Revert backwards incompatible reva config changes

The commit of unifying the Reva Client config introduced some backwards incompatible changes to the config structures and yaml config tags. For the "thumbnails", "webdav" and "notifications" service. This reverts the changes on the service and introduces TLS options in a backwards compatible manner.
2026-01-06 04:09:40 -06:00 · 2022-10-20 11:56:17 +02:00
parent 8cead4557f
commit fbb3382a42
10 changed files with 71 additions and 31 deletions
--- a/services/notifications/pkg/channels/channels.go
+++ b/services/notifications/pkg/channels/channels.go
@@ -27,7 +27,15 @@ type Channel interface {

 // NewMailChannel instantiates a new mail communication channel.
 func NewMailChannel(cfg config.Config, logger log.Logger) (Channel, error) {
-	gc, err := pool.GetGatewayServiceClient(cfg.Notifications.Reva.Address, cfg.Notifications.Reva.GetRevaOptions()...)
+	tm, err := pool.StringToTLSMode(cfg.Notifications.RevaGatewayTLSMode)
+	if err != nil {
+		logger.Error().Err(err).Msg("could not get gateway client tls mode")
+		return nil, err
+	}
+	gc, err := pool.GetGatewayServiceClient(cfg.Notifications.RevaGateway,
+		pool.WithTLSCACert(cfg.Notifications.RevaGatewayTLSCACert),
+		pool.WithTLSMode(tm),
+	)
 	if err != nil {
 		logger.Error().Err(err).Msg("could not get gateway client")
 		return nil, err
--- a/services/notifications/pkg/command/server.go
+++ b/services/notifications/pkg/command/server.go
@@ -77,12 +77,17 @@ func Server(cfg *config.Config) *cli.Command {
 			if err != nil {
 				return err
 			}
+			tm, err := pool.StringToTLSMode(cfg.Notifications.RevaGatewayTLSMode)
+			if err != nil {
+				return err
+			}
 			gwclient, err := pool.GetGatewayServiceClient(
-				cfg.Notifications.Reva.Address,
-				cfg.Notifications.Reva.GetRevaOptions()...,
+				cfg.Notifications.RevaGateway,
+				pool.WithTLSCACert(cfg.Notifications.RevaGatewayTLSCACert),
+				pool.WithTLSMode(tm),
 			)
 			if err != nil {
-				logger.Fatal().Err(err).Str("addr", cfg.Notifications.Reva.Address).Msg("could not get reva client")
+				logger.Fatal().Err(err).Str("addr", cfg.Notifications.RevaGateway).Msg("could not get reva client")
 			}

 			svc := service.NewEventsNotifier(evts, channel, logger, gwclient, cfg.Notifications.MachineAuthAPIKey, cfg.Notifications.EmailTemplatePath, cfg.Commons.OcisURL)
--- a/services/notifications/pkg/config/config.go
+++ b/services/notifications/pkg/config/config.go
@@ -22,11 +22,13 @@ type Config struct {

 // Notifications defines the config options for the notifications service.
 type Notifications struct {
-	SMTP              SMTP        `yaml:"SMTP"`
-	Events            Events      `yaml:"events"`
-	MachineAuthAPIKey string      `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;NOTIFICATIONS_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary to access resources from other services."`
-	Reva              shared.Reva `yaml:"reva"`
-	EmailTemplatePath string      `yaml:"email_template_path" env:"OCIS_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH" desc:"Path to Email notification templates overriding embedded ones."`
+	SMTP                 SMTP   `yaml:"SMTP"`
+	Events               Events `yaml:"events"`
+	MachineAuthAPIKey    string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;NOTIFICATIONS_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used to validate internal requests necessary to access resources from other services."`
+	EmailTemplatePath    string `yaml:"email_template_path" env:"OCIS_EMAIL_TEMPLATE_PATH;NOTIFICATIONS_EMAIL_TEMPLATE_PATH" desc:"Path to Email notification templates overriding embedded ones."`
+	RevaGateway          string `yaml:"reva_gateway" env:"REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata"`
+	RevaGatewayTLSMode   string `yaml:"reva_gateway_tls_mode" env:"REVA_GATEWAY_TLS_MODE"`
+	RevaGatewayTLSCACert string `yaml:"reva_gateway_tls_cacert" env:"REVA_GATEWAY_TLS_CACERT"`
 }

