errlog-level', $errlog_level, + '--http-include', $ssl_conf_file, + $lua_file, @ARGV; diff --git a/gateway/src/apicast/configuration_loader.lua b/gateway/src/apicast/configuration_loader.lua index 11ab3c2f2..fc2a4aa1d 100644 --- a/gateway/src/apicast/configuration_loader.lua +++ b/gateway/src/apicast/configuration_loader.lua @@ -90,8 +90,9 @@ end -- Cosocket API is not available in the init_by_lua* context (see more here: https://github.com/openresty/lua-nginx-module#cosockets-not-available-everywhere) -- For this reason a new process needs to be started to download the configuration through 3scale API function _M.run_external_command(cmd, cwd) - local config, err, code = util.system(format('cd %s && libexec/%s', - cwd or env.get('TEST_NGINX_APICAST_PATH') or '.', + local config, err, code = util.system(format('cd %s && %s/libexec/%s', + cwd or '.', + env.get('APICAST_DIR') or env.get('TEST_NGINX_APICAST_PATH') or '.', cmd or 'boot')) -- Try to read the file in current working directory before changing to the prefix.