G1gg1L3s
commented
2 years ago @Lagovas, please take a loot at the last commit and tell if it's correct or if it's not going to work in some cases. Before that, the restart with SIGHUP didn't work, because goroutines weren't able to stop during timeout. Right now it works and successfully serves the http api requests (though I haven't checked it with the TLS). However, the following log is still printed:
level=error msg="Handling HTTP API requests" connection_string="tcp://0.0.0.0:9090/" error="accept tcp [::]:9090: use of closed network connection" from_descriptor=falseEdit: checked, as expected, SIGHUP doesn't work with TLS: the server is restarted, but cannot serve TLS requests.
This PR rewrites the existing acra's HTTP API to use gin, instead of using custom http server.
It also allows to use TLS with HTTP API, which was primary goal of this PR. Ideally, it should be two PR: one with refactoring and the other with TLS. But we have what we have ¯_(ツ)_/¯.
To maintain backward compatibility, by default the server doesn't use the TLS. To enable it, the user should provide certificates and keys, as well as
--http_api_use_tlsflag. Without it, the acra will produce a warning that the API is used without encryption. We can change this flag totruelater and deprecate insecure usage of the API.To move the server to the gin, I've studied the translator code, so many elements are familiar.
The only issue that is still present is the graceful shutdown. As it turns out, it is not that graceful, even in the translator, and I don't know whether it's something intended or wrong.
Checklist