Skip to content

[BUG] [sync-service] not supporting SSL #1479

New issue
New issue
Closed
#1501
Closed
[BUG] [sync-service] not supporting SSL#1479
#1501
Assignees
alexandraoberaigner
Labels
Needs TriageThis issue needs to be investigated by a maintainerbugSomething isn't workinggood first issueGood for newcomershelp wantedExtra attention is needed
@aepfli

Description

@aepfli
aepfli
opened on Dec 18, 2024

Observed behavior

It is not possible to connect to the sync service via SSL; the same configuration works fine via the Evaluation Service.

see: https://github.com/open-feature/java-sdk-contrib/pull/1111/files#diff-ea9c090ae5dbf03273dc224b296f7a665d6d715d13e8d36e2b420acc6f10b030 (java e2e test implementation, trying to test SSL, currently disabled due to missing functionality)

Expected Behavior

Connection to the Sync Service should be possible to be made via SSL. and the configuration defined in the spec should be honored (here)

Steps to reproduce

open-feature/java-sdk-contrib#1111 is a running Gherkin test against the SSL image from the flagd-testbed

devnotes

Within the evaluation service we are starting to serve via:

flagd/flagd/pkg/service/flag-evaluation/connect_service.go

Lines 230 to 245 in 0b11c6c

if svcConf.CertPath != "" && svcConf.KeyPath != "" {
if err := s.server.ServeTLS(
lis,
svcConf.CertPath,
svcConf.KeyPath,
); err != nil && !errors.Is(err, http.ErrServerClosed) {
return fmt.Errorf("error returned from flag evaluation server: %w", err)
}
} else {
if err := s.server.Serve(
lis,
); err != nil && !errors.Is(err, http.ErrServerClosed) {
return fmt.Errorf("error returned from flag evaluation server: %w", err)
}
}
return nil

Whereas in the sync service, we don't differentiate:

flagd/flagd/pkg/service/flag-sync/sync_service.go

Lines 74 to 108 in 0b11c6c

func (s *Service) Start(ctx context.Context) error {
// derive errgroup so we track ctx for exit as well as startup errors
g, lCtx := errgroup.WithContext(ctx)
g.Go(func() error {
// delay server start until we see all syncs from known sync sources OR timeout
select {
case <-time.After(5 * time.Second):
s.logger.Warn("timeout while waiting for all sync sources to complete their initial sync. " +
"continuing sync service")
break
case <-s.startupTracker.getDone():
break
}
err := s.server.Serve(s.listener)
if err != nil {
s.logger.Warn(fmt.Sprintf("error from sync server start: %v", err))
}
return nil
})
g.Go(func() error {
<-lCtx.Done()
s.shutdown()
return nil
})
err := g.Wait()
if err != nil {
return fmt.Errorf("error from sync service: %w", err)
}
return nil

Metadata

Metadata

Assignees

Labels

Needs TriageThis issue needs to be investigated by a maintainerbugSomething isn't workinggood first issueGood for newcomershelp wantedExtra attention is needed

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions