added tests for the CORS flags

Signed-off-by: bugslayer-332 <[email protected]>

cmd/collector/app/handler/otlp_receiver.go

@@ -17,6 +17,7 @@ package handler
 import (
 	"context"
 	"fmt"
+	"strings"
 
 	otlp2jaeger "github.com/open-telemetry/opentelemetry-collector-contrib/pkg/translator/jaeger"
 	"go.opentelemetry.io/collector/component"
@@ -128,8 +129,12 @@ func applyHTTPSettings(cfg *confighttp.HTTPServerSettings, opts *flags.HTTPOptio
 	if opts.TLS.Enabled {
 		cfg.TLSSetting = applyTLSSettings(&opts.TLS)
 	}
-	cfg.CORS.AllowedHeaders = opts.CORS.AllowedHeaders
-	cfg.CORS.AllowedOrigins = opts.CORS.AllowedOrigins
+	allowedOrigins := strings.Split(strings.ReplaceAll(opts.CORS.AllowedOrigins, " ", ""), ",")
+	allowedHeaders := strings.Split(strings.ReplaceAll(opts.CORS.AllowedHeaders, " ", ""), ",")
+	cfg.CORS = &confighttp.CORSSettings{
+		AllowedOrigins: allowedOrigins,
+		AllowedHeaders: allowedHeaders,
+	}
 }
 
 func applyTLSSettings(opts *tlscfg.Options) *configtls.TLSServerSetting {

cmd/collector/app/handler/otlp_receiver_test.go

@@ -17,6 +17,7 @@ package handler
 import (
 	"context"
 	"errors"
+	"fmt"
 	"testing"
 	"time"
 
@@ -30,6 +31,7 @@ import (
 
 	"github.com/jaegertracing/jaeger/cmd/collector/app/flags"
 	"github.com/jaegertracing/jaeger/model"
+	"github.com/jaegertracing/jaeger/pkg/config/corscfg"
 	"github.com/jaegertracing/jaeger/pkg/config/tlscfg"
 	"github.com/jaegertracing/jaeger/pkg/tenancy"
 	"github.com/jaegertracing/jaeger/pkg/testutils"
@@ -204,11 +206,16 @@ func TestApplyOTLPHTTPServerSettings(t *testing.T) {
 			MinVersion:   "1.1",
 			MaxVersion:   "1.3",
 		},
+		CORS: corscfg.Options{
+			AllowedOrigins: "http://example.domain.com , http://*.domain.com ",
+			AllowedHeaders: "Content-Type, Accept, X-Requested-With",
+		},
 	}
 
 	applyHTTPSettings(otlpReceiverConfig.HTTP, httpOpts)
 
 	out := otlpReceiverConfig.HTTP
+	fmt.Println(out)
 	assert.Equal(t, out.Endpoint, ":12345")
 	require.NotNil(t, out.TLSSetting)
 	assert.Equal(t, out.TLSSetting.CAFile, "ca")
@@ -217,4 +224,6 @@ func TestApplyOTLPHTTPServerSettings(t *testing.T) {
 	assert.Equal(t, out.TLSSetting.ClientCAFile, "clientca")
 	assert.Equal(t, out.TLSSetting.MinVersion, "1.1")
 	assert.Equal(t, out.TLSSetting.MaxVersion, "1.3")
+	assert.Equal(t, out.CORS.AllowedHeaders, []string{"Content-Type", "Accept", "X-Requested-With"})
+	assert.Equal(t, out.CORS.AllowedOrigins, []string{"http://example.domain.com", "http://*.domain.com"})
 }

cmd/collector/app/server/zipkin.go

@@ -17,6 +17,7 @@ package server
 import (
 	"net"
 	"net/http"
+	"strings"
 	"time"
 
 	"github.com/gorilla/mux"
@@ -84,11 +85,13 @@ func serveZipkin(server *http.Server, listener net.Listener, params *ZipkinServe
 	r := mux.NewRouter()
 	zHandler := zipkin.NewAPIHandler(params.Handler)
 	zHandler.RegisterRoutes(r)
+	allowedOrigins := strings.Split(strings.ReplaceAll(params.CORSConfig.AllowedOrigins, " ", ""), ",")
+	allowedHeaders := strings.Split(strings.ReplaceAll(params.CORSConfig.AllowedHeaders, " ", ""), ",")
 
 	cors := cors.New(cors.Options{
-		AllowedOrigins: params.CORSConfig.AllowedOrigins,
+		AllowedOrigins: allowedOrigins,
 		AllowedMethods: []string{"POST"}, // Allowing only POST, because that's the only handled one
-		AllowedHeaders: params.CORSConfig.AllowedHeaders,
+		AllowedHeaders: allowedHeaders,
 	})
 
 	recoveryHandler := recoveryhandler.NewRecoveryHandler(params.Logger, true)

pkg/config/corscfg/flags.go

@@ -37,7 +37,7 @@ func (c Flags) AddFlags(flags *flag.FlagSet) {
 
 func (c Flags) InitFromViper(v *viper.Viper) Options {
 	var p Options
-	p.AllowedHeaders = v.GetStringSlice(c.Prefix + corsAllowedHeaders)
-	p.AllowedOrigins = v.GetStringSlice(c.Prefix + corsAllowedOrigins)
+	p.AllowedHeaders = v.GetString(c.Prefix + corsAllowedHeaders)
+	p.AllowedOrigins = v.GetString(c.Prefix + corsAllowedOrigins)
 	return p
 }

pkg/config/corscfg/flags_test.go

@@ -0,0 +1,57 @@
+// Copyright (c) 2023 The Jaeger Authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package corscfg
+
+import (
+	"flag"
+	"fmt"
+	"testing"
+
+	"github.com/spf13/cobra"
+	"github.com/spf13/viper"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestCORSFlags(t *testing.T) {
+	cmdFlags := []string{
+		"--prefix.cors.allowed-headers=Content-Type,Accept,X-Requested-With",
+		"--prefix.cors.allowed-origins=http://example.domain.com,http://*.domain.com",
+	}
+	t.Run("string slice checking", func(t *testing.T) {
+		v := viper.New()
+		command := cobra.Command{}
+		flagSet := &flag.FlagSet{}
+		flagCfg := Flags{
+			Prefix: "prefix",
+		}
+		flagCfg.AddFlags(flagSet)
+		command.PersistentFlags().AddGoFlagSet(flagSet)
+		v.BindPFlags(command.PersistentFlags())
+
+		err := command.ParseFlags(cmdFlags)
+		require.NoError(t, err)
+
+		corsOpts := flagCfg.InitFromViper(v)
+		fmt.Println(corsOpts)
+
+		assert.Equal(t, Options{
+			AllowedHeaders: "Content-Type,Accept,X-Requested-With",
+			AllowedOrigins: "http://example.domain.com,http://*.domain.com",
+		}, corsOpts)
+
+	})
+
+}

pkg/config/corscfg/options.go

@@ -15,6 +15,6 @@
 package corscfg
 
 type Options struct {
-	AllowedOrigins []string `mapstructure:"allowed_origins"`
-	AllowedHeaders []string `mapstructure:"allowed_headers"`
+	AllowedOrigins string `mapstructure:"allowed_origins"`
+	AllowedHeaders string `mapstructure:"allowed_headers"`
 }