Merge pull request #262 from CovenantSQL/feature/adapterConf

Add listen flag for adapter
CovenantSQL · Feb 21, 2019 · 63bff3a · 63bff3a
2 parents 5063377 + 2573afd
commit 63bff3a
Show file tree

Hide file tree

Showing 9 changed files with 73 additions and 415 deletions.
diff --git a/cmd/cql-adapter/README.md b/cmd/cql-adapter/README.md
@@ -1,4 +1,4 @@
-This doc introduce the usage of CovenantSQL adapter. This adapter lets you use CovenantSQL on any platform from any programming languages using http(s) protocol. The CovenantSQL  Java/Python Driver currently is based on adapter to service.
+This doc introduce the usage of CovenantSQL adapter. This adapter lets you use CovenantSQL on any platform from any programming languages using http(s) protocol. The CovenantSQL  Java/Python/NodeJS Driver currently is based on adapter to service.
 
 ## Prerequisites
 
@@ -8,80 +8,20 @@ Make sure the ```$GOPATH/bin``` is in your ```$PATH```, download build the adapt
 $ go get github.com/CovenantSQL/CovenantSQL/cmd/cql-adapter
 ```
 
-Adapter requires a simple ```config.yaml``` like we use in client bundled with exclusive adpater configuration.
+## Adapter Usage
+
+Adapter can use the same ```config.yaml``` and key pair with `cql`
 
 ### Generating Default Config File
 
 First, generate the main configuration file. Same as [Generating Default Config File in Golang Client Doc](https://github.com/CovenantSQL/CovenantSQL/tree/develop/client#generating-default-config-file). An existing configuration file can also be used.
 
-### Configure Adapter
-
-Adapter use tls certificate for client authorization, a public or self-signed ssl certificate is required for adapter server to start. The adapter config is placed as a ```Adapter``` section of the main config file including following configurable fields.
-
-| Name              | Type     | Description                                                  | Default |
-| ----------------- | -------- | ------------------------------------------------------------ | ------- |
-| ListenAddr        | string   | adapter server listen address                                |         |
-| CertificatePath   | string   | adapter server tls certificate file<br />** all following file path is related to working root |         |
-| PrivateKeyPath    | string   | adapter server tls private key file                          |         |
-| VerifyCertificate | bool     | should adapter server verify client certificate or not<br />a client custom CA is required, all valid clients certificate should be issued by this CA | false   |
-| AdminCerts        | []string | each item requires to be a certificate file path<br />client with configured certificate will be granted with ADMIN privilege<br />ADMIN privilege is able to CREATE/DROP database, send WRITE/READ request |         |
-| WriteCerts        | []string | same format as ```AdminCerts ``` field<br />client with configured certificate will be granted with WRITE privilege<br />WRITE privilege is able to send WRITE/READ request only |         |
-| StorageDriver     | string   | two available storage driver: ```sqlite3``` and ```covenantsql```, use ```sqlite3``` driver for test purpose only |         |
-| StorageRoot       | string   | required by ```sqlite3``` storage driver, database files is placed under this root path, this path is treated as relative to working root |         |
-
-[mkcert](https://github.com/FiloSottile/mkcert) is a handy command to generate tls certificates, run the following command to generate the server certificate.
-
-``````
-$ CAROOT=$(pwd) mkcert server
-Using the local CA at "/demo" ✨
-Warning: the local CA is not installed in the system trust store! ⚠️
-Warning: the local CA is not installed in the Firefox trust store! ⚠️
-Run "mkcert -install" to avoid verification errors ‼️
-
-Created a new certificate valid for the following names 📜
- - "server"
-
-The certificate is at "./server.pem" and the key at "./server-key.pem" ✅
-
-And move them to ~/.cql/ dir.
-``````
-
-You can use following interactive command to generate adapter config.
-
-```shell
-$ cql-utils -tool adapterconfgen
-ListenAddr (default: 0.0.0.0:4661): ⏎
-CertificatePath (default: server.pem): ⏎
-PrivateKeyPath (default: server-key.pem): ⏎
-VerifyCertificate (default: true) (y/n): ⏎
-ClientCAPath (default:): ⏎
-AdminCerts (default:): ⏎
-WriteCerts (default:): ⏎
-StorageDriver (default: covenantsql): ⏎
-StorageRoot (default:): ⏎
-
-$ tail -n 20 ~/.cql/config.yaml
-... skipping irrelevant configuration
-Adapter:
-  ListenAddr: 0.0.0.0:4661
-  CertificatePath: server.pem
-  PrivateKeyPath: server.key
-  VerifyCertificate: false
-  ClientCAPath: 
-  AdminCerts: []
-  WriteCerts: []
-  StorageDriver: covenantsql
-  StorageRoot:
-```
-
-## Adapter Usage
-
 ### Start
 
 Start the adapter by following commands:
 
 ```shell
-$ cql-adapter
+$ cql-adapter -listen 127.0.0.1:4661
 ```
 
 ### API
@@ -117,6 +57,41 @@ $ cql-adapter
 }
 ```
 
