Revert "feat: add new non TLS grpc server for healthcheck"

This reverts commit 9184d0e.
goto · Dec 19, 2023 · a32d2a1 · a32d2a1
1 parent 9184d0e
commit a32d2a1
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 77 deletions.
diff --git a/config/server.go b/config/server.go
@@ -32,7 +32,6 @@ type serverWs struct {
 
 type serverGRPC struct {
 	Port         string
-	TLSPort      string
 	TLSEnabled   bool
 	TLSCertPath  string
 	TLSPublicKey string
@@ -76,13 +75,11 @@ func serverWsConfigLoader() {
 
 func serverGRPCConfigLoader() {
 	viper.SetDefault("SERVER_GRPC_PORT", "8081")
-	viper.SetDefault("SERVER_GRPC_TLS_PORT", "8443")
 	viper.SetDefault("SERVER_GRPC_TLS_ENABLED", false)
 	viper.SetDefault("SERVER_GRPC_TLS_CERT_PATH", "cert/server.crt")
 	viper.SetDefault("SERVER_GRPC_TLS_PUBLIC_KEY", "cert/server.key")
 	ServerGRPC = serverGRPC{
 		Port:         util.MustGetString("SERVER_GRPC_PORT"),
-		TLSPort:      util.MustGetString("SERVER_GRPC_TLS_PORT"),
 		TLSEnabled:   util.MustGetBool("SERVER_GRPC_TLS_ENABLED"),
 		TLSCertPath:  util.MustGetString("SERVER_GRPC_TLS_CERT_PATH"),
 		TLSPublicKey: util.MustGetString("SERVER_GRPC_TLS_PUBLIC_KEY"),

diff --git a/services/grpc/service.go b/services/grpc/service.go
@@ -2,7 +2,9 @@ package grpc
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
+	"google.golang.org/grpc/credentials"
 	"net"
 
 	pbgrpc "buf.build/gen/go/gotocompany/proton/grpc/go/gotocompany/raccoon/v1beta1/raccoonv1beta1grpc"
@@ -43,5 +45,22 @@ func (s *Service) Shutdown(context.Context) error {
 }
 
 func newGRPCServer() *grpc.Server {
+	if config.ServerGRPC.TLSEnabled {
+		return grpc.NewServer(grpc.Creds(loadTLSCredentials()))
+	}
 	return grpc.NewServer()
 }
+
+func loadTLSCredentials() credentials.TransportCredentials {
+	serverCert, err := tls.LoadX509KeyPair(config.ServerGRPC.TLSCertPath, config.ServerGRPC.TLSPublicKey)
+	if err != nil {
+		panic("failed to load TLS credentials to start grpc server with TLS")
+	}
+
+	config := &tls.Config{
+		Certificates: []tls.Certificate{serverCert},
+		ClientAuth:   tls.NoClientCert,
+	}
+
+	return credentials.NewTLS(config)
+}
diff --git a/services/grpc/serviceWithTLS.go b/services/grpc/serviceWithTLS.go
diff --git a/services/services.go b/services/services.go
@@ -2,7 +2,6 @@ package services
 
 import (
 	"context"
-	"github.com/goto/raccoon/config"
 	"net/http"
 
 	"github.com/goto/raccoon/collection"
@@ -46,17 +45,6 @@ func (s *Services) Shutdown(ctx context.Context) {
 
 func Create(b chan collection.CollectRequest) Services {
 	c := collection.NewChannelCollector(b)
-	if config.ServerGRPC.TLSEnabled {
-		return Services{
-			b: []bootstrapper{
-				//running non TLS service to do health check on the probe
-				grpc.NewGRPCService(c),
-				grpc.NewGRPCServiceWithTLS(c),
-				pprof.NewPprofService(),
-				rest.NewRestService(c),
-			},
-		}
-	}
 	return Services{
 		b: []bootstrapper{
 			grpc.NewGRPCService(c),