kube-arangodb/pkg/server/server.go

//
// DISCLAIMER
//
// Copyright 2016-2022 ArangoDB GmbH, Cologne, Germany
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// Copyright holder is ArangoDB GmbH, Cologne, Germany
//

package server

import (
	"context"
	"crypto/tls"
	"net/http"
	"strings"
	"time"

	operatorHTTP "github.com/arangodb/kube-arangodb/pkg/util/http"
	"github.com/arangodb/kube-arangodb/pkg/version"

	"github.com/arangodb/kube-arangodb/pkg/util/errors"

	"github.com/arangodb-helper/go-certificates"
	"github.com/gin-gonic/gin"
	"github.com/jessevdk/go-assets"
	prometheus "github.com/prometheus/client_golang/prometheus/promhttp"
	core "k8s.io/api/core/v1"
	meta "k8s.io/apimachinery/pkg/apis/meta/v1"
	corev1 "k8s.io/client-go/kubernetes/typed/core/v1"

	"github.com/arangodb/kube-arangodb/dashboard"
	"github.com/arangodb/kube-arangodb/pkg/util/probe"
)

// Config settings for the Server
type Config struct {
	Namespace          string
	Address            string // Address to listen on
	TLSSecretName      string // Name of secret containing TLS certificate
	TLSSecretNamespace string // Namespace of secret containing TLS certificate
	PodName            string // Name of the Pod we're running in
	PodIP              string // IP address of the Pod we're running in
	AdminSecretName    string // Name of basic authentication secret containing the admin username+password of the dashboard
	AllowAnonymous     bool   // If set, anonymous access to dashboard is allowed
}

type OperatorDependency struct {
	Enabled bool
	Probe   *probe.ReadyProbe
}

// Dependencies of the Server
type Dependencies struct {
	LivenessProbe         *probe.LivenessProbe
	Deployment            OperatorDependency
	DeploymentReplication OperatorDependency
	Storage               OperatorDependency
	Backup                OperatorDependency
	Apps                  OperatorDependency
	ClusterSync           OperatorDependency
	Operators             Operators
	Secrets               corev1.SecretInterface
}

// Operators is the API provided to the server for accessing the various operators.
type Operators interface {
	// Return the deployment operator (if any)
	DeploymentOperator() DeploymentOperator
	// Return the deployment replication operator (if any)
	DeploymentReplicationOperator() DeploymentReplicationOperator
	// Return the local storage operator (if any)
	StorageOperator() StorageOperator
	// FindOtherOperators looks up references to other operators in the same Kubernetes cluster.
	FindOtherOperators() []OperatorReference
}

// Server is the HTTPS server for the operator.
type Server struct {
	cfg        Config
	deps       Dependencies
	httpServer *http.Server
	auth       *serverAuthentication
}

// NewServer creates a new server, fetching/preparing a TLS certificate.
func NewServer(cli corev1.CoreV1Interface, cfg Config, deps Dependencies) (*Server, error) {
	httpServer := &http.Server{
		Addr:              cfg.Address,
		ReadTimeout:       time.Second * 30,
		ReadHeaderTimeout: time.Second * 15,
		WriteTimeout:      time.Second * 30,
		TLSNextProto:      make(map[string]func(*http.Server, *tls.Conn, http.Handler)),
	}

	var cert, key string
	if cfg.TLSSecretName != "" && cfg.TLSSecretNamespace != "" {
		// Load TLS certificate from secret
		s, err := cli.Secrets(cfg.TLSSecretNamespace).Get(context.Background(), cfg.TLSSecretName, meta.GetOptions{})
		if err != nil {
			return nil, errors.WithStack(err)
		}
		certBytes, found := s.Data[core.TLSCertKey]
		if !found {
			return nil, errors.WithStack(errors.Newf("No %s found in secret %s", core.TLSCertKey, cfg.TLSSecretName))
		}
		keyBytes, found := s.Data[core.TLSPrivateKeyKey]
		if !found {
			return nil, errors.WithStack(errors.Newf("No %s found in secret %s", core.TLSPrivateKeyKey, cfg.TLSSecretName))
		}
		cert = string(certBytes)
		key = string(keyBytes)
	} else {
		// Secret not specified, create our own TLS certificate
		options := certificates.CreateCertificateOptions{
			CommonName: cfg.PodName,
			Hosts:      []string{cfg.PodName, cfg.PodIP},
			ValidFrom:  time.Now(),
			ValidFor:   time.Hour * 24 * 365 * 10,
			IsCA:       false,
			ECDSACurve: "P256",
		}
		var err error
		cert, key, err = certificates.CreateCertificate(options, nil)
		if err != nil {
			return nil, errors.WithStack(err)
		}
	}
	tlsConfig, err := createTLSConfig(cert, key)
	if err != nil {
		return nil, errors.WithStack(err)
	}
	tlsConfig.BuildNameToCertificate()
	httpServer.TLSConfig = tlsConfig

