acl: replace ACLResolver.Config with its own struct

This is step toward decoupling ACLResolver from the agent/consul package.
2021-07-30 18:56:11 -04:00 · 2021-07-30 18:56:11 -04:00 · d4701903f6
parent fdfc4e0698
commit d4701903f6
4 changed files with 55 additions and 13 deletions
--- a/agent/consul/acl.go
+++ b/agent/consul/acl.go
@ -189,7 +189,8 @@ func (e policyOrRoleTokenError) Error() string {

 // ACLResolverConfig holds all the configuration necessary to create an ACLResolver
 type ACLResolverConfig struct {
-	Config *Config
+	// TODO: rename this field?
+	Config ACLResolverSettings
 	Logger hclog.Logger

 	// CacheConfig is a pass through configuration for ACL cache limits
@ -211,6 +212,20 @@ type ACLResolverConfig struct {
 	Tokens *token.Store
 }

+// TODO: remove these fields from consul.Config and config.RuntimeConfig
+// TODO: rename the fields to remove the ACL prefix
+type ACLResolverSettings struct {
+	ACLsEnabled      bool
+	Datacenter       string
+	NodeName         string
+	ACLPolicyTTL     time.Duration
+	ACLTokenTTL      time.Duration
+	ACLRoleTTL       time.Duration
+	ACLDisabledTTL   time.Duration
+	ACLDownPolicy    string
+	ACLDefaultPolicy string
+}
+
 // ACLResolver is the type to handle all your token and policy resolution needs.
 //
 // Supports:
@ -237,7 +252,8 @@ type ACLResolverConfig struct {
 //   upon.
 //
 type ACLResolver struct {
-	config *Config
+	// TODO: store the ACLResolverConfig as a field instead of copying all the fields onto ACLResolver.
+	config ACLResolverSettings
 	logger hclog.Logger

 	delegate ACLResolverDelegate
@ -289,11 +305,6 @@ func NewACLResolver(config *ACLResolverConfig) (*ACLResolver, error) {
 	if config == nil {
 		return nil, fmt.Errorf("ACL Resolver must be initialized with a config")
 	}
-
-	if config.Config == nil {
-		return nil, fmt.Errorf("ACLResolverConfig.Config must not be nil")
-	}
-
 	if config.Delegate == nil {
 		return nil, fmt.Errorf("ACL Resolver must be initialized with a valid delegate")
 	}
--- a/agent/consul/acl_test.go
+++ b/agent/consul/acl_test.go
@ -722,7 +722,17 @@ func newTestACLResolver(t *testing.T, delegate *ACLResolverTestDelegate, cb func
 	config.ACLDownPolicy = "extend-cache"
 	config.ACLsEnabled = delegate.enabled
 	rconf := &ACLResolverConfig{
-		Config: config,
+		Config: ACLResolverSettings{
+			ACLsEnabled:      config.ACLsEnabled,
+			Datacenter:       config.Datacenter,
+			NodeName:         config.NodeName,
+			ACLPolicyTTL:     config.ACLPolicyTTL,
+			ACLTokenTTL:      config.ACLTokenTTL,
+			ACLRoleTTL:       config.ACLRoleTTL,
+			ACLDisabledTTL:   config.ACLDisabledTTL,
+			ACLDownPolicy:    config.ACLDownPolicy,
+			ACLDefaultPolicy: config.ACLDefaultPolicy,
+		},
 		Logger: testutil.Logger(t),
 		CacheConfig: &structs.ACLCachesConfig{
 			Identities:     4,
--- a/agent/consul/client.go
+++ b/agent/consul/client.go
@ -10,6 +10,10 @@ import (

 	"github.com/armon/go-metrics"
 	"github.com/armon/go-metrics/prometheus"
+	"github.com/hashicorp/go-hclog"
+	"github.com/hashicorp/serf/serf"
+	"golang.org/x/time/rate"
+
 	"github.com/hashicorp/consul/agent/pool"
 	"github.com/hashicorp/consul/agent/router"
 	"github.com/hashicorp/consul/agent/structs"
@ -17,9 +21,6 @@ import (
 	"github.com/hashicorp/consul/logging"
 	"github.com/hashicorp/consul/tlsutil"
 	"github.com/hashicorp/consul/types"
-	"github.com/hashicorp/go-hclog"
-	"github.com/hashicorp/serf/serf"
-	"golang.org/x/time/rate"
 )

 var ClientCounters = []prometheus.CounterDefinition{
@ -122,7 +123,17 @@ func NewClient(config *Config, deps Deps) (*Client, error) {

 	c.useNewACLs = 0
 	aclConfig := ACLResolverConfig{
-		Config:      config,
+		Config: ACLResolverSettings{
+			ACLsEnabled:      config.ACLsEnabled,
+			Datacenter:       config.Datacenter,
+			NodeName:         config.NodeName,
+			ACLPolicyTTL:     config.ACLPolicyTTL,
+			ACLTokenTTL:      config.ACLTokenTTL,
+			ACLRoleTTL:       config.ACLRoleTTL,
+			ACLDisabledTTL:   config.ACLDisabledTTL,
+			ACLDownPolicy:    config.ACLDownPolicy,
+			ACLDefaultPolicy: config.ACLDefaultPolicy,
+		},
 		Delegate:    c,
 		Logger:      c.logger,
 		AutoDisable: true,
--- a/agent/consul/server.go
+++ b/agent/consul/server.go
@ -426,7 +426,17 @@ func NewServer(config *Config, flat Deps) (*Server, error) {
 	s.aclConfig = newACLConfig(logger)
 	s.useNewACLs = 0
 	aclConfig := ACLResolverConfig{
-		Config:      config,
+		Config: ACLResolverSettings{
+			ACLsEnabled:      config.ACLsEnabled,
+			Datacenter:       config.Datacenter,
+			NodeName:         config.NodeName,
+			ACLPolicyTTL:     config.ACLPolicyTTL,
+			ACLTokenTTL:      config.ACLTokenTTL,
+			ACLRoleTTL:       config.ACLRoleTTL,
+			ACLDisabledTTL:   config.ACLDisabledTTL,
+			ACLDownPolicy:    config.ACLDownPolicy,
+			ACLDefaultPolicy: config.ACLDefaultPolicy,
+		},
 		Delegate:    s,
 		CacheConfig: serverACLCacheConfig,
 		AutoDisable: false,