Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
  • Loading branch information
vfarcic committed Jan 28, 2018
2 parents dc80ae9 + 3411e78 commit e3d54e2
Show file tree
Hide file tree
Showing 3 changed files with 105 additions and 12 deletions.
2 changes: 2 additions & 0 deletions docs/usage.md
Original file line number Diff line number Diff line change
Expand Up @@ -119,9 +119,11 @@ The map between the HTTP query parameters and environment variables is as follow
|compressionAlgo |COMPRESSION_ALGO |
|compressionType |COMPRESSION_TYPE |
|deniedMethods |DENIED_METHODS |
|denyHttp |DENY_HTTP |
|distribute |DISTRIBUTE |
|httpsOnly |HTTPS_ONLY |
|httpsPort |HTTPS_PORT |
|ignoreAuthorization |IGNORE_AUTHORIZATION |
|isDefaultBackend |IS_DEFAULT_BACKEND |
|outboundHostname |OUTBOUND_HOSTNAME |
|pathType |PATH_TYPE |
Expand Down
57 changes: 45 additions & 12 deletions server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -242,17 +242,11 @@ func (m *serve) getServiceFromEnvVars(prefix string) (proxy.Service, error) {
return proxy.Service{}, fmt.Errorf("%s_SERVICE_NAME is not set", prefix)
}
sd := []proxy.ServiceDest{}
path := []string{}
if len(os.Getenv(prefix+"_SERVICE_PATH")) > 0 {
path = strings.Split(os.Getenv(prefix+"_SERVICE_PATH"), ",")
}
path := getSliceFromString(os.Getenv(prefix+"_SERVICE_PATH"))
port := os.Getenv(prefix + "_PORT")
srcPort, _ := strconv.Atoi(os.Getenv(prefix + "_SRC_PORT"))
reqMode := os.Getenv(prefix + "_REQ_MODE")
domain := []string{}
if len(os.Getenv(prefix+"_SERVICE_DOMAIN")) > 0 {
domain = strings.Split(os.Getenv(prefix+"_SERVICE_DOMAIN"), ",")
}
domain := getSliceFromString(os.Getenv(prefix+"_SERVICE_DOMAIN"))
// TODO: Remove.
// It is a temporary workaround to maintain compatibility with the deprecated serviceDomainMatchAll parameter (since July 2017).
if len(s.ServiceDomainAlgo) == 0 && strings.EqualFold(os.Getenv(prefix+"_SERVICE_DOMAIN_MATCH_ALL"), "true") {
Expand All @@ -269,27 +263,42 @@ func (m *serve) getServiceFromEnvVars(prefix string) (proxy.Service, error) {
if len(reqPathSearchReplace) > 0 {
reqPathSearchReplaceFormatted = strings.Split(reqPathSearchReplace, ":")
}
allowedMethods := getSliceFromString(os.Getenv(prefix + "_ALLOWED_METHODS"))
deniedMethods := getSliceFromString(os.Getenv(prefix + "_DENIED_METHODS"))
redirectFromDomain := getSliceFromString(os.Getenv(prefix + "_REDIRECT_FROM_DOMAIN"))
servicePathExclude := getSliceFromString(os.Getenv(prefix + "_SERVICE_PATH_EXCLUDE"))
verifyClientSsl, _ := strconv.ParseBool(os.Getenv(prefix + "_SSL_VERIFY_NONE"))
denyHttp, _ := strconv.ParseBool(os.Getenv(prefix + "_DENY_HTTP"))
