2021-04-06 18:19:59 +00:00
|
|
|
package structs
|
|
|
|
|
|
|
|
import (
|
2021-04-29 21:44:32 +00:00
|
|
|
"encoding/json"
|
2021-04-06 18:19:59 +00:00
|
|
|
"fmt"
|
|
|
|
|
|
|
|
"github.com/hashicorp/consul/acl"
|
|
|
|
)
|
|
|
|
|
2021-04-28 22:13:29 +00:00
|
|
|
type MeshConfigEntry struct {
|
2021-04-06 18:19:59 +00:00
|
|
|
// TransparentProxy contains cluster-wide options pertaining to TPROXY mode
|
|
|
|
// when enabled.
|
2021-04-28 22:13:29 +00:00
|
|
|
TransparentProxy TransparentProxyMeshConfig `alias:"transparent_proxy"`
|
2021-04-06 18:19:59 +00:00
|
|
|
|
|
|
|
Meta map[string]string `json:",omitempty"`
|
|
|
|
EnterpriseMeta `hcl:",squash" mapstructure:",squash"`
|
|
|
|
RaftIndex
|
|
|
|
}
|
|
|
|
|
2021-04-28 22:13:29 +00:00
|
|
|
// TransparentProxyMeshConfig contains cluster-wide options pertaining to
|
2021-04-06 18:19:59 +00:00
|
|
|
// TPROXY mode when enabled.
|
2021-04-28 22:13:29 +00:00
|
|
|
type TransparentProxyMeshConfig struct {
|
2021-06-14 20:15:09 +00:00
|
|
|
// MeshDestinationsOnly can be used to disable the pass-through that
|
2021-04-06 18:19:59 +00:00
|
|
|
// allows traffic to destinations outside of the mesh.
|
2021-06-14 20:15:09 +00:00
|
|
|
MeshDestinationsOnly bool `alias:"mesh_destinations_only"`
|
2021-04-06 18:19:59 +00:00
|
|
|
}
|
|
|
|
|
2021-04-28 22:13:29 +00:00
|
|
|
func (e *MeshConfigEntry) GetKind() string {
|
|
|
|
return MeshConfig
|
2021-04-06 18:19:59 +00:00
|
|
|
}
|
|
|
|
|
2021-04-28 22:13:29 +00:00
|
|
|
func (e *MeshConfigEntry) GetName() string {
|
2021-04-06 18:19:59 +00:00
|
|
|
if e == nil {
|
|
|
|
return ""
|
|
|
|
}
|
|
|
|
|
2021-04-29 19:54:27 +00:00
|
|
|
return MeshConfigMesh
|
2021-04-06 18:19:59 +00:00
|
|
|
}
|
|
|
|
|
2021-04-28 22:13:29 +00:00
|
|
|
func (e *MeshConfigEntry) GetMeta() map[string]string {
|
2021-04-06 18:19:59 +00:00
|
|
|
if e == nil {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
return e.Meta
|
|
|
|
}
|
|
|
|
|
2021-04-28 22:13:29 +00:00
|
|
|
func (e *MeshConfigEntry) Normalize() error {
|
2021-04-06 18:19:59 +00:00
|
|
|
if e == nil {
|
|
|
|
return fmt.Errorf("config entry is nil")
|
|
|
|
}
|
|
|
|
|
|
|
|
e.EnterpriseMeta.Normalize()
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2021-04-28 22:13:29 +00:00
|
|
|
func (e *MeshConfigEntry) Validate() error {
|
2021-04-06 18:19:59 +00:00
|
|
|
if e == nil {
|
|
|
|
return fmt.Errorf("config entry is nil")
|
|
|
|
}
|
|
|
|
if err := validateConfigEntryMeta(e.Meta); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return e.validateEnterpriseMeta()
|
|
|
|
}
|
|
|
|
|
2022-03-11 21:45:51 +00:00
|
|
|
func (e *MeshConfigEntry) CanRead(authz acl.Authorizer) error {
|
|
|
|
return nil
|
2021-04-06 18:19:59 +00:00
|
|
|
}
|
|
|
|
|
2022-03-11 21:45:51 +00:00
|
|
|
func (e *MeshConfigEntry) CanWrite(authz acl.Authorizer) error {
|
2021-04-06 18:19:59 +00:00
|
|
|
var authzContext acl.AuthorizerContext
|
|
|
|
e.FillAuthzContext(&authzContext)
|
2022-03-11 21:45:51 +00:00
|
|
|
return authz.ToAllowAuthorizer().MeshWriteAllowed(&authzContext)
|
2021-04-06 18:19:59 +00:00
|
|
|
}
|
|
|
|
|
2021-04-28 22:13:29 +00:00
|
|
|
func (e *MeshConfigEntry) GetRaftIndex() *RaftIndex {
|
2021-04-06 18:19:59 +00:00
|
|
|
if e == nil {
|
|
|
|
return &RaftIndex{}
|
|
|
|
}
|
|
|
|
|
|
|
|
return &e.RaftIndex
|
|
|
|
}
|
|
|
|
|
2021-04-28 22:13:29 +00:00
|
|
|
func (e *MeshConfigEntry) GetEnterpriseMeta() *EnterpriseMeta {
|
2021-04-06 18:19:59 +00:00
|
|
|
if e == nil {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
return &e.EnterpriseMeta
|
|
|
|
}
|
2021-04-29 21:44:32 +00:00
|
|
|
|
|
|
|
// MarshalJSON adds the Kind field so that the JSON can be decoded back into the
|
|
|
|
// correct type.
|
|
|
|
// This method is implemented on the structs type (as apposed to the api type)
|
|
|
|
// because that is what the API currently uses to return a response.
|
|
|
|
func (e *MeshConfigEntry) MarshalJSON() ([]byte, error) {
|
|
|
|
type Alias MeshConfigEntry
|
|
|
|
source := &struct {
|
|
|
|
Kind string
|
|
|
|
*Alias
|
|
|
|
}{
|
|
|
|
Kind: MeshConfig,
|
|
|
|
Alias: (*Alias)(e),
|
|
|
|
}
|
|
|
|
return json.Marshal(source)
|
|
|
|
}
|