Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Flags for listeners #2130

Merged
merged 1 commit into from May 16, 2019

Conversation

3 participants
@pjdufour-truss
Copy link
Contributor

commented May 14, 2019

Description

This PR adds configuration to turn listeners on. In local development and e2e tests, only the no-tls listener will run by default. In our deployed container services, we won't run the no-tls listener. Regretfully, to support NLB health checks we still need to run the regular TLS listener on the app-client-tls service. Overall, reduces duplication, simplifies security, and increases performance. Will need to test on experimental before merge.

Reviewer Notes

When you run make server_run locally, you'll only see the no-tls listener start up.

Setup

None

Code Review Verification Steps

  • Code follows the guidelines for Logging
  • The requirements listed in
    Querying the Database Safely
    have been satisfied.
  • Any new migrations/schema changes:
    • Follow our guidelines for zero-downtime deploys (see Zero-Downtime Deploys)
    • Have been communicated to #dp3-engineering
    • Secure migrations have been tested using scripts/run-prod-migrations
  • There are no aXe warnings for UI.
  • This works in Supported Browsers and their phone views (Chrome, Firefox, IE, Edge).
  • Any new client dependencies (Google Analytics, hosted libraries, CDNs, etc) have been:
  • Tested in the Experimental environment (for changes to containers, app startup, or connection to data stores)
  • User facing changes have been reviewed by design.
  • Request review from a member of a different team.
  • Have the Pivotal acceptance criteria been met for this change?

References

Screenshots

None

@pjdufour-truss pjdufour-truss force-pushed the flag_listeners branch from 46cab1f to 70a5fce May 14, 2019

@@ -186,6 +186,9 @@ export SERVE_SWAGGER_UI=true
require EIA_KEY "See 'chamber read app-devlocal eia_key' or https://docs.google.com/document/d/1K1-xlYcZaS518PQiaB39gSvqz2tTo0W8eM0wImB7TcI"
export EIA_URL="https://api.eia.gov/series/"

# Enable No TLS Listener
export NO_TLS_ENABLED=1

This comment has been minimized.

Copy link
@rdhariwal

rdhariwal May 14, 2019

Contributor

Wondering if we should enable tls by default and dev's override this through a flag override?

This comment has been minimized.

Copy link
@chrisgilmerproj

chrisgilmerproj May 14, 2019

Contributor

I prefer having them all default to off so that we aren't accepting any requests by default. This reason is that in our app and app-client-tls container definitions we want different listeners on and I like being explicit about it.

@codecov

This comment has been minimized.

Copy link

commented May 14, 2019

Codecov Report

Merging #2130 into master will decrease coverage by 0.05%.
The diff coverage is 0%.

@@            Coverage Diff             @@
##           master    #2130      +/-   ##
==========================================
- Coverage   59.03%   58.98%   -0.05%     
==========================================
  Files         237      238       +1     
  Lines       13796    13807      +11     
==========================================
  Hits         8144     8144              
- Misses       4662     4673      +11     
  Partials      990      990
@chrisgilmerproj
Copy link
Contributor

left a comment

🚀 - This change makes me feel really good about our deployed containers.

@pjdufour-truss pjdufour-truss force-pushed the flag_listeners branch 2 times, most recently from 214602e to b652f4d May 16, 2019

@pjdufour-truss pjdufour-truss merged commit 3b72a74 into master May 16, 2019

18 of 20 checks passed

codecov/patch 0% of diff hit (target 59.03%)
Details
codecov/project/go 58.8% (-0.05%) compared to 51425a8
Details
Codacy/PR Quality Review Up to standards. A positive pull request.
Details
ci/circleci: acceptance_tests_experimental Your tests passed on CircleCI!
Details
ci/circleci: acceptance_tests_local Your tests passed on CircleCI!
Details
ci/circleci: acceptance_tests_staging Your tests passed on CircleCI!
Details
ci/circleci: build_app Your tests passed on CircleCI!
Details
ci/circleci: build_migrations Your tests passed on CircleCI!
Details
ci/circleci: build_tasks Your tests passed on CircleCI!
Details
ci/circleci: build_tools Your tests passed on CircleCI!
Details
ci/circleci: client_test Your tests passed on CircleCI!
Details
ci/circleci: integration_tests_api Your tests passed on CircleCI!
Details
ci/circleci: integration_tests_mymove Your tests passed on CircleCI!
Details
ci/circleci: integration_tests_office Your tests passed on CircleCI!
Details
ci/circleci: integration_tests_tsp Your tests passed on CircleCI!
Details
ci/circleci: pre_deps_golang Your tests passed on CircleCI!
Details
ci/circleci: pre_deps_yarn Your tests passed on CircleCI!
Details
ci/circleci: pre_test Your tests passed on CircleCI!
Details
ci/circleci: server_test Your tests passed on CircleCI!
Details
ci/circleci: server_test_coverage Your tests passed on CircleCI!
Details

@pjdufour-truss pjdufour-truss deleted the flag_listeners branch May 16, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.