ignoreAuthorization, _ := strconv.ParseBool(os.Getenv(prefix + "_IGNORE_AUTHORIZATION"))

if len(path) > 0 || len(port) > 0 {
sd = append(
sd,
proxy.ServiceDest{
AllowedMethods: allowedMethods,
DeniedMethods: deniedMethods,
DenyHttp: denyHttp,
HttpsOnly: httpsOnly,
HttpsRedirectCode: httpsRedirectCode,
IgnoreAuthorization: ignoreAuthorization,
OutboundHostname: globalOutboundHostname,
Port: port,
RedirectFromDomain: redirectFromDomain,
ReqMode: reqMode,
ReqPathSearchReplace: reqPathSearchReplace,
ReqPathSearchReplaceFormatted: reqPathSearchReplaceFormatted,
ServiceDomain: domain,
ServicePath: path,
ServicePathExclude: servicePathExclude,
SrcPort: srcPort,
VerifyClientSsl: verifyClientSsl,
},
)
}
for i := 1; i <= 10; i++ {
domain := getSliceFromString(os.Getenv(fmt.Sprintf("%s_SERVICE_DOMAIN_%d", prefix, i)))
port := os.Getenv(fmt.Sprintf("%s_PORT_%d", prefix, i))
path := os.Getenv(fmt.Sprintf("%s_SERVICE_PATH_%d", prefix, i))
path := getSliceFromString(os.Getenv(fmt.Sprintf("%s_SERVICE_PATH_%d", prefix, i)))
reqMode := os.Getenv(fmt.Sprintf("%s_REQ_MODE_%d", prefix, i))
reqPathSearchReplace := os.Getenv(fmt.Sprintf("%s_REQ_PATH_SEARCH_REPLACE_%d", prefix, i))
reqPathSearchReplaceFormatted := []string{}
Expand All @@ -302,6 +311,13 @@ func (m *serve) getServiceFromEnvVars(prefix string) (proxy.Service, error) {
reqMode = "http"
}
srcPort, _ := strconv.Atoi(os.Getenv(fmt.Sprintf("%s_SRC_PORT_%d", prefix, i)))
allowedMethods := getSliceFromString(os.Getenv(fmt.Sprintf("%s_ALLOWED_METHODS_%d", prefix, i)))
deniedMethods := getSliceFromString(os.Getenv(fmt.Sprintf("%s_DENIED_METHODS_%d", prefix, i)))
redirectFromDomain := getSliceFromString(os.Getenv(fmt.Sprintf("%s_REDIRECT_FROM_DOMAIN_%d", prefix, i)))
servicePathExclude := getSliceFromString(os.Getenv(fmt.Sprintf("%s_SERVICE_PATH_EXCLUDE_%d", prefix, i)))
verifyClientSsl, _ := strconv.ParseBool(os.Getenv(fmt.Sprintf("%s_SSL_VERIFY_NONE_%d", prefix, i)))
denyHttp, _ := strconv.ParseBool(os.Getenv(fmt.Sprintf("%s_DENY_HTTP_%d", prefix, i)))
ignoreAuthorization, _ := strconv.ParseBool(os.Getenv(fmt.Sprintf("%s_IGNORE_AUTHORIZATION_%d", prefix, i)))
if len(path) > 0 && len(port) > 0 {
outboundHostname := os.Getenv(fmt.Sprintf("%s_OUTBOUND_HOSTNAME_%d", prefix, i))
if len(outboundHostname) == 0 {
Expand All @@ -310,15 +326,23 @@ func (m *serve) getServiceFromEnvVars(prefix string) (proxy.Service, error) {
sd = append(
sd,
proxy.ServiceDest{
AllowedMethods: allowedMethods,
DeniedMethods: deniedMethods,
DenyHttp: denyHttp,
HttpsOnly: httpsOnly,
HttpsRedirectCode: httpsRedirectCode,
