consul/internal/resource/registry.go

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: BUSL-1.1

package resource

import (
	"fmt"
	"regexp"
	"strings"
	"sync"

	"google.golang.org/protobuf/proto"

	"github.com/hashicorp/consul/acl"
	"github.com/hashicorp/consul/internal/storage"
	"github.com/hashicorp/consul/proto-public/pbresource"
)

var (
	groupRegexp        = regexp.MustCompile(`^[a-z][a-z\d_]+$`)
	groupVersionRegexp = regexp.MustCompile(`^v([a-z\d]+)?\d$`)
	kindRegexp         = regexp.MustCompile(`^[A-Z][A-Za-z\d]+$`)
	// Track resource types that are allowed to have an undefined scope. These are usually
	// non-customer facing or internal types.
	undefinedScopeAllowed = map[string]bool{
		storage.UnversionedTypeFrom(TypeV1Tombstone).String(): true,
	}
)

func isUndefinedScopeAllowed(t *pbresource.Type) bool {
	return undefinedScopeAllowed[storage.UnversionedTypeFrom(t).String()]
}

type Registry interface {
	// Register the given resource type and its hooks.
	Register(reg Registration)

	// Resolve the given resource type and its hooks.
	Resolve(typ *pbresource.Type) (reg Registration, ok bool)

	Types() []Registration
}

type Registration struct {
	// Type is the GVK of the resource type.
	Type *pbresource.Type

	// Proto is the resource's protobuf message type.
	Proto proto.Message

	// ACLs are hooks called to perform authorization on RPCs.
	ACLs *ACLHooks

	// Validate is called to structurally validate the resource (e.g.
	// check for required fields).
	Validate func(*pbresource.Resource) error

	// Mutate is called to fill out any autogenerated fields (e.g. UUIDs) or
	// apply defaults before validation.
	Mutate func(*pbresource.Resource) error

	// Scope describes the tenancy scope of a resource.
	Scope Scope
}

type ACLHooks struct {
	// Read is used to authorize Read RPCs and to filter results in List
	// RPCs.
	//
	// If it is omitted, `operator:read` permission is assumed.
	Read func(acl.Authorizer, *acl.AuthorizerContext, *pbresource.ID) error

	// Write is used to authorize Write and Delete RPCs.
	//
	// If it is omitted, `operator:write` permission is assumed.
	Write func(acl.Authorizer, *acl.AuthorizerContext, *pbresource.Resource) error

	// List is used to authorize List RPCs.
	//
	// If it is omitted, we only filter the results using Read.
	List func(acl.Authorizer, *acl.AuthorizerContext) error
}

// Resource type registry
type TypeRegistry struct {
	// registrations keyed by GVK
	registrations map[string]Registration
	lock          sync.RWMutex
}

func NewRegistry() Registry {
	registry := &TypeRegistry{registrations: make(map[string]Registration)}
	// Tombstone is an implicitly registered type since it is used to implement
	// the cascading deletion of resources. ACLs end up being defaulted to
	// operator:<read,write>. It is useful to note that tombstone creation
	// does not get routed through the resource service and bypasses ACLs
	// as part of the Delete endpoint.
	registry.Register(Registration{
		Type:  TypeV1Tombstone,
		Proto: &pbresource.Tombstone{},
	})
	return registry
}

func (r *TypeRegistry) Register(registration Registration) {
	typ := registration.Type
	if typ.Group == "" || typ.GroupVersion == "" || typ.Kind == "" {
		panic("type field(s) cannot be empty")
	}

	switch {
	case !groupRegexp.MatchString(typ.Group):
		panic(fmt.Sprintf("Type.Group must be in snake_case. Got: %q", typ.Group))
	case !groupVersionRegexp.MatchString(typ.GroupVersion):
		panic(fmt.Sprintf("Type.GroupVersion must be lowercase, start with `v`, and end with a number (e.g. `v2` or `v1alpha1`). Got: %q", typ.Group))
	case !kindRegexp.MatchString(typ.Kind):
		panic(fmt.Sprintf("Type.Kind must be in PascalCase. Got: %q", typ.Kind))
	}

	if registration.Proto == nil {
		panic("Proto field is required.")
	}

	if registration.Scope == ScopeUndefined && !isUndefinedScopeAllowed(typ) {
		panic(fmt.Sprintf("scope required for %s. Got: %q", typ, registration.Scope))
	}

	r.lock.Lock()
	defer r.lock.Unlock()

	key := ToGVK(registration.Type)
	if _, ok := r.registrations[key]; ok {
		panic(fmt.Sprintf("resource type %s already registered", key))
	}

	// set default acl hooks for those not provided
	if registration.ACLs == nil {
		registration.ACLs = &ACLHooks{}
	}
	if registration.ACLs.Read == nil {
		registration.ACLs.Read = func(authz acl.Authorizer, authzContext *acl.AuthorizerContext, id *pbresource.ID) error {
			return authz.ToAllowAuthorizer().OperatorReadAllowed(authzContext)
		}
	}
	if registration.ACLs.Write == nil {
		registration.ACLs.Write = func(authz acl.Authorizer, authzContext *acl.AuthorizerContext, id *pbresource.Resource) error {
			return authz.ToAllowAuthorizer().OperatorWriteAllowed(authzContext)
		}
	}
	if registration.ACLs.List == nil {
		registration.ACLs.List = func(authz acl.Authorizer, authzContext *acl.AuthorizerContext) error {
			return authz.ToAllowAuthorizer().OperatorReadAllowed(&acl.AuthorizerContext{})
		}
	}

	// default validation to a no-op
	if registration.Validate == nil {
		registration.Validate = func(resource *pbresource.Resource) error { return nil }
	}

	// default mutate to a no-op
	if registration.Mutate == nil {
		registration.Mutate = func(resource *pbresource.Resource) error { return nil }
	}

	r.registrations[key] = registration
}

func (r *TypeRegistry) Resolve(typ *pbresource.Type) (reg Registration, ok bool) {
	r.lock.RLock()
	defer r.lock.RUnlock()

	if registration, ok := r.registrations[ToGVK(typ)]; ok {
		return registration, true
	}
	return Registration{}, false
}

func (r *TypeRegistry) Types() []Registration {
	r.lock.RLock()
	defer r.lock.RUnlock()

	types := make([]Registration, 0, len(r.registrations))
	for _, v := range r.registrations {
		types = append(types, v)
	}
	return types
}

func ToGVK(resourceType *pbresource.Type) string {
	return fmt.Sprintf("%s.%s.%s", resourceType.Group, resourceType.GroupVersion, resourceType.Kind)
}

func ParseGVK(gvk string) (*pbresource.Type, error) {
	parts := strings.Split(gvk, ".")
	if len(parts) != 3 {
		return nil, fmt.Errorf("GVK string must be in the form <Group>.<GroupVersion>.<Kind>, got: %s", gvk)
	}
	return &pbresource.Type{
		Group:        parts[0],
		GroupVersion: parts[1],
		Kind:         parts[2],
	}, nil
}
Copyright headers for missing files/folders (#16708) * copyright headers for agent folder 2023-03-28 22:48:58 +00:00			`// Copyright (c) HashiCorp, Inc.`
[COMPLIANCE] License changes (#18443) * Adding explicit MPL license for sub-package This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Adding explicit MPL license for sub-package This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Updating the license from MPL to Business Source License Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at <Blog URL>, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl. * add missing license headers * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 --------- Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com> 2023-08-11 13:12:13 +00:00			`// SPDX-License-Identifier: BUSL-1.1`
Copyright headers for missing files/folders (#16708) * copyright headers for agent folder 2023-03-28 22:48:58 +00:00
Basic resource type registry (#16622) 2023-03-14 18:30:25 +00:00			`package resource`

			`import (`
			`"fmt"`
resource: enforce consistent naming of resource types (#17611) For consistency, resource type names must follow these rules: - `Group` must be snake case, and in most cases a single word. - `GroupVersion` must be lowercase, start with a "v" and end with a number. - `Kind` must be pascal case. These were chosen because they map to our protobuf type naming conventions. 2023-06-26 12:25:14 +00:00			`"regexp"`
Net-2712/resource hcl parsing (#18250) * Initial protohcl implementation Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Daniel Upton <daniel@floppy.co> * resourcehcl: implement resource decoding on top of protohcl Co-authored-by: Daniel Upton <daniel@floppy.co> * fix: resolve ci failures * test: add additional unmarshalling tests * refactor: update function test to clean protohcl package imports --------- Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Daniel Upton <daniel@floppy.co> 2023-08-11 19:52:51 +00:00			`"strings"`
Basic resource type registry (#16622) 2023-03-14 18:30:25 +00:00			`"sync"`

Resource `Write` endpoint (#16786) 2023-04-06 09:40:04 +00:00			`"google.golang.org/protobuf/proto"`

