Add CORS handling for Zipkin collector service, fixes #703

Gopkg.toml

@@ -97,7 +97,7 @@ required = [
 
 [[constraint]]
   name = "google.golang.org/grpc"
-  version = "^1.13.0"
+  version = "=1.19.1"
 
 [[constraint]]
   name = "gopkg.in/olivere/elastic.v5"
@@ -142,3 +142,8 @@ required = [
 [[constraint]]
   name = "github.com/grpc-ecosystem/go-grpc-middleware"
   version = "1.0.0"
+
+[[constaint]]
+  name = "github.com/rs/cors"
+  version = "1.3.0"
+

Makefile

@@ -152,7 +152,7 @@ install-glide:
 .PHONY: install
 install:
 	@which dep > /dev/null || curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh
-	dep ensure
+	dep ensure -vendor-only
 
 .PHONE: elasticsearch-mappings
 elasticsearch-mappings:

cmd/collector/app/builder/builder_flags.go

@@ -24,15 +24,17 @@ import (
 )
 
 const (
-	collectorQueueSize     = "collector.queue-size"
-	collectorNumWorkers    = "collector.num-workers"
-	collectorPort          = "collector.port"
-	collectorHTTPPort      = "collector.http-port"
-	collectorGRPCPort      = "collector.grpc-port"
-	collectorGRPCTLS       = "collector.grpc.tls"
-	collectorGRPCCert      = "collector.grpc.tls.cert"
-	collectorGRPCKey       = "collector.grpc.tls.key"
-	collectorZipkinHTTPort = "collector.zipkin.http-port"
+	collectorQueueSize            = "collector.queue-size"
+	collectorNumWorkers           = "collector.num-workers"
+	collectorPort                 = "collector.port"
+	collectorHTTPPort             = "collector.http-port"
+	collectorGRPCPort             = "collector.grpc-port"
+	collectorGRPCTLS              = "collector.grpc.tls"
+	collectorGRPCCert             = "collector.grpc.tls.cert"
+	collectorGRPCKey              = "collector.grpc.tls.key"
+	collectorZipkinHTTPort        = "collector.zipkin.http-port"
+	collectorZipkinAllowedOrigins = "collector.zipkin.allowed-origins"
+	collectorZipkinAllowedHeaders = "collector.zipkin.allowed-headers"
 )
 
 // CollectorOptions holds configuration for collector
@@ -55,6 +57,10 @@ type CollectorOptions struct {
 	CollectorGRPCKey string
 	// CollectorZipkinHTTPPort is the port that the Zipkin collector service listens in on for http requests
 	CollectorZipkinHTTPPort int
+	// CollectorZipkinAllowedOrigins is a list of origins a cross-domain request to the Zipkin collector service can be executed from
+	CollectorZipkinAllowedOrigins string
+	// CollectorZipkinAllowedHeaders is a list of headers that the Zipkin collector service allowes the client to use with cross-domain requests
+	CollectorZipkinAllowedHeaders string
 }
 
 // AddFlags adds flags for CollectorOptions
@@ -68,6 +74,8 @@ func AddFlags(flags *flag.FlagSet) {
 	flags.Bool(collectorGRPCTLS, false, "Enable TLS")
 	flags.String(collectorGRPCCert, "", "Path to TLS certificate file")
 	flags.String(collectorGRPCKey, "", "Path to TLS key file")
+	flags.String(collectorZipkinAllowedOrigins, "*", "Allowed origins for the Zipkin collector service, default accepts all")
+	flags.String(collectorZipkinAllowedHeaders, "content-type", "Allowed headers for the Zipkin collector service, default content-type")
 }
 
 // InitFromViper initializes CollectorOptions with properties from viper
@@ -81,5 +89,7 @@ func (cOpts *CollectorOptions) InitFromViper(v *viper.Viper) *CollectorOptions {
 	cOpts.CollectorGRPCCert = v.GetString(collectorGRPCCert)
 	cOpts.CollectorGRPCKey = v.GetString(collectorGRPCKey)
 	cOpts.CollectorZipkinHTTPPort = v.GetInt(collectorZipkinHTTPort)
+	cOpts.CollectorZipkinAllowedOrigins = v.GetString(collectorZipkinAllowedOrigins)
+	cOpts.CollectorZipkinAllowedHeaders = v.GetString(collectorZipkinAllowedHeaders)
 	return cOpts
 }

cmd/collector/main.go

@@ -24,6 +24,7 @@ import (
 	"strconv"
 
 	"github.com/gorilla/mux"
+	"github.com/rs/cors"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 	"github.com/uber/jaeger-lib/metrics"
@@ -137,7 +138,7 @@ func main() {
 				recoveryHandler := recoveryhandler.NewRecoveryHandler(logger, true)
 				httpHandler := recoveryHandler(r)
 
-				go startZipkinHTTPAPI(logger, builderOpts.CollectorZipkinHTTPPort, zipkinSpansHandler, recoveryHandler)
+				go startZipkinHTTPAPI(logger, builderOpts.CollectorZipkinHTTPPort, builderOpts.CollectorZipkinAllowedOrigins, builderOpts.CollectorZipkinAllowedHeaders, zipkinSpansHandler, recoveryHandler)
 
 				logger.Info("Starting jaeger-collector HTTP server", zap.Int("http-port", builderOpts.CollectorHTTPPort))
 				go func() {
@@ -214,6 +215,8 @@ func startGRPCServer(
 func startZipkinHTTPAPI(
 	logger *zap.Logger,
 	zipkinPort int,
+	allowedOrigins string,
+	allowedHeaders string,
 	zipkinSpansHandler app.ZipkinSpansHandler,
 	recoveryHandler func(http.Handler) http.Handler,
 ) {
@@ -222,10 +225,16 @@ func startZipkinHTTPAPI(
 		r := mux.NewRouter()
 		zHandler.RegisterRoutes(r)
 
+		c := cors.New(cors.Options{
+			AllowedOrigins: []string{allowedOrigins},
+			AllowedMethods: []string{"POST"}, // Allowing only POST, because that's the only handled one
+			AllowedHeaders: []string{allowedHeaders},
+		})
+
 		httpPortStr := ":" + strconv.Itoa(zipkinPort)
 		logger.Info("Listening for Zipkin HTTP traffic", zap.Int("zipkin.http-port", zipkinPort))
 
-		if err := http.ListenAndServe(httpPortStr, recoveryHandler(r)); err != nil {
+		if err := http.ListenAndServe(httpPortStr, c.Handler(recoveryHandler(r))); err != nil {
 			logger.Fatal("Could not launch service", zap.Error(err))
 		}
 	}