	// Builder server
	s := &Server{
		cfg:        cfg,
		deps:       deps,
		httpServer: httpServer,
		auth:       newServerAuthentication(deps.Secrets, cfg.AdminSecretName, cfg.AllowAnonymous),
	}

	// Build router
	gin.SetMode(gin.ReleaseMode)
	r := gin.New()
	r.Use(gin.Recovery())
	r.GET("/health", gin.WrapF(deps.LivenessProbe.LivenessHandler))

	versionV1Responser, err := operatorHTTP.NewSimpleJSONResponse(version.GetVersionV1())
	if err != nil {
		return nil, errors.WithStack(err)
	}
	r.GET("/_api/version", gin.WrapF(versionV1Responser.ServeHTTP))
	r.GET("/api/v1/version", gin.WrapF(versionV1Responser.ServeHTTP))

	var readyProbes []*probe.ReadyProbe
	if deps.Deployment.Enabled {
		r.GET("/ready/deployment", gin.WrapF(deps.Deployment.Probe.ReadyHandler))
		readyProbes = append(readyProbes, deps.Deployment.Probe)
	}
	if deps.DeploymentReplication.Enabled {
		r.GET("/ready/deployment-replication", gin.WrapF(deps.DeploymentReplication.Probe.ReadyHandler))
		readyProbes = append(readyProbes, deps.DeploymentReplication.Probe)
	}
	if deps.Storage.Enabled {
		r.GET("/ready/storage", gin.WrapF(deps.Storage.Probe.ReadyHandler))
		readyProbes = append(readyProbes, deps.Storage.Probe)
	}
	r.GET("/ready", gin.WrapF(ready(readyProbes...)))
	r.GET("/metrics", gin.WrapH(prometheus.Handler()))
	r.POST("/login", s.auth.handleLogin)
	api := r.Group("/api", s.auth.checkAuthentication)
	{
		api.GET("/operators", s.handleGetOperators)

		// Deployment operator
		api.GET("/deployment", s.handleGetDeployments)
		api.GET("/deployment/:name", s.handleGetDeploymentDetails)

		// Deployment replication operator
		api.GET("/deployment-replication", s.handleGetDeploymentReplications)
		api.GET("/deployment-replication/:name", s.handleGetDeploymentReplicationDetails)

		// Local storage operator
		api.GET("/storage", s.handleGetLocalStorages)
		api.GET("/storage/:name", s.handleGetLocalStorageDetails)
	}
	// Dashboard
	r.GET("/", createAssetFileHandler(dashboard.Assets.Files["index.html"]))
	for path, file := range dashboard.Assets.Files {
		localPath := "/" + strings.TrimPrefix(path, "/")
		r.GET(localPath, createAssetFileHandler(file))
	}
	httpServer.Handler = r

	return s, nil
}

// createAssetFileHandler creates a gin handler to serve the content
// of the given asset file.
func createAssetFileHandler(file *assets.File) func(c *gin.Context) {
	return func(c *gin.Context) {
		http.ServeContent(c.Writer, c.Request, file.Name(), file.ModTime(), file)
	}
}

// Run the server until the program stops.
func (s *Server) Run() error {
	serverLogger.Info("Serving on %s", s.httpServer.Addr)
	if err := s.httpServer.ListenAndServeTLS("", ""); err != nil && err != http.ErrServerClosed {
		return errors.WithStack(err)
	}
	return nil
}

