рабочий вариант, но скороть 10 МБит

2026-05-22 21:46:49 +03:00
parent 469fa0e860
commit 20d361a886
280 changed files with 954890 additions and 18524 deletions
@@ -14,7 +14,6 @@ type RuntimeConfig struct {
 	Scope          string
 	ServiceClasses []string
 	TLSMode        string
-	HTTPPort       int
 	HTTPSPort      int
 }

@@ -59,23 +58,6 @@ type Response struct {
 	ObservedAt    string   `json:"observed_at"`
 }

-func (r Runtime) HTTPHandler() http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
-		if strings.HasPrefix(req.URL.Path, "/.well-known/acme-challenge/") {
-			writeJSON(w, http.StatusNotFound, r.response("not_found", "acme_challenge_backend_not_configured", ""))
-			return
-		}
-		if req.URL.Path == "/healthz" || req.URL.Path == "/readyz" {
-			writeJSON(w, http.StatusOK, r.response("ready", "http_redirect_runtime_ready", ""))
-			return
-		}
-		target := "https://" + req.Host + req.URL.RequestURI()
-		w.Header().Set("Location", target)
-		w.Header().Set("Cache-Control", "no-store")
-		w.WriteHeader(http.StatusPermanentRedirect)
-	})
-}
-
 func (r Runtime) HTTPSHandler() http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
 		if req.URL.Path == "/healthz" || req.URL.Path == "/readyz" {
@@ -98,7 +80,7 @@ func (r Runtime) HTTPSHandler() http.Handler {
 			writeJSON(w, http.StatusNotImplemented, r.response("blocked", "fabric_service_channel_binding_not_implemented", serviceClass))
 			return
 		}
-		scope := scopeForServiceClass(serviceClass, r.Config.Scope)
+		scope := scopeForServiceClass(serviceClass, req.URL.Path, r.Config.Scope)
 		body, err := io.ReadAll(http.MaxBytesReader(w, req.Body, 1<<20))
 		if err != nil {
 			writeJSON(w, http.StatusRequestEntityTooLarge, r.response("blocked", "request_body_too_large", serviceClass))
@@ -146,32 +128,38 @@ func (r Runtime) response(status, reason, serviceClass string) Response {
 	}
 }

-func scopeForServiceClass(serviceClass string, fallback string) string {
+func scopeForServiceClass(serviceClass string, path string, fallback string) string {
+	path = strings.Trim(strings.ToLower(path), "/")
 	switch strings.TrimSpace(serviceClass) {
-	case "platform_admin":
-		return "platform"
-	case "cluster_admin":
-		return "cluster"
-	case "organization_portal":
-		return "organization"
-	case "user_portal":
-		return "user"
+	case "admin-ingress":
+		if strings.HasPrefix(path, "clusters/") {
+			return "cluster"
+		}
+		return firstNonEmpty(strings.TrimSpace(fallback), "platform")
+	case "public-ingress":
+		if strings.HasPrefix(path, "users/") {
+			return "user"
+		}
+		return firstNonEmpty(strings.TrimSpace(fallback), "organization")
 	default:
 		return strings.TrimSpace(fallback)
 	}
 }

+func firstNonEmpty(value string, fallback string) string {
+	if strings.TrimSpace(value) != "" {
+		return strings.TrimSpace(value)
+	}
+	return strings.TrimSpace(fallback)
+}
+
 func serviceClassFromPath(path string) string {
 	path = strings.Trim(strings.ToLower(path), "/")
 	switch {
-	case strings.HasPrefix(path, "platform-admin"):
-		return "platform_admin"
-	case strings.HasPrefix(path, "cluster-admin"):
-		return "cluster_admin"
-	case strings.HasPrefix(path, "organizations/"):
-		return "organization_portal"
-	case strings.HasPrefix(path, "users/"):
-		return "user_portal"
+	case strings.HasPrefix(path, "admin/"), strings.HasPrefix(path, "platform/"), strings.HasPrefix(path, "clusters/"):
+		return "admin-ingress"
+	case strings.HasPrefix(path, "public/"), strings.HasPrefix(path, "organizations/"), strings.HasPrefix(path, "users/"):
+		return "public-ingress"
 	default:
 		return ""
 	}