diff --git a/external-providers/dotnet-external-provider/main.go b/external-providers/dotnet-external-provider/main.go index a137603b..d8783c2d 100644 --- a/external-providers/dotnet-external-provider/main.go +++ b/external-providers/dotnet-external-provider/main.go @@ -13,8 +13,10 @@ import ( ) var ( - port = flag.Int("port", 0, "Port must be set") + port = flag.Int("port", 0, "Port must be set") logLevel = flag.Int("log-level", 5, "Level to log") + certFile = flag.String("certFile", "", "Path to the cert file") + keyFile = flag.String("keyFile", "", "Path to the key file") ) func main() { @@ -36,7 +38,18 @@ func main() { panic(1) } - s := provider.NewServer(client, *port, log) + var c string + var k string + + if certFile != nil { + c = *certFile + } + + if keyFile != nil { + k = *keyFile + } + + s := provider.NewServer(client, *port, c, k, log) ctx := context.TODO() s.Start(ctx) } diff --git a/external-providers/generic-external-provider/main.go b/external-providers/generic-external-provider/main.go index dc8a2907..6d88028f 100644 --- a/external-providers/generic-external-provider/main.go +++ b/external-providers/generic-external-provider/main.go @@ -15,6 +15,8 @@ import ( var ( port = flag.Int("port", 0, "Port must be set") lspServerName = flag.String("name", "", "lsp server name") + certFile = flag.String("certFile", "", "Path to the cert file") + keyFile = flag.String("keyFile", "", "Path to the key file") ) func main() { @@ -53,7 +55,18 @@ func main() { panic(fmt.Errorf("must pass in the port for the external provider")) } - s := provider.NewServer(client, *port, log) + var c string + var k string + + if certFile != nil { + c = *certFile + } + + if keyFile != nil { + k = *keyFile + } + + s := provider.NewServer(client, *port, c, k, log) ctx := context.TODO() s.Start(ctx) } diff --git a/external-providers/java-external-provider/go.mod b/external-providers/java-external-provider/go.mod index e5afaf10..aecc1677 100644 --- a/external-providers/java-external-provider/go.mod +++ b/external-providers/java-external-provider/go.mod @@ -9,13 +9,13 @@ require ( github.com/vifraa/gopom v1.0.0 go.lsp.dev/uri v0.3.0 go.opentelemetry.io/otel v1.11.2 - google.golang.org/grpc v1.62.1 + google.golang.org/grpc v1.62.1 // indirect gopkg.in/yaml.v2 v2.4.0 ) require github.com/sirupsen/logrus v1.9.0 -require google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect +require google.golang.org/genproto/googleapis/rpc v0.0.0-20240123012728-ef4313101c80 // indirect require ( github.com/PaesslerAG/gval v1.2.2 // indirect diff --git a/external-providers/java-external-provider/go.sum b/external-providers/java-external-provider/go.sum index 7bd59971..c43c69b0 100644 --- a/external-providers/java-external-provider/go.sum +++ b/external-providers/java-external-provider/go.sum @@ -70,10 +70,10 @@ golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 h1:Jyp0Hsi0bmHXG6k9eATXoYtjd6e2UzZ1SCn/wIupY14= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:oQ5rr10WTTMvP4A36n8JpR1OrO1BEiV4f78CneXZxkA= -google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0= -google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240123012728-ef4313101c80 h1:AjyfHzEPEFp/NpvfN5g+KDla3EMojjhRVZc1i7cj+oM= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240123012728-ef4313101c80/go.mod h1:PAREbraiVEVGVdTZsVWjSbbTtSyGbAgIIvni8a8CD5s= +google.golang.org/grpc v1.62.1 h1:B4n+nfKzOICUXMgyrNd19h/I9oH0L1pizfk1d4zSgTk= +google.golang.org/grpc v1.62.1/go.mod h1:IWTG0VlJLCh1SkC58F7np9ka9mx/WNkjl4PGJaiq+QE= google.golang.org/protobuf v1.33.1-0.20240408130810-98873a205002 h1:V7Da7qt0MkY3noVANIMVBk28nOnijADeOR3i5Hcvpj4= google.golang.org/protobuf v1.33.1-0.20240408130810-98873a205002/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/external-providers/java-external-provider/main.go b/external-providers/java-external-provider/main.go index 627d6855..48aac30c 100644 --- a/external-providers/java-external-provider/main.go +++ b/external-providers/java-external-provider/main.go @@ -15,8 +15,10 @@ import ( var ( port = flag.Int("port", 0, "Port must be set") logLevel = flag.Int("log-level", 5, "Level to log") - lspServerName = flag.String("name", "java", "Level to log") + lspServerName = flag.String("name", "java", "name of the lsp to be used in rules") contextLines = flag.Int("contxtLines", 10, "lines of context for the code snippet") + certFile = flag.String("certFile", "", "Path to the cert file") + keyFile = flag.String("keyFile", "", "Path to the key file") ) func main() { @@ -38,8 +40,18 @@ func main() { log.Error(fmt.Errorf("port unspecified"), "port number must be specified") panic(1) } + var c string + var k string - s := provider.NewServer(client, *port, log) + if certFile != nil { + c = *certFile + } + + if keyFile != nil { + k = *keyFile + } + + s := provider.NewServer(client, *port, c, k, log) ctx := context.TODO() s.Start(ctx) } diff --git a/external-providers/yq-external-provider/main.go