WSD API migration to gRPC#9
Conversation
|
|
||
| // Shutdown gracefully shuts down the server. | ||
| func (s *Server) Shutdown(ctx context.Context) error { | ||
| if s.grpcServer != nil { |
There was a problem hiding this comment.
We should also close the HTTP endpoint.
There was a problem hiding this comment.
We are doing s.httpServer.Shutdown below in the function.
atharvasaraf123
force-pushed
the
grpc
branch
2 times, most recently
from
65e1bc0 to
72cacbd
Compare
|
/gcbrun |
|
I see a few of the schema cloudbuild tests are failing, which means we are diverging from the current API behavior. Can you please check once. |
atharvasaraf123
force-pushed
the
grpc
branch
5 times, most recently
from
705ebd2 to
0ef665d
Compare
| return s, nil | ||
| } | ||
|
|
||
| func handleRoutingError(ctx context.Context, mux *runtime.ServeMux, marshaler runtime.Marshaler, w http.ResponseWriter, r *http.Request, httpStatus int) { |
There was a problem hiding this comment.
@NilanjanDaw @atulpatildbz do we also want to remove this check? If we remove this, then we will get a 501 (StatusNotImplemented) instead of 405 (StatusMethodNotAllowed).
| if err := protovalidate.Validate(req); err != nil { | ||
| return nil, status.Errorf(codes.InvalidArgument, "invalid request: %v", err) |
There was a problem hiding this comment.
Instead of a per-function validate call which will require us to manually add these checks, can we add a central validator to automatically validate everything?
Something like
// ValidationInterceptor validates incoming protobuf requests before they reach the handler.
func ValidationInterceptor(validator *protovalidate.Validator) grpc.UnaryServerInterceptor {
return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
if msg, ok := req.(proto.Message); ok {
if err := validator.Validate(msg); err != nil {
return nil, status.Errorf(codes.InvalidArgument, "validation failed: %v", err)
}
}
return handler(ctx, req)
}
}
and then wire it up in the newserver
// In NewServer:
validator, err := protovalidate.New()
if err != nil {
return nil, fmt.Errorf("failed to initialize protovalidate: %w", err)
}
grpcServer := grpc.NewServer(
grpc.UnaryInterceptor(ValidationInterceptor(validator)),
)
| if err := protovalidate.Validate(req); err != nil { | ||
| return nil, status.Errorf(codes.InvalidArgument, "invalid request: %v", err) | ||
| } | ||
| keys, _, err := s.keyProtectionService.EnumerateKEMKeys(ctx, 100, 0) |
There was a problem hiding this comment.
@atulpatildbz how is the limit and offset working here? does this mean we only return the first 100 keys?
2 participants
Migrates the Key Manager Daemon (WSD) from a manual REST-only HTTP multiplexer to a fully typed, high-performance Dual-Socket Architecture supporting both gRPC and REST JSON clients simultaneously using grpc-gateway.
Changes Made:
Dual Unix Domain Socket Support: The daemon now securely listens on two distinct endpoints (-grpc.sock and standard .sock), allowing native gRPC traffic to process without overhead while routing conventional REST requests via a reverse proxy.
Backward-Compatible JSON: Configured runtime.JSONPb with UseProtoNames: true to guarantee pristine snake_case key serialization matching legacy API outputs.
Robust Error & Validation Handling: Upgraded endpoint errors to status.Errorf to correctly map bad requests to HTTP 400/404 REST codes.
Changes in the API:
New Autogenerated files:
api_grpc.pb.go - Provided with RegisterWorkloadServiceServer
api.pb.gw.go - Provided with RegisterWorkloadServiceHandler
Testing:
Added UTs for GRPC apis
All existing UTs along with workload passes