IgnoreAuthorization: ignoreAuthorization,
OutboundHostname: outboundHostname,
Port: port,
RedirectFromDomain: redirectFromDomain,
ReqPathSearchReplace: reqPathSearchReplace,
ReqPathSearchReplaceFormatted: reqPathSearchReplaceFormatted,
SrcPort: srcPort,
ServicePath: strings.Split(path, ","),
ReqMode: reqMode,
ServiceDomain: domain,
SrcPort: srcPort,
ServicePath: path,
ServicePathExclude: servicePathExclude,
ReqMode: reqMode,
VerifyClientSsl: verifyClientSsl,
},
)
} else {
Expand Down Expand Up @@ -350,3 +374,12 @@ func (m *serve) writeInternalServerError(w http.ResponseWriter, resp *Response,
func (m *serve) hasPort(sd []proxy.ServiceDest) bool {
return len(sd) > 0 && len(sd[0].Port) > 0
}

func getSliceFromString(input string) []string {
separator := os.Getenv("SEPARATOR")
value := []string{}
if len(input) > 0 {
value = strings.Split(input, separator)
}
return value
}
58 changes: 58 additions & 0 deletions server/server_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -696,31 +696,44 @@ func (s *ServerTestSuite) Test_GetServicesFromEnvVars_ReturnsServices() {
ServicePath: []string{"my-path-11", "my-path-12"},
SrcPort: 1112,
ReqMode: "my-ReqMode",
AllowedMethods: []string{"GET", "POST"},
DeniedMethods: []string{"OPTION", "TRACE"},
RedirectFromDomain: []string{"proxy.dockerflow.com", "dockerflow.com"},
ServicePathExclude: []string{"some-path", "some-path2"},
VerifyClientSsl: true,
DenyHttp: true,
IgnoreAuthorization: true,
},
},
}
os.Setenv("DFP_SERVICE_ACL_NAME", service.AclName)
os.Setenv("DFP_SERVICE_ADD_REQ_HEADER", strings.Join(service.AddReqHeader, ","))
os.Setenv("DFP_SERVICE_ADD_RES_HEADER", strings.Join(service.AddResHeader, ","))
os.Setenv("DFP_SERVICE_ALLOWED_METHODS", strings.Join(service.ServiceDest[0].AllowedMethods, ","))
os.Setenv("DFP_SERVICE_COMPRESSION_ALGO", service.CompressionAlgo)
os.Setenv("DFP_SERVICE_COMPRESSION_TYPE", service.CompressionType)
os.Setenv("DFP_SERVICE_CONNECTION_MODE", service.ConnectionMode)
os.Setenv("DFP_SERVICE_DEL_REQ_HEADER", strings.Join(service.DelReqHeader, ","))
os.Setenv("DFP_SERVICE_DEL_RES_HEADER", strings.Join(service.DelResHeader, ","))
os.Setenv("DFP_SERVICE_DENIED_METHODS", strings.Join(service.ServiceDest[0].DeniedMethods, ","))
os.Setenv("DFP_SERVICE_DENY_HTTP", strconv.FormatBool(service.ServiceDest[0].DenyHttp))
os.Setenv("DFP_SERVICE_DISTRIBUTE", strconv.FormatBool(service.Distribute))
os.Setenv("DFP_SERVICE_HTTPS_ONLY", strconv.FormatBool(service.ServiceDest[0].HttpsOnly))
os.Setenv("DFP_SERVICE_HTTPS_REDIRECT_CODE", service.ServiceDest[0].HttpsRedirectCode)
os.Setenv("DFP_SERVICE_HTTPS_PORT", strconv.Itoa(service.HttpsPort))
