fix bug

zhufuyi · zhufuyi · commit 64214905befb · 2024-04-13T16:41:57.000+08:00
diff --git a/pkg/grpc/grpccli/dail.go b/pkg/grpc/grpccli/dail.go
@@ -27,7 +27,7 @@ func Dial(ctx context.Context, endpoint string, opts ...Option) (*grpc.ClientCon
 		clientOptions = append(clientOptions, grpc.WithResolvers(
 			discovery.NewBuilder(
 				o.discovery,
-				discovery.WithInsecure(!o.isSecure()),
+				discovery.WithInsecure(o.discoveryInsecure),
 			)))
 	}
 
diff --git a/pkg/grpc/grpccli/option.go b/pkg/grpc/grpccli/option.go
@@ -44,6 +44,8 @@ type options struct {
 	enableCircuitBreaker bool               // whether to turn on circuit breaker
 	discovery            registry.Discovery // if not nil means use service discovery
 
+	discoveryInsecure bool
+
 	// custom setting
 	dialOptions        []grpc.DialOption              // custom options
 	unaryInterceptors  []grpc.UnaryClientInterceptor  // custom unary interceptor
@@ -58,7 +60,8 @@ func defaultOptions() *options {
 		keyFile:    "",
 		caFile:     "",
 
-		enableLog: false,
+		enableLog:         false,
+		discoveryInsecure: true,
 
 		dialOptions:        nil,
 		unaryInterceptors:  nil,
@@ -134,6 +137,13 @@ func WithEnableCircuitBreaker() Option {
 	}
 }
 
+// WithDiscoveryInsecure setting discovery insecure
+func WithDiscoveryInsecure(b bool) Option {
+	return func(o *options) {
+		o.discoveryInsecure = b
+	}
+}
+
 func (o *options) isSecure() bool {
 	if o.secureType == secureOneWay || o.secureType == secureTwoWay {
 		return true
diff --git a/pkg/grpc/grpccli/option_test.go b/pkg/grpc/grpccli/option_test.go
@@ -93,7 +93,15 @@ func TestWithTimeout(t *testing.T) {
 	opt := WithTimeout(testData)
 	o := new(options)
 	o.apply(opt)
-	assert.Equal(t, testData, o.timeout)
+	assert.Equal(t, testData, o.requestTimeout)
+}
+
+func TestWithDiscoveryInsecure(t *testing.T) {
+	var testData bool
+	opt := WithDiscoveryInsecure(testData)
+	o := new(options)
+	o.apply(opt)
+	assert.Equal(t, testData, o.discoveryInsecure)
 }
 
 func TestWithUnaryInterceptors(t *testing.T) {
diff --git a/pkg/grpc/gtls/README.md b/pkg/grpc/gtls/README.md
@@ -1,66 +1,88 @@
 ## gtls
 
-gtls provides grpc secure connectivity, supporting both server-only authentication and client-server authentication.
+`gtls` provides grpc secure connectivity by tls, supporting both one-way secure connection and mutual tls connection.
 
-#### Example of use
+### Example of use
 
-#### grpc server
+#### One-way secure connection
+
+**grpc server example**
 
 ```go
 import "github.com/zhufuyi/sponge/pkg/grpc/gtls"
 
 func main() {
-	// one-way authentication (server-side authentication)
-	//credentials, err := gtls.GetServerTLSCredentials(certfile.Path("/one-way/server.crt"), certfile.Path("/one-way/server.key"))
-
-	// two-way authentication
-	credentials, err := gtls.GetServerTLSCredentialsByCA(
-		certfile.Path("two-way/ca.pem"),
-		certfile.Path("two-way/server/server.pem"),
-		certfile.Path("two-way/server/server.key"),
-	)
-	if err != nil {
-		panic(err)
-	}
+    // one-way connection
+    credentials, err := gtls.GetServerTLSCredentials(
+        certfile.Path("/one-way/server.crt"),
+        certfile.Path("/one-way/server.key"),
+    )
+    // check err
+
+    server := grpc.NewServer(grpc.Creds(credentials))
+}
+```
+
+<br>
 
-	// interceptor
-	opts := []grpc.ServerOption{
-		grpc.Creds(credentials),
-	}
+**grpc client example**
 
-	server := grpc.NewServer(opts...)
+```go
+import "github.com/zhufuyi/sponge/pkg/grpc/gtls"
+
+func main() {
+    // one-way connection
+    credentials, err := gtls.GetClientTLSCredentials(
+        "localhost",
+        certfile.Path("/one-way/server.crt"),
+	)
+    // check err
 
-	// ......
+    conn, err := grpc.Dial("127.0.0.1:8080", grpc.WithTransportCredentials(credentials))
+    // check err
 }
 ```
 
 <br>
 
-#### grpc client
+#### Mutual tls connection
+
+**grpc server example**
 
 ```go
 import "github.com/zhufuyi/sponge/pkg/grpc/gtls"
 
 func main() {
-	// one-way authentication
-	//credentials, err := gtls.GetClientTLSCredentials("localhost", certfile.Path("/one-way/server.crt"))
-
-	// two-way authentication
-	credentials, err := gtls.GetClientTLSCredentialsByCA(
-		"localhost",
-		certfile.Path("two-way/ca.pem"),
-		certfile.Path("two-way/client/client.pem"),
-		certfile.Path("two-way/client/client.key"),
-	)
-	if err != nil {
-		panic(err)
-	}
+    // two-way secure connection
+    credentials, err := gtls.GetServerTLSCredentialsByCA(
+        certfile.Path("two-way/ca.pem"),
+        certfile.Path("two-way/server/server.pem"),
+        certfile.Path("two-way/server/server.key"),
+    )
+    // check err
+
+    server := grpc.NewServer(grpc.Creds(credentials))
+}
+```
+
+<br>
 
-	conn, err := grpc.Dial("127.0.0.1:8080", grpc.WithTransportCredentials(credentials))
-	if err != nil {
-		panic(err)
-	}
+**grpc client example**
 
-	// ......
+```go
+import "github.com/zhufuyi/sponge/pkg/grpc/gtls"
+
+func main() {
+    // two-way secure connection
+    credentials, err := gtls.GetClientTLSCredentialsByCA(
+        "localhost",
+        certfile.Path("two-way/ca.pem"),
+        certfile.Path("two-way/client/client.pem"),
+        certfile.Path("two-way/client/client.key"),
+    )
+    // check err
+
+    conn, err := grpc.Dial("127.0.0.1:8080", grpc.WithTransportCredentials(credentials))
+    // check err
 }
-```
+```

Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,7 @@ func Dial(ctx context.Context, endpoint string, opts ...Option) (*grpc.ClientCon`
`27`	`27`	`clientOptions = append(clientOptions, grpc.WithResolvers(`
`28`	`28`	`discovery.NewBuilder(`
`29`	`29`	`o.discovery,`
`30`		`- discovery.WithInsecure(!o.isSecure()),`
	`30`	`+ discovery.WithInsecure(o.discoveryInsecure),`
`31`	`31`	`)))`
`32`	`32`	`}`
`33`	`33`