Skip to content

Commit f01fb1a

Browse files
author
Christian
committed
chore: add gRPC max message size configuration and update dependencies
- Upgrade `go-authx` to v1.2.2. - Add support for `GRPC_MAX_RECV_MESSAGE_SIZE` and `GRPC_MAX_SEND_MESSAGE_SIZE` configurations. - Update gRPC server to handle message size limits with defaults and validation. - Extend configuration logic and tests for new gRPC message size options.
1 parent de6b6b4 commit f01fb1a

6 files changed

Lines changed: 71 additions & 8 deletions

File tree

__debug_bin2302434005

21.1 MB
Binary file not shown.

cmd/server/main.go

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -64,6 +64,8 @@ func run() error {
6464
Str("version", version).
6565
Int("metrics_port", cfg.ServerPort).
6666
Int("grpc_port", cfg.GRPCPort).
67+
Int("grpc_max_recv_message_size", cfg.GRPCMaxRecvMessageSize).
68+
Int("grpc_max_send_message_size", cfg.GRPCMaxSendMessageSize).
6769
Bool("grpc_enabled", cfg.GRPCEnabled).
6870
Bool("auth_enabled", cfg.AuthEnabled).
6971
Int64("max_upload_bytes", cfg.MaxUploadSize).
@@ -266,8 +268,19 @@ func authorizationEnabled(cfg *config.Config) bool {
266268
// configuration. When TLS is enabled, it loads certificates and configures
267269
// client authentication and minimum protocol version.
268270
func buildGRPCServerOptions(cfg *config.Config, unaryInterceptors []grpc.UnaryServerInterceptor) ([]grpc.ServerOption, error) {
271+
maxRecvMessageSize := cfg.GRPCMaxRecvMessageSize
272+
if maxRecvMessageSize <= 0 {
273+
maxRecvMessageSize = 10 * 1024 * 1024
274+
}
275+
maxSendMessageSize := cfg.GRPCMaxSendMessageSize
276+
if maxSendMessageSize <= 0 {
277+
maxSendMessageSize = 10 * 1024 * 1024
278+
}
279+
269280
opts := []grpc.ServerOption{
270281
grpc.ChainUnaryInterceptor(unaryInterceptors...),
282+
grpc.MaxRecvMsgSize(maxRecvMessageSize),
283+
grpc.MaxSendMsgSize(maxSendMessageSize),
271284
}
272285

273286
if !cfg.TLSEnabled {

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ module github.com/AmmannChristian/nist-800-90b
33
go 1.25.7
44

55
require (
6-
github.com/AmmannChristian/go-authx v1.2.0
6+
github.com/AmmannChristian/go-authx v1.2.2
77
github.com/golangci/golangci-lint v1.64.8
88
github.com/google/uuid v1.6.0
99
github.com/prometheus/client_golang v1.23.2

go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,8 +12,8 @@ github.com/4meepo/tagalign v1.4.2 h1:0hcLHPGMjDyM1gHG58cS73aQF8J4TdVR96TZViorO9E
1212
github.com/4meepo/tagalign v1.4.2/go.mod h1:+p4aMyFM+ra7nb41CnFG6aSDXqRxU/w1VQqScKqDARI=
1313
github.com/Abirdcfly/dupword v0.1.3 h1:9Pa1NuAsZvpFPi9Pqkd93I7LIYRURj+A//dFd5tgBeE=
1414
github.com/Abirdcfly/dupword v0.1.3/go.mod h1:8VbB2t7e10KRNdwTVoxdBaxla6avbhGzb8sCTygUMhw=
15-
github.com/AmmannChristian/go-authx v1.2.0 h1:ETNvuugwVfztHRFGA+/slV7Jwz7Dr//cEe74FhXPCbY=
16-
github.com/AmmannChristian/go-authx v1.2.0/go.mod h1:eRp0jNgv25ARPG/dcakOPaU/a5UmqXphngCb0OnjtJg=
15+
github.com/AmmannChristian/go-authx v1.2.2 h1:wlBsZs2YwI/IE88VsommFRgJq+9lWqagWjhsiaWN9eI=
16+
github.com/AmmannChristian/go-authx v1.2.2/go.mod h1:eRp0jNgv25ARPG/dcakOPaU/a5UmqXphngCb0OnjtJg=
1717
github.com/Antonboom/errname v1.0.0 h1:oJOOWR07vS1kRusl6YRSlat7HFnb3mSfMl6sDMRoTBA=
1818
github.com/Antonboom/errname v1.0.0/go.mod h1:gMOBFzK/vrTiXN9Oh+HFs+e6Ndl0eTFbtsRTSRdXyGI=
1919
github.com/Antonboom/nilnil v1.0.1 h1:C3Tkm0KUxgfO4Duk3PM+ztPncTFlOf0b2qadmS0s4xs=

