endpoints: Modify gRPC bookstore to support gRPC on Cloud Run (GoogleCloudPlatform#2764)

* endpoints: Modify gRPC bookstore to support gRPC on Cloud Run

- Allow client to make TLS calls
- Server determines port from env var

Signed-off-by: Teju Nareddy <[email protected]>

* Modify dockerfile, move roots.pem

Signed-off-by: Teju Nareddy <[email protected]>

Co-authored-by: Leah E. Cole <[email protected]>
Co-authored-by: Doug Mahugh <[email protected]>

Author: 3 people

endpoints/README.md

@@ -0,0 +1,8 @@
+## Google Cloud Endpoints Examples
+
+The files in this directory are referenced from [Google Cloud Endpoints Documentation](https://cloud.google.com/endpoints/docs/).
+
+### CA File
+
+`roots.pem` is copied from [github.com/grpc/grpc](https://github.com/grpc/grpc/blob/master/etc/roots.pem).
+This file should be updated regularly.

endpoints/bookstore-grpc/Dockerfile

@@ -17,6 +17,4 @@ ADD . /bookstore/
 WORKDIR /bookstore
 RUN pip install -r requirements.txt
 
-EXPOSE 8000
-
 ENTRYPOINT ["python", "/bookstore/bookstore_server.py"]

endpoints/bookstore-grpc/bookstore_client.py

@@ -22,10 +22,15 @@
 import bookstore_pb2_grpc
 
 
-def run(host, port, api_key, auth_token, timeout):
+def run(host, port, api_key, auth_token, timeout, use_tls):
     """Makes a basic ListShelves call against a gRPC Bookstore server."""
 
-    channel = grpc.insecure_channel('{}:{}'.format(host, port))
+    if use_tls:
+        with open('../roots.pem', 'rb') as f:
+            creds = grpc.ssl_channel_credentials(f.read())
+        channel = grpc.secure_channel('{}:{}'.format(host, port), creds)
+    else:
+        channel = grpc.insecure_channel('{}:{}'.format(host, port))
 
     stub = bookstore_pb2_grpc.BookstoreStub(channel)
     metadata = []
@@ -52,5 +57,8 @@ def run(host, port, api_key, auth_token, timeout):
     parser.add_argument(
         '--auth_token', default=None,
         help='The JWT auth token to use for the call')
+    parser.add_argument(
+        '--use_tls', type=bool, default=False,
+        help='Enable when the server requires TLS')
     args = parser.parse_args()
-    run(args.host, args.port, args.api_key, args.auth_token, args.timeout)
+    run(args.host, args.port, args.api_key, args.auth_token, args.timeout, args.use_tls)

endpoints/bookstore-grpc/bookstore_server.py

@@ -17,6 +17,7 @@
 import argparse
 from concurrent import futures
 import time
+import os
 
 from google.protobuf import struct_pb2
 import grpc
@@ -109,6 +110,8 @@ def serve(port, shutdown_grace_duration):
     server.add_insecure_port('[::]:{}'.format(port))
     server.start()
 
+    print('Listening on port {}'.format(port))
+
     try:
         while True:
             time.sleep(_ONE_DAY_IN_SECONDS)
@@ -121,11 +124,20 @@ def serve(port, shutdown_grace_duration):
         description=__doc__,
         formatter_class=argparse.RawDescriptionHelpFormatter)
     parser.add_argument(
-        '--port', type=int, default=8000, help='The port to listen on')
+        '--port', type=int, default=None,
+        help='The port to listen on.'
+             'If arg is not set, will listen on the $PORT env var.'
+             'If env var is empty, defaults to 8000.')
     parser.add_argument(
         '--shutdown_grace_duration', type=int, default=5,
         help='The shutdown grace duration, in seconds')
 
     args = parser.parse_args()
 
-    serve(args.port, args.shutdown_grace_duration)
+    port = args.port
+    if not port:
+        port = os.environ.get('PORT')
+    if not port:
+        port = 8000
+
+    serve(port, args.shutdown_grace_duration)