// createTLSConfig creates a TLS config based on given config
func createTLSConfig(cert, key string) (*tls.Config, error) {
	var result *tls.Config
	c, err := tls.X509KeyPair([]byte(cert), []byte(key))
	if err != nil {
		return nil, errors.WithStack(err)
	}
	result = &tls.Config{
		Certificates: []tls.Certificate{c},
	}
	return result, nil
}

func ready(probes ...*probe.ReadyProbe) func(w http.ResponseWriter, r *http.Request) {
	return func(w http.ResponseWriter, r *http.Request) {
		for _, probe := range probes {
			if !probe.IsReady() {
				w.WriteHeader(http.StatusInternalServerError)
				return
			}
		}

		w.WriteHeader(http.StatusOK)
	}
}
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`//`
			`// DISCLAIMER`
			`//`
[License] Update to 2022 (#883) 2022-01-10 11:35:49 +00:00			`// Copyright 2016-2022 ArangoDB GmbH, Cologne, Germany`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`//`
			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// http://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`
			`//`
			`// Copyright holder is ArangoDB GmbH, Cologne, Germany`
			`//`

			`package server`

			`import (`
[Feature] Switch k8s to 1.19 (#701) 2021-03-23 15:47:28 +00:00			`"context"`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`"crypto/tls"`
			`"net/http"`
Serve dashboard directly from embedded asset 2018-07-02 12:58:06 +00:00			`"strings"`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`"time"`

[Feature] Version Endpoint (#752) 2021-07-08 10:11:39 +00:00			`operatorHTTP "github.com/arangodb/kube-arangodb/pkg/util/http"`
			`"github.com/arangodb/kube-arangodb/pkg/version"`

Standardize error handling (#680) 2021-01-08 14:35:38 +00:00			`"github.com/arangodb/kube-arangodb/pkg/util/errors"`

Change custom templates to Helm charts (#445) 2019-09-23 07:00:10 +00:00			`"github.com/arangodb-helper/go-certificates"`
Use gin as HTTP server framework 2018-07-02 07:54:19 +00:00			`"github.com/gin-gonic/gin"`
Change custom templates to Helm charts (#445) 2019-09-23 07:00:10 +00:00			`"github.com/jessevdk/go-assets"`
ArangoSync-Client (#408) * Removed vendored directory. Use arangosync-client repo instead. * Use tag instead of commit. * Updated prometheur client_go to v1. 2019-07-08 09:49:32 +00:00			`prometheus "github.com/prometheus/client_golang/prometheus/promhttp"`
Arango Backup support in Operator (#438) 2019-09-27 11:04:23 +00:00			`core "k8s.io/api/core/v1"`
[Linter] Unify imports (#1042) 2022-06-30 18:39:07 +00:00			`meta "k8s.io/apimachinery/pkg/apis/meta/v1"`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`corev1 "k8s.io/client-go/kubernetes/typed/core/v1"`
Use gin as HTTP server framework 2018-07-02 07:54:19 +00:00
Serve dashboard directly from embedded asset 2018-07-02 12:58:06 +00:00			`"github.com/arangodb/kube-arangodb/dashboard"`
Use gin as HTTP server framework 2018-07-02 07:54:19 +00:00			`"github.com/arangodb/kube-arangodb/pkg/util/probe"`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`)`

			`// Config settings for the Server`
			`type Config struct {`
Dashboard UI 2018-07-02 16:24:42 +00:00			`Namespace string`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`Address string // Address to listen on`
			`TLSSecretName string // Name of secret containing TLS certificate`
			`TLSSecretNamespace string // Namespace of secret containing TLS certificate`
			`PodName string // Name of the Pod we're running in`
			`PodIP string // IP address of the Pod we're running in`
Added authentication 2018-07-06 10:44:43 +00:00			`AdminSecretName string // Name of basic authentication secret containing the admin username+password of the dashboard`
			`AllowAnonymous bool // If set, anonymous access to dashboard is allowed`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`}`

Change custom templates to Helm charts (#445) 2019-09-23 07:00:10 +00:00			`type OperatorDependency struct {`
			`Enabled bool`
FEATURE/fix-linter-issues (#529) 2020-03-10 09:26:38 +00:00			`Probe *probe.ReadyProbe`
Change custom templates to Helm charts (#445) 2019-09-23 07:00:10 +00:00			`}`

