forked from pivotal-cf/cred-alert
-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.go
103 lines (85 loc) · 2.46 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
package main
import (
"fmt"
"io/ioutil"
"net/http"
"os"
"cloud.google.com/go/pubsub"
"code.cloudfoundry.org/lager"
flags "github.com/jessevdk/go-flags"
"github.com/tedsuo/ifrit"
"github.com/tedsuo/ifrit/grouper"
"github.com/tedsuo/ifrit/http_server"
"github.com/tedsuo/ifrit/sigmon"
"golang.org/x/net/context"
"cred-alert/config"
"cred-alert/crypto"
"cred-alert/ingestor"
"cred-alert/metrics"
"cred-alert/queue"
"cred-alert/revok"
)
func main() {
var cfg *config.IngestorConfig
var flagOpts config.IngestorOpts
logger := lager.NewLogger("revok-ingestor")
logger.RegisterSink(lager.NewWriterSink(os.Stdout, lager.INFO))
logger.Debug("starting")
_, err := flags.ParseArgs(&flagOpts, os.Args)
if err != nil {
logger.Fatal("failed", err)
os.Exit(1)
}
if flagOpts.ConfigFile != "" {
bs, err := ioutil.ReadFile(string(flagOpts.ConfigFile))
if err != nil {
logger.Error("failed-opening-config-file", err)
os.Exit(1)
}
cfg, err = config.LoadIngestorConfig(bs)
cfg.Merge(flagOpts.IngestorConfig)
} else {
cfg = flagOpts.IngestorConfig
}
errs := cfg.Validate()
if errs != nil {
for _, err := range errs {
fmt.Println(err.Error())
}
os.Exit(1)
}
if cfg.IsSentryConfigured() {
logger.RegisterSink(revok.NewSentrySink(cfg.Metrics.SentryDSN, cfg.Metrics.Environment))
}
emitter := metrics.BuildEmitter(cfg.Metrics.DatadogAPIKey, cfg.Metrics.Environment)
generator := queue.NewGenerator()
pubSubClient, err := pubsub.NewClient(context.Background(), cfg.PubSub.ProjectName)
if err != nil {
logger.Fatal("failed", err)
os.Exit(1)
}
topic := pubSubClient.Topic(cfg.PubSub.Topic)
privateKey, err := crypto.ReadRSAPrivateKey(string(cfg.PubSub.PrivateKeyPath))
if err != nil {
logger.Fatal("failed", err)
os.Exit(1)
}
signer := crypto.NewRSASigner(privateKey)
enqueuer := queue.NewPubSubEnqueuer(logger, topic, signer)
in := ingestor.NewIngestor(enqueuer, emitter, "revok", generator)
router := http.NewServeMux()
router.Handle("/webhook", ingestor.NewHandler(logger, in, cfg.GitHub.WebhookSecretTokens))
router.Handle("/healthcheck", revok.ObliviousHealthCheck())
members := []grouper.Member{
{"api", http_server.New(fmt.Sprintf(":%d", cfg.Port), router)},
}
runner := sigmon.New(grouper.NewParallel(os.Interrupt, members))
serverLogger := logger.Session("server", lager.Data{
"port": cfg.Port,
})
serverLogger.Info("starting")
err = <-ifrit.Invoke(runner).Wait()
if err != nil {
serverLogger.Error("failed", err)
}
}