From 9b9b6839641fa9823a9eb8dcf7b2374bdb6b7b98 Mon Sep 17 00:00:00 2001 From: Andrew Harding Date: Mon, 17 Jun 2024 08:10:08 -0600 Subject: [PATCH] Handle DialContext deprecation Signed-off-by: Andrew Harding --- v2/examples/spiffe-grpc/README.md | 2 +- v2/examples/spiffe-grpc/client/main.go | 2 +- v2/spiffegrpc/grpccredentials/credentials_test.go | 2 +- v2/workloadapi/client.go | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/v2/examples/spiffe-grpc/README.md b/v2/examples/spiffe-grpc/README.md index fdc74317..e594b19c 100644 --- a/v2/examples/spiffe-grpc/README.md +++ b/v2/examples/spiffe-grpc/README.md @@ -31,7 +31,7 @@ On the other side, the **gRPC client** uses the [workloadapi.X509Source](https:/ serverID := spiffeid.RequireFromString("spiffe://example.org/server") tlsConfig := tlsconfig.MTLSClientConfig(source, source, tlsconfig.AuthorizeID(serverID)) -conn, err := grpc.DialContext(ctx, "localhost:50051", grpc.WithTransportCredentials(credentials.NewTLS(tlsConfig))) +conn, err := grpc.NewClient("dns:///localhost:50051", grpc.WithTransportCredentials(credentials.NewTLS(tlsConfig))) ``` The [tlsconfig.Authorizer](https://pkg.go.dev/github.com/spiffe/go-spiffe/v2/spiffetls/tlsconfig?tab=doc#Authorizer) is used to authorize the mTLS peer. In this example, both the client and server use it to authorize the specific SPIFFE ID of the other side of the connection. diff --git a/v2/examples/spiffe-grpc/client/main.go b/v2/examples/spiffe-grpc/client/main.go index d0127291..a86db892 100644 --- a/v2/examples/spiffe-grpc/client/main.go +++ b/v2/examples/spiffe-grpc/client/main.go @@ -35,7 +35,7 @@ func run(ctx context.Context) error { serverID := spiffeid.RequireFromString("spiffe://example.org/server") // Dial the server with credentials that do mTLS and verify that presented certificate has SPIFFE ID `spiffe://example.org/server` - conn, err := grpc.DialContext(ctx, "localhost:50051", grpc.WithTransportCredentials( + conn, err := grpc.NewClient("dns:///localhost:50051", grpc.WithTransportCredentials( grpccredentials.MTLSClientCredentials(source, source, tlsconfig.AuthorizeID(serverID)), )) if err != nil { diff --git a/v2/spiffegrpc/grpccredentials/credentials_test.go b/v2/spiffegrpc/grpccredentials/credentials_test.go index dbcb45a7..51ca14c3 100644 --- a/v2/spiffegrpc/grpccredentials/credentials_test.go +++ b/v2/spiffegrpc/grpccredentials/credentials_test.go @@ -147,7 +147,7 @@ func testCredentials(t *testing.T, clientCreds, serverCreds credentials.Transpor _ = server.Serve(listener) }() - conn, err := grpc.DialContext(ctx, listener.Addr().String(), grpc.WithTransportCredentials(clientCreds)) + conn, err := grpc.NewClient(listener.Addr().String(), grpc.WithTransportCredentials(clientCreds)) require.NoError(t, err) defer conn.Close() diff --git a/v2/workloadapi/client.go b/v2/workloadapi/client.go index b499eef8..4d5de5d5 100644 --- a/v2/workloadapi/client.go +++ b/v2/workloadapi/client.go @@ -255,7 +255,7 @@ func (c *Client) ValidateJWTSVID(ctx context.Context, token, audience string) (* func (c *Client) newConn(ctx context.Context) (*grpc.ClientConn, error) { c.config.dialOptions = append(c.config.dialOptions, grpc.WithTransportCredentials(insecure.NewCredentials())) c.appendDialOptionsOS() - return grpc.DialContext(ctx, c.config.address, c.config.dialOptions...) + return grpc.DialContext(ctx, c.config.address, c.config.dialOptions...) //nolint:staticcheck // preserve backcompat with WithDialOptions option } func (c *Client) handleWatchError(ctx context.Context, err error, backoff *backoff) error {