mirror of https://github.com/status-im/consul.git
Merge pull request #10025 from hashicorp/dnephin/fix-snapshot-auth-methods
snapshot: fix saving of auth methods
This commit is contained in:
commit
a2726e8fea
|
@ -0,0 +1,3 @@
|
||||||
|
```release-note:bug
|
||||||
|
snapshot: fixes a bug that would cause snapshots to be missing all but the first ACL Auth Method.
|
||||||
|
```
|
|
@ -1,10 +1,11 @@
|
||||||
package fsm
|
package fsm
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/hashicorp/consul/agent/consul/state"
|
|
||||||
"github.com/hashicorp/consul/agent/structs"
|
|
||||||
"github.com/hashicorp/go-msgpack/codec"
|
"github.com/hashicorp/go-msgpack/codec"
|
||||||
"github.com/hashicorp/raft"
|
"github.com/hashicorp/raft"
|
||||||
|
|
||||||
|
"github.com/hashicorp/consul/agent/consul/state"
|
||||||
|
"github.com/hashicorp/consul/agent/structs"
|
||||||
)
|
)
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
|
@ -247,7 +248,7 @@ func (s *snapshot) persistACLs(sink raft.SnapshotSink,
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
for method := methods.Next(); method != nil; method = rules.Next() {
|
for method := methods.Next(); method != nil; method = methods.Next() {
|
||||||
if _, err := sink.Write([]byte{byte(structs.ACLAuthMethodSetRequestType)}); err != nil {
|
if _, err := sink.Write([]byte{byte(structs.ACLAuthMethodSetRequestType)}); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -125,6 +125,13 @@ func TestFSM_SnapshotRestore_OSS(t *testing.T) {
|
||||||
}
|
}
|
||||||
require.NoError(t, fsm.state.ACLAuthMethodSet(1, method))
|
require.NoError(t, fsm.state.ACLAuthMethodSet(1, method))
|
||||||
|
|
||||||
|
method = &structs.ACLAuthMethod{
|
||||||
|
Name: "some-method2",
|
||||||
|
Type: "testing",
|
||||||
|
Description: "test snapshot auth method",
|
||||||
|
}
|
||||||
|
require.NoError(t, fsm.state.ACLAuthMethodSet(1, method))
|
||||||
|
|
||||||
bindingRule := &structs.ACLBindingRule{
|
bindingRule := &structs.ACLBindingRule{
|
||||||
ID: "85184c52-5997-4a84-9817-5945f2632a17",
|
ID: "85184c52-5997-4a84-9817-5945f2632a17",
|
||||||
Description: "test snapshot binding rule",
|
Description: "test snapshot binding rule",
|
||||||
|
@ -549,10 +556,12 @@ func TestFSM_SnapshotRestore_OSS(t *testing.T) {
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
require.Equal(t, bindingRule, bindingRule2)
|
require.Equal(t, bindingRule, bindingRule2)
|
||||||
|
|
||||||
// Verify ACL Auth Method is restored
|
// Verify ACL Auth Methods are restored
|
||||||
_, method2, err := fsm2.state.ACLAuthMethodGetByName(nil, method.Name, nil)
|
_, authMethods, err := fsm2.state.ACLAuthMethodList(nil, nil)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
require.Equal(t, method, method2)
|
require.Len(t, authMethods, 2)
|
||||||
|
require.Equal(t, "some-method", authMethods[0].Name)
|
||||||
|
require.Equal(t, "some-method2", authMethods[1].Name)
|
||||||
|
|
||||||
// Verify ACL Token is restored
|
// Verify ACL Token is restored
|
||||||
_, rtoken, err := fsm2.state.ACLTokenGetByAccessor(nil, token.AccessorID, nil)
|
_, rtoken, err := fsm2.state.ACLTokenGetByAccessor(nil, token.AccessorID, nil)
|
||||||
|
|
Loading…
Reference in New Issue