Replace Service URL with Interceptor URL

SDK Questions sdk-golang
1

Hello guys,

Im following this code for go sdk-golang/exercises/http/client/zitified/simple-client.go at main · openziti/sdk-golang (github.com) where it uses service url but not interceptor url.

I want to use interceptor url, i have this conifgured interceptor "main.ziti" on netfoundry, can you guide me on how to approach it ?

Here's the video https://youtu.be/onpv1Lfz_5E

Also, what If I dont specify the actual location of configFile does the SDK automatically look for configFile on environment ZITI_IDENTITIES or I need to specify it on code ?

I can likely use TPM to encrypt the configFile and update the environment variable dynamically for ziti related process.

2

You're trying to make an http request to something like "http://${service_name}"? That way you don't need an intercept config, right? That one you found, sadly, doesn't have the ziti cli commands used to set up the example but we have another very similar one that has a better readme you might want to check out at GitHub - openziti-test-kitchen/go-http: GoLang HTTP Clients & Servers + Alternative Networking

Give that a look, and if you're still stuck let us know and we'll get you fixed up. :slight_smile:

3

Thanks, I just wanted to replace http.svc with the intercept host, I think if i remove the dial part it can be done. And on the configFile file, i figured I can pass in the value from environment.

image
image970×741 75.5 KB

4

Oh that's the opposite of what I thought you were asking.

To use the intercepting style with that sample, you need to use ziti.LoadContext and make a transport/http client as shown below.

Update the simple-client.go code with the following function

func createZitifiedHttpClient(idFile string) http.Client {
	ziti.LoadContext(idFile)
	zitiTransport := http.DefaultTransport.(*http.Transport).Clone() // copy default transport
	zitiTransport.DialContext = func(ctx context.Context, network, addr string) (net.Conn, error) {
		dialer := ziti.NewDialerWithFallback(ctx, nil)
		return dialer.Dial(network, addr)
	}
	return http.Client{Transport: zitiTransport}
}

Then invoke like this:

go run simple-client.go ./client.json main.ziti
Hello response: zitified hello from sg3u22
Add Result: zitified a+b=1+2=3

Hope that helps

5

thanks the intercept version is working, but seems like it's being deprecated. Do you suggest to use the service version instead of intercept host ?

image
image893×572 40.8 KB

6

It's been replaced with ziti.NewSdkCollection, but I couldn't find the correct syntax to get that working quite right...

@andrew.martinez, I think you could probably help out on this?

7

It would be good if I can pass in raw configFile to newSDKCollection, that's because the configFile will be encrypted by TPM or Yubikey so decryption will likely happen at runtime which can be passed to ziti.

Currently the load context can receive raw string while the newConfigFromFile does not accept raw string .

8

I forgot to reply to this. Personally, I use service dials instead of intercept based. I find it more obvious and straightforward to debug, myself. But really whichever way you do it that's works best for you is what matters. :laughing: