Merge pull request #10025 from hashicorp/dnephin/fix-snapshot-auth-methods

snapshot: fix saving of auth methods
This commit is contained in:
Daniel Nephin 2021-04-14 17:18:35 -04:00 committed by GitHub
commit a2726e8fea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 19 additions and 6 deletions

3
.changelog/10025.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:bug
snapshot: fixes a bug that would cause snapshots to be missing all but the first ACL Auth Method.
```

View File

@ -1,10 +1,11 @@
package fsm
import (
"github.com/hashicorp/consul/agent/consul/state"
"github.com/hashicorp/consul/agent/structs"
"github.com/hashicorp/go-msgpack/codec"
"github.com/hashicorp/raft"
"github.com/hashicorp/consul/agent/consul/state"
"github.com/hashicorp/consul/agent/structs"
)
func init() {
@ -247,7 +248,7 @@ func (s *snapshot) persistACLs(sink raft.SnapshotSink,
return err
}
for method := methods.Next(); method != nil; method = rules.Next() {
for method := methods.Next(); method != nil; method = methods.Next() {
if _, err := sink.Write([]byte{byte(structs.ACLAuthMethodSetRequestType)}); err != nil {
return err
}

View File

@ -125,6 +125,13 @@ func TestFSM_SnapshotRestore_OSS(t *testing.T) {
}
require.NoError(t, fsm.state.ACLAuthMethodSet(1, method))
method = &structs.ACLAuthMethod{
Name: "some-method2",
Type: "testing",
Description: "test snapshot auth method",
}
require.NoError(t, fsm.state.ACLAuthMethodSet(1, method))
bindingRule := &structs.ACLBindingRule{
ID: "85184c52-5997-4a84-9817-5945f2632a17",
Description: "test snapshot binding rule",
@ -549,10 +556,12 @@ func TestFSM_SnapshotRestore_OSS(t *testing.T) {
require.NoError(t, err)
require.Equal(t, bindingRule, bindingRule2)
// Verify ACL Auth Method is restored
_, method2, err := fsm2.state.ACLAuthMethodGetByName(nil, method.Name, nil)
// Verify ACL Auth Methods are restored
_, authMethods, err := fsm2.state.ACLAuthMethodList(nil, nil)
require.NoError(t, err)
require.Equal(t, method, method2)
require.Len(t, authMethods, 2)
require.Equal(t, "some-method", authMethods[0].Name)
require.Equal(t, "some-method2", authMethods[1].Name)
// Verify ACL Token is restored
_, rtoken, err := fsm2.state.ACLTokenGetByAccessor(nil, token.AccessorID, nil)