code-first-routes: cors support #2630

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

mschuwalow merged 7 commits into main from code-first-routes-cors

Jan 28, 2026

Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Cargo.toml

-Original file line number
+Diff line change
@@ Expand Up / @@ -145,6 +145,7 @@ combine = "4.6.7" @@
     conditional-trait-gen = "0.4.1"
     console-subscriber = "0.4.1"
     convert_case = "0.8.0"
+    cookie = "0.18.1"
     criterion = "0.5"
     crossterm = "0.28.1"
     darling = "0.20.11"
@@ Expand Down @@

cli/golem-cli/src/command_handler/api/deployment.rs

-Original file line number
+Diff line change
@@ Expand Up / @@ -292,7 +292,7 @@ impl ApiDeploymentCommandHandler { @@
             &self,
             http_api_deployment: &DeploymentPlanHttpApiDeploymentEntry,
             deployable_http_api_deployment: &[HttpApiDefinitionName],
-            _diff: &diff::DiffForHashOf<diff::HttpApiDeployment>,
+            _diff: &diff::DiffForHashOf<diff::HttpApiDeploymentLegacy>,
         ) -> anyhow::Result<()> {
             log_action(
                 "Updating",
@@ Expand Down @@

cli/golem-cli/src/command_handler/app/mod.rs

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -759,11 +759,11 @@ impl AppCommandHandler {
  
            let diffable_local_http_api_deployments = {

                let mut diffable_local_http_api_deployments =

                    BTreeMap::<String, diff::HashOf<diff::HttpApiDeployment>>::new();

                    BTreeMap::<String, diff::HashOf<diff::HttpApiDeploymentLegacy>>::new();

                for (domain, http_api_deployment) in &deployable_manifest_http_api_deployments {

                    diffable_local_http_api_deployments.insert(

                        domain.0.clone(),

                        diff::HttpApiDeployment {

                        diff::HttpApiDeploymentLegacy {

                            agent_types: http_api_deployment

                                .iter()

                                .map(|def| def.0.clone())

cli/golem/src/launch.rs

-Original file line number
+Diff line change
@@ Expand Up / @@ -40,7 +40,9 @@ use golem_worker_executor::services::golem_config::{ @@
         KeyValueStorageMultiSqliteConfig, ResourceLimitsConfig, ResourceLimitsGrpcConfig,
         ShardManagerServiceConfig, ShardManagerServiceGrpcConfig, WorkerServiceGrpcConfig,
     };
-    use golem_worker_service::config::{RouteResolverConfig, WorkerServiceConfig};
+    use golem_worker_service::config::{
+        RouteResolverConfig, SqliteSessionStoreConfig, WorkerServiceConfig,
+    };
     use golem_worker_service::WorkerService;
     use opentelemetry::global;
     use opentelemetry_sdk::metrics::MeterProviderBuilder;
@@ Expand Down Expand Up / @@ -325,18 +327,21 @@ fn worker_service_config( @@
                 port: 0,
                 ..Default::default()
             },
-            gateway_session_storage: golem_worker_service::config::GatewaySessionStorageConfig::Sqlite(
-                DbSqliteConfig {
-                    database: args
-                        .data_dir
-                        .join("gateway-sessions.db")
-                        .to_string_lossy()
-                        .to_string(),
-                    max_connections: 4,
-                    foreign_keys: false,
+            gateway_session_storage: golem_worker_service::config::SessionStoreConfig::Sqlite(
+                SqliteSessionStoreConfig {
+                    pending_login_expiration: Duration::from_hours(1),
+                    cleanup_interval: Duration::from_mins(5),
+                    sqlite_config: DbSqliteConfig {
+                        database: args
+                            .data_dir
+                            .join("gateway-sessions.db")
+                            .to_string_lossy()
+                            .to_string(),
+                        max_connections: 4,
+                        foreign_keys: false,
+                    },
                 },
             ),
-            blob_storage: blob_storage_config(args),
             routing_table: RoutingTableConfig {
                 host: args.router_addr.clone(),
                 port: shard_manager_run_details.grpc_port,
@@ Expand Down @@

