From cceb94b9bf3415fa8f4d9d4f4a8aef39a8ee139f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=98?= <zxx1991@live.com>
Date: Mon, 25 Mar 2024 16:31:39 +0800
Subject: [PATCH] + polish

---
 Dockerfile       |  2 +-
 metrics_proxy.go | 58 ++++++++++++++++++++++++++++++++----------------
 2 files changed, 40 insertions(+), 20 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index bba8cba..e395564 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,6 +6,6 @@ RUN make build
 # RUN make insight-linux
 
 FROM alpine:3.15
-COPY --from=build /app/etcd-metrics-proxy  /
+COPY --from=builder /build/etcd-metrics-proxy  /
 ENTRYPOINT [ "/etcd-metrics-proxy" ]
 EXPOSE 2381 2381
diff --git a/metrics_proxy.go b/metrics_proxy.go
index afe597a..f4c0c80 100644
--- a/metrics_proxy.go
+++ b/metrics_proxy.go
@@ -5,11 +5,11 @@ import (
 	"crypto/x509"
 	"flag"
 	"fmt"
-	"io/ioutil"
 	"log"
 	"net/http"
 	"net/http/httputil"
 	"net/url"
+	"os"
 )
 
 type config struct {
@@ -50,31 +50,48 @@ func main() {
 	flag.Parse()
 	validateFlags(&c)
 
-	proxy := httputil.NewSingleHostReverseProxy(&url.URL{
-		Scheme: "https",
-		Host:   fmt.Sprintf("%s:%d", c.upstreamHost, c.upstreamPort),
-	})
+	var tryHttp bool
 
 	pool := x509.NewCertPool()
-	capem, err := ioutil.ReadFile(c.etcdCA)
+	capem, err := os.ReadFile(c.etcdCA)
 	if err != nil {
-		log.Fatal(err)
-	}
-	if !pool.AppendCertsFromPEM(capem) {
-		log.Fatal("error: failed to add ca to cert pool")
+		log.Println(err)
+		tryHttp = true
 	}
 
-	cert, err := tls.LoadX509KeyPair(c.etcdCert, c.etcdKey)
-	if err != nil {
-		log.Fatal(err)
+	var scheme string
+	var host string
+	if tryHttp {
+		scheme = "http"
+		host = fmt.Sprintf("%s:%d", c.upstreamHost, c.port)
+	} else {
+		scheme = "https"
+		host = fmt.Sprintf("%s:%d", c.upstreamHost, c.upstreamPort)
 	}
 
-	proxy.Transport = &http.Transport{
-		TLSClientConfig: &tls.Config{
-			RootCAs:      pool,
-			Certificates: []tls.Certificate{cert},
-			ServerName:   c.upstreamServerName,
-		},
+	log.Printf("will proxy: %s://%s", scheme, host)
+	proxy := httputil.NewSingleHostReverseProxy(&url.URL{
+		Scheme: scheme,
+		Host:   host,
+	})
+
+	if !tryHttp {
+		if !pool.AppendCertsFromPEM(capem) {
+			log.Fatal("error: failed to add ca to cert pool")
+		}
+
+		cert, err := tls.LoadX509KeyPair(c.etcdCert, c.etcdKey)
+		if err != nil {
+			log.Fatal(err)
+		}
+
+		proxy.Transport = &http.Transport{
+			TLSClientConfig: &tls.Config{
+				RootCAs:      pool,
+				Certificates: []tls.Certificate{cert},
+				ServerName:   c.upstreamServerName,
+			},
+		}
 	}
 
 	director := proxy.Director
@@ -85,6 +102,9 @@ func main() {
 
 	server := http.NewServeMux()
 	server.Handle("/metrics", proxy)
+	server.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		fmt.Fprint(w, "ok")
+	})
 
 	addr := fmt.Sprintf(":%d", c.port)
 	log.Printf("server: listening on %s\n", addr)