Check acls on resource `Read`, `List`, and `WatchList` (#16842) 2023-04-11 11:10:14 +00:00			`"github.com/hashicorp/consul/acl"`
resource: Require scope for resource registration (#18635) 2023-09-01 14:44:53 +00:00			`"github.com/hashicorp/consul/internal/storage"`
Basic resource type registry (#16622) 2023-03-14 18:30:25 +00:00			`"github.com/hashicorp/consul/proto-public/pbresource"`
			`)`

resource: enforce consistent naming of resource types (#17611) For consistency, resource type names must follow these rules: - `Group` must be snake case, and in most cases a single word. - `GroupVersion` must be lowercase, start with a "v" and end with a number. - `Kind` must be pascal case. These were chosen because they map to our protobuf type naming conventions. 2023-06-26 12:25:14 +00:00			`var (`
			groupRegexp = regexp.MustCompile(`^[a-z][a-z\d_]+$`)
			groupVersionRegexp = regexp.MustCompile(`^v([a-z\d]+)?\d$`)
			kindRegexp = regexp.MustCompile(`^[A-Z][A-Za-z\d]+$`)
resource: Require scope for resource registration (#18635) 2023-09-01 14:44:53 +00:00			`// Track resource types that are allowed to have an undefined scope. These are usually`
			`// non-customer facing or internal types.`
			`undefinedScopeAllowed = map[string]bool{`
			`storage.UnversionedTypeFrom(TypeV1Tombstone).String(): true,`
			`}`
resource: enforce consistent naming of resource types (#17611) For consistency, resource type names must follow these rules: - `Group` must be snake case, and in most cases a single word. - `GroupVersion` must be lowercase, start with a "v" and end with a number. - `Kind` must be pascal case. These were chosen because they map to our protobuf type naming conventions. 2023-06-26 12:25:14 +00:00			`)`

resource: Require scope for resource registration (#18635) 2023-09-01 14:44:53 +00:00			`func isUndefinedScopeAllowed(t *pbresource.Type) bool {`
			`return undefinedScopeAllowed[storage.UnversionedTypeFrom(t).String()]`
			`}`

Basic resource type registry (#16622) 2023-03-14 18:30:25 +00:00			`type Registry interface {`
			`// Register the given resource type and its hooks.`
			`Register(reg Registration)`

			`// Resolve the given resource type and its hooks.`
			`Resolve(typ *pbresource.Type) (reg Registration, ok bool)`
expose grpc as http endpoint (#18221) expose resource grpc endpoints as http endpoints 2023-08-04 18:27:48 +00:00
			`Types() []Registration`
Basic resource type registry (#16622) 2023-03-14 18:30:25 +00:00			`}`

			`type Registration struct {`
			`// Type is the GVK of the resource type.`
			`Type *pbresource.Type`

Resource `Write` endpoint (#16786) 2023-04-06 09:40:04 +00:00			`// Proto is the resource's protobuf message type.`
			`Proto proto.Message`

Check acls on resource `Read`, `List`, and `WatchList` (#16842) 2023-04-11 11:10:14 +00:00			`// ACLs are hooks called to perform authorization on RPCs.`
			`ACLs *ACLHooks`

Resource validation hook for `Write` endpoint (#16950) 2023-04-11 11:55:32 +00:00			`// Validate is called to structurally validate the resource (e.g.`
			`// check for required fields).`
			`Validate func(*pbresource.Resource) error`

Call resource mutate hook before validate hook (NET-4907) (#18178) 2023-07-19 18:10:57 +00:00			`// Mutate is called to fill out any autogenerated fields (e.g. UUIDs) or`
			`// apply defaults before validation.`
Add mutate hook to `Write` endpoint (#16958) 2023-04-12 21:50:07 +00:00			`Mutate func(*pbresource.Resource) error`
resource: Add scope to resource type registration [NET-4976] (#18214) Enables querying a resource type's registration to determine if a resource is cluster, partition, or partition and namespace scoped. 2023-07-24 16:34:30 +00:00
			`// Scope describes the tenancy scope of a resource.`
			`Scope Scope`
Basic resource type registry (#16622) 2023-03-14 18:30:25 +00:00			`}`