b/external-providers/yq-external-provider/main.go index b33071d6..e3463932 100644 --- a/external-providers/yq-external-provider/main.go +++ b/external-providers/yq-external-provider/main.go @@ -13,8 +13,10 @@ import ( ) var ( - port = flag.Int("port", 0, "Port must be set") - name = flag.String("name", "yaml", "Port must be set") + port = flag.Int("port", 0, "Port must be set") + name = flag.String("name", "yaml", "Port must be set") + certFile = flag.String("certFile", "", "Path to the cert file") + keyFile = flag.String("keyFile", "", "Path to the key file") ) func main() { @@ -32,8 +34,18 @@ func main() { if port == nil || *port == 0 { panic(fmt.Errorf("must pass in the port for the external provider")) } + var c string + var k string - s := provider.NewServer(client, *port, log) + if certFile != nil { + c = *certFile + } + + if keyFile != nil { + k = *keyFile + } + + s := provider.NewServer(client, *port, c, k, log) ctx := context.TODO() s.Start(ctx) } diff --git a/provider/grpc/provider.go b/provider/grpc/provider.go index ecd0c7dd..45df319c 100644 --- a/provider/grpc/provider.go +++ b/provider/grpc/provider.go @@ -16,6 +16,7 @@ import ( "github.com/phayes/freeport" "go.lsp.dev/uri" "google.golang.org/grpc" + "google.golang.org/grpc/credentials" "google.golang.org/grpc/credentials/insecure" "google.golang.org/protobuf/types/known/emptypb" "google.golang.org/protobuf/types/known/structpb" @@ -263,12 +264,23 @@ func start(ctx context.Context, config provider.Config) (*grpc.ClientConn, io.Re return conn, out, nil } if config.Address != "" { - conn, err := grpc.Dial(fmt.Sprintf(config.Address), grpc.WithTransportCredentials(insecure.NewCredentials())) - if err != nil { - log.Fatalf("did not connect: %v", err) + if config.CertPath == "" { + conn, err := grpc.Dial(fmt.Sprintf(config.Address), grpc.WithTransportCredentials(insecure.NewCredentials())) + if err != nil { + log.Fatalf("did not connect: %v", err) + } + return conn, nil, nil + } else { + creds, err := credentials.NewClientTLSFromFile(config.CertPath, "") + if err != nil { + return nil, nil, err + } + conn, err := grpc.Dial(fmt.Sprintf(config.Address), grpc.WithTransportCredentials(creds)) + if err != nil { + log.Fatalf("did not connect: %v", err) + } + return conn, nil, nil } - return conn, nil, nil - } return nil, nil, fmt.Errorf("must set Address or Binary Path for a GRPC provider") } diff --git a/provider/provider.go b/provider/provider.go index d36c5dc8..98708d77 100644 --- a/provider/provider.go +++ b/provider/provider.go @@ -84,6 +84,7 @@ type Config struct { Name string `yaml:"name,omitempty" json:"name,omitempty"` BinaryPath string `yaml:"binaryPath,omitempty" json:"binaryPath,omitempty"` Address string `yaml:"address,omitempty" json:"address,omitempty"` + CertPath string `yaml:"certPath,omitempty" json:"certPath,omitempty"` Proxy *Proxy `yaml:"proxyConfig,omitempty" json:"proxyConfig,omitempty"` InitConfig []InitConfig `yaml:"initConfig,omitempty" json:"initConfig,omitempty"` ContextLines int diff --git a/provider/server.go b/provider/server.go index 8ac8a7ef..c79d9c87 100644 --- a/provider/server.go +++ b/provider/server.go @@ -15,6 +15,7 @@ import ( libgrpc "github.com/konveyor/analyzer-lsp/provider/internal/grpc" "go.lsp.dev/uri" "google.golang.org/grpc" + "google.golang.org/grpc/credentials" "google.golang.org/grpc/reflection" "google.golang.org/protobuf/types/known/emptypb" "google.golang.org/protobuf/types/known/structpb" @@ -31,6 +32,8 @@ type server struct { DepLocationResolver DependencyLocationResolver Log logr.Logger Port int + CertPath string + KeyPath string mutex sync.RWMutex clients map[int64]clientMapItem @@ -47,7 +50,7 @@ type clientMapItem struct { // Provider GRPC Service // TOOD: HANDLE INIT CONFIG CHANGES -func NewServer(client BaseClient, port int, logger logr.Logger) Server { +func NewServer(client BaseClient, port int, certPath string, keyPath string, logger logr.Logger) Server { s := rand.NewSource(time.Now().Unix()) var depLocationResolver DependencyLocationResolver @@ -67,6 +70,8 @@ func NewServer(client BaseClient, port int, logger logr.Logger) Server { Client: client, Port: port, Log: logger, + CertPath: certPath, + KeyPath: keyPath, UnimplementedProviderServiceServer: libgrpc.UnimplementedProviderServiceServer{}, mutex: sync.RWMutex{}, clients: make(map[int64]clientMapItem), @@ -82,7 +87,18 @@ func (s *server) Start(ctx context.Context) error { s.Log.Error(err, "failed to listen") return err } - gs := grpc.NewServer() + var gs *grpc.Server + if s.CertPath != "" && s.KeyPath != "" { + creds, err := credentials.NewServerTLSFromFile(s.CertPath, s.KeyPath) + if err != nil { + return err + } + gs = grpc.NewServer(grpc.Creds(creds)) + } else if s.CertPath == "" && s.KeyPath == "" { + gs = grpc.NewServer() + } else { + return fmt.Errorf("cert: %v, and key: %v are invalid", s.CertPath, s.KeyPath) + } if s.DepLocationResolver != nil { libgrpc.RegisterProviderDependencyLocationServiceServer(gs, s) }