From f31a56b317923ab526b6a75fcee9dae631c49230 Mon Sep 17 00:00:00 2001
From: Eguzki Astiz Lezaun <eastizle@redhat.com>
Date: Tue, 19 Dec 2023 17:17:47 +0100
Subject: [PATCH] gRPC server reflection enabled with --grpc-reflection-service
 command line param

---
 .../sandbox/docker-compose-limitador-disk.yaml   |  1 +
 .../docker-compose-limitador-infinispan.yaml     |  1 +
 .../sandbox/docker-compose-limitador-memory.yaml |  1 +
 .../docker-compose-limitador-redis-cached.yaml   |  1 +
 .../docker-compose-limitador-redis-tls.yaml      |  1 +
 .../sandbox/docker-compose-limitador-redis.yaml  |  1 +
 limitador-server/src/config.rs                   |  4 ++++
 limitador-server/src/envoy_rls/server.rs         | 16 +++++++++++-----
 limitador-server/src/main.rs                     | 10 ++++++++++
 9 files changed, 31 insertions(+), 5 deletions(-)

diff --git a/limitador-server/sandbox/docker-compose-limitador-disk.yaml b/limitador-server/sandbox/docker-compose-limitador-disk.yaml
index 7ebeebcd..b62397a1 100644
--- a/limitador-server/sandbox/docker-compose-limitador-disk.yaml
+++ b/limitador-server/sandbox/docker-compose-limitador-disk.yaml
@@ -16,6 +16,7 @@ services:
       - --http-port
       - "8080"
       - -vvv
+      - --grpc-reflection-service
       - /opt/kuadrant/limits/limits.yaml
       - disk
       - "/tmp/data"
diff --git a/limitador-server/sandbox/docker-compose-limitador-infinispan.yaml b/limitador-server/sandbox/docker-compose-limitador-infinispan.yaml
index 5e0e0d20..100c693d 100644
--- a/limitador-server/sandbox/docker-compose-limitador-infinispan.yaml
+++ b/limitador-server/sandbox/docker-compose-limitador-infinispan.yaml
@@ -17,6 +17,7 @@ services:
       - --http-port
       - "8080"
       - -vvvv
+      - --grpc-reflection-service
       - /opt/kuadrant/limits/limits.yaml
       - infinispan
       - --cache-name
diff --git a/limitador-server/sandbox/docker-compose-limitador-memory.yaml b/limitador-server/sandbox/docker-compose-limitador-memory.yaml
index fe2ed907..eec05ecf 100644
--- a/limitador-server/sandbox/docker-compose-limitador-memory.yaml
+++ b/limitador-server/sandbox/docker-compose-limitador-memory.yaml
@@ -16,6 +16,7 @@ services:
       - --http-port
       - "8080"
       - -vvv
+      - --grpc-reflection-service
       - /opt/kuadrant/limits/limits.yaml
       - memory
     expose:
diff --git a/limitador-server/sandbox/docker-compose-limitador-redis-cached.yaml b/limitador-server/sandbox/docker-compose-limitador-redis-cached.yaml
index 47b88e94..6db3a4de 100644
--- a/limitador-server/sandbox/docker-compose-limitador-redis-cached.yaml
+++ b/limitador-server/sandbox/docker-compose-limitador-redis-cached.yaml
@@ -17,6 +17,7 @@ services:
       - --http-port
       - "8080"
       - -vvv
+      - --grpc-reflection-service
       - /opt/kuadrant/limits/limits.yaml
       - redis_cached
       - --ttl
diff --git a/limitador-server/sandbox/docker-compose-limitador-redis-tls.yaml b/limitador-server/sandbox/docker-compose-limitador-redis-tls.yaml
index 172cfbb3..1046b25b 100644
--- a/limitador-server/sandbox/docker-compose-limitador-redis-tls.yaml
+++ b/limitador-server/sandbox/docker-compose-limitador-redis-tls.yaml
@@ -17,6 +17,7 @@ services:
       - --http-port
       - "8080"
       - -vvv
+      - --grpc-reflection-service
       - /opt/kuadrant/limits/limits.yaml
       - redis
       - rediss://:foobared@redis:6379/#insecure
diff --git a/limitador-server/sandbox/docker-compose-limitador-redis.yaml b/limitador-server/sandbox/docker-compose-limitador-redis.yaml
index 1329bc42..611e0f1b 100644
--- a/limitador-server/sandbox/docker-compose-limitador-redis.yaml
+++ b/limitador-server/sandbox/docker-compose-limitador-redis.yaml
@@ -17,6 +17,7 @@ services:
       - --http-port
       - "8080"
       - -vvv
+      - --grpc-reflection-service
       - /opt/kuadrant/limits/limits.yaml
       - redis
       - redis://redis:6379
diff --git a/limitador-server/src/config.rs b/limitador-server/src/config.rs
index 3cbb7712..73ee74ed 100644
--- a/limitador-server/src/config.rs
+++ b/limitador-server/src/config.rs
@@ -33,6 +33,7 @@ pub struct Configuration {
     pub limit_name_in_labels: bool,
     pub log_level: Option<LevelFilter>,
     pub rate_limit_headers: RateLimitHeaders,
+    pub grpc_reflection_service: bool,
 }
 
