PR Updates

Proxy now doesn’t need to know anything about the api as we pass env vars to it instead of the api config.

agent/agent.go

@@ -385,7 +385,7 @@ func (a *Agent) Start() error {
 		if err != nil {
 			return err
 		}
-		a.proxyManager.APIConfig = acfg
+		a.proxyManager.ProxyEnv = acfg.GenerateEnv()
 
 		go a.proxyManager.Run()
 	}

agent/config/runtime.go

@@ -1238,6 +1238,8 @@ func (c *RuntimeConfig) APIConfig(includeClientCerts bool) (*api.Config, error)
 		cfg.Scheme = "http"
 	} else if len(unixAddrs) > 0 {
 		cfg.Address = "unix://" + unixAddrs[0]
+		// this should be ignored - however we are still talking http over a unix socket
+		// so it makes sense to set it like this
 		cfg.Scheme = "http"
 	} else {
 		return nil, fmt.Errorf("No suitable client address can be found")

agent/proxy/manager.go

@@ -11,7 +11,6 @@ import (
 
 	"github.com/hashicorp/consul/agent/local"
 	"github.com/hashicorp/consul/agent/structs"
-	"github.com/hashicorp/consul/api"
 	"github.com/hashicorp/go-multierror"
 )
 
@@ -70,8 +69,8 @@ type Manager struct {
 	//
 	DataDir string
 
-	// Configuration information to tell the proxy how to talk to us
+	// Extra environment variables to set for the proxies
-	APIConfig *api.Config
+	ProxyEnv []string
 
 	// SnapshotPeriod is the duration between snapshots. This can be set
 	// relatively low to ensure accuracy, because if the new snapshot matches
@@ -438,10 +437,7 @@ func (m *Manager) newProxy(mp *local.ManagedProxy) (Proxy, error) {
 		}
 
 		// Pass in the environmental variables for the proxy process
-		cmd.Env = os.Environ()
+		cmd.Env = append(m.ProxyEnv, os.Environ()...)
-		if m.APIConfig != nil {
-			cmd.Env = append(cmd.Env, m.APIConfig.GenerateEnv()...)
-		}
 
 		// Build the daemon structure
 		proxy.Command = &cmd

api/api.go

@@ -406,22 +406,24 @@ func SetupTLSConfig(tlsConfig *TLSConfig) (*tls.Config, error) {
 }
 
 func (c *Config) GenerateEnv() []string {
-	env := make([]string, 10)
+	env := make([]string, 0, 10)
+
+	env = append(env,
+		fmt.Sprintf("%s=%s", HTTPAddrEnvName, c.Address),
+		fmt.Sprintf("%s=%s", HTTPTokenEnvName, c.Token),
+		fmt.Sprintf("%s=%t", HTTPSSLEnvName, c.Scheme == "https"),
+		fmt.Sprintf("%s=%s", HTTPCAFile, c.TLSConfig.CAFile),
+		fmt.Sprintf("%s=%s", HTTPCAPath, c.TLSConfig.CAPath),
+		fmt.Sprintf("%s=%s", HTTPClientCert, c.TLSConfig.CertFile),
+		fmt.Sprintf("%s=%s", HTTPClientKey, c.TLSConfig.KeyFile),
+		fmt.Sprintf("%s=%s", HTTPTLSServerName, c.TLSConfig.Address),
+		fmt.Sprintf("%s=%t", HTTPSSLVerifyEnvName, !c.TLSConfig.InsecureSkipVerify))
 
-	env[0] = fmt.Sprintf("%s=%s", HTTPAddrEnvName, c.Address)
-	env[1] = fmt.Sprintf("%s=%s", HTTPTokenEnvName, c.Token)
 	if c.HttpAuth != nil {
-		env[2] = fmt.Sprintf("%s=%s:%s", HTTPAuthEnvName, c.HttpAuth.Username, c.HttpAuth.Password)
+		env = append(env, fmt.Sprintf("%s=%s:%s", HTTPAuthEnvName, c.HttpAuth.Username, c.HttpAuth.Password))
 	} else {
-		env[2] = fmt.Sprintf("%s=", HTTPAuthEnvName)
+		env = append(env, fmt.Sprintf("%s=", HTTPAuthEnvName))
 	}
-	env[3] = fmt.Sprintf("%s=%t", HTTPSSLEnvName, c.Scheme == "https")
-	env[4] = fmt.Sprintf("%s=%s", HTTPCAFile, c.TLSConfig.CAFile)
-	env[5] = fmt.Sprintf("%s=%s", HTTPCAPath, c.TLSConfig.CAPath)
-	env[6] = fmt.Sprintf("%s=%s", HTTPClientCert, c.TLSConfig.CertFile)
-	env[7] = fmt.Sprintf("%s=%s", HTTPClientKey, c.TLSConfig.KeyFile)
-	env[8] = fmt.Sprintf("%s=%s", HTTPTLSServerName, c.TLSConfig.Address)
-	env[9] = fmt.Sprintf("%s=%t", HTTPSSLVerifyEnvName, !c.TLSConfig.InsecureSkipVerify)
 
 	return env
 }