|
1 | 1 | package main |
2 | 2 |
|
3 | | -// func main() { |
4 | | -// logger := worker.BuildLogger() |
5 | | -// logger.Info("Registering default domain for cadence-vishwa with TLS...") |
6 | | - |
7 | | -// withTLSDialOption, err := buildTLSDialOption() |
8 | | -// if err != nil { |
9 | | -// logger.Fatal("Failed to build TLS dial option", zap.Error(err)) |
10 | | -// } |
11 | | - |
12 | | -// cadenceClient := worker.BuildCadenceClient(withTLSDialOption) |
13 | | - |
14 | | -// // Register the domain |
15 | | -// domain := "default" |
16 | | -// retentionDays := int32(7) |
17 | | -// emitMetric := true |
18 | | - |
19 | | -// req := &shared.RegisterDomainRequest{ |
20 | | -// Name: &domain, |
21 | | -// Description: stringPtr("Default domain for cadence samples"), |
22 | | -// WorkflowExecutionRetentionPeriodInDays: &retentionDays, |
23 | | -// EmitMetric: &emitMetric, |
24 | | -// } |
25 | | - |
26 | | -// ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) |
27 | | -// defer cancel() |
28 | | - |
29 | | -// err = cadenceClient.RegisterDomain(ctx, req) |
30 | | -// if err != nil { |
31 | | -// // Check if domain already exists |
32 | | -// if _, ok := err.(*shared.DomainAlreadyExistsError); ok { |
33 | | -// logger.Info("Domain already exists", zap.String("domain", domain)) |
34 | | -// return |
35 | | -// } |
36 | | -// logger.Fatal("Failed to register domain", zap.Error(err)) |
37 | | -// } |
38 | | - |
39 | | -// logger.Info("Successfully registered domain", zap.String("domain", domain)) |
40 | | -// } |
41 | | - |
42 | | -// func buildTLSDialOption() (grpc.DialOption, error) { |
43 | | -// // Load client certificate |
44 | | -// clientCert, err := tls.LoadX509KeyPair("credentials/client.crt", "credentials/client.key") |
45 | | -// if err != nil { |
46 | | -// return nil, fmt.Errorf("failed to load client certificate: %w", err) |
47 | | -// } |
48 | | - |
49 | | -// // Load server CA |
50 | | -// caCert, err := os.ReadFile("credentials/keytest.crt") |
51 | | -// if err != nil { |
52 | | -// return nil, fmt.Errorf("failed to load server CA certificate: %w", err) |
53 | | -// } |
54 | | - |
55 | | -// caCertPool := x509.NewCertPool() |
56 | | -// if !caCertPool.AppendCertsFromPEM(caCert) { |
57 | | -// return nil, fmt.Errorf("failed to append CA certificate") |
58 | | -// } |
59 | | - |
60 | | -// tlsConfig := &tls.Config{ |
61 | | -// InsecureSkipVerify: true, |
62 | | -// RootCAs: caCertPool, |
63 | | -// Certificates: []tls.Certificate{clientCert}, |
64 | | -// MinVersion: tls.VersionTLS12, |
65 | | -// } |
66 | | - |
67 | | -// creds := credentials.NewTLS(tlsConfig) |
68 | | -// return grpc.DialerCredentials(creds), nil |
69 | | -// } |
70 | | - |
71 | | -// func stringPtr(s string) *string { |
72 | | -// return &s |
73 | | -// } |
| 3 | +import ( |
| 4 | + "context" |
| 5 | + "crypto/tls" |
| 6 | + "crypto/x509" |
| 7 | + "fmt" |
| 8 | + "os" |
| 9 | + "time" |
| 10 | + |
| 11 | + "github.com/uber-common/cadence-samples/new_samples/worker" |
| 12 | + "go.uber.org/cadence/.gen/go/shared" |
| 13 | + "go.uber.org/yarpc/transport/grpc" |
| 14 | + "go.uber.org/zap" |
| 15 | + "google.golang.org/grpc/credentials" |
| 16 | +) |
| 17 | + |
| 18 | +func main() { |
| 19 | + logger := worker.BuildLogger() |
| 20 | + logger.Info("Registering default domain for cadence-vishwa with TLS...") |
| 21 | + |
| 22 | + withTLSDialOption, err := buildTLSDialOption() |
| 23 | + if err != nil { |
| 24 | + logger.Fatal("Failed to build TLS dial option", zap.Error(err)) |
| 25 | + } |
| 26 | + |
| 27 | + cadenceClient := worker.BuildCadenceClient(withTLSDialOption) |
| 28 | + |
| 29 | + // Register the domain |
| 30 | + domain := "default" |
| 31 | + retentionDays := int32(7) |
| 32 | + emitMetric := true |
| 33 | + |
| 34 | + req := &shared.RegisterDomainRequest{ |
| 35 | + Name: &domain, |
| 36 | + Description: stringPtr("Default domain for cadence samples"), |
| 37 | + WorkflowExecutionRetentionPeriodInDays: &retentionDays, |
| 38 | + EmitMetric: &emitMetric, |
| 39 | + } |
| 40 | + |
| 41 | + ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) |
| 42 | + defer cancel() |
| 43 | + |
| 44 | + err = cadenceClient.RegisterDomain(ctx, req) |
| 45 | + if err != nil { |
| 46 | + // Check if domain already exists |
| 47 | + if _, ok := err.(*shared.DomainAlreadyExistsError); ok { |
| 48 | + logger.Info("Domain already exists", zap.String("domain", domain)) |
| 49 | + return |
| 50 | + } |
| 51 | + logger.Fatal("Failed to register domain", zap.Error(err)) |
| 52 | + } |
| 53 | + |
| 54 | + logger.Info("Successfully registered domain", zap.String("domain", domain)) |
| 55 | +} |
| 56 | + |
| 57 | +func buildTLSDialOption() (grpc.DialOption, error) { |
| 58 | + // Load client certificate |
| 59 | + clientCert, err := tls.LoadX509KeyPair("credentials/client.crt", "credentials/client.key") |
| 60 | + if err != nil { |
| 61 | + return nil, fmt.Errorf("failed to load client certificate: %w", err) |
| 62 | + } |
| 63 | + |
| 64 | + // Load server CA |
| 65 | + caCert, err := os.ReadFile("credentials/keytest.crt") |
| 66 | + if err != nil { |
| 67 | + return nil, fmt.Errorf("failed to load server CA certificate: %w", err) |
| 68 | + } |
| 69 | + |
| 70 | + caCertPool := x509.NewCertPool() |
| 71 | + if !caCertPool.AppendCertsFromPEM(caCert) { |
| 72 | + return nil, fmt.Errorf("failed to append CA certificate") |
| 73 | + } |
| 74 | + |
| 75 | + tlsConfig := &tls.Config{ |
| 76 | + InsecureSkipVerify: true, |
| 77 | + RootCAs: caCertPool, |
| 78 | + Certificates: []tls.Certificate{clientCert}, |
| 79 | + MinVersion: tls.VersionTLS12, |
| 80 | + } |
| 81 | + |
| 82 | + creds := credentials.NewTLS(tlsConfig) |
| 83 | + return grpc.DialerCredentials(creds), nil |
| 84 | +} |
| 85 | + |
| 86 | +func stringPtr(s string) *string { |
| 87 | + return &s |
| 88 | +} |
0 commit comments