os.Setenv("DFP_SERVICE_IGNORE_AUTHORIZATION", strconv.FormatBool(service.ServiceDest[0].IgnoreAuthorization))
os.Setenv("DFP_SERVICE_IS_DEFAULT_BACKEND", strconv.FormatBool(service.IsDefaultBackend))
os.Setenv("DFP_SERVICE_OUTBOUND_HOSTNAME", service.ServiceDest[0].OutboundHostname)
os.Setenv("DFP_SERVICE_PATH_TYPE", service.PathType)
os.Setenv("DFP_SERVICE_REDIRECT_FROM_DOMAIN", strings.Join(service.ServiceDest[0].RedirectFromDomain, ","))
os.Setenv("DFP_SERVICE_REDIRECT_WHEN_HTTP_PROTO", strconv.FormatBool(service.RedirectWhenHttpProto))
os.Setenv("DFP_SERVICE_REQ_MODE", service.ServiceDest[0].ReqMode)
os.Setenv("DFP_SERVICE_REQ_PATH_SEARCH_REPLACE", service.ServiceDest[0].ReqPathSearchReplace)
os.Setenv("DFP_SERVICE_SERVICE_CERT", service.ServiceCert)
os.Setenv("DFP_SERVICE_SERVICE_DOMAIN", strings.Join(service.ServiceDest[0].ServiceDomain, ","))
os.Setenv("DFP_SERVICE_SERVICE_DOMAIN_ALGO", service.ServiceDomainAlgo)
os.Setenv("DFP_SERVICE_SERVICE_NAME", service.ServiceName)
os.Setenv("DFP_SERVICE_SERVICE_PATH_EXCLUDE", strings.Join(service.ServiceDest[0].ServicePathExclude, ","))
os.Setenv("DFP_SERVICE_SSL_VERIFY_NONE", strconv.FormatBool(service.SslVerifyNone))
os.Setenv("DFP_SERVICE_TEMPLATE_BE_PATH", service.TemplateBePath)
os.Setenv("DFP_SERVICE_TEMPLATE_FE_PATH", service.TemplateFePath)
Expand All @@ -731,24 +744,30 @@ func (s *ServerTestSuite) Test_GetServicesFromEnvVars_ReturnsServices() {
os.Setenv("DFP_SERVICE_SET_REQ_HEADER", strings.Join(service.SetReqHeader, ","))
os.Setenv("DFP_SERVICE_SET_RES_HEADER", strings.Join(service.SetResHeader, ","))
os.Setenv("DFP_SERVICE_SRC_PORT", strconv.Itoa(service.ServiceDest[0].SrcPort))
os.Setenv("DFP_SERVICE_SSL_VERIFY_NONE", strconv.FormatBool(service.ServiceDest[0].VerifyClientSsl))

defer func() {
os.Unsetenv("DFP_SERVICE_ACL_NAME")
os.Unsetenv("DFP_SERVICE_ADD_REQ_HEADER")
os.Unsetenv("DFP_SERVICE_ADD_RES_HEADER")
os.Unsetenv("DFP_SERVICE_ALLOWED_METHODS")
os.Unsetenv("DFP_SERVICE_COMPRESSION_ALGO")
os.Unsetenv("DFP_SERVICE_COMPRESSION_TYPE")
os.Unsetenv("DFP_SERVICE_CONNECTION_MODE")
os.Unsetenv("DFP_SERVICE_DEL_REQ_HEADER")
os.Unsetenv("DFP_SERVICE_DEL_RES_HEADER")
os.Unsetenv("DFP_SERVICE_DENIED_METHODS")
os.Unsetenv("DFP_SERVICE_DENY_HTTP")
os.Unsetenv("DFP_SERVICE_DISTRIBUTE")
os.Unsetenv("DFP_SERVICE_HTTPS_ONLY")
os.Unsetenv("DFP_SERVICE_HTTPS_PORT")
os.Unsetenv("DFP_SERVICE_HTTPS_REDIRECT_CODE")
os.Unsetenv("DFP_SERVICE_IGNORE_AUTHORIZATION")
os.Unsetenv("DFP_SERVICE_IS_DEFAULT_BACKEND")
os.Unsetenv("DFP_SERVICE_OUTBOUND_HOSTNAME")
os.Unsetenv("DFP_SERVICE_PATH_TYPE")
