2023-03-28 19:39:22 +01:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
2023-08-11 09:12:13 -04:00
|
|
|
// SPDX-License-Identifier: BUSL-1.1
|
2023-03-28 19:39:22 +01:00
|
|
|
|
2022-07-12 11:43:42 +01:00
|
|
|
package proxycfgglue
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
|
|
|
|
"github.com/hashicorp/go-memdb"
|
|
|
|
|
|
|
|
"github.com/hashicorp/consul/agent/cache"
|
|
|
|
cachetype "github.com/hashicorp/consul/agent/cache-types"
|
|
|
|
"github.com/hashicorp/consul/agent/consul/watch"
|
|
|
|
"github.com/hashicorp/consul/agent/proxycfg"
|
|
|
|
"github.com/hashicorp/consul/agent/structs"
|
|
|
|
"github.com/hashicorp/consul/agent/structs/aclfilter"
|
|
|
|
)
|
|
|
|
|
|
|
|
// CacheFederationStateListMeshGateways satisfies the proxycfg.FederationStateListMeshGateways
|
|
|
|
// interface by sourcing data from the agent cache.
|
|
|
|
func CacheFederationStateListMeshGateways(c *cache.Cache) proxycfg.FederationStateListMeshGateways {
|
|
|
|
return &cacheProxyDataSource[*structs.DCSpecificRequest]{c, cachetype.FederationStateListMeshGatewaysName}
|
|
|
|
}
|
|
|
|
|
|
|
|
// ServerFederationStateListMeshGateways satisfies the proxycfg.FederationStateListMeshGateways
|
|
|
|
// interface by sourcing data from a blocking query against the server's state
|
|
|
|
// store.
|
|
|
|
func ServerFederationStateListMeshGateways(deps ServerDataSourceDeps) proxycfg.FederationStateListMeshGateways {
|
|
|
|
return &serverFederationStateListMeshGateways{deps}
|
|
|
|
}
|
|
|
|
|
|
|
|
type serverFederationStateListMeshGateways struct {
|
|
|
|
deps ServerDataSourceDeps
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *serverFederationStateListMeshGateways) Notify(ctx context.Context, req *structs.DCSpecificRequest, correlationID string, ch chan<- proxycfg.UpdateEvent) error {
|
|
|
|
return watch.ServerLocalNotify(ctx, correlationID, s.deps.GetStore,
|
|
|
|
func(ws memdb.WatchSet, store Store) (uint64, *structs.DatacenterIndexedCheckServiceNodes, error) {
|
|
|
|
authz, err := s.deps.ACLResolver.ResolveTokenAndDefaultMeta(req.Token, &req.EnterpriseMeta, nil)
|
|
|
|
if err != nil {
|
|
|
|
return 0, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
index, fedStates, err := store.FederationStateList(ws)
|
|
|
|
if err != nil {
|
|
|
|
return 0, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
results := make(map[string]structs.CheckServiceNodes)
|
|
|
|
for _, fs := range fedStates {
|
|
|
|
if gws := fs.MeshGateways; len(gws) != 0 {
|
|
|
|
// Shallow clone to prevent ACL filtering manipulating the slice in memdb.
|
|
|
|
results[fs.Datacenter] = gws.ShallowClone()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
rsp := &structs.DatacenterIndexedCheckServiceNodes{
|
|
|
|
DatacenterNodes: results,
|
|
|
|
QueryMeta: structs.QueryMeta{
|
|
|
|
Index: index,
|
|
|
|
Backend: structs.QueryBackendBlocking,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
aclfilter.New(authz, s.deps.Logger).Filter(rsp)
|
|
|
|
|
|
|
|
return index, rsp, nil
|
|
|
|
},
|
|
|
|
dispatchBlockingQueryUpdate[*structs.DatacenterIndexedCheckServiceNodes](ch),
|
|
|
|
)
|
|
|
|
}
|