Refactor to remove go-elasticsearch

 - Now uses Golang native HTTP requests
 - This change should make most of the subchecks work with
   ElasticSearch 7 and 8 as well as OpenSearch.

Author: martialblog

.golangci.yml

@@ -1,6 +1,9 @@
 run:
-  deadline: 1m
-  tests: false
+  timeout: 5m
+  skip-files:
+    - '(.+)_test\.go'
+    - 'internal/config/http_config.go'
+    - 'internal/config/config.go'
 
 linters:
   disable-all: false
@@ -10,14 +13,19 @@ linters:
     - whitespace
     - wsl
     - exportloopref
-  presets:
-    - bugs
-    - unused
-  fast: false
   disable:
-    - gosec
     - funlen
     - scopelint
-    - varcheck
-    - deadcode
+    - bodyclose
+    - contextcheck
+    - nilerr
+    - noctx
+    - rowserrcheck
+    - sqlclosecheck
     - structcheck
+    - unparam
+    - musttag
+  presets:
+    - bugs
+    - unused
+  fast: false

Makefile

@@ -1,7 +1,7 @@
 .PHONY: test coverage lint vet
 
 build:
-	go build
+	CGO_ENABLED=0 go build
 lint:
 	go fmt $(go list ./... | grep -v /vendor/)
 vet:

cmd/config.go

@@ -2,22 +2,32 @@ package cmd
 
 import (
 	"check_elasticsearch/internal/client"
+	"check_elasticsearch/internal/config"
+	"fmt"
+	"github.com/NETWAYS/go-check"
+	"net/http"
 	"net/url"
 	"strconv"
+	"time"
 )
 
 type Config struct {
-	Hostname string
-	Port     int
-	TLS      bool
-	Username string
-	Password string
-	Insecure bool
+	Hostname  string
+	Port      int
+	BasicAuth string
+	Bearer    string
+	CAFile    string
+	CertFile  string
+	KeyFile   string
+	TLS       bool
+	Username  string
+	Password  string
+	Insecure  bool
 }
 
 var cliConfig Config
 
-func (c *Config) Client() *client.Client {
+func (c *Config) NewClient() *client.Client {
 	u := url.URL{
 		Scheme: "http",
 		Host:   c.Hostname + ":" + strconv.Itoa(c.Port),
@@ -27,8 +37,41 @@ func (c *Config) Client() *client.Client {
 		u.Scheme = "https"
 	}
 
-	cl := client.NewClient(u.String(), c.Username, c.Password)
-	cl.Insecure = c.Insecure
+	// Create TLS configuration for default RoundTripper
+	tlsConfig, err := config.NewTLSConfig(&config.TLSConfig{
+		InsecureSkipVerify: c.Insecure,
+		CAFile:             c.CAFile,
+		KeyFile:            c.KeyFile,
+		CertFile:           c.CertFile,
+	})
 
-	return cl
+	if err != nil {
+		check.ExitError(err)
+	}
+
+	var rt http.RoundTripper = &http.Transport{
+		TLSClientConfig:       tlsConfig,
+		IdleConnTimeout:       10 * time.Second,
+		TLSHandshakeTimeout:   10 * time.Second,
+		ExpectContinueTimeout: 10 * time.Second,
+	}
+
+	// Using a Bearer Token for authentication
+	if c.Bearer != "" {
+		var t config.Secret = config.Secret(c.Bearer)
+		rt = config.NewAuthorizationCredentialsRoundTripper("Bearer", t, rt)
+	}
+
+	// Using a BasicAuth for authentication
+	if c.Username != "" {
+		if c.Password == "" {
+			check.ExitError(fmt.Errorf("Specify the user name and password for server authentication"))
+		}
+
+		var p config.Secret = config.Secret(c.Password)
+
+		rt = config.NewBasicAuthRoundTripper(c.Username, p, "", rt)
+	}
+
+	return client.NewClient(u.String(), rt)
 }

cmd/health.go

@@ -18,11 +18,7 @@ The cluster health status is:
 	Example: "  check_elasticsearch health --hostname \"127.0.0.1\" --port 9200 --username \"exampleUser\"  " +
 		"--password \"examplePass\" --tls --insecure",
 	Run: func(cmd *cobra.Command, args []string) {
-		client := cliConfig.Client()
-		err := client.Connect()
-		if err != nil {
-			check.ExitError(err)
-		}
+		client := cliConfig.NewClient()
 
 		health, err := client.Health()
 		if err != nil {

cmd/query.go

@@ -37,11 +37,7 @@ https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-query-
 			output strings.Builder
 		)
 
-		client := cliConfig.Client()
-		err := client.Connect()
-		if err != nil {
-			check.ExitError(err)
-		}
+		client := cliConfig.NewClient()
 
 		total, messages, err := client.SearchMessages(
 			cliQueryConfig.Index,

cmd/root.go

@@ -45,9 +45,9 @@ func init() {
 	pfs.IntVarP(&cliConfig.Port, "port", "p", 9200,
 		"Port of the Elasticsearch instance")
 	pfs.StringVarP(&cliConfig.Username, "username", "U", "",
-		"Username if authentication is required")
+		"Username for HTTP Basic Authentication")
 	pfs.StringVarP(&cliConfig.Password, "password", "P", "",
-		"Password if authentication is required")
+		"Password for HTTP Basic Authentication")
 	pfs.BoolVarP(&cliConfig.TLS, "tls", "S", false,
 		"Use a HTTPS connection")
 	pfs.BoolVar(&cliConfig.Insecure, "insecure", false,

