-
Notifications
You must be signed in to change notification settings - Fork 284
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(cmd-api-server): add gRPC plugin auto-registration support
1. The API server supports gRPC endpoints, but plugins are not yet able to register their own gRPC services to be exposed the same way that was already possible for HTTP endpoints to be registered dynamically. This was due to an oversight when the original contribution was made by Peter (who was the person making the oversight - good job Peter) 2. The functionality works largely the same as it does for the HTTP endpoints but it does so for gRPC services (which is the equivalent of endpoints in gRPC terminology, so service === endpoint in this context.) 3. There are new methods added to the public API surface of the API server package which can be used to construct gRPC credential and server objects using the instance of the library that is used by the API server. This is necessary because the validation logic built into grpc-js fails for these mentioned objects if the creds or the server was constructed with a different instance of the library than the one used by the API server. 4. Different instance in this context means just that the exact same version of the library was imported from a different path for example there could be the node_modules directory of the besu connector and also the node_modules directory of the API server. 5. Because of the problem outlined above, the only way we can have functioning test cases is if the API server exposes its own instance of grpc-js. Signed-off-by: Peter Somogyvari <[email protected]>
- Loading branch information
Showing
4 changed files
with
170 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
91 changes: 91 additions & 0 deletions
91
packages/cactus-cmd-api-server/src/main/typescript/grpc/grpc-credentials-factory.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,91 @@ | ||
import * as grpc from "@grpc/grpc-js"; | ||
|
||
/** | ||
* Re-exports the underlying `grpc.ServerCredentials.createInsecure()` call | ||
* verbatim. | ||
* Why though? This is necessary because the {grpc.Server} object does an `instanceof` | ||
* validation on credential objects that are passed to it and this check comes back | ||
* negative if you've constructed the credentials object with a different instance | ||
* of the library, **even** if the versions of the library instances are the **same**. | ||
* | ||
* Therefore this is a workaround that allows callers to construct credentials | ||
* objects with the same import of the `@grpc/grpc-js` library that the {ApiServer} | ||
* of this package is using. | ||
* | ||
* @returns {grpc.ServerCredentials} | ||
*/ | ||
export function createGrpcInsecureServerCredentials(): grpc.ServerCredentials { | ||
return grpc.ServerCredentials.createInsecure(); | ||
} | ||
|
||
/** | ||
* Re-exports the underlying `grpc.ServerCredentials.createInsecure()` call | ||
* verbatim. | ||
* Why though? This is necessary because the {grpc.Server} object does an `instanceof` | ||
* validation on credential objects that are passed to it and this check comes back | ||
* negative if you've constructed the credentials object with a different instance | ||
* of the library, **even** if the versions of the library instances are the **same**. | ||
* | ||
* Therefore this is a workaround that allows callers to construct credentials | ||
* objects with the same import of the `@grpc/grpc-js` library that the {ApiServer} | ||
* of this package is using. | ||
* | ||
* @returns {grpc.ServerCredentials} | ||
*/ | ||
export function createGrpcSslServerCredentials( | ||
rootCerts: Buffer | null, | ||
keyCertPairs: grpc.KeyCertPair[], | ||
checkClientCertificate?: boolean, | ||
): grpc.ServerCredentials { | ||
return grpc.ServerCredentials.createSsl( | ||
rootCerts, | ||
keyCertPairs, | ||
checkClientCertificate, | ||
); | ||
} | ||
|
||
/** | ||
* Re-exports the underlying `grpc.ServerCredentials.createInsecure()` call | ||
* verbatim. | ||
* Why though? This is necessary because the {grpc.Server} object does an `instanceof` | ||
* validation on credential objects that are passed to it and this check comes back | ||
* negative if you've constructed the credentials object with a different instance | ||
* of the library, **even** if the versions of the library instances are the **same**. | ||
* | ||
* Therefore this is a workaround that allows callers to construct credentials | ||
* objects with the same import of the `@grpc/grpc-js` library that the {ApiServer} | ||
* of this package is using. | ||
* | ||
* @returns {grpc.ChannelCredentials} | ||
*/ | ||
export function createGrpcInsecureChannelCredentials(): grpc.ChannelCredentials { | ||
return grpc.ChannelCredentials.createInsecure(); | ||
} | ||
|
||
/** | ||
* Re-exports the underlying `grpc.ServerCredentials.createInsecure()` call | ||
* verbatim. | ||
* Why though? This is necessary because the {grpc.Server} object does an `instanceof` | ||
* validation on credential objects that are passed to it and this check comes back | ||
* negative if you've constructed the credentials object with a different instance | ||
* of the library, **even** if the versions of the library instances are the **same**. | ||
* | ||
* Therefore this is a workaround that allows callers to construct credentials | ||
* objects with the same import of the `@grpc/grpc-js` library that the {ApiServer} | ||
* of this package is using. | ||
* | ||
* @returns {grpc.ChannelCredentials} | ||
*/ | ||
export function createGrpcSslChannelCredentials( | ||
rootCerts?: Buffer | null, | ||
privateKey?: Buffer | null, | ||
certChain?: Buffer | null, | ||
verifyOptions?: grpc.VerifyOptions, | ||
): grpc.ChannelCredentials { | ||
return grpc.ChannelCredentials.createSsl( | ||
rootCerts, | ||
privateKey, | ||
certChain, | ||
verifyOptions, | ||
); | ||
} |
21 changes: 21 additions & 0 deletions
21
packages/cactus-cmd-api-server/src/main/typescript/grpc/grpc-server-factory.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
import * as grpc from "@grpc/grpc-js"; | ||
|
||
/** | ||
* Re-exports the underlying `new grpc.Server()` call verbatim. | ||
* | ||
* Why though? This is necessary because the {grpc.Server} object does an `instanceof` | ||
* validation on credential objects that are passed to it and this check comes back | ||
* negative if you've constructed the credentials object with a different instance | ||
* of the library, **even** if the versions of the library instances are the **same**. | ||
* | ||
* Therefore this is a workaround that allows callers to construct credentials | ||
* objects/servers with the same import of the `@grpc/grpc-js` library that the | ||
* {ApiServer} of this package is using internally. | ||
* | ||
* @returns {grpc.Server} | ||
*/ | ||
export function createGrpcServer( | ||
options?: grpc.ServerOptions | undefined, | ||
): grpc.Server { | ||
return new grpc.Server(options); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
5762dad
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Possible performance regression was detected for benchmark.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold
0.05
.cmd-api-server_HTTP_GET_getOpenApiSpecV1
550
ops/sec (±1.49%
)573
ops/sec (±1.90%
)1.04
cmd-api-server_gRPC_GetOpenApiSpecV1
355
ops/sec (±1.51%
)349
ops/sec (±1.97%
)0.98
This comment was automatically generated by workflow using github-action-benchmark.
CC: @petermetz