From c54b43bef3612267ab4825f22d93ac0232a23ad7 Mon Sep 17 00:00:00 2001 From: Matt Keeler Date: Wed, 11 Jul 2018 09:22:47 -0400 Subject: [PATCH] PR Updates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Proxy now doesn’t need to know anything about the api as we pass env vars to it instead of the api config. --- agent/agent.go | 2 +- agent/config/runtime.go | 2 ++ agent/proxy/manager.go | 10 +++------- api/api.go | 26 ++++++++++++++------------ 4 files changed, 20 insertions(+), 20 deletions(-) diff --git a/agent/agent.go b/agent/agent.go index b6b18c4bfc..da95c83777 100644 --- a/agent/agent.go +++ b/agent/agent.go @@ -385,7 +385,7 @@ func (a *Agent) Start() error { if err != nil { return err } - a.proxyManager.APIConfig = acfg + a.proxyManager.ProxyEnv = acfg.GenerateEnv() go a.proxyManager.Run() } diff --git a/agent/config/runtime.go b/agent/config/runtime.go index d1fc41a480..1114e738fc 100644 --- a/agent/config/runtime.go +++ b/agent/config/runtime.go @@ -1238,6 +1238,8 @@ func (c *RuntimeConfig) APIConfig(includeClientCerts bool) (*api.Config, error) cfg.Scheme = "http" } else if len(unixAddrs) > 0 { cfg.Address = "unix://" + unixAddrs[0] + // this should be ignored - however we are still talking http over a unix socket + // so it makes sense to set it like this cfg.Scheme = "http" } else { return nil, fmt.Errorf("No suitable client address can be found") diff --git a/agent/proxy/manager.go b/agent/proxy/manager.go index 39f0769610..d0b59fb0b5 100644 --- a/agent/proxy/manager.go +++ b/agent/proxy/manager.go @@ -11,7 +11,6 @@ import ( "github.com/hashicorp/consul/agent/local" "github.com/hashicorp/consul/agent/structs" - "github.com/hashicorp/consul/api" "github.com/hashicorp/go-multierror" ) @@ -70,8 +69,8 @@ type Manager struct { // DataDir string - // Configuration information to tell the proxy how to talk to us - APIConfig *api.Config + // Extra environment variables to set for the proxies + ProxyEnv []string // SnapshotPeriod is the duration between snapshots. This can be set // relatively low to ensure accuracy, because if the new snapshot matches @@ -438,10 +437,7 @@ func (m *Manager) newProxy(mp *local.ManagedProxy) (Proxy, error) { } // Pass in the environmental variables for the proxy process - cmd.Env = os.Environ() - if m.APIConfig != nil { - cmd.Env = append(cmd.Env, m.APIConfig.GenerateEnv()...) - } + cmd.Env = append(m.ProxyEnv, os.Environ()...) // Build the daemon structure proxy.Command = &cmd diff --git a/api/api.go b/api/api.go index 8e30a96836..6492383029 100644 --- a/api/api.go +++ b/api/api.go @@ -406,22 +406,24 @@ func SetupTLSConfig(tlsConfig *TLSConfig) (*tls.Config, error) { } func (c *Config) GenerateEnv() []string { - env := make([]string, 10) + env := make([]string, 0, 10) + + env = append(env, + fmt.Sprintf("%s=%s", HTTPAddrEnvName, c.Address), + fmt.Sprintf("%s=%s", HTTPTokenEnvName, c.Token), + fmt.Sprintf("%s=%t", HTTPSSLEnvName, c.Scheme == "https"), + fmt.Sprintf("%s=%s", HTTPCAFile, c.TLSConfig.CAFile), + fmt.Sprintf("%s=%s", HTTPCAPath, c.TLSConfig.CAPath), + fmt.Sprintf("%s=%s", HTTPClientCert, c.TLSConfig.CertFile), + fmt.Sprintf("%s=%s", HTTPClientKey, c.TLSConfig.KeyFile), + fmt.Sprintf("%s=%s", HTTPTLSServerName, c.TLSConfig.Address), + fmt.Sprintf("%s=%t", HTTPSSLVerifyEnvName, !c.TLSConfig.InsecureSkipVerify)) - env[0] = fmt.Sprintf("%s=%s", HTTPAddrEnvName, c.Address) - env[1] = fmt.Sprintf("%s=%s", HTTPTokenEnvName, c.Token) if c.HttpAuth != nil { - env[2] = fmt.Sprintf("%s=%s:%s", HTTPAuthEnvName, c.HttpAuth.Username, c.HttpAuth.Password) + env = append(env, fmt.Sprintf("%s=%s:%s", HTTPAuthEnvName, c.HttpAuth.Username, c.HttpAuth.Password)) } else { - env[2] = fmt.Sprintf("%s=", HTTPAuthEnvName) + env = append(env, fmt.Sprintf("%s=", HTTPAuthEnvName)) } - env[3] = fmt.Sprintf("%s=%t", HTTPSSLEnvName, c.Scheme == "https") - env[4] = fmt.Sprintf("%s=%s", HTTPCAFile, c.TLSConfig.CAFile) - env[5] = fmt.Sprintf("%s=%s", HTTPCAPath, c.TLSConfig.CAPath) - env[6] = fmt.Sprintf("%s=%s", HTTPClientCert, c.TLSConfig.CertFile) - env[7] = fmt.Sprintf("%s=%s", HTTPClientKey, c.TLSConfig.KeyFile) - env[8] = fmt.Sprintf("%s=%s", HTTPTLSServerName, c.TLSConfig.Address) - env[9] = fmt.Sprintf("%s=%t", HTTPSSLVerifyEnvName, !c.TLSConfig.InsecureSkipVerify) return env }