pkg/pool clients: add ca_certfile and client_recv_msg_size

internal/grpc/services/gateway/applicationauth.go

@@ -35,6 +35,8 @@ func (s *svc) GenerateAppPassword(
 		pool.Endpoint(s.c.ApplicationAuthEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetAppAuthProviderServiceClient")
@@ -59,6 +61,8 @@ func (s *svc) ListAppPasswords(
 		pool.Endpoint(s.c.ApplicationAuthEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetAppAuthProviderServiceClient")
@@ -83,6 +87,8 @@ func (s *svc) InvalidateAppPassword(
 		pool.Endpoint(s.c.ApplicationAuthEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetAppAuthProviderServiceClient")
@@ -107,6 +113,8 @@ func (s *svc) GetAppPassword(
 		pool.Endpoint(s.c.ApplicationAuthEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetAppAuthProviderServiceClient")

internal/grpc/services/gateway/appprovider.go

@@ -214,6 +214,8 @@ func (s *svc) openLocalResources(ctx context.Context, ri *storageprovider.Resour
 		pool.Endpoint(provider.Address),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return nil, errors.Wrap(err, "gateway: error calling GetAppProviderClient")
@@ -242,6 +244,8 @@ func (s *svc) findAppProvider(
 		pool.Endpoint(s.c.AppRegistryEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error getting appregistry client")

internal/grpc/services/gateway/appregistry.go

@@ -35,6 +35,8 @@ func (s *svc) GetAppProviders(
 		pool.Endpoint(s.c.AppRegistryEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetAppRegistryClient")
@@ -59,6 +61,8 @@ func (s *svc) AddAppProvider(
 		pool.Endpoint(s.c.AppRegistryEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetAppRegistryClient")
@@ -83,6 +87,8 @@ func (s *svc) ListAppProviders(
 		pool.Endpoint(s.c.AppRegistryEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetAppRegistryClient")
@@ -107,6 +113,8 @@ func (s *svc) ListSupportedMimeTypes(
 		pool.Endpoint(s.c.AppRegistryEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetAppRegistryClient")
@@ -131,6 +139,8 @@ func (s *svc) GetDefaultAppProviderForMimeType(
 		pool.Endpoint(s.c.AppRegistryEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetAppRegistryClient")
@@ -155,6 +165,8 @@ func (s *svc) SetDefaultAppProviderForMimeType(
 		pool.Endpoint(s.c.AppRegistryEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetAppRegistryClient")

internal/grpc/services/gateway/authprovider.go

@@ -228,6 +228,8 @@ func (s *svc) findAuthProvider(ctx context.Context, authType string) (authpb.Pro
 		pool.Endpoint(s.c.AuthRegistryEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error getting auth registry client")
@@ -248,6 +250,8 @@ func (s *svc) findAuthProvider(ctx context.Context, authType string) (authpb.Pro
 			pool.Endpoint(res.Providers[0].Address),
 			pool.Insecure(s.c.Insecure),
 			pool.SkipVerify(s.c.SkipVerify),
+			pool.CACertFile(s.c.CACertFile),
+			pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 		)
 		if err != nil {
 			err = errors.Wrap(err, "gateway: error getting an auth provider client")

internal/grpc/services/gateway/authregistry.go

@@ -37,6 +37,8 @@ func (s *svc) ListAuthProviders(
 		pool.Endpoint(s.c.AuthRegistryEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error getting auth registry client")

internal/grpc/services/gateway/datatx.go

@@ -32,6 +32,8 @@ func (s *svc) PullTransfer(ctx context.Context, req *datatx.PullTransferRequest)
 		pool.Endpoint(s.c.DataTxEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetDataTxClient")
@@ -56,6 +58,8 @@ func (s *svc) GetTransferStatus(
 		pool.Endpoint(s.c.DataTxEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetDataTxClient")
@@ -80,6 +84,8 @@ func (s *svc) CancelTransfer(
 		pool.Endpoint(s.c.DataTxEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetDataTxClient")
@@ -104,6 +110,8 @@ func (s *svc) ListTransfers(
 		pool.Endpoint(s.c.DataTxEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetDataTxClient")
@@ -128,6 +136,8 @@ func (s *svc) RetryTransfer(
 		pool.Endpoint(s.c.DataTxEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetDataTxClient")

internal/grpc/services/gateway/gateway.go

@@ -72,6 +72,8 @@ type config struct {
 	EtagCacheTTL        int                               `mapstructure:"etag_cache_ttl"`
 	AllowedUserAgents   map[string][]string               `mapstructure:"allowed_user_agents"` // map[path][]user-agent
 	CreateHomeCacheTTL  int                               `mapstructure:"create_home_cache_ttl"`
+	CACertFile          string                            `mapstructure:"ca_certfile"`
+	MaxCallRecvMsgSize  int                               `mapstructure:"client_recv_msg_size"`
 	Insecure            bool                              `mapstructure:"insecure"`
 	SkipVerify          bool                              `mapstructure:"skip_verify"`
 }

