From 4d3f3ea8d28de2f9a3e85af23f5104a379b58f1b Mon Sep 17 00:00:00 2001 From: James Phillips Date: Fri, 24 Mar 2017 09:23:25 -0700 Subject: [PATCH] Changes verson 8 ACLs to opt-out. --- command/agent/agent_endpoint_test.go | 4 +-- command/agent/config.go | 2 +- command/agent/config_test.go | 4 +-- testutil/server.go | 39 ++++++++++++++-------------- 4 files changed, 25 insertions(+), 24 deletions(-) diff --git a/command/agent/agent_endpoint_test.go b/command/agent/agent_endpoint_test.go index fcb2c67a52..8d685301f4 100644 --- a/command/agent/agent_endpoint_test.go +++ b/command/agent/agent_endpoint_test.go @@ -312,7 +312,7 @@ func TestAgent_Reload(t *testing.T) { if err != nil { t.Fatalf("err: %s", err) } - _, err = tmpFile.WriteString(`{"service":{"name":"redis"}}`) + _, err = tmpFile.WriteString(`{"acl_enforce_version_8": false, "service":{"name":"redis"}}`) if err != nil { t.Fatalf("err: %s", err) } @@ -356,7 +356,7 @@ func TestAgent_Reload(t *testing.T) { t.Fatalf("missing redis service") } - err = ioutil.WriteFile(tmpFile.Name(), []byte(`{"service":{"name":"redis-reloaded"}}`), 0644) + err = ioutil.WriteFile(tmpFile.Name(), []byte(`{"acl_enforce_version_8": false, "service":{"name":"redis-reloaded"}}`), 0644) if err != nil { t.Fatalf("err: %v", err) } diff --git a/command/agent/config.go b/command/agent/config.go index 5ab19d758e..74a60a0353 100644 --- a/command/agent/config.go +++ b/command/agent/config.go @@ -827,7 +827,7 @@ func DefaultConfig() *Config { ACLDownPolicy: "extend-cache", ACLDefaultPolicy: "allow", ACLDisabledTTL: 120 * time.Second, - ACLEnforceVersion8: Bool(false), + ACLEnforceVersion8: Bool(true), RetryInterval: 30 * time.Second, RetryIntervalWan: 30 * time.Second, diff --git a/command/agent/config_test.go b/command/agent/config_test.go index f4d47e54da..1b062b12cd 100644 --- a/command/agent/config_test.go +++ b/command/agent/config_test.go @@ -747,9 +747,9 @@ func TestDecodeConfig(t *testing.T) { } // ACL flag for Consul version 0.8 features (broken out since we will - // eventually remove this). We first verify this is opt-out. + // eventually remove this). config = DefaultConfig() - if *config.ACLEnforceVersion8 != false { + if *config.ACLEnforceVersion8 != true { t.Fatalf("bad: %#v", config) } diff --git a/testutil/server.go b/testutil/server.go index 1e736bd6e8..e0a554acdc 100644 --- a/testutil/server.go +++ b/testutil/server.go @@ -54,25 +54,26 @@ type TestAddressConfig struct { // TestServerConfig is the main server configuration struct. type TestServerConfig struct { - NodeName string `json:"node_name"` - NodeMeta map[string]string `json:"node_meta,omitempty"` - Performance *TestPerformanceConfig `json:"performance,omitempty"` - Bootstrap bool `json:"bootstrap,omitempty"` - Server bool `json:"server,omitempty"` - DataDir string `json:"data_dir,omitempty"` - Datacenter string `json:"datacenter,omitempty"` - DisableCheckpoint bool `json:"disable_update_check"` - LogLevel string `json:"log_level,omitempty"` - Bind string `json:"bind_addr,omitempty"` - Addresses *TestAddressConfig `json:"addresses,omitempty"` - Ports *TestPortConfig `json:"ports,omitempty"` - RaftProtocol int `json:"raft_protocol,omitempty"` - ACLMasterToken string `json:"acl_master_token,omitempty"` - ACLDatacenter string `json:"acl_datacenter,omitempty"` - ACLDefaultPolicy string `json:"acl_default_policy,omitempty"` - Encrypt string `json:"encrypt,omitempty"` - Stdout, Stderr io.Writer `json:"-"` - Args []string `json:"-"` + NodeName string `json:"node_name"` + NodeMeta map[string]string `json:"node_meta,omitempty"` + Performance *TestPerformanceConfig `json:"performance,omitempty"` + Bootstrap bool `json:"bootstrap,omitempty"` + Server bool `json:"server,omitempty"` + DataDir string `json:"data_dir,omitempty"` + Datacenter string `json:"datacenter,omitempty"` + DisableCheckpoint bool `json:"disable_update_check"` + LogLevel string `json:"log_level,omitempty"` + Bind string `json:"bind_addr,omitempty"` + Addresses *TestAddressConfig `json:"addresses,omitempty"` + Ports *TestPortConfig `json:"ports,omitempty"` + RaftProtocol int `json:"raft_protocol,omitempty"` + ACLMasterToken string `json:"acl_master_token,omitempty"` + ACLDatacenter string `json:"acl_datacenter,omitempty"` + ACLDefaultPolicy string `json:"acl_default_policy,omitempty"` + ACLEnforceVersion8 bool `json:"acl_enforce_version_8"` + Encrypt string `json:"encrypt,omitempty"` + Stdout, Stderr io.Writer `json:"-"` + Args []string `json:"-"` } // ServerConfigCallback is a function interface which can be