acl: change authmethod.Validator to take a logger (#7758)

This commit is contained in:
R.B. Boyer 2020-05-01 15:55:26 -05:00 committed by GitHub
parent 8927b54121
commit 54ba8e3868
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 12 additions and 7 deletions

View File

@ -25,7 +25,7 @@ func (s *Server) loadAuthMethodValidator(idx uint64, method *structs.ACLAuthMeth
return v, nil
}
v, err := authmethod.NewValidator(method)
v, err := authmethod.NewValidator(s.logger, method)
if err != nil {
return nil, fmt.Errorf("auth method validator for %q could not be initialized: %v", method.Name, err)
}

View File

@ -2111,7 +2111,7 @@ func (a *ACL) AuthMethodSet(args *structs.ACLAuthMethodSetRequest, reply *struct
// Instantiate a validator but do not cache it yet. This will validate the
// configuration.
if _, err := authmethod.NewValidator(method); err != nil {
if _, err := authmethod.NewValidator(a.srv.logger, method); err != nil {
return fmt.Errorf("Invalid Auth Method: %v", err)
}

View File

@ -6,6 +6,7 @@ import (
"sync"
"github.com/hashicorp/consul/agent/structs"
"github.com/hashicorp/go-hclog"
"github.com/mitchellh/mapstructure"
)
@ -24,7 +25,7 @@ type Cache interface {
Purge()
}
type ValidatorFactory func(method *structs.ACLAuthMethod) (Validator, error)
type ValidatorFactory func(logger hclog.Logger, method *structs.ACLAuthMethod) (Validator, error)
type Validator interface {
// Name returns the name of the auth method backing this validator.
@ -131,7 +132,7 @@ func (c *authMethodCache) Purge() {
// NewValidator instantiates a new Validator for the given auth method
// configuration. If no auth method is registered with the provided type an
// error is returned.
func NewValidator(method *structs.ACLAuthMethod) (Validator, error) {
func NewValidator(logger hclog.Logger, method *structs.ACLAuthMethod) (Validator, error) {
typesMu.RLock()
factory, ok := types[method.Type]
typesMu.RUnlock()
@ -140,7 +141,9 @@ func NewValidator(method *structs.ACLAuthMethod) (Validator, error) {
return nil, fmt.Errorf("no auth method registered with type: %s", method.Type)
}
return factory(method)
logger = logger.Named("authmethod").With("type", method.Type, "name", method.Name)
return factory(logger, method)
}
// Types returns a sorted list of the names of the registered types.

View File

@ -8,6 +8,7 @@ import (
"github.com/hashicorp/consul/agent/consul/authmethod"
"github.com/hashicorp/consul/agent/structs"
cleanhttp "github.com/hashicorp/go-cleanhttp"
"github.com/hashicorp/go-hclog"
"gopkg.in/square/go-jose.v2/jwt"
authv1 "k8s.io/api/authentication/v1"
client_metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@ -20,7 +21,7 @@ import (
func init() {
// register this as an available auth method type
authmethod.Register("kubernetes", func(method *structs.ACLAuthMethod) (authmethod.Validator, error) {
authmethod.Register("kubernetes", func(_ hclog.Logger, method *structs.ACLAuthMethod) (authmethod.Validator, error) {
v, err := NewValidator(method)
if err != nil {
return nil, err

View File

@ -7,6 +7,7 @@ import (
"github.com/hashicorp/consul/acl"
"github.com/hashicorp/consul/agent/consul/authmethod"
"github.com/hashicorp/consul/agent/structs"
"github.com/hashicorp/go-hclog"
"github.com/hashicorp/go-uuid"
)
@ -84,7 +85,7 @@ type Config struct {
enterpriseConfig `mapstructure:",squash"`
}
func newValidator(method *structs.ACLAuthMethod) (authmethod.Validator, error) {
func newValidator(logger hclog.Logger, method *structs.ACLAuthMethod) (authmethod.Validator, error) {
if method.Type != "testing" {
return nil, fmt.Errorf("%q is not a testing auth method", method.Name)
}