go.mod

@@ -4,14 +4,19 @@ go 1.19
 
 require (
 	github.com/NETWAYS/go-check v0.4.2
-	github.com/elastic/go-elasticsearch/v7 v7.17.10
 	github.com/spf13/cobra v1.7.0
+	golang.org/x/oauth2 v0.8.0
+	gopkg.in/yaml.v2 v2.4.0
 )
 
 require (
+	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/mitchellh/go-ps v1.0.0 // indirect
 	github.com/sirupsen/logrus v1.9.2 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	golang.org/x/sys v0.2.0 // indirect
+	golang.org/x/net v0.10.0 // indirect
+	golang.org/x/sys v0.8.0 // indirect
+	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/protobuf v1.28.0 // indirect
 )

go.sum

@@ -4,8 +4,12 @@ github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46t
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/elastic/go-elasticsearch/v7 v7.17.10 h1:TCQ8i4PmIJuBunvBS6bwT2ybzVFxxUhhltAs3Gyu1yo=
-github.com/elastic/go-elasticsearch/v7 v7.17.10/go.mod h1:OJ4wdbtDNk5g503kvlHLyErCgQwwzmDtaFC4XyOxXA4=
+github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/jarcoal/httpmock v1.3.0/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg=
@@ -29,10 +33,30 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
 github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
+golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
+golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8=
+golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.2.0 h1:ljd4t30dBnAvMZaQCevtY0xLLD0A+bRZXbgLMLU1F/A=
-golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU=
+golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
+google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
+google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw=
+google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

internal/client/client.go

@@ -1,56 +1,124 @@
 package client
 
 import (
-	"crypto/tls"
+	"bytes"
+	es "check_elasticsearch/internal/elasticsearch"
+	"encoding/json"
 	"fmt"
-	es7 "github.com/elastic/go-elasticsearch/v7"
 	"net/http"
+	"net/url"
 )
 
 type Client struct {
-	Url      string
-	Username string
-	Password string
-	Insecure bool
-	Client   *es7.Client
-	Version  string
+	Client http.Client
+	Url    string
 }
 
-func NewClient(url, username, password string) *Client {
+func NewClient(url string, rt http.RoundTripper) *Client {
+	// Small wrapper
+	c := &http.Client{
+		Transport: rt,
+	}
+
 	return &Client{
-		Url:      url,
-		Username: username,
-		Password: password,
-		Insecure: false,
+		Url:    url,
+		Client: *c,
 	}
 }
 
-func (c *Client) Connect() error {
-	cfg := es7.Config{
-		Addresses: []string{c.Url},
-		Username:  c.Username,
-		Password:  c.Password,
-		Transport: &http.Transport{
-			TLSClientConfig: &tls.Config{
-				InsecureSkipVerify: c.Insecure,
-				MinVersion:         tls.VersionTLS11,
+func (c *Client) Health() (r *es.HealthResponse, err error) {
+	u, _ := url.JoinPath(c.Url, "/_cluster/health")
+	resp, err := c.Client.Get(u)
+
+	if err != nil {
+		err = fmt.Errorf("could not fetch cluster health: %w", err)
+		return
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		err = fmt.Errorf("request failed for cluster health: %s", resp.Status)
+		return
+	}
+
+	r = &es.HealthResponse{}
+
+	defer resp.Body.Close()
+	err = json.NewDecoder(resp.Body).Decode(r)
+
+	if err != nil {
+		err = fmt.Errorf("could not decode health json: %w", err)
+		return
+	}
+
+	return
+}
+
+func (c *Client) SearchMessages(index string, query string, messageKey string) (total uint, messages []string, err error) {
+	queryBody := es.SearchRequest{
+		Query: es.Query{
+			QueryString: &es.QueryString{
+				Query: query,
 			},
 		},
 	}
 
-	esClient, err := es7.NewClient(cfg)
+	data, err := json.Marshal(queryBody)
+	body := bytes.NewReader(data)
+
 	if err != nil {
-		return fmt.Errorf("could not connect to cluster: %w", err)
+		err = fmt.Errorf("error encoding query: %w", err)
+		return
 	}
 
-	c.Client = esClient
+	u, _ := url.JoinPath(c.Url, index, "/_search")
+
+	req, err := http.NewRequest("GET", u, body)
+
+	req.Header.Add("Content-Type", "application/json")
+
+	if err != nil {
+		err = fmt.Errorf("error creating request: %w", err)
+		return
+	}
+
+	p := req.URL.Query()
+	p.Add("track_total_hits", "true")
+	p.Add("size", "1")
+
+	req.URL.RawQuery = p.Encode()
+
+	resp, err := c.Client.Do(req)
+
+	if err != nil {
+		err = fmt.Errorf("could not execute search request: %w", err)
+		return
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		err = fmt.Errorf("request failed for search: %s", resp.Status)
+		return
+	}
+
+	var response es.SearchResponse
+
+	defer resp.Body.Close()
+	err = json.NewDecoder(resp.Body).Decode(&response)
 
-	info, err := c.Info()
 	if err != nil {
-		return err
+		err = fmt.Errorf("error parsing the response body: %w", err)
+		return
 	}
 
-	c.Version = info.Version.Number
+	total = response.Hits.Total.Value
+
+	for _, hit := range response.Hits.Hits {
+		if value, ok := hit.Source[messageKey]; ok {
+			messages = append(messages, fmt.Sprint(value))
+		} else {
+			err = fmt.Errorf("message does not contain key '%s': %s", messageKey, hit.Id)
+			return
+		}
+	}
 
-	return nil
+	return
 }