2022-06-01 15:18:06 +00:00
|
|
|
package proxycfgglue
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
|
2022-07-12 23:18:05 +00:00
|
|
|
"github.com/hashicorp/consul/proto/pbpeering"
|
2022-07-01 15:18:33 +00:00
|
|
|
"github.com/hashicorp/go-memdb"
|
|
|
|
|
|
|
|
"github.com/hashicorp/consul/acl"
|
2022-06-01 15:18:06 +00:00
|
|
|
"github.com/hashicorp/consul/agent/cache"
|
|
|
|
cachetype "github.com/hashicorp/consul/agent/cache-types"
|
2022-07-12 10:34:14 +00:00
|
|
|
"github.com/hashicorp/consul/agent/configentry"
|
|
|
|
"github.com/hashicorp/consul/agent/consul/discoverychain"
|
2022-07-12 10:39:27 +00:00
|
|
|
"github.com/hashicorp/consul/agent/consul/state"
|
2022-07-01 15:18:33 +00:00
|
|
|
"github.com/hashicorp/consul/agent/consul/watch"
|
2022-06-01 15:18:06 +00:00
|
|
|
"github.com/hashicorp/consul/agent/proxycfg"
|
|
|
|
"github.com/hashicorp/consul/agent/structs"
|
|
|
|
)
|
|
|
|
|
2022-07-01 15:18:33 +00:00
|
|
|
// Store is the state store interface required for server-local data sources.
|
|
|
|
type Store interface {
|
|
|
|
watch.StateStore
|
|
|
|
|
2022-07-22 10:52:05 +00:00
|
|
|
ExportedServicesForAllPeersByName(ws memdb.WatchSet, entMeta acl.EnterpriseMeta) (uint64, map[string]structs.ServiceList, error)
|
2022-07-12 10:43:42 +00:00
|
|
|
FederationStateList(ws memdb.WatchSet) (uint64, []*structs.FederationState, error)
|
2022-07-12 10:41:29 +00:00
|
|
|
GatewayServices(ws memdb.WatchSet, gateway string, entMeta *acl.EnterpriseMeta) (uint64, structs.GatewayServices, error)
|
2022-07-01 15:18:33 +00:00
|
|
|
IntentionTopology(ws memdb.WatchSet, target structs.ServiceName, downstreams bool, defaultDecision acl.EnforcementDecision, intentionTarget structs.IntentionTargetType) (uint64, structs.ServiceList, error)
|
2022-07-12 10:34:14 +00:00
|
|
|
ServiceDiscoveryChain(ws memdb.WatchSet, serviceName string, entMeta *acl.EnterpriseMeta, req discoverychain.CompileRequest) (uint64, *structs.CompiledDiscoveryChain, *configentry.DiscoveryChainSet, error)
|
2022-07-12 10:39:27 +00:00
|
|
|
PeeringTrustBundleRead(ws memdb.WatchSet, q state.Query) (uint64, *pbpeering.PeeringTrustBundle, error)
|
|
|
|
PeeringTrustBundleList(ws memdb.WatchSet, entMeta acl.EnterpriseMeta) (uint64, []*pbpeering.PeeringTrustBundle, error)
|
|
|
|
TrustBundleListByService(ws memdb.WatchSet, service, dc string, entMeta acl.EnterpriseMeta) (uint64, []*pbpeering.PeeringTrustBundle, error)
|
2022-07-21 12:38:28 +00:00
|
|
|
VirtualIPsForAllImportedServices(ws memdb.WatchSet, entMeta acl.EnterpriseMeta) (uint64, []state.ServiceVirtualIP, error)
|
2022-07-01 15:18:33 +00:00
|
|
|
}
|
|
|
|
|
2022-06-01 15:18:06 +00:00
|
|
|
// CacheCARoots satisfies the proxycfg.CARoots interface by sourcing data from
|
|
|
|
// the agent cache.