 // SMTP combines the smtp configuration options.
--- a/services/notifications/pkg/config/defaults/defaultconfig.go
+++ b/services/notifications/pkg/config/defaults/defaultconfig.go
@@ -37,7 +37,9 @@ func DefaultConfig() *config.Config {
 				ConsumerGroup: "notifications",
 				EnableTLS:     false,
 			},
-			Reva: *shared.DefaultRevaConfig(),
+			RevaGateway:          shared.DefaultRevaConfig().Address,
+			RevaGatewayTLSMode:   shared.DefaultRevaConfig().TLSMode,
+			RevaGatewayTLSCACert: shared.DefaultRevaConfig().TLSCACert,
 		},
 	}
 }
--- a/services/thumbnails/pkg/config/config.go
+++ b/services/thumbnails/pkg/config/config.go
@@ -31,12 +31,14 @@ type FileSystemStorage struct {

 // Thumbnail defines the available thumbnail related configuration.
 type Thumbnail struct {
-	Resolutions         []string          `yaml:"resolutions" env:"THUMBNAILS_RESOLUTIONS" desc:"The supported target resolutions in the format WidthxHeight e.g. 32x32. You can define any resolution as required and separate multiple resolutions by blank or comma."`
-	FileSystemStorage   FileSystemStorage `yaml:"filesystem_storage"`
-	WebdavAllowInsecure bool              `yaml:"webdav_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE" desc:"Ignore untrusted SSL certificates when connecting to the webdav source."`
-	CS3AllowInsecure    bool              `yaml:"cs3_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE" desc:"Ignore untrusted SSL certificates when connecting to the CS3 source."`
-	Reva                shared.Reva       `yaml:"reva"`
-	FontMapFile         string            `yaml:"font_map_file" env:"THUMBNAILS_TXT_FONTMAP_FILE" desc:"The path to a font file for txt thumbnails."`
-	TransferSecret      string            `yaml:"transfer_secret" env:"THUMBNAILS_TRANSFER_TOKEN" desc:"The secret to sign JWT to download the actual thumbnail file."`
-	DataEndpoint        string            `yaml:"data_endpoint" env:"THUMBNAILS_DATA_ENDPOINT" desc:"The HTTP endpoint where the actual thumbnail file can be downloaded."`
+	Resolutions          []string          `yaml:"resolutions" env:"THUMBNAILS_RESOLUTIONS" desc:"The supported target resolutions in the format WidthxHeight e.g. 32x32. You can define any resolution as required and separate multiple resolutions by blank or comma."`
+	FileSystemStorage    FileSystemStorage `yaml:"filesystem_storage"`
+	WebdavAllowInsecure  bool              `yaml:"webdav_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_WEBDAVSOURCE_INSECURE" desc:"Ignore untrusted SSL certificates when connecting to the webdav source."`
+	CS3AllowInsecure     bool              `yaml:"cs3_allow_insecure" env:"OCIS_INSECURE;THUMBNAILS_CS3SOURCE_INSECURE" desc:"Ignore untrusted SSL certificates when connecting to the CS3 source."`
+	RevaGateway          string            `yaml:"reva_gateway" env:"REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata"`
+	RevaGatewayTLSMode   string            `yaml:"reva_gateway_tls_mode" env:"REVA_GATEWAY_TLS_MODE"`
+	RevaGatewayTLSCACert string            `yaml:"reva_gateway_tls_cacert" env:"REVA_GATEWAY_TLS_CACERT"`
+	FontMapFile          string            `yaml:"font_map_file" env:"THUMBNAILS_TXT_FONTMAP_FILE" desc:"The path to a font file for txt thumbnails."`
+	TransferSecret       string            `yaml:"transfer_secret" env:"THUMBNAILS_TRANSFER_TOKEN" desc:"The secret to sign JWT to download the actual thumbnail file."`
+	DataEndpoint         string            `yaml:"data_endpoint" env:"THUMBNAILS_DATA_ENDPOINT" desc:"The HTTP endpoint where the actual thumbnail file can be downloaded."`
 }
--- a/services/thumbnails/pkg/config/defaults/defaultconfig.go
+++ b/services/thumbnails/pkg/config/defaults/defaultconfig.go
@@ -41,10 +41,12 @@ func DefaultConfig() *config.Config {
 			FileSystemStorage: config.FileSystemStorage{
 				RootDirectory: path.Join(defaults.BaseDataPath(), "thumbnails"),
 			},
-			WebdavAllowInsecure: false,
-			Reva:                *shared.DefaultRevaConfig(),
-			CS3AllowInsecure:    false,
-			DataEndpoint:        "http://127.0.0.1:9186/thumbnails/data",
+			WebdavAllowInsecure:  false,
+			RevaGateway:          shared.DefaultRevaConfig().Address,
+			RevaGatewayTLSMode:   shared.DefaultRevaConfig().TLSMode,
+			RevaGatewayTLSCACert: shared.DefaultRevaConfig().TLSCACert,
+			CS3AllowInsecure:     false,
+			DataEndpoint:         "http://127.0.0.1:9186/thumbnails/data",
 		},
 	}
 }
--- a/services/thumbnails/pkg/server/grpc/server.go
+++ b/services/thumbnails/pkg/server/grpc/server.go
@@ -26,7 +26,15 @@ func NewService(opts ...Option) grpc.Service {
 		grpc.Version(version.GetString()),
 	)
 	tconf := options.Config.Thumbnail
-	gc, err := pool.GetGatewayServiceClient(tconf.Reva.Address, tconf.Reva.GetRevaOptions()...)
+	tm, err := pool.StringToTLSMode(tconf.RevaGatewayTLSMode)
+	if err != nil {
+		options.Logger.Error().Err(err).Msg("could not get gateway client tls mode")
+		return grpc.Service{}
+	}
+	gc, err := pool.GetGatewayServiceClient(tconf.RevaGateway,
+		pool.WithTLSCACert(tconf.RevaGatewayTLSCACert),
+		pool.WithTLSMode(tm),
+	)
 	if err != nil {
 		options.Logger.Error().Err(err).Msg("could not get gateway client")
 		return grpc.Service{}
--- a/services/webdav/pkg/config/config.go
+++ b/services/webdav/pkg/config/config.go
@@ -18,8 +18,10 @@ type Config struct {