os.Unsetenv("DFP_SERVICE_PORT")
os.Unsetenv("DFP_SERVICE_REDIRECT_FROM_DOMAIN")
os.Unsetenv("DFP_SERVICE_REDIRECT_WHEN_HTTP_PROTO")
os.Unsetenv("DFP_SERVICE_REQ_MODE")
os.Unsetenv("DFP_SERVICE_REQ_PATH_SEARCH_REPLACE")
Expand All @@ -757,10 +776,12 @@ func (s *ServerTestSuite) Test_GetServicesFromEnvVars_ReturnsServices() {
os.Unsetenv("DFP_SERVICE_SERVICE_DOMAIN_ALGO")
os.Unsetenv("DFP_SERVICE_SERVICE_NAME")
os.Unsetenv("DFP_SERVICE_SERVICE_PATH")
os.Unsetenv("DFP_SERVICE_SERVICE_PATH_EXCLUDE")
os.Unsetenv("DFP_SERVICE_SET_REQ_HEADER")
os.Unsetenv("DFP_SERVICE_SET_RES_HEADER")
os.Unsetenv("DFP_SERVICE_SRC_PORT")
os.Unsetenv("DFP_SERVICE_SSL_VERIFY_NONE")
os.Unsetenv("DFP_SERVICE_SSL_VERIFY_NONE")
os.Unsetenv("DFP_SERVICE_TEMPLATE_BE_PATH")
os.Unsetenv("DFP_SERVICE_TEMPLATE_FE_PATH")
os.Unsetenv("DFP_SERVICE_TIMEOUT_SERVER")
Expand All @@ -784,6 +805,10 @@ func (s *ServerTestSuite) Test_GetServicesFromEnvVars_SetsServiceDomainAlgoToHdr
ReqPathSearchReplaceFormatted: []string{},
ServiceDomain: []string{"my-domain-1.com", "my-domain-2.com"},
ServicePath: []string{"my-path-11", "my-path-12"},
AllowedMethods: []string{},
DeniedMethods: []string{},
RedirectFromDomain: []string{},
ServicePathExclude: []string{},
},
},
ServiceDomainAlgo: "hdr_dom(host)",
Expand Down Expand Up @@ -815,16 +840,29 @@ func (s *ServerTestSuite) Test_GetServicesFromEnvVars_ReturnsServicesWithIndexed
ReqPathSearchReplace: "/this,/that",
ReqPathSearchReplaceFormatted: []string{"/this,/that"},
ServicePath: []string{"my-path-11", "my-path-12"},
ServiceDomain: []string{"some-domain.com", "some-domain2.com"},
AllowedMethods: []string{},
DeniedMethods: []string{},
RedirectFromDomain: []string{},
ServicePathExclude: []string{},
SrcPort: 1112,
HttpsOnly: true,
}, {
Port: "2221",
ReqPathSearchReplace: "/something,/else",
ReqPathSearchReplaceFormatted: []string{"/something,/else"},
ServicePath: []string{"my-path-21", "my-path-22"},
ServiceDomain: []string{},
SrcPort: 2222,
HttpsOnly: false,
OutboundHostname: "my-outbound-domain.com",
AllowedMethods: []string{"GET", "POST"},
DeniedMethods: []string{"OPTION", "TRACE"},
RedirectFromDomain: []string{"proxy.dockerflow.com", "dockerflow.com"},
ServicePathExclude: []string{"some-path", "some-path2"},
VerifyClientSsl: true,
DenyHttp: true,
IgnoreAuthorization: true,
},
},
}
Expand All @@ -833,13 +871,21 @@ func (s *ServerTestSuite) Test_GetServicesFromEnvVars_ReturnsServicesWithIndexed
os.Setenv("DFP_SERVICE_PORT_1", expected.ServiceDest[0].Port)
os.Setenv("DFP_SERVICE_REQ_PATH_SEARCH_REPLACE_1", expected.ServiceDest[0].ReqPathSearchReplace)