|
|
|
|
func CacheCARoots(c *cache.Cache) proxycfg.CARoots {
|
|
|
|
return &cacheProxyDataSource[*structs.DCSpecificRequest]{c, cachetype.ConnectCARootName}
|
|
|
|
}
|
|
|
|
|
|
|
|
// CacheConfigEntry satisfies the proxycfg.ConfigEntry interface by sourcing
|
|
|
|
// data from the agent cache.
|
|
|
|
func CacheConfigEntry(c *cache.Cache) proxycfg.ConfigEntry {
|
|
|
|
return &cacheProxyDataSource[*structs.ConfigEntryQuery]{c, cachetype.ConfigEntryName}
|
|
|
|
}
|
|
|
|
|
|
|
|
// CacheConfigEntryList satisfies the proxycfg.ConfigEntryList interface by
|
|
|
|
// sourcing data from the agent cache.
|
|
|
|
func CacheConfigEntryList(c *cache.Cache) proxycfg.ConfigEntryList {
|
|
|
|
return &cacheProxyDataSource[*structs.ConfigEntryQuery]{c, cachetype.ConfigEntryListName}
|
|
|
|
}
|
|
|
|
|
|
|
|
// CacheDatacenters satisfies the proxycfg.Datacenters interface by sourcing
|
|
|
|
// data from the agent cache.
|
|
|
|
func CacheDatacenters(c *cache.Cache) proxycfg.Datacenters {
|
|
|
|
return &cacheProxyDataSource[*structs.DatacentersRequest]{c, cachetype.CatalogDatacentersName}
|
|
|
|
}
|
|
|
|
|
2022-07-14 18:45:51 +00:00
|
|
|
// CacheServiceGateways satisfies the proxycfg.ServiceGateways interface by
|
|
|
|
// sourcing data from the agent cache.
|
|
|
|
func CacheServiceGateways(c *cache.Cache) proxycfg.GatewayServices {
|
|
|
|
return &cacheProxyDataSource[*structs.ServiceSpecificRequest]{c, cachetype.ServiceGatewaysName}
|
|
|
|
}
|
|
|
|
|
2022-06-01 15:18:06 +00:00
|
|
|
// CacheHTTPChecks satisifies the proxycfg.HTTPChecks interface by sourcing
|
|
|
|
// data from the agent cache.
|
|
|
|
func CacheHTTPChecks(c *cache.Cache) proxycfg.HTTPChecks {
|
|
|
|
return &cacheProxyDataSource[*cachetype.ServiceHTTPChecksRequest]{c, cachetype.ServiceHTTPChecksName}
|
|
|
|
}
|
|
|
|
|
|
|
|
// CacheIntentionUpstreams satisfies the proxycfg.IntentionUpstreams interface
|
|
|
|
// by sourcing data from the agent cache.
|
|
|
|
func CacheIntentionUpstreams(c *cache.Cache) proxycfg.IntentionUpstreams {
|
|
|
|
return &cacheProxyDataSource[*structs.ServiceSpecificRequest]{c, cachetype.IntentionUpstreamsName}
|
|
|
|
}
|
|
|
|
|
2022-07-14 18:45:51 +00:00
|
|
|
// CacheIntentionUpstreamsDestination satisfies the proxycfg.IntentionUpstreamsDestination interface
|
|
|
|
// by sourcing data from the agent cache.
|
|
|
|
func CacheIntentionUpstreamsDestination(c *cache.Cache) proxycfg.IntentionUpstreams {
|
|
|
|
return &cacheProxyDataSource[*structs.ServiceSpecificRequest]{c, cachetype.IntentionUpstreamsDestinationName}
|
|
|
|
}
|
|
|
|
|
2022-06-01 15:18:06 +00:00
|
|
|
// CacheInternalServiceDump satisfies the proxycfg.InternalServiceDump
|
|
|
|
// interface by sourcing data from the agent cache.