internal/config/config.go

Lines changed: 22 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -12,14 +12,18 @@ import (
1212
"time"
1313
)
1414

15+
const defaultGRPCMaxMessageSize = 10 * 1024 * 1024
16+
1517
// Config holds all runtime parameters for the server, including network
1618
// addresses, TLS settings, authentication, logging, and resource limits.
1719
type Config struct {
1820
// Server configuration (HTTP metrics/health)
19-
ServerPort int
20-
ServerHost string
21-
GRPCEnabled bool
22-
GRPCPort int
21+
ServerPort int
22+
ServerHost string
23+
GRPCEnabled bool
24+
GRPCPort int
25+
GRPCMaxRecvMessageSize int
26+
GRPCMaxSendMessageSize int
2327

2428
// TLS for gRPC
2529
TLSEnabled bool
@@ -73,6 +77,8 @@ func LoadConfig() (*Config, error) {
7377
ServerHost: getEnv("SERVER_HOST", "0.0.0.0"),
7478
GRPCEnabled: getEnvAsBool("GRPC_ENABLED", false),
7579
GRPCPort: getEnvAsInt("GRPC_PORT", 9090),
80+
GRPCMaxRecvMessageSize: getEnvAsInt("GRPC_MAX_RECV_MESSAGE_SIZE", defaultGRPCMaxMessageSize),
81+
GRPCMaxSendMessageSize: getEnvAsInt("GRPC_MAX_SEND_MESSAGE_SIZE", defaultGRPCMaxMessageSize),
7682
TLSEnabled: getEnvAsBool("TLS_ENABLED", false),
7783
TLSCertFile: getEnv("TLS_CERT_FILE", ""),
7884
TLSKeyFile: getEnv("TLS_KEY_FILE", ""),
@@ -122,6 +128,18 @@ func (c *Config) Validate() error {
122128
if c.GRPCEnabled && (c.GRPCPort < 1 || c.GRPCPort > 65535) {
123129
return fmt.Errorf("invalid gRPC port: %d (must be 1-65535)", c.GRPCPort)
124130
}
131+
if c.GRPCMaxRecvMessageSize < 0 {
132+
return fmt.Errorf("invalid GRPC_MAX_RECV_MESSAGE_SIZE: %d (must be >= 0)", c.GRPCMaxRecvMessageSize)
133+
}
134+
if c.GRPCMaxSendMessageSize < 0 {
135+
return fmt.Errorf("invalid GRPC_MAX_SEND_MESSAGE_SIZE: %d (must be >= 0)", c.GRPCMaxSendMessageSize)
136+
}
137+
if c.GRPCMaxRecvMessageSize == 0 {
138+
c.GRPCMaxRecvMessageSize = defaultGRPCMaxMessageSize
139+
}
140+
if c.GRPCMaxSendMessageSize == 0 {
141+
c.GRPCMaxSendMessageSize = defaultGRPCMaxMessageSize
142+
}
125143