Use gin as HTTP server framework 2018-07-02 07:54:19 +00:00			`// Dependencies of the Server`
			`type Dependencies struct {`
Change custom templates to Helm charts (#445) 2019-09-23 07:00:10 +00:00			`LivenessProbe *probe.LivenessProbe`
			`Deployment OperatorDependency`
			`DeploymentReplication OperatorDependency`
			`Storage OperatorDependency`
Arango Backup support in Operator (#438) 2019-09-27 11:04:23 +00:00			`Backup OperatorDependency`
ArangoJob controller (#874) 2021-12-31 11:38:53 +00:00			`Apps OperatorDependency`
[Feature] ArangoClusterSynchronization controller (TG-190) (#876) * [Feature] ArangoClusterSynchronization controller (TG-190) * helm chart * Fix model 2022-01-06 20:27:01 +00:00			`ClusterSync OperatorDependency`
Change custom templates to Helm charts (#445) 2019-09-23 07:00:10 +00:00			`Operators Operators`
			`Secrets corev1.SecretInterface`
Creating daskboard web-app 2018-07-02 10:40:32 +00:00			`}`

			`// Operators is the API provided to the server for accessing the various operators.`
			`type Operators interface {`
			`// Return the deployment operator (if any)`
			`DeploymentOperator() DeploymentOperator`
Adding deployment-replication dashboard 2018-07-10 10:01:09 +00:00			`// Return the deployment replication operator (if any)`
			`DeploymentReplicationOperator() DeploymentReplicationOperator`
Adding local storage dashboard 2018-07-09 09:05:31 +00:00			`// Return the local storage operator (if any)`
			`StorageOperator() StorageOperator`
Add links to other operators in dashboard menu 2018-07-11 10:28:34 +00:00			`// FindOtherOperators looks up references to other operators in the same Kubernetes cluster.`
			`FindOtherOperators() []OperatorReference`
Use gin as HTTP server framework 2018-07-02 07:54:19 +00:00			`}`

Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`// Server is the HTTPS server for the operator.`
			`type Server struct {`
Dashboard UI 2018-07-02 16:24:42 +00:00			`cfg Config`
Use gin as HTTP server framework 2018-07-02 07:54:19 +00:00			`deps Dependencies`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`httpServer *http.Server`
Added authentication 2018-07-06 10:44:43 +00:00			`auth *serverAuthentication`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`}`

			`// NewServer creates a new server, fetching/preparing a TLS certificate.`
Use gin as HTTP server framework 2018-07-02 07:54:19 +00:00			`func NewServer(cli corev1.CoreV1Interface, cfg Config, deps Dependencies) (*Server, error) {`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`httpServer := &http.Server{`
			`Addr: cfg.Address,`
			`ReadTimeout: time.Second * 30,`
			`ReadHeaderTimeout: time.Second * 15,`
			`WriteTimeout: time.Second * 30,`
			`TLSNextProto: make(map[string]func(http.Server, tls.Conn, http.Handler)),`
			`}`

			`var cert, key string`
			`if cfg.TLSSecretName != "" && cfg.TLSSecretNamespace != "" {`
			`// Load TLS certificate from secret`
[Linter] Unify imports (#1042) 2022-06-30 18:39:07 +00:00			`s, err := cli.Secrets(cfg.TLSSecretNamespace).Get(context.Background(), cfg.TLSSecretName, meta.GetOptions{})`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`if err != nil {`
Standardize error handling (#680) 2021-01-08 14:35:38 +00:00			`return nil, errors.WithStack(err)`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`}`
Arango Backup support in Operator (#438) 2019-09-27 11:04:23 +00:00			`certBytes, found := s.Data[core.TLSCertKey]`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`if !found {`
Standardize error handling (#680) 2021-01-08 14:35:38 +00:00			`return nil, errors.WithStack(errors.Newf("No %s found in secret %s", core.TLSCertKey, cfg.TLSSecretName))`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`}`
Arango Backup support in Operator (#438) 2019-09-27 11:04:23 +00:00			`keyBytes, found := s.Data[core.TLSPrivateKeyKey]`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`if !found {`
Standardize error handling (#680) 2021-01-08 14:35:38 +00:00			`return nil, errors.WithStack(errors.Newf("No %s found in secret %s", core.TLSPrivateKeyKey, cfg.TLSSecretName))`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`}`
			`cert = string(certBytes)`
			`key = string(keyBytes)`
			`} else {`
			`// Secret not specified, create our own TLS certificate`
			`options := certificates.CreateCertificateOptions{`
			`CommonName: cfg.PodName,`
			`Hosts: []string{cfg.PodName, cfg.PodIP},`
			`ValidFrom: time.Now(),`
			`ValidFor: time.Hour * 24 * 365 * 10,`
			`IsCA: false,`
			`ECDSACurve: "P256",`
			`}`
			`var err error`
			`cert, key, err = certificates.CreateCertificate(options, nil)`
			`if err != nil {`
Standardize error handling (#680) 2021-01-08 14:35:38 +00:00			`return nil, errors.WithStack(err)`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`}`
			`}`
			`tlsConfig, err := createTLSConfig(cert, key)`
			`if err != nil {`
Standardize error handling (#680) 2021-01-08 14:35:38 +00:00			`return nil, errors.WithStack(err)`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`}`
			`tlsConfig.BuildNameToCertificate()`
			`httpServer.TLSConfig = tlsConfig`

