2023-03-28 19:39:22 +01:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
2023-08-11 09:12:13 -04:00
|
|
|
// SPDX-License-Identifier: BUSL-1.1
|
2023-03-28 19:39:22 +01:00
|
|
|
|
2022-09-01 15:45:07 +01:00
|
|
|
package proxycfgglue
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
|
|
|
|
"github.com/hashicorp/go-memdb"
|
|
|
|
|
2023-05-02 16:23:42 -04:00
|
|
|
"github.com/hashicorp/consul/acl"
|
2022-09-01 15:45:07 +01:00
|
|
|
"github.com/hashicorp/consul/agent/cache"
|
|
|
|
cachetype "github.com/hashicorp/consul/agent/cache-types"
|
|
|
|
"github.com/hashicorp/consul/agent/configentry"
|
|
|
|
"github.com/hashicorp/consul/agent/consul/watch"
|
|
|
|
"github.com/hashicorp/consul/agent/proxycfg"
|
|
|
|
"github.com/hashicorp/consul/agent/structs"
|
|
|
|
)
|
|
|
|
|
|
|
|
// CacheResolvedServiceConfig satisfies the proxycfg.ResolvedServiceConfig
|
|
|
|
// interface by sourcing data from the agent cache.
|
|
|
|
func CacheResolvedServiceConfig(c *cache.Cache) proxycfg.ResolvedServiceConfig {
|
|
|
|
return &cacheProxyDataSource[*structs.ServiceConfigRequest]{c, cachetype.ResolvedServiceConfigName}
|
|
|
|
}
|
|
|
|
|
|
|
|
// ServerResolvedServiceConfig satisfies the proxycfg.ResolvedServiceConfig
|
|
|
|
// interface by sourcing data from a blocking query against the server's state
|
|
|
|
// store.
|
|
|
|
func ServerResolvedServiceConfig(deps ServerDataSourceDeps, remoteSource proxycfg.ResolvedServiceConfig) proxycfg.ResolvedServiceConfig {
|
|
|
|
return &serverResolvedServiceConfig{deps, remoteSource}
|
|
|
|
}
|
|
|
|
|
|
|
|
type serverResolvedServiceConfig struct {
|
|
|
|
deps ServerDataSourceDeps
|
|
|
|
remoteSource proxycfg.ResolvedServiceConfig
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *serverResolvedServiceConfig) Notify(ctx context.Context, req *structs.ServiceConfigRequest, correlationID string, ch chan<- proxycfg.UpdateEvent) error {
|
|
|
|
if req.Datacenter != s.deps.Datacenter {
|
|
|
|
return s.remoteSource.Notify(ctx, req, correlationID, ch)
|
|
|
|
}
|
|
|
|
|
|
|
|
return watch.ServerLocalNotify(ctx, correlationID, s.deps.GetStore,
|
|
|
|
func(ws memdb.WatchSet, store Store) (uint64, *structs.ServiceConfigResponse, error) {
|
2023-05-02 16:23:42 -04:00
|
|
|
var authzContext acl.AuthorizerContext
|
|
|
|
authz, err := s.deps.ACLResolver.ResolveTokenAndDefaultMeta(req.Token, &req.EnterpriseMeta, &authzContext)
|
2022-09-01 15:45:07 +01:00
|
|
|
if err != nil {
|
|
|
|
return 0, nil, err
|
|
|
|
}
|
|
|
|
|
2023-05-02 16:23:42 -04:00
|
|
|
if err := authz.ToAllowAuthorizer().ServiceReadAllowed(req.Name, &authzContext); err != nil {
|
2022-09-01 15:45:07 +01:00
|
|
|
return 0, nil, err
|
|
|
|
}
|
|
|
|
|
2023-02-03 09:51:53 -06:00
|
|
|
idx, entries, err := store.ReadResolvedServiceConfigEntries(ws, req.Name, &req.EnterpriseMeta, req.GetLocalUpstreamIDs(), req.Mode)
|
2022-09-01 15:45:07 +01:00
|
|
|
if err != nil {
|
|
|
|
return 0, nil, err
|
|
|
|
}
|
|
|
|
|
2023-02-03 09:51:53 -06:00
|
|
|
reply, err := configentry.ComputeResolvedServiceConfig(req, entries, s.deps.Logger)
|
2022-09-01 15:45:07 +01:00
|
|
|
if err != nil {
|
|
|
|
return 0, nil, err
|
|
|
|
}
|
|
|
|
reply.Index = idx
|
|
|
|
|
|
|
|
return idx, reply, nil
|
|
|
|
},
|
|
|
|
dispatchBlockingQueryUpdate[*structs.ServiceConfigResponse](ch),
|
|
|
|
)
|
|
|
|
}
|