chore: clean workflow

Co-authored-by: Fernandez Ludovic <ldez@users.noreply.github.com>

.github/workflows/go-cross.yml

@@ -11,7 +11,7 @@ jobs:
 
     strategy:
       matrix:
-        go-version: [ 1.14, 1.15, 1.x ]
+        go-version: [ 1.17, 1.x ]
         os: [ubuntu-latest, macos-latest, windows-latest]
 
     steps:
@@ -29,11 +29,16 @@ jobs:
       - name: Cache Go modules
         uses: actions/cache@v2
         with:
+          # In order:
+          # * Module download cache
+          # * Build cache (Linux)
+          # * Build cache (Mac)
+          # * Build cache (Windows)
           path: |
-            ~/go/pkg/mod              # Module download cache
-            ~/.cache/go-build         # Build cache (Linux)
-            ~/Library/Caches/go-build # Build cache (Mac)
-            '%LocalAppData%\go-build' # Build cache (Windows)
+            ~/go/pkg/mod
+            ~/.cache/go-build
+            ~/Library/Caches/go-build
+            %LocalAppData%\go-build
           key: ${{ runner.os }}-${{ matrix.go-version }}-go-${{ hashFiles('**/go.sum') }}
           restore-keys: |
             ${{ runner.os }}-${{ matrix.go-version }}-go-

.github/workflows/main.yml

@@ -4,8 +4,6 @@ on:
   push:
     branches:
       - master
-    tags:
-      - v*
   pull_request:
 
 jobs:
@@ -14,9 +12,8 @@ jobs:
     name: Main Process
     runs-on: ubuntu-latest
     env:
-      GO_VERSION: 1.15
-      GOLANGCI_LINT_VERSION: v1.33.0
-      SEIHON_VERSION: v0.5.1
+      GO_VERSION: 1.17
+      GOLANGCI_LINT_VERSION: v1.44.0
       CGO_ENABLED: 0
 
     steps:
@@ -47,7 +44,6 @@ jobs:
           go mod tidy
           git diff --exit-code go.mod
           git diff --exit-code go.sum
-          go mod download
 
       # https://golangci-lint.run/usage/install#other-ci
       - name: Install golangci-lint ${{ env.GOLANGCI_LINT_VERSION }}
@@ -60,22 +56,3 @@ jobs:
 
       - name: Make Image
         run: make image
-
-      # Install Docker image multi-arch builder
-      - name: Install seihon ${{ env.SEIHON_VERSION }}
-        if: startsWith(github.ref, 'refs/tags/v')
-        run: |
-          curl -sSfL https://raw.githubusercontent.com/ldez/seihon/master/godownloader.sh | sh -s -- -b $(go env GOPATH)/bin ${SEIHON_VERSION}
-          seihon --version
-
-      - name: Docker Login
-        if: startsWith(github.ref, 'refs/tags/v')
-        env:
-          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
-          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
-        run: |
-          echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin
-
-      - name: Deploy Docker Images (seihon)
-        if: startsWith(github.ref, 'refs/tags/v')
-        run: make publish-images

.github/workflows/release.yml

@@ -0,0 +1,44 @@
+name: "Release a tag"
+on:
+  push:
+    tags:
+      - v*
+
+jobs:
+  release:
+    name: Release Process
+    runs-on: ubuntu-latest
+    env:
+      GO_VERSION: 1.17
+      SEIHON_VERSION: v0.9.0
+      CGO_ENABLED: 0
+
+    steps:
+
+      # https://github.com/marketplace/actions/setup-go-environment
+      - name: Set up Go ${{ env.GO_VERSION }}
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ env.GO_VERSION }}
+
+      # https://github.com/marketplace/actions/checkout
+      - name: Check out code
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      # Install Docker image multi-arch builder
+      - name: Install seihon ${{ env.SEIHON_VERSION }}
+        run: |
+          curl -sSfL https://raw.githubusercontent.com/ldez/seihon/master/godownloader.sh | sh -s -- -b $(go env GOPATH)/bin ${SEIHON_VERSION}
+          seihon --version
+
+      - name: Docker Login
+        env:
+          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+        run: |
+          echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin
+
+      - name: Deploy Docker Images (seihon)
+        run: make publish-images

.gitignore

@@ -1,3 +1,4 @@
 .idea
 vendor/
 /whoami
+dist/

.golangci.toml

@@ -1,49 +0,0 @@
-[run]
-  deadline = "2m"
-  skip-files = []
-
-[linters-settings]
-
-  [linters-settings.govet]
-    check-shadowing = true
-
-  [linters-settings.gocyclo]
-    min-complexity = 12.0
-
-  [linters-settings.maligned]
-    suggest-new = true
-
-  [linters-settings.goconst]
-    min-len = 3.0
-    min-occurrences = 3.0
-
-  [linters-settings.misspell]
-    locale = "US"
-
-[linters]
-  enable-all = true
-  disable = [
-    "maligned",
-    "lll",
-    "gosec",
-    "dupl",
-    "prealloc",
-    "gochecknoglobals",
-    "gochecknoinits",
-    "gomnd",
-    "wsl",
-    "nlreturn",
-    "testpackage",
-    "paralleltest",
-    "tparallel",
-    "goerr113",
-    "wrapcheck",
-    "exhaustive",
-    "exhaustivestruct",
-  ]
-
-[issues]
-  exclude-use-default = false
-  max-per-linter = 0
-  max-same-issues = 0
-  exclude = []