|
|
|
|
func CacheInternalServiceDump(c *cache.Cache) proxycfg.InternalServiceDump {
|
|
|
|
return &cacheProxyDataSource[*structs.ServiceDumpRequest]{c, cachetype.InternalServiceDumpName}
|
|
|
|
}
|
|
|
|
|
|
|
|
// CacheLeafCertificate satisifies the proxycfg.LeafCertificate interface by
|
|
|
|
// sourcing data from the agent cache.
|
|
|
|
func CacheLeafCertificate(c *cache.Cache) proxycfg.LeafCertificate {
|
|
|
|
return &cacheProxyDataSource[*cachetype.ConnectCALeafRequest]{c, cachetype.ConnectCALeafName}
|
|
|
|
}
|
|
|
|
|
|
|
|
// CachePrepraredQuery satisfies the proxycfg.PreparedQuery interface by
|
|
|
|
// sourcing data from the agent cache.
|
|
|
|
func CachePrepraredQuery(c *cache.Cache) proxycfg.PreparedQuery {
|
|
|
|
return &cacheProxyDataSource[*structs.PreparedQueryExecuteRequest]{c, cachetype.PreparedQueryName}
|
|
|
|
}
|
|
|
|
|
|
|
|
// CacheResolvedServiceConfig satisfies the proxycfg.ResolvedServiceConfig
|
|
|
|
// interface by sourcing data from the agent cache.
|
|
|
|
func CacheResolvedServiceConfig(c *cache.Cache) proxycfg.ResolvedServiceConfig {
|
|
|
|
return &cacheProxyDataSource[*structs.ServiceConfigRequest]{c, cachetype.ResolvedServiceConfigName}
|
|
|
|
}
|
|
|
|
|
|
|
|
// cacheProxyDataSource implements a generic wrapper around the agent cache to
|
|
|
|
// provide data to the proxycfg.Manager.
|
|
|
|
type cacheProxyDataSource[ReqType cache.Request] struct {
|
|
|
|
c *cache.Cache
|
|
|
|
t string
|
|
|
|
}
|
|
|
|
|
|
|
|
// Notify satisfies the interfaces used by proxycfg.Manager to source data by
|
|
|
|
// subscribing to notifications from the agent cache.
|
|
|
|
func (c *cacheProxyDataSource[ReqType]) Notify(
|
|
|
|
ctx context.Context,
|
|
|
|
req ReqType,
|
|
|
|
correlationID string,
|
|
|
|
ch chan<- proxycfg.UpdateEvent,
|
|
|
|
) error {
|
2022-07-01 15:18:33 +00:00
|
|
|
return c.c.NotifyCallback(ctx, c.t, req, correlationID, dispatchCacheUpdate(ch))
|
2022-06-01 15:18:06 +00:00
|
|
|
}
|
|
|
|
|
2022-07-01 15:18:33 +00:00
|
|
|
func dispatchCacheUpdate(ch chan<- proxycfg.UpdateEvent) cache.Callback {
|
2022-06-01 15:18:06 +00:00
|
|
|
return func(ctx context.Context, e cache.UpdateEvent) {
|
|
|
|
select {
|
2022-08-11 09:19:36 +00:00
|
|
|
case ch <- newUpdateEvent(e.CorrelationID, e.Result, e.Err):
|
2022-06-01 15:18:06 +00:00
|
|
|
case <-ctx.Done():
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2022-08-11 09:19:36 +00:00
|
|
|
|
|
|
|
func newUpdateEvent(correlationID string, result any, err error) proxycfg.UpdateEvent {
|
|
|
|
// This roughly matches the logic in agent/submatview.LocalMaterializer.isTerminalError.
|
|
|
|
if acl.IsErrNotFound(err) {
|
|
|
|
err = proxycfg.TerminalError(err)
|
|
|
|
}
|
|
|
|
return proxycfg.UpdateEvent{
|
|
|
|
CorrelationID: correlationID,
|
|
|
|
Result: result,
|
|
|
|
Err: err,
|
|
|
|
}
|
|
|
|
}
|