os.Setenv("DFP_SERVICE_SERVICE_PATH_1", strings.Join(expected.ServiceDest[0].ServicePath, ","))
os.Setenv("DFP_SERVICE_SERVICE_DOMAIN_1", strings.Join(expected.ServiceDest[0].ServiceDomain, ","))
os.Setenv("DFP_SERVICE_SRC_PORT_1", strconv.Itoa(expected.ServiceDest[0].SrcPort))
os.Setenv("DFP_SERVICE_HTTPS_ONLY_2", "false")
os.Setenv("DFP_SERVICE_PORT_2", expected.ServiceDest[1].Port)
os.Setenv("DFP_SERVICE_REQ_PATH_SEARCH_REPLACE_2", expected.ServiceDest[1].ReqPathSearchReplace)
os.Setenv("DFP_SERVICE_SERVICE_PATH_2", strings.Join(expected.ServiceDest[1].ServicePath, ","))
os.Setenv("DFP_SERVICE_SRC_PORT_2", strconv.Itoa(expected.ServiceDest[1].SrcPort))
os.Setenv("DFP_SERVICE_OUTBOUND_HOSTNAME_2", expected.ServiceDest[1].OutboundHostname)
os.Setenv("DFP_SERVICE_ALLOWED_METHODS_2", strings.Join(expected.ServiceDest[1].AllowedMethods, ","))
os.Setenv("DFP_SERVICE_DENIED_METHODS_2", strings.Join(expected.ServiceDest[1].DeniedMethods, ","))
os.Setenv("DFP_SERVICE_REDIRECT_FROM_DOMAIN_2", strings.Join(expected.ServiceDest[1].RedirectFromDomain, ","))
os.Setenv("DFP_SERVICE_SERVICE_PATH_EXCLUDE_2", strings.Join(expected.ServiceDest[1].ServicePathExclude, ","))
os.Setenv("DFP_SERVICE_SSL_VERIFY_NONE_2", strconv.FormatBool(expected.ServiceDest[1].VerifyClientSsl))
os.Setenv("DFP_SERVICE_DENY_HTTP_2", strconv.FormatBool(expected.ServiceDest[1].DenyHttp))
os.Setenv("DFP_SERVICE_IGNORE_AUTHORIZATION_2", strconv.FormatBool(expected.ServiceDest[1].IgnoreAuthorization))

defer func() {
os.Unsetenv("DFP_SERVICE_SERVICE_NAME")
Expand All @@ -854,6 +900,14 @@ func (s *ServerTestSuite) Test_GetServicesFromEnvVars_ReturnsServicesWithIndexed
os.Unsetenv("DFP_SERVICE_SERVICE_PATH_2")
os.Unsetenv("DFP_SERVICE_SRC_PORT_2")
os.Unsetenv("DFP_SERVICE_OUTBOUND_HOSTNAME_2")
os.Unsetenv("DFP_SERVICE_ALLOWED_METHODS_2")
os.Unsetenv("DFP_SERVICE_DENIED_METHODS_2")
os.Unsetenv("DFP_SERVICE_REDIRECT_FROM_DOMAIN_2")
os.Unsetenv("DFP_SERVICE_SERVICE_PATH_EXCLUDE_2")
os.Unsetenv("DFP_SERVICE_SERVICE_DOMAIN_2")
os.Unsetenv("DFP_SERVICE_VERIFY_CLIENT_SSL_2")
os.Unsetenv("DFP_SERVICE_DENY_HTTP_2")
os.Unsetenv("DFP_SERVICE_IGNORE_AUTHORIZATION_2")
}()
srv := serve{}
actual := srv.GetServicesFromEnvVars()
Expand Down Expand Up @@ -882,6 +936,10 @@ func (s *ServerTestSuite) Test_GetServicesFromEnvVars_ReturnsMultipleServices()
ServicePath: []string{"my-path-11", "my-path-12"},
SrcPort: 1112,
ReqMode: "http",
AllowedMethods: []string{},
DeniedMethods: []string{},
RedirectFromDomain: []string{},
ServicePathExclude: []string{},
},
},
}
Expand Down

0 comments on commit e3d54e2

Please sign in to comment.