Creating daskboard web-app 2018-07-02 10:40:32 +00:00			`// Builder server`
			`s := &Server{`
Dashboard UI 2018-07-02 16:24:42 +00:00			`cfg: cfg,`
Creating daskboard web-app 2018-07-02 10:40:32 +00:00			`deps: deps,`
			`httpServer: httpServer,`
[Feature] Unify logging system (#1007) 2022-06-14 07:26:07 +00:00			`auth: newServerAuthentication(deps.Secrets, cfg.AdminSecretName, cfg.AllowAnonymous),`
Creating daskboard web-app 2018-07-02 10:40:32 +00:00			`}`

Use gin as HTTP server framework 2018-07-02 07:54:19 +00:00			`// Build router`
Disabled debug mode of gin to remove confusing log message. 2019-07-08 13:41:29 +00:00			`gin.SetMode(gin.ReleaseMode)`
Use gin as HTTP server framework 2018-07-02 07:54:19 +00:00			`r := gin.New()`
			`r.Use(gin.Recovery())`
			`r.GET("/health", gin.WrapF(deps.LivenessProbe.LivenessHandler))`
Change custom templates to Helm charts (#445) 2019-09-23 07:00:10 +00:00
[Feature] Version Endpoint (#752) 2021-07-08 10:11:39 +00:00			`versionV1Responser, err := operatorHTTP.NewSimpleJSONResponse(version.GetVersionV1())`
			`if err != nil {`
			`return nil, errors.WithStack(err)`
			`}`
			`r.GET("/_api/version", gin.WrapF(versionV1Responser.ServeHTTP))`
			`r.GET("/api/v1/version", gin.WrapF(versionV1Responser.ServeHTTP))`

Change custom templates to Helm charts (#445) 2019-09-23 07:00:10 +00:00			`var readyProbes []*probe.ReadyProbe`
			`if deps.Deployment.Enabled {`
			`r.GET("/ready/deployment", gin.WrapF(deps.Deployment.Probe.ReadyHandler))`
			`readyProbes = append(readyProbes, deps.Deployment.Probe)`
			`}`
			`if deps.DeploymentReplication.Enabled {`
			`r.GET("/ready/deployment-replication", gin.WrapF(deps.DeploymentReplication.Probe.ReadyHandler))`
			`readyProbes = append(readyProbes, deps.DeploymentReplication.Probe)`
			`}`
			`if deps.Storage.Enabled {`
			`r.GET("/ready/storage", gin.WrapF(deps.Storage.Probe.ReadyHandler))`
			`readyProbes = append(readyProbes, deps.Storage.Probe)`
			`}`
			`r.GET("/ready", gin.WrapF(ready(readyProbes...)))`
Use gin as HTTP server framework 2018-07-02 07:54:19 +00:00			`r.GET("/metrics", gin.WrapH(prometheus.Handler()))`
Added authentication 2018-07-06 10:44:43 +00:00			`r.POST("/login", s.auth.handleLogin)`
			`api := r.Group("/api", s.auth.checkAuthentication)`
Creating daskboard web-app 2018-07-02 10:40:32 +00:00			`{`
			`api.GET("/operators", s.handleGetOperators)`