.golangci.yml

@@ -0,0 +1,47 @@
+run:
+  deadline: 2m
+  skip-files: []
+linters-settings:
+  govet:
+    check-shadowing: true
+  gocyclo:
+    min-complexity: 12
+  goconst:
+    min-len: 3
+    min-occurrences: 3
+  misspell:
+    locale: US
+
+linters:
+  enable-all: true
+  disable:
+    - golint # deprecated
+    - scopelint # deprecated
+    - interfacer # deprecated
+    - maligned # deprecated
+    - lll
+    - gosec
+    - dupl
+    - prealloc
+    - gochecknoglobals
+    - gochecknoinits
+    - gomnd
+    - wsl
+    - nlreturn
+    - testpackage
+    - paralleltest
+    - tparallel
+    - goerr113
+    - wrapcheck
+    - exhaustive
+    - exhaustivestruct
+    - forbidigo
+    - varnamelen
+    - nilnil
+    - ifshort
+
+issues:
+  exclude-use-default: false
+  max-per-linter: 0
+  max-same-issues: 0
+  exclude: []

LICENSE

@@ -186,8 +186,8 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright [2015-2018] [Containous]
-   Copyright [2020] [Traefik Labs]
+   Copyright [2015-2019] [Containous]
+   Copyright [2020-2022] [Traefik Labs]
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

README.md

@@ -3,27 +3,54 @@
 [![Docker Pulls](https://img.shields.io/docker/pulls/traefik/whoami.svg)](https://hub.docker.com/r/traefik/whoami/)
 [![Build Status](https://github.com/traefik/whoami/workflows/Main/badge.svg?branch=master)](https://github.com/traefik/whoami/actions)
 
-Tiny Go webserver that prints os information and HTTP request to output
+Tiny Go webserver that prints OS information and HTTP request to output.
 
 ## Usage
 
 ### Paths
 
-- `/data?size=n[&unit=u]`: creates a response with a size `n`. The unit of measure, if specified, accepts the following values: `KB`, `MB`, `GB`, `TB` (optional, default: bytes).
-- `/echo`: webSocket echo.
-- `/bench`: always return the same response (`1`).
-- `/[?wait=d]`: returns the whoami information (request and network information). The optional `wait` query parameter can be provided to tell the server to wait before sending the response. The duration is expected in Go's [`time.Duration`](https://golang.org/pkg/time/#ParseDuration) format (e.g. `/?wait=100ms` to wait 100 milliseconds).
-- `/api`: returns the whoami information as JSON.
-- `/health`: heath check
-    - `GET`, `HEAD`, ...: returns a response with the status code defined by the `POST`
-    - `POST`: changes the status code of the `GET` (`HEAD`, ...) response.
+#### `/[?wait=d]`
+
+Returns the whoami information (request and network information).
+
+The optional `wait` query parameter can be provided to tell the server to wait before sending the response.
+The duration is expected in Go's [`time.Duration`](https://golang.org/pkg/time/#ParseDuration) format (e.g. `/?wait=100ms` to wait 100 milliseconds).
+
+#### `/api`
+
+Returns the whoami information as JSON.
+
+#### `/bench`
+
+Always return the same response (`1`).
+
+#### `/data?size=n[&unit=u]`
+
+Creates a response with a size `n`.
+
+The unit of measure, if specified, accepts the following values: `KB`, `MB`, `GB`, `TB` (optional, default: bytes).
+
+#### `/echo`
+
+WebSocket echo.
+
+#### `/health`
+
+Heath check.
+
+- `GET`, `HEAD`, ...: returns a response with the status code defined by the `POST`
+- `POST`: changes the status code of the `GET` (`HEAD`, ...) response.
 
 ### Flags
 
-- `cert`: give me a certificate.
-- `key`: give me a key.
-- `port`: give me a port number. (default: 80)
-- `name`: give me a name. (it can be also defined with `WHOAMI_NAME` environment variable)
+| Flag      | Env var              | Description                             |
+|-----------|----------------------|-----------------------------------------|
+| `cert`    |                      | Give me a certificate.                  |
+| `key`     |                      | Give me a key.                          |
+| `cacert`  |                      | Give me a CA chain, enforces mutual TLS |
+| `port`    | `WHOAMI_PORT_NUMBER` | Give me a port number. (default: `80`)  |
+| `name`    | `WHOAMI_NAME`        | Give me a name.                         |
+| `verbose` |                      | Enable verbose logging.                 |
 