golem-api-grpc/proto/golem/customapi/core.proto

-Original file line number
+Diff line change
@@ Expand Up / @@ -163,12 +163,13 @@ message CompiledRoute { @@
       RequestBodySchema body = 4;
       RouteBehaviour behavior = 5;
       optional golem.registry.SecuritySchemeId security_scheme = 6;
-      golem.component.CorsOptions cors = 7;
+      CorsOptions cors = 7;
     }
     message RouteBehaviour {
       oneof kind {
         CallAgent call_agent = 1;
+        CorsPreflight cors_preflight = 2;
       }
       message CallAgent {
@@ Expand All / @@ -181,6 +182,11 @@ message RouteBehaviour { @@
         repeated MethodParameter method_parameters = 7;
         golem.component.DataSchema expected_agent_response = 8;
       }
+      message CorsPreflight {
+        repeated string allowed_origins = 1;
+        repeated golem.component.HttpMethod allowed_methods = 2;
+      }
     }
     message SecuritySchemeDetails {
@@ Expand All / @@ -192,3 +198,7 @@ message SecuritySchemeDetails { @@
       string redirect_url = 6;
       repeated string scopes = 7;
     }
+    message CorsOptions {
+      repeated string allowed_patterns = 1;
+    }

golem-common/src/base_model/agent.rs

-Original file line number
+Diff line change
@@ Expand Up / @@ -737,7 +737,9 @@ pub struct HttpEndpointDetails { @@
         pub cors_options: CorsOptions,
     }
-    #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, IntoValue, FromValue)]
+    #[derive(
+        Debug, Clone, PartialEq, Eq, Hash, PartialOrd, Ord, Serialize, Deserialize, IntoValue, FromValue,
+    )]
     #[cfg_attr(
         feature = "full",
         derive(desert_rust::BinaryCodec, poem_openapi::Union)
@@ Expand Down Expand Up / @@ -790,7 +792,9 @@ impl TryFrom<HttpMethod> for http::Method { @@
         }
     }
-    #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, IntoValue, FromValue)]
+    #[derive(
+        Debug, Clone, PartialEq, Eq, Hash, PartialOrd, Ord, Serialize, Deserialize, IntoValue, FromValue,
+    )]
     #[cfg_attr(
         feature = "full",
         derive(desert_rust::BinaryCodec, poem_openapi::Object)
@@ Expand Down @@

golem-common/src/base_model/http_api_deployment.rs

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -12,27 +12,38 @@
  
    // See the License for the specific language governing permissions and

    // limitations under the License.

    use super::security_scheme::SecuritySchemeName;

    use crate::base_model::agent::AgentTypeName;

    use crate::base_model::diff;

    use crate::base_model::domain_registration::Domain;

    use crate::base_model::environment::EnvironmentId;

    use crate::{declare_revision, declare_structs, newtype_uuid};

    use chrono::DateTime;

    use std::collections::BTreeSet;

    use std::collections::BTreeMap;

    newtype_uuid!(HttpApiDeploymentId);

    declare_revision!(HttpApiDeploymentRevision);

    declare_structs! {

        #[derive(Default)]

        #[cfg_attr(feature = "full", derive(desert_rust::BinaryCodec))]

        #[cfg_attr(feature = "full", desert(transparent))]

        pub struct HttpApiDeploymentAgentOptions {

            /// Security scheme to use for all agent methods that require auth.

            /// Failure to provide a security scheme for an agent that requires one will lead to a deployment failure.

            /// If the requested security scheme does not exist in the environment, the route will be disabled at runtime.

            pub security_scheme: Option<SecuritySchemeName>

        }

        pub struct HttpApiDeploymentCreation {

            pub domain: Domain,

            pub agent_types: BTreeSet<AgentTypeName>

            pub agents: BTreeMap<AgentTypeName, HttpApiDeploymentAgentOptions>

        }

        pub struct HttpApiDeploymentUpdate {

            pub current_revision: HttpApiDeploymentRevision,

            pub agent_types: Option<BTreeSet<AgentTypeName>>

            pub agents: Option<BTreeMap<AgentTypeName, HttpApiDeploymentAgentOptions>>

        }

        pub struct HttpApiDeployment {

    @@ -41,7 +52,7 @@ declare_structs! {
  
            pub environment_id: EnvironmentId,

            pub domain: Domain,

            pub hash: diff::Hash,

            pub agent_types: BTreeSet<AgentTypeName>,

            pub agents: BTreeMap<AgentTypeName, HttpApiDeploymentAgentOptions>,

            pub created_at: DateTime<chrono::Utc>,

        }

    }

golem-common/src/base_model/mod.rs

-Original file line number
+Diff line change
@@ Expand Up / @@ -157,7 +157,7 @@ impl FromValue for Timestamp { @@
         }
     }
-    #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, Default)]
+    #[derive(Debug, Clone, PartialEq, Eq, Hash, PartialOrd, Ord, Serialize, Deserialize, Default)]
     #[cfg_attr(
         feature = "full",
         derive(desert_rust::BinaryCodec, poem_openapi::Object)
@@ Expand Down @@