Check acls on resource `Read`, `List`, and `WatchList` (#16842) 2023-04-11 11:10:14 +00:00			`type ACLHooks struct {`
			`// Read is used to authorize Read RPCs and to filter results in List`
			`// RPCs.`
			`//`
			// If it is omitted, `operator:read` permission is assumed.
resource: Make resource read tenancy aware (#18397) 2023-08-07 21:37:03 +00:00			`Read func(acl.Authorizer, acl.AuthorizerContext, pbresource.ID) error`
Check acls on resource `Read`, `List`, and `WatchList` (#16842) 2023-04-11 11:10:14 +00:00
			`// Write is used to authorize Write and Delete RPCs.`
			`//`
			// If it is omitted, `operator:write` permission is assumed.
resource: Make resource write tenancy aware (#18423) 2023-08-10 14:53:38 +00:00			`Write func(acl.Authorizer, acl.AuthorizerContext, pbresource.Resource) error`
Check acls on resource `Read`, `List`, and `WatchList` (#16842) 2023-04-11 11:10:14 +00:00
			`// List is used to authorize List RPCs.`
			`//`
			`// If it is omitted, we only filter the results using Read.`
resource: Make resource list tenancy aware (#18475) 2023-08-15 21:57:59 +00:00			`List func(acl.Authorizer, *acl.AuthorizerContext) error`
Check acls on resource `Read`, `List`, and `WatchList` (#16842) 2023-04-11 11:10:14 +00:00			`}`
Basic resource type registry (#16622) 2023-03-14 18:30:25 +00:00
			`// Resource type registry`
			`type TypeRegistry struct {`
			`// registrations keyed by GVK`
			`registrations map[string]Registration`
			`lock sync.RWMutex`
			`}`

			`func NewRegistry() Registry {`
Create tombstone on resource `Delete` (#17108) 2023-04-28 15:49:08 +00:00			`registry := &TypeRegistry{registrations: make(map[string]Registration)}`
			`// Tombstone is an implicitly registered type since it is used to implement`
			`// the cascading deletion of resources. ACLs end up being defaulted to`
			`// operator:<read,write>. It is useful to note that tombstone creation`
			`// does not get routed through the resource service and bypasses ACLs`
			`// as part of the Delete endpoint.`
			`registry.Register(Registration{`
			`Type: TypeV1Tombstone,`
			`Proto: &pbresource.Tombstone{},`
			`})`
			`return registry`
Basic resource type registry (#16622) 2023-03-14 18:30:25 +00:00			`}`

			`func (r *TypeRegistry) Register(registration Registration) {`
			`typ := registration.Type`
			`if typ.Group == "" \|\| typ.GroupVersion == "" \|\| typ.Kind == "" {`
			`panic("type field(s) cannot be empty")`
			`}`

resource: enforce consistent naming of resource types (#17611) For consistency, resource type names must follow these rules: - `Group` must be snake case, and in most cases a single word. - `GroupVersion` must be lowercase, start with a "v" and end with a number. - `Kind` must be pascal case. These were chosen because they map to our protobuf type naming conventions. 2023-06-26 12:25:14 +00:00			`switch {`
			`case !groupRegexp.MatchString(typ.Group):`
			`panic(fmt.Sprintf("Type.Group must be in snake_case. Got: %q", typ.Group))`
			`case !groupVersionRegexp.MatchString(typ.GroupVersion):`
			panic(fmt.Sprintf("Type.GroupVersion must be lowercase, start with `v`, and end with a number (e.g. `v2` or `v1alpha1`). Got: %q", typ.Group))
			`case !kindRegexp.MatchString(typ.Kind):`
			`panic(fmt.Sprintf("Type.Kind must be in PascalCase. Got: %q", typ.Kind))`
			`}`

resource: Require scope for resource registration (#18635) 2023-09-01 14:44:53 +00:00			`if registration.Proto == nil {`
			`panic("Proto field is required.")`
			`}`

			`if registration.Scope == ScopeUndefined && !isUndefinedScopeAllowed(typ) {`
			`panic(fmt.Sprintf("scope required for %s. Got: %q", typ, registration.Scope))`
			`}`

resource: enforce consistent naming of resource types (#17611) For consistency, resource type names must follow these rules: - `Group` must be snake case, and in most cases a single word. - `GroupVersion` must be lowercase, start with a "v" and end with a number. - `Kind` must be pascal case. These were chosen because they map to our protobuf type naming conventions. 2023-06-26 12:25:14 +00:00			`r.lock.Lock()`
			`defer r.lock.Unlock()`

Basic resource type registry (#16622) 2023-03-14 18:30:25 +00:00			`key := ToGVK(registration.Type)`
			`if _, ok := r.registrations[key]; ok {`
			`panic(fmt.Sprintf("resource type %s already registered", key))`
			`}`