126144
if c.MaxUploadSize < 1024 {
127145
return fmt.Errorf("max upload size too small: %d (must be at least 1024 bytes)", c.MaxUploadSize)

internal/config/config_test.go

Lines changed: 33 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,8 @@ func TestLoadConfig_Defaults(t *testing.T) {
2020
assert.Equal(t, "0.0.0.0", cfg.ServerHost)
2121
assert.False(t, cfg.GRPCEnabled)
2222
assert.Equal(t, 9090, cfg.GRPCPort)
23+
assert.Equal(t, 10*1024*1024, cfg.GRPCMaxRecvMessageSize)
24+
assert.Equal(t, 10*1024*1024, cfg.GRPCMaxSendMessageSize)
2325
assert.False(t, cfg.TLSEnabled)
2426
assert.Empty(t, cfg.TLSCertFile)
2527
assert.Empty(t, cfg.TLSKeyFile)
@@ -59,6 +61,8 @@ func TestLoadConfig_EnvironmentVariables(t *testing.T) {
5961
os.Setenv("SERVER_HOST", "127.0.0.1")
6062
os.Setenv("GRPC_ENABLED", "true")
6163
os.Setenv("GRPC_PORT", "50051")
64+
os.Setenv("GRPC_MAX_RECV_MESSAGE_SIZE", "12582912")
65+
os.Setenv("GRPC_MAX_SEND_MESSAGE_SIZE", "12582912")
6266
os.Setenv("TLS_ENABLED", "true")
6367
os.Setenv("TLS_CERT_FILE", "/tmp/server.crt")
6468
os.Setenv("TLS_KEY_FILE", "/tmp/server.key")
@@ -88,6 +92,8 @@ func TestLoadConfig_EnvironmentVariables(t *testing.T) {
8892
assert.Equal(t, "127.0.0.1", cfg.ServerHost)
8993
assert.True(t, cfg.GRPCEnabled)
9094
assert.Equal(t, 50051, cfg.GRPCPort)
95+
assert.Equal(t, 12582912, cfg.GRPCMaxRecvMessageSize)
96+
assert.Equal(t, 12582912, cfg.GRPCMaxSendMessageSize)
9197
assert.True(t, cfg.TLSEnabled)
9298
assert.Equal(t, "/tmp/server.crt", cfg.TLSCertFile)
9399
assert.Equal(t, "/tmp/server.key", cfg.TLSKeyFile)
@@ -233,6 +239,32 @@ func TestConfig_Validate(t *testing.T) {
233239
wantErr: true,
234240
errMsg: "invalid gRPC port",
235241
},
242+
{
243+
name: "invalid gRPC max receive message size",
244+
cfg: &Config{
245+
ServerPort: 8080,
246+
GRPCEnabled: true,
247+
GRPCPort: 9090,
248+
GRPCMaxRecvMessageSize: -1,
249+
MaxUploadSize: 1024,
250+
LogLevel: "info",
251+
},
252+
wantErr: true,
253+
errMsg: "GRPC_MAX_RECV_MESSAGE_SIZE",
254+
},
255+
{
256+
name: "invalid gRPC max send message size",
257+
cfg: &Config{
258+
ServerPort: 8080,
259+
GRPCEnabled: true,
260+
GRPCPort: 9090,
261+
GRPCMaxSendMessageSize: -1,
262+
MaxUploadSize: 1024,
263+
LogLevel: "info",
264+
},
265+
wantErr: true,
266+
errMsg: "GRPC_MAX_SEND_MESSAGE_SIZE",
267+
},
236268
{
237269
name: "invalid max upload size",
238270
cfg: &Config{
@@ -657,7 +689,7 @@ func TestLoadConfig_ValidationFailure(t *testing.T) {
657689
func clearEnv(t *testing.T) {
658690
t.Helper()
659691
envVars := []string{
660-
"SERVER_PORT", "SERVER_HOST", "GRPC_ENABLED", "GRPC_PORT", "METRICS_PORT",
692+
"SERVER_PORT", "SERVER_HOST", "GRPC_ENABLED", "GRPC_PORT", "GRPC_MAX_RECV_MESSAGE_SIZE", "GRPC_MAX_SEND_MESSAGE_SIZE", "METRICS_PORT",
661693
"TLS_ENABLED", "TLS_CERT_FILE", "TLS_KEY_FILE", "TLS_CA_FILE", "TLS_CLIENT_AUTH", "TLS_MIN_VERSION",
662694
"LOG_LEVEL", "MAX_UPLOAD_SIZE", "TIMEOUT", "METRICS_ENABLED",
663695
"AUTH_ENABLED", "AUTH_ISSUER", "AUTH_AUDIENCE", "AUTH_JWKS_URL",

0 commit comments

Comments
 (0)