runtime: Remove --insecure-addr flag

--insecure-addr was deprecated in in Oct 2018. It's time to say goodbye. Fixes #763 Signed-off-by: Torin Sandall <torinsandall@gmail.com>
open-policy-agent · Oct 23, 2020 · 2373d89 · 2373d89
1 parent c84109a
commit 2373d89
Show file tree

Hide file tree

Showing 4 changed files with 1 addition and 30 deletions.
diff --git a/cmd/run.go b/cmd/run.go
@@ -168,8 +168,6 @@ To skip bundle verification, use the --skip-verify flag.
 	runCommand.Flags().StringVarP(&cmdParams.rt.HistoryPath, "history", "H", historyPath(), "set path of history file")
 	cmdParams.rt.Addrs = runCommand.Flags().StringSliceP("addr", "a", []string{defaultAddr}, "set listening address of the server (e.g., [ip]:<port> for TCP, unix://<path> for UNIX domain socket)")
 	cmdParams.rt.DiagnosticAddrs = runCommand.Flags().StringSlice("diagnostic-addr", []string{}, "set read-only diagnostic listening address of the server for /health and /metric APIs (e.g., [ip]:<port> for TCP, unix://<path> for UNIX domain socket)")
-	runCommand.Flags().StringVarP(&cmdParams.rt.InsecureAddr, "insecure-addr", "", "", "set insecure listening address of the server")
-	runCommand.Flags().MarkDeprecated("insecure-addr", "use --addr instead")
 	runCommand.Flags().BoolVarP(&cmdParams.rt.H2CEnabled, "h2c", "", false, "enable H2C for HTTP listeners")
 	runCommand.Flags().StringVarP(&cmdParams.rt.OutputFormat, "format", "f", "pretty", "set shell output format, i.e, pretty, json")
 	runCommand.Flags().BoolVarP(&cmdParams.rt.Watch, "watch", "w", false, "watch command line files for changes")

diff --git a/runtime/runtime.go b/runtime/runtime.go
@@ -80,10 +80,6 @@ type Params struct {
 	// for read-only diagnostic API's (/health, /metrics, etc)
 	DiagnosticAddrs *[]string
 
-	// InsecureAddr is the listening address that the OPA server will bind to
-	// in addition to Addr if TLS is enabled.
-	InsecureAddr string
-
 	// H2CEnabled flag controls whether OPA will allow H2C (HTTP/2 cleartext) on
 	// HTTP listeners.
 	H2CEnabled bool
@@ -303,7 +299,6 @@ func (rt *Runtime) Serve(ctx context.Context) error {
 	logrus.WithFields(logrus.Fields{
 		"addrs":            *rt.Params.Addrs,
 		"diagnostic-addrs": *rt.Params.DiagnosticAddrs,
-		"insecure_addr":    rt.Params.InsecureAddr,
 	}).Info("Initializing server.")
 
 	if err := rt.Manager.Start(ctx); err != nil {
@@ -320,7 +315,6 @@ func (rt *Runtime) Serve(ctx context.Context) error {
 		WithCompilerErrorLimit(rt.Params.ErrorLimit).
 		WithPprofEnabled(rt.Params.PprofEnabled).
 		WithAddresses(*rt.Params.Addrs).
-		WithInsecureAddress(rt.Params.InsecureAddr).
 		WithH2CEnabled(rt.Params.H2CEnabled).
 		WithCertificate(rt.Params.Certificate).
 		WithCertPool(rt.Params.CertPool).

diff --git a/server/server.go b/server/server.go
@@ -93,7 +93,6 @@ type Server struct {
 	router                 *mux.Router
 	addrs                  []string
 	diagAddrs              []string
-	insecureAddr           string
 	h2cEnabled             bool
 	authentication         AuthenticationScheme
 	authorization          AuthorizationScheme
@@ -214,12 +213,6 @@ func (s *Server) WithDiagnosticAddresses(addrs []string) *Server {
 	return s
 }
 
-// WithInsecureAddress sets the listening address that the server will bind to.
-func (s *Server) WithInsecureAddress(addr string) *Server {
-	s.insecureAddr = addr
-	return s
-}
-
 // WithAuthentication sets authentication scheme to use on the server.
 func (s *Server) WithAuthentication(scheme AuthenticationScheme) *Server {
 	s.authentication = scheme
@@ -339,19 +332,6 @@ func (s *Server) Listeners() ([]Loop, error) {
 		}
 	}
 
-	if s.insecureAddr != "" {
-		parsedURL, err := parseURL(s.insecureAddr, false)
-		if err != nil {
-			return nil, err
-		}
-		loop, httpListener, err := s.getListenerForHTTPServer(parsedURL, s.Handler, defaultListenerType)
-		if err != nil {
-			return nil, err
-		}
-		s.httpListeners = append(s.httpListeners, httpListener)
-		loops = append(loops, loop)
-	}
-
 	return loops, nil
 }
 

diff --git a/test/e2e/h2c/h2c_test.go b/test/e2e/h2c/h2c_test.go
@@ -20,7 +20,6 @@ func TestMain(m *testing.M) {
 	testServerParams := e2e.NewAPIServerTestParams()
 	testServerParams.Addrs = &[]string{":0"}
 	testServerParams.DiagnosticAddrs = &[]string{":0"}
-	testServerParams.InsecureAddr = ":0"
 	testServerParams.H2CEnabled = true
 
 	var err error
@@ -45,7 +44,7 @@ func TestH2CHTTPListeners(t *testing.T) {
 
 	addrs := append(testRuntime.Runtime.Addrs(), testRuntime.Runtime.DiagnosticAddrs()...)
 
-	if expected, actual := 3, len(addrs); expected != actual {
+	if expected, actual := 2, len(addrs); expected != actual {
 		t.Fatalf("expected %d addresses, found %d", expected, actual)
 	}