-
Notifications
You must be signed in to change notification settings - Fork 248
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
gateway: extract into package and add metrics
Signed-off-by: Jimmy Zelinskie <jimmy@zelinskie.com>
- Loading branch information
1 parent
89576ad
commit f42234a
Showing
2 changed files
with
72 additions
and
38 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
// Package gateway implements an HTTP server that forwards JSON requests to | ||
// an upstream SpiceDB gRPC server. | ||
package gateway | ||
|
||
import ( | ||
"context" | ||
"net/http" | ||
|
||
v1 "github.com/authzed/authzed-go/proto/authzed/api/v1" | ||
"github.com/authzed/grpcutil" | ||
"github.com/grpc-ecosystem/grpc-gateway/v2/runtime" | ||
"github.com/prometheus/client_golang/prometheus" | ||
"github.com/prometheus/client_golang/prometheus/promauto" | ||
"github.com/prometheus/client_golang/prometheus/promhttp" | ||
"go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc" | ||
"google.golang.org/grpc" | ||
|
||
"github.com/authzed/spicedb/internal/auth" | ||
) | ||
|
||
var histogram = promauto.NewHistogramVec(prometheus.HistogramOpts{ | ||
Name: "spicedb_rest_gateway_request_duration_seconds", | ||
Help: "A histogram of the duration spent processing requests to the SpiceDB REST Gateway.", | ||
}, []string{"method"}) | ||
|
||
// Config represents the require configuration for initializing a REST gateway. | ||
type Config struct { | ||
Addr string | ||
UpstreamAddr string | ||
UpstreamTlsDisabled bool | ||
UpstreamTlsCaPath string | ||
} | ||
|
||
// NewHttpServer initializes a new HTTP server with the provided configuration. | ||
func NewHttpServer(ctx context.Context, cfg Config) (*http.Server, error) { | ||
opts := []grpc.DialOption{grpc.WithUnaryInterceptor(otelgrpc.UnaryClientInterceptor())} | ||
if cfg.UpstreamTlsDisabled { | ||
opts = append(opts, grpc.WithInsecure()) | ||
} else { | ||
opts = append(opts, grpcutil.WithCustomCerts(cfg.UpstreamTlsCaPath, grpcutil.SkipVerifyCA)) | ||
} | ||
|
||
mux := runtime.NewServeMux(runtime.WithMetadata(auth.PresharedKeyAnnotator)) | ||
if err := v1.RegisterSchemaServiceHandlerFromEndpoint(ctx, mux, cfg.UpstreamAddr, opts); err != nil { | ||
return nil, err | ||
} | ||
if err := v1.RegisterPermissionsServiceHandlerFromEndpoint(ctx, mux, cfg.UpstreamAddr, opts); err != nil { | ||
return nil, err | ||
} | ||
|
||
return &http.Server{ | ||
Addr: cfg.Addr, | ||
Handler: promhttp.InstrumentHandlerDuration(histogram, mux), | ||
}, nil | ||
} |