Check acls on resource `Read`, `List`, and `WatchList` (#16842) 2023-04-11 11:10:14 +00:00			`// set default acl hooks for those not provided`
			`if registration.ACLs == nil {`
			`registration.ACLs = &ACLHooks{}`
			`}`
			`if registration.ACLs.Read == nil {`
resource: Make resource read tenancy aware (#18397) 2023-08-07 21:37:03 +00:00			`registration.ACLs.Read = func(authz acl.Authorizer, authzContext acl.AuthorizerContext, id pbresource.ID) error {`
			`return authz.ToAllowAuthorizer().OperatorReadAllowed(authzContext)`
Check acls on resource `Read`, `List`, and `WatchList` (#16842) 2023-04-11 11:10:14 +00:00			`}`
			`}`
			`if registration.ACLs.Write == nil {`
resource: Make resource write tenancy aware (#18423) 2023-08-10 14:53:38 +00:00			`registration.ACLs.Write = func(authz acl.Authorizer, authzContext acl.AuthorizerContext, id pbresource.Resource) error {`
			`return authz.ToAllowAuthorizer().OperatorWriteAllowed(authzContext)`
Check acls on resource `Read`, `List`, and `WatchList` (#16842) 2023-04-11 11:10:14 +00:00			`}`
			`}`
			`if registration.ACLs.List == nil {`
resource: Make resource list tenancy aware (#18475) 2023-08-15 21:57:59 +00:00			`registration.ACLs.List = func(authz acl.Authorizer, authzContext *acl.AuthorizerContext) error {`
Check acls on resource `Read`, `List`, and `WatchList` (#16842) 2023-04-11 11:10:14 +00:00			`return authz.ToAllowAuthorizer().OperatorReadAllowed(&acl.AuthorizerContext{})`
			`}`
			`}`
Resource validation hook for `Write` endpoint (#16950) 2023-04-11 11:55:32 +00:00
			`// default validation to a no-op`
			`if registration.Validate == nil {`
			`registration.Validate = func(resource *pbresource.Resource) error { return nil }`
			`}`

Add mutate hook to `Write` endpoint (#16958) 2023-04-12 21:50:07 +00:00			`// default mutate to a no-op`
			`if registration.Mutate == nil {`
			`registration.Mutate = func(resource *pbresource.Resource) error { return nil }`
			`}`

Basic resource type registry (#16622) 2023-03-14 18:30:25 +00:00			`r.registrations[key] = registration`
			`}`

			`func (r TypeRegistry) Resolve(typ pbresource.Type) (reg Registration, ok bool) {`
			`r.lock.RLock()`
			`defer r.lock.RUnlock()`

			`if registration, ok := r.registrations[ToGVK(typ)]; ok {`
			`return registration, true`
			`}`
			`return Registration{}, false`
			`}`

expose grpc as http endpoint (#18221) expose resource grpc endpoints as http endpoints 2023-08-04 18:27:48 +00:00			`func (r *TypeRegistry) Types() []Registration {`
			`r.lock.RLock()`
			`defer r.lock.RUnlock()`

			`types := make([]Registration, 0, len(r.registrations))`
			`for _, v := range r.registrations {`
			`types = append(types, v)`
			`}`
			`return types`
			`}`

Basic resource type registry (#16622) 2023-03-14 18:30:25 +00:00			`func ToGVK(resourceType *pbresource.Type) string {`
Check acls on resource `Read`, `List`, and `WatchList` (#16842) 2023-04-11 11:10:14 +00:00			`return fmt.Sprintf("%s.%s.%s", resourceType.Group, resourceType.GroupVersion, resourceType.Kind)`
Basic resource type registry (#16622) 2023-03-14 18:30:25 +00:00			`}`
Net-2712/resource hcl parsing (#18250) * Initial protohcl implementation Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Daniel Upton <daniel@floppy.co> * resourcehcl: implement resource decoding on top of protohcl Co-authored-by: Daniel Upton <daniel@floppy.co> * fix: resolve ci failures * test: add additional unmarshalling tests * refactor: update function test to clean protohcl package imports --------- Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com> Co-authored-by: Daniel Upton <daniel@floppy.co> 2023-08-11 19:52:51 +00:00
			`func ParseGVK(gvk string) (*pbresource.Type, error) {`
			`parts := strings.Split(gvk, ".")`
			`if len(parts) != 3 {`
			`return nil, fmt.Errorf("GVK string must be in the form <Group>.<GroupVersion>.<Kind>, got: %s", gvk)`
			`}`
			`return &pbresource.Type{`
			`Group: parts[0],`
			`GroupVersion: parts[1],`
			`Kind: parts[2],`
			`}, nil`
			`}`