NET-7783: Fix sameness group expansion to 0 sources error CE (#20584)

2024-02-12 17:04:18 +05:30 · 2024-02-12 17:04:18 +05:30 · 9d8f9a5470
parent c8e4cea69c
commit 9d8f9a5470
3 changed files with 9 additions and 8 deletions
--- a/internal/auth/internal/controllers/trafficpermissions/builder.go
+++ b/internal/auth/internal/controllers/trafficpermissions/builder.go
@ -41,7 +41,7 @@ func newTrafficPermissionsBuilder(expander expander.SamenessGroupExpander, sgMap

 // track will use all associated XTrafficPermissions to create new ComputedTrafficPermissions samenessGroupsForTrafficPermission
 func track[S types.XTrafficPermissions](tpb *trafficPermissionsBuilder, xtp *resource.DecodedResource[S]) {
-	missingSamenessGroups := tpb.sgExpander.Expand(xtp.Data, tpb.sgMap)
+	permissions, missingSamenessGroups := tpb.sgExpander.Expand(xtp.Data, tpb.sgMap)

 	if len(missingSamenessGroups) > 0 {
 		tpb.missing[resource.NewReferenceKey(xtp.Id)] = missingSamenessGroupReferences{
@ -53,9 +53,9 @@ func track[S types.XTrafficPermissions](tpb *trafficPermissionsBuilder, xtp *res
 	tpb.isDefault = false

 	if xtp.Data.GetAction() == pbauth.Action_ACTION_ALLOW {
-		tpb.allowedPermissions = append(tpb.allowedPermissions, xtp.Data.GetPermissions()...)
+		tpb.allowedPermissions = append(tpb.allowedPermissions, permissions...)
 	} else {
-		tpb.denyPermissions = append(tpb.denyPermissions, xtp.Data.GetPermissions()...)
+		tpb.denyPermissions = append(tpb.denyPermissions, permissions...)
 	}
 }

--- a/internal/auth/internal/controllers/trafficpermissions/expander/expander_ce/expander_ce.go
+++ b/internal/auth/internal/controllers/trafficpermissions/expander/expander_ce/expander_ce.go
@ -23,10 +23,9 @@ func New() *SamenessGroupExpander {
 	return &SamenessGroupExpander{}
 }

-func (sgE *SamenessGroupExpander) Expand(_ types.XTrafficPermissions,
-	_ map[string][]*pbmulticluster.SamenessGroupMember) []string {
-	// no-op for CE
-	return nil
+func (sgE *SamenessGroupExpander) Expand(xtp types.XTrafficPermissions,
+	_ map[string][]*pbmulticluster.SamenessGroupMember) ([]*pbauth.Permission, []string) {
+	return xtp.GetPermissions(), nil
 }

 func (sgE *SamenessGroupExpander) List(_ context.Context, _ controller.Runtime,
--- a/internal/auth/internal/controllers/trafficpermissions/expander/interface.go
+++ b/internal/auth/internal/controllers/trafficpermissions/expander/interface.go
@ -8,11 +8,13 @@ import (

 	"github.com/hashicorp/consul/internal/auth/internal/types"
 	"github.com/hashicorp/consul/internal/controller"
+
+	pbauth "github.com/hashicorp/consul/proto-public/pbauth/v2beta1"
 	pbmulticluster "github.com/hashicorp/consul/proto-public/pbmulticluster/v2beta1"
 )

 // SamenessGroupExpander is used to expand sameness group for a ComputedTrafficPermission resource
 type SamenessGroupExpander interface {
-	Expand(types.XTrafficPermissions, map[string][]*pbmulticluster.SamenessGroupMember) []string
+	Expand(types.XTrafficPermissions, map[string][]*pbmulticluster.SamenessGroupMember) ([]*pbauth.Permission, []string)
 	List(context.Context, controller.Runtime, controller.Request) (map[string][]*pbmulticluster.SamenessGroupMember, error)
 }