 ## Examples
 
@@ -66,5 +93,17 @@ $ curl -v http://localhost:80/health
 ```
 
 ```console
-docker run -d -P -v ./certs:/certs --name iamfoo traefik/whoami --cert /certs/cert.cer --key /certs/key.key
+docker run -d -P -v ./certs:/certs --name iamfoo traefik/whoami --cert /certs/example.cert --key /certs/example.key
+```
+
+```yml
+version: '3.9'
+
+services:
+  whoami:
+    image: traefik/whoami
+    command:
+       # It tells whoami to start listening on 2001 instead of 80
+       - --port 2001
+       - --name iamfoo
 ```

app.go

@@ -2,10 +2,13 @@ package main
 
 import (
 	"bytes"
+	"crypto/tls"
+	"crypto/x509"
 	"encoding/json"
 	"flag"
 	"fmt"
 	"io"
+	"io/ioutil"
 	"log"
 	"net"
 	"net/http"
@@ -31,14 +34,18 @@ const (
 var (
 	cert    string
 	key     string
+	ca      string
 	port    string
 	name    string
+	verbose bool
 )
 
 func init() {
+	flag.BoolVar(&verbose, "verbose", false, "Enable verbose logging")
 	flag.StringVar(&cert, "cert", "", "give me a certificate")
 	flag.StringVar(&key, "key", "", "give me a key")
-	flag.StringVar(&port, "port", "80", "give me a port number")
+	flag.StringVar(&ca, "cacert", "", "give me a CA chain, enforces mutual TLS")
+	flag.StringVar(&port, "port", getEnv("WHOAMI_PORT_NUMBER", "80"), "give me a port number")
 	flag.StringVar(&name, "name", os.Getenv("WHOAMI_NAME"), "give me a name")
 }
 
@@ -50,20 +57,64 @@ var upgrader = websocket.Upgrader{
 func main() {
 	flag.Parse()
 
-	http.HandleFunc("/data", dataHandler)
-	http.HandleFunc("/echo", echoHandler)
-	http.HandleFunc("/bench", benchHandler)
-	http.HandleFunc("/bench/", benchHandler)
-	http.HandleFunc("/", whoamiHandler)
-	http.HandleFunc("/api", apiHandler)
-	http.HandleFunc("/health", healthHandler)
+	mux := http.NewServeMux()
+	mux.Handle("/data", handle(dataHandler, verbose))
+	mux.Handle("/echo", handle(echoHandler, verbose))
+	mux.Handle("/bench", handle(benchHandler, verbose))
+	mux.Handle("/api", handle(apiHandler, verbose))
+	mux.Handle("/health", handle(healthHandler, verbose))
+	mux.Handle("/", handle(whoamiHandler, verbose))
 
-	fmt.Println("Starting up on port " + port)
+	if cert == "" || key == "" {
+		log.Printf("Starting up on port %s", port)
 
-	if len(cert) > 0 && len(key) > 0 {
-		log.Fatal(http.ListenAndServeTLS(":"+port, cert, key, nil))
+		log.Fatal(http.ListenAndServe(":"+port, mux))
 	}
-	log.Fatal(http.ListenAndServe(":"+port, nil))
+
+	server := &http.Server{
+		Addr:    ":" + port,
+		Handler: mux,
+	}
+
+	if len(ca) > 0 {
+		server.TLSConfig = setupMutualTLS(ca)
+	}
+
+	log.Printf("Starting up with TLS on port %s", port)
+
+	log.Fatal(server.ListenAndServeTLS(cert, key))
+}
+
+func setupMutualTLS(ca string) *tls.Config {
+	clientCACert, err := ioutil.ReadFile(ca)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	clientCertPool := x509.NewCertPool()
+	clientCertPool.AppendCertsFromPEM(clientCACert)
+
+	tlsConfig := &tls.Config{
+		ClientAuth:               tls.RequireAndVerifyClientCert,
+		ClientCAs:                clientCertPool,
+		PreferServerCipherSuites: true,
+		MinVersion:               tls.VersionTLS12,
+	}
+
+	return tlsConfig
+}
+
+func handle(next http.HandlerFunc, verbose bool) http.Handler {
+	if !verbose {
+		return next
+	}
+
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		next(w, r)
+
+		// <remote_IP_address> - [<timestamp>] "<request_method> <request_path> <request_protocol>" -
+		log.Printf("%s - - [%s] \"%s %s %s\" - -", r.RemoteAddr, time.Now().Format("02/Jan/2006:15:04:05 -0700"), r.Method, r.URL.Path, r.Proto)
+	})
 }
 
 func benchHandler(w http.ResponseWriter, _ *http.Request) {
@@ -275,3 +326,11 @@ func fillContent(length int64) io.ReadSeeker {
 
 	return bytes.NewReader(b)
 }
+
+func getEnv(key, fallback string) string {
+	value := os.Getenv(key)
+	if len(value) == 0 {
+		return fallback
+	}
+	return value
+}

go.mod

@@ -1,5 +1,5 @@
 module github.com/traefik/whoami
 
-go 1.13
+go 1.17
 
 require github.com/gorilla/websocket v1.4.2