 	HTTP HTTP `yaml:"http"`

-	OcisPublicURL   string          `yaml:"ocis_public_url" env:"OCIS_URL;OCIS_PUBLIC_URL" desc:"URL, where oCIS is reachable for users."`
-	WebdavNamespace string          `yaml:"webdav_namespace" env:"WEBDAV_WEBDAV_NAMESPACE" desc:"CS3 path layout to use when forwarding /webdav requests"`
-	Reva            shared.Reva     `yaml:"reva"`
-	Context         context.Context `yaml:"-"`
+	OcisPublicURL        string          `yaml:"ocis_public_url" env:"OCIS_URL;OCIS_PUBLIC_URL" desc:"URL, where oCIS is reachable for users."`
+	WebdavNamespace      string          `yaml:"webdav_namespace" env:"WEBDAV_WEBDAV_NAMESPACE" desc:"CS3 path layout to use when forwarding /webdav requests"`
+	RevaGateway          string          `yaml:"reva_gateway" env:"REVA_GATEWAY" desc:"CS3 gateway used to look up user metadata"`
+	RevaGatewayTLSMode   string          `yaml:"reva_gateway_tls_mode" env:"REVA_GATEWAY_TLS_MODE"`
+	RevaGatewayTLSCACert string          `yaml:"reva_gateway_tls_cacert" env:"REVA_GATEWAY_TLS_CACERT"`
+	Context              context.Context `yaml:"-"`
 }
--- a/services/webdav/pkg/config/defaults/defaultconfig.go
+++ b/services/webdav/pkg/config/defaults/defaultconfig.go
@@ -36,9 +36,11 @@ func DefaultConfig() *config.Config {
 		Service: config.Service{
 			Name: "webdav",
 		},
-		OcisPublicURL:   "https://127.0.0.1:9200",
-		WebdavNamespace: "/users/{{.Id.OpaqueId}}",
-		Reva:            *shared.DefaultRevaConfig(),
+		OcisPublicURL:        "https://127.0.0.1:9200",
+		WebdavNamespace:      "/users/{{.Id.OpaqueId}}",
+		RevaGateway:          shared.DefaultRevaConfig().Address,
+		RevaGatewayTLSMode:   shared.DefaultRevaConfig().TLSMode,
+		RevaGatewayTLSCACert: shared.DefaultRevaConfig().TLSCACert,
 	}
 }

--- a/services/webdav/pkg/service/v0/service.go
+++ b/services/webdav/pkg/service/v0/service.go
@@ -60,7 +60,14 @@ func NewService(opts ...Option) (Service, error) {
 	// chi.RegisterMethod("REPORT")
 	m.Use(options.Middleware...)

-	gwc, err := pool.GetGatewayServiceClient(conf.Reva.Address, conf.Reva.GetRevaOptions()...)
+	tm, err := pool.StringToTLSMode(conf.RevaGatewayTLSMode)
+	if err != nil {
+		return nil, err
+	}
+	gwc, err := pool.GetGatewayServiceClient(conf.RevaGateway,
+		pool.WithTLSCACert(conf.RevaGatewayTLSCACert),
+		pool.WithTLSMode(tm),
+	)
 	if err != nil {
 		return nil, err
 	}