+### Configure HTTPS Adapter
+
+Adapter use tls certificate for client authorization, a public or self-signed ssl certificate is required for adapter server to start. The adapter config is placed as a ```Adapter``` section of the main config file including following configurable fields.
+
+| Name              | Type     | Description                                                  | Default |
+| ----------------- | -------- | ------------------------------------------------------------ | ------- |
+| ListenAddr        | string   | adapter server listen address                                |         |
+| CertificatePath   | string   | adapter server tls certificate file<br />** all following file path is related to working root |         |
+| PrivateKeyPath    | string   | adapter server tls private key file                          |         |
+| VerifyCertificate | bool     | should adapter server verify client certificate or not<br />a client custom CA is required, all valid clients certificate should be issued by this CA | false   |
+| AdminCerts        | []string | each item requires to be a certificate file path<br />client with configured certificate will be granted with ADMIN privilege<br />ADMIN privilege is able to CREATE/DROP database, send WRITE/READ request |         |
+| WriteCerts        | []string | same format as ```AdminCerts ``` field<br />client with configured certificate will be granted with WRITE privilege<br />WRITE privilege is able to send WRITE/READ request only |         |
+| StorageDriver     | string   | two available storage driver: ```sqlite3``` and ```covenantsql```, use ```sqlite3``` driver for test purpose only |         |
+| StorageRoot       | string   | required by ```sqlite3``` storage driver, database files is placed under this root path, this path is treated as relative to working root |         |
+
+[mkcert](https://github.com/FiloSottile/mkcert) is a handy command to generate tls certificates, run the following command to generate the server certificate.
+
+``````
+$ CAROOT=$(pwd) mkcert server
+Using the local CA at "/demo" ✨
+Warning: the local CA is not installed in the system trust store! ⚠️
+Warning: the local CA is not installed in the Firefox trust store! ⚠️
+Run "mkcert -install" to avoid verification errors ‼️
+
+Created a new certificate valid for the following names 📜
+ - "server"
+
+The certificate is at "./server.pem" and the key at "./server-key.pem" ✅
+
+And move them to ~/.cql/ dir.
+``````
+
+You can use following interactive command to generate adapter config.
+
+
 ###### Example
 
 ```bash

diff --git a/cmd/cql-adapter/config/config.go b/cmd/cql-adapter/config/config.go
@@ -65,7 +65,7 @@ type Config struct {
 }
 
 type confWrapper struct {
-	Adapter *Config `yaml:"Adapter"`
+	Adapter Config `yaml:"Adapter"`
 }
 
 // LoadConfig load and verify config in config file and set to global config instance.
@@ -81,14 +81,11 @@ func LoadConfig(configPath string, password string) (config *Config, err error)
 		return
 	}
 
-	if configWrapper.Adapter == nil {
-		err = ErrEmptyAdapterConfig
-		log.WithError(err).Error("could not read adapter config")
-		return
-	}
-
-	config = configWrapper.Adapter
+	config = &configWrapper.Adapter
 
+	if len(config.StorageDriver) == 0 {
+		config.StorageDriver = "covenantsql"
+	}
 	if config.StorageDriver == "covenantsql" {
 		// init client
 		if err = client.Init(configPath, []byte(password)); err != nil {
@@ -103,7 +100,7 @@ func LoadConfig(configPath string, password string) (config *Config, err error)
 
 	if config.CertificatePath == "" || config.PrivateKeyPath == "" {
 		// http mode
-		log.Warningf("running in http mode")
+		log.Info("running in http mode")
 	} else {
 		// tls mode
 		// init tls config

diff --git a/cmd/cql-adapter/config/errors.go b/cmd/cql-adapter/config/errors.go
@@ -19,8 +19,6 @@ package config
 import "github.com/pkg/errors"
 
 var (
-	// ErrEmptyAdapterConfig defines empty adapter config.
-	ErrEmptyAdapterConfig = errors.New("empty adapter config")
 	// ErrInvalidStorageConfig defines error on incomplete storage config.
 	ErrInvalidStorageConfig = errors.New("invalid storage config")
 	// ErrInvalidCertificateFile defines invalid certificate file error.

diff --git a/cmd/cql-adapter/main.go b/cmd/cql-adapter/main.go
@@ -36,13 +36,15 @@ const name = "cql-adapeter"
 var (
 	version     = "unknown"
 	configFile  string
+	listenAddr  string
 	password    string
 	showVersion bool
 )
 
 func init() {
 	flag.StringVar(&configFile, "config", "~/.cql/config.yaml", "Config file for adapter")
 	flag.StringVar(&password, "password", "", "Master key password")
+	flag.StringVar(&listenAddr, "listen", "", "Listen address for adapter api")
 	flag.BoolVar(&asymmetric.BypassSignature, "bypass-signature", false,
 		"Disable signature sign and verify, for testing")
 	flag.BoolVar(&showVersion, "version", false, "Show version information and exit")
@@ -62,7 +64,7 @@ func main() {
 		log.Infof("args %#v : %s", f.Name, f.Value)
 	})
 
-	server, err := NewHTTPAdapter(configFile, password)
+	server, err := NewHTTPAdapter(listenAddr, configFile, password)
 	if err != nil {
 		log.WithError(err).Fatal("init adapter failed")
 		return

diff --git a/cmd/cql-adapter/server.go b/cmd/cql-adapter/server.go
@@ -33,7 +33,7 @@ type HTTPAdapter struct {
 }
 
 // NewHTTPAdapter creates adapter to service.
-func NewHTTPAdapter(configFile string, password string) (adapter *HTTPAdapter, err error) {
+func NewHTTPAdapter(listenAddr string, configFile string, password string) (adapter *HTTPAdapter, err error) {
 	adapter = new(HTTPAdapter)
 
 	// load config file
@@ -42,6 +42,9 @@ func NewHTTPAdapter(configFile string, password string) (adapter *HTTPAdapter, e
 		return
 	}
 
+	if listenAddr != "" {
+		cfg.ListenAddr = listenAddr
+	}
 	// init server
 	handler := handlers.CORS()(api.GetRouter())
 
@@ -61,7 +64,7 @@ func (adapter *HTTPAdapter) Serve() (err error) {
 
 	// bind port, start tls listener
 	var listener net.Listener
-	if listener, err = net.Listen("tcp", cfg.ListenAddr); err != nil {
+	if listener, err = net.Listen("tcp", adapter.server.Addr); err != nil {
 		return
 	}