2023-03-28 21:12:41 +01:00
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
2021-04-06 13:19:59 -05:00
package api
2022-05-02 09:35:25 -07:00
import (
"encoding/json"
)
2021-04-29 17:44:32 -04:00
2021-09-13 17:53:52 -04:00
// MeshConfigEntry manages the global configuration for all service mesh
// proxies.
2021-04-28 16:13:29 -06:00
type MeshConfigEntry struct {
2021-09-13 17:53:52 -04:00
// Partition is the partition the MeshConfigEntry applies to.
// Partitioning is a Consul Enterprise feature.
Partition string ` json:",omitempty" `
2021-04-06 13:19:59 -05:00
2021-09-13 17:53:52 -04:00
// Namespace is the namespace the MeshConfigEntry applies to.
// Namespacing is a Consul Enterprise feature.
Namespace string ` json:",omitempty" `
2021-04-06 13:19:59 -05:00
2021-09-13 17:53:52 -04:00
// TransparentProxy applies configuration specific to proxies
// in transparent mode.
TransparentProxy TransparentProxyMeshConfig ` alias:"transparent_proxy" `
2021-04-06 13:19:59 -05:00
2023-04-19 14:45:00 -05:00
// AllowEnablingPermissiveMutualTLS must be true in order to allow setting
// MutualTLSMode=permissive in either service-defaults or proxy-defaults.
AllowEnablingPermissiveMutualTLS bool ` json:",omitempty" alias:"allow_enabling_permissive_mutual_tls" `
2024-08-19 22:39:28 -07:00
// ValidateClusters controls whether the clusters the route table refers to are validated. The default value is
// false. When set to false and a route refers to a cluster that does not exist, the route table loads and routing
// to a non-existent cluster results in a 404. When set to true and the route is set to a cluster that do not exist,
// the route table will not load. For more information, refer to
// [HTTP route configuration in the Envoy docs](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/route.proto#envoy-v3-api-field-config-route-v3-routeconfiguration-validate-clusters)
// for more details.
ValidateClusters bool ` json:",omitempty" alias:"validate_clusters" `
2022-03-30 13:43:59 -05:00
TLS * MeshTLSConfig ` json:",omitempty" `
2022-05-02 09:35:25 -07:00
HTTP * MeshHTTPConfig ` json:",omitempty" `
2022-09-02 16:52:11 -04:00
Peering * PeeringMeshConfig ` json:",omitempty" `
2021-09-13 17:53:52 -04:00
Meta map [ string ] string ` json:",omitempty" `
2021-04-06 13:19:59 -05:00
2021-09-13 17:53:52 -04:00
// CreateIndex is the Raft index this entry was created at. This is a
// read-only field.
CreateIndex uint64
2021-04-06 13:19:59 -05:00
2021-09-13 17:53:52 -04:00
// ModifyIndex is used for the Check-And-Set operations and can also be fed
// back into the WaitIndex of the QueryOptions in order to perform blocking
// queries.
ModifyIndex uint64
2021-04-06 13:19:59 -05:00
}
2021-09-13 17:53:52 -04:00
type TransparentProxyMeshConfig struct {
MeshDestinationsOnly bool ` alias:"mesh_destinations_only" `
2021-04-06 13:19:59 -05:00
}
2022-03-30 13:43:59 -05:00
type MeshTLSConfig struct {
Incoming * MeshDirectionalTLSConfig ` json:",omitempty" `
Outgoing * MeshDirectionalTLSConfig ` json:",omitempty" `
}
type MeshDirectionalTLSConfig struct {
TLSMinVersion string ` json:",omitempty" alias:"tls_min_version" `
TLSMaxVersion string ` json:",omitempty" alias:"tls_max_version" `
CipherSuites [ ] string ` json:",omitempty" alias:"cipher_suites" `
}
2022-05-02 09:35:25 -07:00
type MeshHTTPConfig struct {
SanitizeXForwardedClientCert bool ` alias:"sanitize_x_forwarded_client_cert" `
}
2022-09-02 16:52:11 -04:00
type PeeringMeshConfig struct {
PeerThroughMeshGateways bool ` json:",omitempty" alias:"peer_through_mesh_gateways" `
}
2021-09-13 17:53:52 -04:00
func ( e * MeshConfigEntry ) GetKind ( ) string { return MeshConfig }
func ( e * MeshConfigEntry ) GetName ( ) string { return MeshConfigMesh }
func ( e * MeshConfigEntry ) GetPartition ( ) string { return e . Partition }
func ( e * MeshConfigEntry ) GetNamespace ( ) string { return e . Namespace }
func ( e * MeshConfigEntry ) GetMeta ( ) map [ string ] string { return e . Meta }
func ( e * MeshConfigEntry ) GetCreateIndex ( ) uint64 { return e . CreateIndex }
func ( e * MeshConfigEntry ) GetModifyIndex ( ) uint64 { return e . ModifyIndex }
2021-04-29 17:44:32 -04:00
// MarshalJSON adds the Kind field so that the JSON can be decoded back into the
// correct type.
func ( e * MeshConfigEntry ) MarshalJSON ( ) ( [ ] byte , error ) {
type Alias MeshConfigEntry
source := & struct {
Kind string
* Alias
} {
Kind : MeshConfig ,
Alias : ( * Alias ) ( e ) ,
}
return json . Marshal ( source )
}