internal/grpc/services/gateway/groupprovider.go

@@ -32,6 +32,8 @@ func (s *svc) GetGroup(ctx context.Context, req *group.GetGroupRequest) (*group.
 		pool.Endpoint(s.c.GroupProviderEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &group.GetGroupResponse{
@@ -55,6 +57,8 @@ func (s *svc) GetGroupByClaim(
 		pool.Endpoint(s.c.GroupProviderEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &group.GetGroupByClaimResponse{
@@ -75,6 +79,8 @@ func (s *svc) FindGroups(ctx context.Context, req *group.FindGroupsRequest) (*gr
 		pool.Endpoint(s.c.GroupProviderEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &group.FindGroupsResponse{
@@ -95,6 +101,8 @@ func (s *svc) GetMembers(ctx context.Context, req *group.GetMembersRequest) (*gr
 		pool.Endpoint(s.c.GroupProviderEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &group.GetMembersResponse{
@@ -115,6 +123,8 @@ func (s *svc) HasMember(ctx context.Context, req *group.HasMemberRequest) (*grou
 		pool.Endpoint(s.c.GroupProviderEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &group.HasMemberResponse{

internal/grpc/services/gateway/ocmcore.go

@@ -35,6 +35,8 @@ func (s *svc) CreateOCMCoreShare(
 		pool.Endpoint(s.c.OCMCoreEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &ocmcore.CreateOCMCoreShareResponse{

internal/grpc/services/gateway/ocminvitemanager.go

@@ -35,6 +35,8 @@ func (s *svc) GenerateInviteToken(
 		pool.Endpoint(s.c.OCMInviteManagerEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &invitepb.GenerateInviteTokenResponse{
@@ -58,6 +60,8 @@ func (s *svc) ForwardInvite(
 		pool.Endpoint(s.c.OCMInviteManagerEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &invitepb.ForwardInviteResponse{
@@ -81,6 +85,8 @@ func (s *svc) AcceptInvite(
 		pool.Endpoint(s.c.OCMInviteManagerEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &invitepb.AcceptInviteResponse{
@@ -104,6 +110,8 @@ func (s *svc) GetAcceptedUser(
 		pool.Endpoint(s.c.OCMInviteManagerEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &invitepb.GetAcceptedUserResponse{
@@ -127,6 +135,8 @@ func (s *svc) FindAcceptedUsers(
 		pool.Endpoint(s.c.OCMInviteManagerEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &invitepb.FindAcceptedUsersResponse{

internal/grpc/services/gateway/ocmproviderauthorizer.go

@@ -35,6 +35,8 @@ func (s *svc) IsProviderAllowed(
 		pool.Endpoint(s.c.OCMProviderAuthorizerEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &ocmprovider.IsProviderAllowedResponse{
@@ -58,6 +60,8 @@ func (s *svc) GetInfoByDomain(
 		pool.Endpoint(s.c.OCMProviderAuthorizerEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &ocmprovider.GetInfoByDomainResponse{
@@ -81,6 +85,8 @@ func (s *svc) ListAllProviders(
 		pool.Endpoint(s.c.OCMProviderAuthorizerEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &ocmprovider.ListAllProvidersResponse{

internal/grpc/services/gateway/ocmshareprovider.go

@@ -45,6 +45,8 @@ func (s *svc) CreateOCMShare(ctx context.Context, req *ocm.CreateOCMShareRequest
 		pool.Endpoint(s.c.OCMShareProviderEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &ocm.CreateOCMShareResponse{
@@ -83,6 +85,8 @@ func (s *svc) RemoveOCMShare(ctx context.Context, req *ocm.RemoveOCMShareRequest
 		pool.Endpoint(s.c.OCMShareProviderEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		return &ocm.RemoveOCMShareResponse{
@@ -149,6 +153,8 @@ func (s *svc) getOCMShare(ctx context.Context, req *ocm.GetOCMShareRequest) (*oc
 		pool.Endpoint(s.c.OCMShareProviderEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetOCMShareProviderClient")
@@ -171,6 +177,8 @@ func (s *svc) ListOCMShares(ctx context.Context, req *ocm.ListOCMSharesRequest)
 		pool.Endpoint(s.c.OCMShareProviderEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetOCMShareProviderClient")
@@ -192,6 +200,8 @@ func (s *svc) UpdateOCMShare(ctx context.Context, req *ocm.UpdateOCMShareRequest
 		pool.Endpoint(s.c.OCMShareProviderEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetOCMShareProviderClient")
@@ -216,6 +226,8 @@ func (s *svc) ListReceivedOCMShares(
 		pool.Endpoint(s.c.OCMShareProviderEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetOCMShareProviderClient")
@@ -241,6 +253,8 @@ func (s *svc) UpdateReceivedOCMShare(
 		pool.Endpoint(s.c.OCMShareProviderEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetOCMShareProviderClient")
@@ -463,6 +477,8 @@ func (s *svc) GetReceivedOCMShare(
 		pool.Endpoint(s.c.OCMShareProviderEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetOCMShareProviderClient")

internal/grpc/services/gateway/permissions.go

@@ -35,6 +35,8 @@ func (s *svc) CheckPermission(
 		pool.Endpoint(s.c.PermissionsEndpoint),
 		pool.Insecure(s.c.Insecure),
 		pool.SkipVerify(s.c.SkipVerify),
+		pool.CACertFile(s.c.CACertFile),
+		pool.MaxCallRecvMsgSize(s.c.MaxCallRecvMsgSize),
 	)
 	if err != nil {
 		err = errors.Wrap(err, "gateway: error calling GetPermissionssClient")