golem-common/src/model/diff/deployment.rs

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -15,7 +15,7 @@
  
    use crate::model::diff::component::Component;

    use crate::model::diff::hash::{hash_from_serialized_value, Hash, HashOf, Hashable};

    use crate::model::diff::http_api_definition::HttpApiDefinition;

    use crate::model::diff::http_api_deployment::HttpApiDeployment;

    use crate::model::diff::http_api_deployment::HttpApiDeploymentLegacy;

    use crate::model::diff::ser::serialize_with_mode;

    use crate::model::diff::{BTreeMapDiff, Diffable};

    use serde::Serialize;

    @@ -32,7 +32,7 @@ pub struct Deployment {
  
        pub http_api_definitions: BTreeMap<String, HashOf<HttpApiDefinition>>,

        #[serde(skip_serializing_if = "BTreeMap::is_empty")]

        #[serde(serialize_with = "serialize_with_mode")]

        pub http_api_deployments: BTreeMap<String, HashOf<HttpApiDeployment>>,

        pub http_api_deployments: BTreeMap<String, HashOf<HttpApiDeploymentLegacy>>,

    }

    #[derive(Debug, Clone, PartialEq, Serialize)]

    @@ -43,7 +43,7 @@ pub struct DeploymentDiff {
  
        #[serde(skip_serializing_if = "BTreeMap::is_empty")]

        pub http_api_definitions: BTreeMapDiff<String, HashOf<HttpApiDefinition>>,

        #[serde(skip_serializing_if = "BTreeMap::is_empty")]

        pub http_api_deployments: BTreeMapDiff<String, HashOf<HttpApiDeployment>>,

        pub http_api_deployments: BTreeMapDiff<String, HashOf<HttpApiDeploymentLegacy>>,

    }

    impl Diffable for Deployment {

golem-common/src/model/diff/http_api_deployment.rs

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -12,13 +12,42 @@
  
    // See the License for the specific language governing permissions and

    // limitations under the License.

    use super::BTreeMapDiff;

    use crate::model::diff::{hash_from_serialized_value, BTreeSetDiff, Diffable, Hash, Hashable};

    use serde::Serialize;

    use std::collections::BTreeSet;

    use std::collections::{BTreeMap, BTreeSet};

    #[derive(Debug, Clone, PartialEq, Serialize)]

    #[serde(rename_all = "camelCase")]

    pub struct HttpApiDeploymentAgentOptions {

        pub security_scheme: Option<String>,

    }

    #[derive(Debug, Clone, PartialEq, Eq, Serialize)]

    #[serde(rename_all = "camelCase")]

    pub struct HttpApiDeploymentAgentOptionsDiff {

        pub security_scheme_changed: bool,

    }

    impl Diffable for HttpApiDeploymentAgentOptions {

        type DiffResult = HttpApiDeploymentAgentOptionsDiff;

        fn diff(new: &Self, current: &Self) -> Option<Self::DiffResult> {

            let security_scheme_changed = new.security_scheme != current.security_scheme;

            if security_scheme_changed {

                Some(HttpApiDeploymentAgentOptionsDiff {

                    security_scheme_changed,

                })

            } else {

                None

            }

        }

    }

    #[derive(Debug, Clone, PartialEq, Serialize)]

    pub struct HttpApiDeployment {

        pub agent_types: BTreeSet<String>,

        pub agents: BTreeMap<String, HttpApiDeploymentAgentOptions>,

    }

    impl Hashable for HttpApiDeployment {

    @@ -28,6 +57,25 @@ impl Hashable for HttpApiDeployment {
  
    }

    impl Diffable for HttpApiDeployment {

        type DiffResult = BTreeMapDiff<String, HttpApiDeploymentAgentOptions>;

        fn diff(new: &Self, current: &Self) -> Option<Self::DiffResult> {

            new.agents.diff_with_current(&current.agents)

        }

    }

    #[derive(Debug, Clone, PartialEq, Serialize)]

    pub struct HttpApiDeploymentLegacy {

        pub agent_types: BTreeSet<String>,

    }

    impl Hashable for HttpApiDeploymentLegacy {

        fn hash(&self) -> Hash {

            hash_from_serialized_value(self)