			`// Deployment operator`
			`api.GET("/deployment", s.handleGetDeployments)`
Adding deployment details view 2018-07-05 15:16:36 +00:00			`api.GET("/deployment/:name", s.handleGetDeploymentDetails)`
Adding local storage dashboard 2018-07-09 09:05:31 +00:00
Adding deployment-replication dashboard 2018-07-10 10:01:09 +00:00			`// Deployment replication operator`
			`api.GET("/deployment-replication", s.handleGetDeploymentReplications)`
			`api.GET("/deployment-replication/:name", s.handleGetDeploymentReplicationDetails)`

Adding local storage dashboard 2018-07-09 09:05:31 +00:00			`// Local storage operator`
			`api.GET("/storage", s.handleGetLocalStorages)`
			`api.GET("/storage/:name", s.handleGetLocalStorageDetails)`
Creating daskboard web-app 2018-07-02 10:40:32 +00:00			`}`
Serve dashboard directly from embedded asset 2018-07-02 12:58:06 +00:00			`// Dashboard`
Improving getters 2018-07-02 13:41:44 +00:00			`r.GET("/", createAssetFileHandler(dashboard.Assets.Files["index.html"]))`
Serve dashboard directly from embedded asset 2018-07-02 12:58:06 +00:00			`for path, file := range dashboard.Assets.Files {`
			`localPath := "/" + strings.TrimPrefix(path, "/")`
Improving getters 2018-07-02 13:41:44 +00:00			`r.GET(localPath, createAssetFileHandler(file))`
Serve dashboard directly from embedded asset 2018-07-02 12:58:06 +00:00			`}`
Use gin as HTTP server framework 2018-07-02 07:54:19 +00:00			`httpServer.Handler = r`

Creating daskboard web-app 2018-07-02 10:40:32 +00:00			`return s, nil`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`}`

Improving getters 2018-07-02 13:41:44 +00:00			`// createAssetFileHandler creates a gin handler to serve the content`
			`// of the given asset file.`
			`func createAssetFileHandler(file assets.File) func(c gin.Context) {`
			`return func(c *gin.Context) {`
			`http.ServeContent(c.Writer, c.Request, file.Name(), file.ModTime(), file)`
			`}`
Serve dashboard directly from embedded asset 2018-07-02 12:58:06 +00:00			`}`

Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`// Run the server until the program stops.`
			`func (s *Server) Run() error {`
[Feature] Unify logging system (#1007) 2022-06-14 07:26:07 +00:00			`serverLogger.Info("Serving on %s", s.httpServer.Addr)`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`if err := s.httpServer.ListenAndServeTLS("", ""); err != nil && err != http.ErrServerClosed {`
Standardize error handling (#680) 2021-01-08 14:35:38 +00:00			`return errors.WithStack(err)`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`}`
			`return nil`
			`}`

			`// createTLSConfig creates a TLS config based on given config`
			`func createTLSConfig(cert, key string) (*tls.Config, error) {`
			`var result *tls.Config`
			`c, err := tls.X509KeyPair([]byte(cert), []byte(key))`
			`if err != nil {`
Standardize error handling (#680) 2021-01-08 14:35:38 +00:00			`return nil, errors.WithStack(err)`
Replace HTTP server with HTTPS server 2018-04-05 11:46:04 +00:00			`}`
			`result = &tls.Config{`
			`Certificates: []tls.Certificate{c},`
			`}`
			`return result, nil`
			`}`
Change custom templates to Helm charts (#445) 2019-09-23 07:00:10 +00:00
FEATURE/fix-linter-issues (#529) 2020-03-10 09:26:38 +00:00			`func ready(probes ...probe.ReadyProbe) func(w http.ResponseWriter, r http.Request) {`
Change custom templates to Helm charts (#445) 2019-09-23 07:00:10 +00:00			`return func(w http.ResponseWriter, r *http.Request) {`
FEATURE/fix-linter-issues (#529) 2020-03-10 09:26:38 +00:00			`for _, probe := range probes {`
Change custom templates to Helm charts (#445) 2019-09-23 07:00:10 +00:00			`if !probe.IsReady() {`
			`w.WriteHeader(http.StatusInternalServerError)`
			`return`
			`}`
			`}`

			`w.WriteHeader(http.StatusOK)`
			`}`
FEATURE/fix-linter-issues (#529) 2020-03-10 09:26:38 +00:00			`}`