yarpc-go icon indicating copy to clipboard operation
yarpc-go copied to clipboard

Published 20 hours ago verified publisher icon yarpc

[7/n] tls: integrate http outbound tls

Open jronak opened this issue 2 years ago • 1 comments

HTTP outbounds can be configured with client-provided TLS config via the OutboundTLSConfigProvider interface. Services can configure the outbound TLS like:

yarpc:
  outbounds:
    test-svc:
      http:
         url: http://127.0.0.1:5453
         tls:
           mode: enforced
           spiffe-ids:
             - spiffe-id-1

Spiffe-ids provided in the config above are passed to OutboundTLSConfigProvider.ClientTLSConfig to fetch the client TLS config for the outbound. This PR also exposes the following HTTP options:

  • OutboundTLSConfigProvider - accepts outbound tls config provider instance
  • OutboundTLSConfiguration - accepts outbound tls config used in the HTTP client
  • OutboundDestinationServiceName - accepts the name of the outbound which is used in the tls dialer metrics dest tag

For reviews, follow this order:

  • transport/http/config.go
  • transport/http/outbound.go

jronak avatar Oct 07 '22 17:10 jronak

Codecov Report

Base: 85.24% // Head: 85.29% // Increases project coverage by +0.04% :tada:

Coverage data is based on head (b811268) compared to base (da5de09). Patch coverage: 96.49% of modified lines in pull request are covered.

Additional details and impacted files 
@@            Coverage Diff             @@
##              dev    #2177      +/-   ##
==========================================
+ Coverage   85.24%   85.29%   +0.04%     
==========================================
  Files         269      269              
  Lines       15353    15397      +44     
==========================================
+ Hits        13088    13133      +45     
+ Misses       1845     1843       -2     
- Partials      420      421       +1
Impacted Files Coverage Δ
transport/http/outbound.go 92.03% <92.00%> (-0.06%) :arrow_down:
transport/http/config.go 95.74% <100.00%> (+0.93%) :arrow_up:
transport/http/transport.go 93.52% <100.00%> (+0.19%) :arrow_up:
transport/tchannel/peer.go 96.05% <0.00%> (-1.32%) :arrow_down:
transport/http/peer.go 97.14% <0.00%> (+1.90%) :arrow_up:
transport/internal/tls/muxlistener/listener.go 95.91% <0.00%> (+2.04%) :arrow_up:

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

:umbrella: View full report at Codecov.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.

codecov[bot] avatar Oct 07 '22 17:10 codecov[bot]