From 2694c82d97005ca39f29f540e26249c18a21f6d6 Mon Sep 17 00:00:00 2001 From: mo khan Date: Wed, 18 Jun 2025 17:11:42 -0600 Subject: refactor: switch to a pure rust implementation --- Makefile | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) (limited to 'Makefile') diff --git a/Makefile b/Makefile index 028279a6..ab0140fe 100644 --- a/Makefile +++ b/Makefile @@ -1,11 +1,17 @@ -default: install-tools - @mage -l - -install-tools: - @cargo install --keep-going cedar-policy-cli - @go install tool - @command -v cedar - @command -v mage - @command -v protoc-gen-go - @command -v protoc-gen-go-grpc - @command -v protoc-gen-twirp_ruby +PROJECT_NAME := $(shell basename $(shell pwd)) +GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD | sed 's/\//_/g') +IMAGE_TAG := $(PROJECT_NAME):$(GIT_BRANCH) + +.PHONY: clean run-image + +.PHONY: clean +clean: + @cargo clean + +.PHONY: build-image +build-image: + @docker build --no-cache --tag $(IMAGE_TAG) . + +.PHONY: run-image +run-image: build-image + @docker run --rm -p 50051:50051 -it $(IMAGE_TAG) -- cgit v1.2.3 From 1e9a769e5e4af4684967473f0844f66c3958432c Mon Sep 17 00:00:00 2001 From: mo khan Date: Wed, 18 Jun 2025 17:50:51 -0600 Subject: feat: register the health check service and the reflection service --- Cargo.lock | 37 +++++++++++++++++++++++++++++++++++++ Cargo.toml | 2 ++ Makefile | 4 ++++ mise.toml | 1 + src/main.rs | 12 +++++++++++- 5 files changed, 55 insertions(+), 1 deletion(-) (limited to 'Makefile') diff --git a/Cargo.lock b/Cargo.lock index 9f9300df..cfb0a9d7 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -47,6 +47,8 @@ dependencies = [ "envoy-types", "tokio", "tonic", + "tonic-health", + "tonic-reflection", ] [[package]] @@ -481,6 +483,15 @@ dependencies = [ "syn", ] +[[package]] +name = "prost-types" +version = "0.13.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "52c2c1bf36ddb1a1c396b3601a3cec27c2462e45f07c386894ec3ccf5332bd16" +dependencies = [ + "prost", +] + [[package]] name = "quote" version = "1.0.40" @@ -597,6 +608,7 @@ dependencies = [ "futures-core", "pin-project-lite", "tokio", + "tokio-util", ] [[package]] @@ -641,6 +653,31 @@ dependencies = [ "tracing", ] +[[package]] +name = "tonic-health" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb87334d340313fefa513b6e60794d44a86d5f039b523229c99c323e4e19ca4b" +dependencies = [ + "prost", + "tokio", + "tokio-stream", + "tonic", +] + +[[package]] +name = "tonic-reflection" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f9687bd5bfeafebdded2356950f278bba8226f0b32109537c4253406e09aafe1" +dependencies = [ + "prost", + "prost-types", + "tokio", + "tokio-stream", + "tonic", +] + [[package]] name = "tower" version = "0.5.2" diff --git a/Cargo.toml b/Cargo.toml index 5d71a4ae..fc79f61b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -7,3 +7,5 @@ edition = "2024" envoy-types = "0.6.0" tokio = { version = "1.0", features = ["macros", "rt-multi-thread"] } tonic = "*" +tonic-health = "0.13.1" +tonic-reflection = "0.13.1" diff --git a/Makefile b/Makefile index ab0140fe..62138427 100644 --- a/Makefile +++ b/Makefile @@ -15,3 +15,7 @@ build-image: .PHONY: run-image run-image: build-image @docker run --rm -p 50051:50051 -it $(IMAGE_TAG) + +.PHONY: health-check +health-check: + @grpcurl -plaintext localhost:50051 grpc.health.v1.Health/Check diff --git a/mise.toml b/mise.toml index 87a29b17..c466bc2b 100644 --- a/mise.toml +++ b/mise.toml @@ -1,5 +1,6 @@ [tools] cargo = "latest" +grpcurl = "latest" make = "latest" rust = "stable" yamlfmt = "latest" diff --git a/src/main.rs b/src/main.rs index f84dc08e..5af58aa0 100644 --- a/src/main.rs +++ b/src/main.rs @@ -34,9 +34,19 @@ impl Authorization for PolicyServer { #[tokio::main] async fn main() -> Result<(), Box> { let addr = "[::1]:50051".parse()?; - + let (health_reporter, health_service) = tonic_health::server::health_reporter(); + health_reporter + .set_serving::>() + .await; + + let reflection_service = tonic_reflection::server::Builder::configure() + .register_encoded_file_descriptor_set(tonic_health::pb::FILE_DESCRIPTOR_SET) + .build_v1() + .unwrap(); Server::builder() + .add_service(health_service) .add_service(AuthorizationServer::new(PolicyServer::default())) + .add_service(reflection_service) .serve(addr) .await?; -- cgit v1.2.3 From 594abe311e4dfbbcc477474561756bc5e5f0e539 Mon Sep 17 00:00:00 2001 From: mo khan Date: Wed, 18 Jun 2025 17:53:00 -0600 Subject: chore: add make target to list rpc services --- Makefile | 4 ++++ src/main.rs | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) (limited to 'Makefile') diff --git a/Makefile b/Makefile index 62138427..14254543 100644 --- a/Makefile +++ b/Makefile @@ -19,3 +19,7 @@ run-image: build-image .PHONY: health-check health-check: @grpcurl -plaintext localhost:50051 grpc.health.v1.Health/Check + +.PHONY: list-services +list-services: + @grpcurl -plaintext localhost:50051 list diff --git a/src/main.rs b/src/main.rs index 5af58aa0..05d57719 100644 --- a/src/main.rs +++ b/src/main.rs @@ -34,6 +34,7 @@ impl Authorization for PolicyServer { #[tokio::main] async fn main() -> Result<(), Box> { let addr = "[::1]:50051".parse()?; + let authorization_service = AuthorizationServer::new(PolicyServer::default()); let (health_reporter, health_service) = tonic_health::server::health_reporter(); health_reporter .set_serving::>() @@ -44,8 +45,8 @@ async fn main() -> Result<(), Box> { .build_v1() .unwrap(); Server::builder() + .add_service(authorization_service) .add_service(health_service) - .add_service(AuthorizationServer::new(PolicyServer::default())) .add_service(reflection_service) .serve(addr) .await?; -- cgit v1.2.3 From 7c433fcb79c09fa7f63ee0261205b738c7160feb Mon Sep 17 00:00:00 2001 From: mo khan Date: Wed, 25 Jun 2025 16:06:06 -0600 Subject: chore: add make targets --- Makefile | 45 +++++++++++++++++++++++++++++++++++++++------ 1 file changed, 39 insertions(+), 6 deletions(-) (limited to 'Makefile') diff --git a/Makefile b/Makefile index 14254543..c550ba62 100644 --- a/Makefile +++ b/Makefile @@ -2,24 +2,57 @@ PROJECT_NAME := $(shell basename $(shell pwd)) GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD | sed 's/\//_/g') IMAGE_TAG := $(PROJECT_NAME):$(GIT_BRANCH) -.PHONY: clean run-image +.PHONY: build check test run clean fmt lint doc +.PHONY: build-image run-image health-check list-services test-grpc + +# Cargo targets +build: + @cargo build + +check: + @cargo check + +test: + @cargo test + +run: + @cargo run -.PHONY: clean clean: @cargo clean -.PHONY: build-image +fmt: + @cargo fmt + +lint: + @cargo clippy -- -D warnings + +doc: + @cargo doc --open + +# Docker targets build-image: @docker build --no-cache --tag $(IMAGE_TAG) . -.PHONY: run-image run-image: build-image @docker run --rm -p 50051:50051 -it $(IMAGE_TAG) -.PHONY: health-check +# gRPC testing targets health-check: @grpcurl -plaintext localhost:50051 grpc.health.v1.Health/Check -.PHONY: list-services list-services: @grpcurl -plaintext localhost:50051 list + +test-grpc: + @echo "Testing authorization service with valid token..." + @grpcurl -plaintext \ + -d '{"attributes":{"request":{"http":{"headers":{"authorization":"Bearer valid-token"}}}}}' \ + localhost:50051 \ + envoy.service.auth.v3.Authorization/Check + @echo "" + @echo "Testing authorization service without token..." + @grpcurl -plaintext \ + -d '{"attributes":{"request":{"http":{"headers":{}}}}}' \ + localhost:50051 \ + envoy.service.auth.v3.Authorization/Check -- cgit v1.2.3 From c006ac2a676c87f8058e52701648eb24d94b480f Mon Sep 17 00:00:00 2001 From: mo khan Date: Thu, 26 Jun 2025 12:52:54 -0600 Subject: chore: remove test-grpc until we can have the proper protobuf files --- Makefile | 13 ------------- 1 file changed, 13 deletions(-) (limited to 'Makefile') diff --git a/Makefile b/Makefile index c550ba62..decb9a05 100644 --- a/Makefile +++ b/Makefile @@ -43,16 +43,3 @@ health-check: list-services: @grpcurl -plaintext localhost:50051 list - -test-grpc: - @echo "Testing authorization service with valid token..." - @grpcurl -plaintext \ - -d '{"attributes":{"request":{"http":{"headers":{"authorization":"Bearer valid-token"}}}}}' \ - localhost:50051 \ - envoy.service.auth.v3.Authorization/Check - @echo "" - @echo "Testing authorization service without token..." - @grpcurl -plaintext \ - -d '{"attributes":{"request":{"http":{"headers":{}}}}}' \ - localhost:50051 \ - envoy.service.auth.v3.Authorization/Check -- cgit v1.2.3 From f86aa3653c5b88586aa51e218865e62b030c045b Mon Sep 17 00:00:00 2001 From: mo khan Date: Fri, 27 Jun 2025 18:01:59 -0600 Subject: refactor: remove the reflection service --- Makefile | 3 --- src/authorization/server.rs | 6 ------ 2 files changed, 9 deletions(-) (limited to 'Makefile') diff --git a/Makefile b/Makefile index decb9a05..a134ae64 100644 --- a/Makefile +++ b/Makefile @@ -40,6 +40,3 @@ run-image: build-image # gRPC testing targets health-check: @grpcurl -plaintext localhost:50051 grpc.health.v1.Health/Check - -list-services: - @grpcurl -plaintext localhost:50051 list diff --git a/src/authorization/server.rs b/src/authorization/server.rs index 7c39b51c..2605bd54 100644 --- a/src/authorization/server.rs +++ b/src/authorization/server.rs @@ -16,12 +16,6 @@ impl Server { builder .add_service(AuthorizationServer::new(check_service)) .add_service(health_service) - .add_service( - tonic_reflection::server::Builder::configure() - .register_encoded_file_descriptor_set(tonic_health::pb::FILE_DESCRIPTOR_SET) - .build_v1() - .unwrap(), - ) })) } -- cgit v1.2.3