-
Notifications
You must be signed in to change notification settings - Fork 2
/
main.go
99 lines (86 loc) · 2.3 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
package main
import (
"fmt"
"net/http"
"os"
"time"
log "github.com/sirupsen/logrus"
"sigs.k8s.io/aws-iam-authenticator/pkg/token"
)
type metric struct {
Help string
Type string
Value int
}
var gen token.Generator
var clusterID string
var psk string
var wrongPskSleep = time.Second
var version = "undefined"
var metrics = map[string]*metric{
"aws_iam_authenticator_proxy:tokens:total_requested": &metric{
"Total number of token requested",
"counter",
0,
},
"aws_iam_authenticator_proxy:tokens:total_delivered": &metric{
"Total number of token delivered",
"counter",
0,
},
"aws_iam_authenticator_proxy:tokens:total_errors": &metric{
"Total number of token errored",
"counter",
0,
},
}
func handler(w http.ResponseWriter, r *http.Request) {
metrics["aws_iam_authenticator_proxy:tokens:total_requested"].Value += 1
var tok token.Token
var err error
values := r.URL.Query()
if values.Get("psk") != psk {
metrics["aws_iam_authenticator_proxy:tokens:total_errors"].Value += 1
time.Sleep(wrongPskSleep)
http.Error(w, "wrong psk", http.StatusForbidden)
return
}
tok, err = gen.Get(clusterID)
if err != nil {
metrics["aws_iam_authenticator_proxy:tokens:total_errors"].Value += 1
http.Error(w, "failed to retrieve token", http.StatusServiceUnavailable)
return
}
metrics["aws_iam_authenticator_proxy:tokens:total_delivered"].Value += 1
log.Printf("Got token %v", gen.FormatJSON(tok))
fmt.Fprintf(w, "%v\n", gen.FormatJSON(tok))
}
func healthHandler(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "Everything running smooth")
}
func metricsHandler(w http.ResponseWriter, r *http.Request) {
for k, m := range metrics {
fmt.Fprintf(w, "# HELP %s %s\n", k, m.Help)
fmt.Fprintf(w, "# TYPE %s %s\n", k, m.Type)
fmt.Fprintf(w, "%s{} %d\n", k, m.Value)
}
}
func init() {
var err error
gen, err = token.NewGenerator(false, false)
if err != nil {
log.Fatalf("Failed to start service: %v", err)
}
clusterID = os.Getenv("EKS_CLUSTER_ID")
if clusterID == "" {
log.Fatal("EKS_CLUSTER_ID must be set")
}
psk = os.Getenv("PSK")
}
func main() {
http.HandleFunc("/", handler)
http.HandleFunc("/healthz", healthHandler)
http.HandleFunc("/metrics", metricsHandler)
log.Infof("aws-iam-authenticator-proxy %s starting on port 8080", version)
http.ListenAndServe(":8080", nil)
}