Add HTTP health server (closes #115) #227
Conversation
Signed-off-by: Keegan Witt <keeganwitt@gmail.com>
|
I'm not sure if I did this the right way. We also might want more checks than I've implemented. |
|
Thanks @keeganwitt for submitting this. |
Signed-off-by: Keegan Witt <keeganwitt@gmail.com>
Signed-off-by: Keegan Witt <keeganwitt@gmail.com>
Signed-off-by: Keegan Witt <keeganwitt@gmail.com>
…k configs Signed-off-by: Keegan Witt <keeganwitt@gmail.com>
Signed-off-by: Keegan Witt <keeganwitt@gmail.com>
Error: can't load config: the Go language version (go1.22) used to build golangci-lint is lower than the targeted Go version (1.23.3) Signed-off-by: Keegan Witt <keeganwitt@gmail.com>
Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: Keegan Witt <keeganwitt@gmail.com>
Co-authored-by: Faisal Memon <fymemon@yahoo.com> Signed-off-by: Keegan Witt <keeganwitt@gmail.com>
Signed-off-by: Keegan Witt <keeganwitt@gmail.com>
| "github.com/spiffe/spiffe-helper/pkg/sidecar" | ||
| ) | ||
|
|
||
| func StartHealthServer(hclConfig *config.Config, log logrus.FieldLogger, sidecar *sidecar.Sidecar) error { |
There was a problem hiding this comment.
Rather than pass the full config here can we just take in the health check config? Can you create a Config struct in this directory and have main populate and pass that in here?
There was a problem hiding this comment.
If we did, we'd also need to pass DaemonMode as a separate argument.
There was a problem hiding this comment.
It can just be part of the same config struct
There was a problem hiding this comment.
So create a new HealthServerConfig struct?
Signed-off-by: Keegan Witt <keeganwitt@gmail.com>
Signed-off-by: Keegan Witt <keeganwitt@gmail.com>
Signed-off-by: Keegan Witt <keeganwitt@gmail.com>
| svidFile := path.Join(s.config.CertDir, s.config.SVIDFileName) | ||
| svidKeyFile := path.Join(s.config.CertDir, s.config.SVIDKeyFileName) | ||
| svidBundleFile := path.Join(s.config.CertDir, s.config.SVIDBundleFileName) | ||
| if err := disk.WriteX509Context(svidResponse, s.config.AddIntermediatesToBundle, s.config.IncludeFederatedDomains, s.config.CertDir, s.config.SVIDFileName, s.config.SVIDKeyFileName, s.config.SVIDBundleFileName, s.config.CertFileMode, s.config.KeyFileMode); err != nil { | ||
| s.config.Log.WithError(err).Error("Unable to dump bundle") | ||
| s.fileWritesSuccess[svidFile] = false | ||
| s.fileWritesSuccess[svidKeyFile] = false | ||
| s.fileWritesSuccess[svidBundleFile] = false | ||
| return | ||
| } | ||
| s.fileWritesSuccess[svidFile] = true | ||
| s.fileWritesSuccess[svidKeyFile] = true | ||
| s.fileWritesSuccess[svidBundleFile] = true |
There was a problem hiding this comment.
Everything here is either all true or all false. I think we can just consolidate to a single variable like x509WriteSuccess
There was a problem hiding this comment.
Are you proposing the JSON returned would no longer be a map of filenames to boolean, but instead something like
{
"x509WriteSuccess": true
"jwtWriteStatus": {
"file1.jwt": true,
"file2.jwt": false
}
}?
fixes #115