 pub mod env {
@@ -83,6 +84,7 @@ impl Configuration {
         http_port: u16,
         limit_name_in_labels: bool,
         rate_limit_headers: RateLimitHeaders,
+        grpc_reflection_service: bool,
     ) -> Self {
         Self {
             limits_file,
@@ -94,6 +96,7 @@ impl Configuration {
             limit_name_in_labels,
             log_level: None,
             rate_limit_headers,
+            grpc_reflection_service,
         }
     }
 
@@ -121,6 +124,7 @@ impl Default for Configuration {
             limit_name_in_labels: false,
             log_level: None,
             rate_limit_headers: RateLimitHeaders::None,
+            grpc_reflection_service: false,
         }
     }
 }
diff --git a/limitador-server/src/envoy_rls/server.rs b/limitador-server/src/envoy_rls/server.rs
index 39f54cd6..de6f8925 100644
--- a/limitador-server/src/envoy_rls/server.rs
+++ b/limitador-server/src/envoy_rls/server.rs
@@ -202,18 +202,24 @@ pub async fn run_envoy_rls_server(
     address: String,
     limiter: Arc<Limiter>,
     rate_limit_headers: RateLimitHeaders,
+    grpc_reflection_service: bool,
 ) -> Result<(), transport::Error> {
     let rate_limiter = MyRateLimiter::new(limiter, rate_limit_headers);
     let svc = RateLimitServiceServer::new(rate_limiter);
 
-    let reflection_service = tonic_reflection::server::Builder::configure()
-        .register_encoded_file_descriptor_set(rls_proto::RLS_DESCRIPTOR_SET)
-        .build()
-        .unwrap();
+    let reflection_service = match grpc_reflection_service {
+        false => None,
+        true => Some(
+            tonic_reflection::server::Builder::configure()
+                .register_encoded_file_descriptor_set(rls_proto::RLS_DESCRIPTOR_SET)
+                .build()
+                .unwrap(),
+        ),
+    };
 
     Server::builder()
         .add_service(svc)
-        .add_service(reflection_service)
+        .add_optional_service(reflection_service)
         .serve(address.parse().unwrap())
         .await
 }
diff --git a/limitador-server/src/main.rs b/limitador-server/src/main.rs
index d1ecdf65..e5546578 100644
--- a/limitador-server/src/main.rs
+++ b/limitador-server/src/main.rs
@@ -302,6 +302,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
     let envoy_rls_address = config.rlp_address();
     let http_api_address = config.http_address();
     let rate_limit_headers = config.rate_limit_headers.clone();
+    let grpc_reflection_service = config.grpc_reflection_service;
 
     let rate_limiter: Arc<Limiter> = match Limiter::new(config).await {
         Ok(limiter) => Arc::new(limiter),
@@ -390,6 +391,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
         envoy_rls_address.to_string(),
         rate_limiter.clone(),
         rate_limit_headers,
+        grpc_reflection_service,
     ));
 
     info!("HTTP server starting on {}", http_api_address);
@@ -515,6 +517,13 @@ fn create_config() -> (Configuration, &'static str) {
                 ]))
                 .help("Enables rate limit response headers"),
         )
+        .arg(
+            Arg::new("grpc_reflection_service")
+                .long("grpc-reflection-service")
+                .action(ArgAction::SetTrue)
+                .display_order(9)
+                .help("enable gRPC server reflection service"),
+        )
         .subcommand(
             Command::new("memory")
                 .display_order(1)
@@ -745,6 +754,7 @@ fn create_config() -> (Configuration, &'static str) {
         matches.get_flag("limit_name_in_labels")
             || env_option_is_enabled("LIMIT_NAME_IN_PROMETHEUS_LABELS"),
         rate_limit_headers,
+        matches.get_flag("grpc_reflection_service"),
     );
 
     config.log_level = match matches.get_count("v") {