        }

    }

    impl Diffable for HttpApiDeploymentLegacy {

        type DiffResult = BTreeSetDiff<String>;

        fn diff(new: &Self, current: &Self) -> Option<Self::DiffResult> {

golem-common/src/model/http_api_deployment.rs

-Original file line number
+Diff line change
@@ Expand Up / @@ -19,7 +19,18 @@ pub use crate::base_model::http_api_deployment::*; @@
     impl HttpApiDeployment {
         pub fn to_diffable(&self) -> diff::HttpApiDeployment {
             diff::HttpApiDeployment {
-                agent_types: self.agent_types.iter().map(|def| def.0.clone()).collect(),
+                agents: self
+                    .agents
+                    .iter()
+                    .map(|(k, v)| {
+                        (
+                            k.0.clone(),
+                            diff::HttpApiDeploymentAgentOptions {
+                                security_scheme: v.security_scheme.as_ref().map(|v| v.0.clone()),
+                            },
+                        )
+                    })
+                    .collect(),
             }
         }
     }

golem-common/src/model/http_api_deployment_legacy.rs

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -17,8 +17,8 @@ use crate::model::diff;
  
    pub use crate::base_model::http_api_deployment_legacy::*;

    impl LegacyHttpApiDeployment {

        pub fn to_diffable(&self) -> diff::HttpApiDeployment {

            diff::HttpApiDeployment {

        pub fn to_diffable(&self) -> diff::HttpApiDeploymentLegacy {

            diff::HttpApiDeploymentLegacy {

                agent_types: self

                    .api_definitions

                    .iter()

golem-registry-service/db/migration/postgres/002_code_first_routes.sql

-Original file line number
+Diff line change
@@ Expand Up / @@ -17,7 +17,10 @@ DELETE FROM component_plugin_installations; @@
     DELETE FROM component_revisions;
     DELETE FROM components;
-    ALTER TABLE http_api_deployment_revisions RENAME COLUMN http_api_definitions TO agent_types;
+    ALTER TABLE http_api_deployment_revisions RENAME COLUMN http_api_definitions TO data;
+    ALTER TABLE http_api_deployment_revisions
+      ALTER COLUMN data TYPE BYTEA
+      USING data::bytea;
     DROP TABLE deployment_compiled_http_api_definition_routes;
     DROP TABLE deployment_domain_http_api_definitions;
@@ Expand Down @@

golem-registry-service/db/migration/sqlite/002_code_first_routes.sql

-Original file line number
+Diff line change
@@ Expand Up / @@ -17,7 +17,30 @@ DELETE FROM component_plugin_installations; @@
     DELETE FROM component_revisions;
     DELETE FROM components;
-    ALTER TABLE http_api_deployment_revisions RENAME COLUMN http_api_definitions TO agent_types;
+    DROP TABLE http_api_deployment_revisions;
+    CREATE TABLE http_api_deployment_revisions
+    (
+        http_api_deployment_id UUID      NOT NULL,
+        revision_id            BIGINT    NOT NULL,
+        hash                   BYTEA     NOT NULL,
+        created_at             TIMESTAMP NOT NULL,
+        created_by             UUID      NOT NULL,
+        deleted                BOOLEAN   NOT NULL,
+        data                   BYTEA      NOT NULL,
+        CONSTRAINT http_api_deployment_revisions_pk
+            PRIMARY KEY (http_api_deployment_id, revision_id),
+        CONSTRAINT http_api_deployment_revisions_deployments_fk
+            FOREIGN KEY (http_api_deployment_id)
+                REFERENCES http_api_deployments
+    );
+    CREATE INDEX http_api_deployment_revisions_latest_revision_by_id_idx
+        ON http_api_deployment_revisions (http_api_deployment_id, revision_id DESC);
     DROP TABLE deployment_compiled_http_api_definition_routes;
     DROP TABLE deployment_domain_http_api_definitions;
@@ Expand Down @@

golem-registry-service/src/model/api_definition.rs

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -14,13 +14,13 @@
  
    use desert_rust::BinaryCodec;

    use golem_common::model::account::AccountId;

    use golem_common::model::agent::{CorsOptions, HttpMethod};

    use golem_common::model::agent::HttpMethod;

    use golem_common::model::deployment::DeploymentRevision;

    use golem_common::model::domain_registration::Domain;

    use golem_common::model::environment::EnvironmentId;

    use golem_common::model::security_scheme::{SecuritySchemeId, SecuritySchemeName};

    use golem_service_base::custom_api::{

        PathSegment, RequestBodySchema, RouteBehaviour, RouteId, SecuritySchemeDetails,

        CorsOptions, PathSegment, RequestBodySchema, RouteBehaviour, RouteId, SecuritySchemeDetails,

    };

    use std::collections::HashMap;

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

code-first-routes: cors support #2630

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Uh oh!

Uh oh!