From 07b92a285548197d827e20e2279b640c3a2e6b32 Mon Sep 17 00:00:00 2001 From: "R.B. Boyer" <4903+rboyer@users.noreply.github.com> Date: Thu, 3 Mar 2022 16:54:41 -0600 Subject: [PATCH] server: fix spurious blocking query suppression for discovery chains (#12512) Minor fix for behavior in #12362 IsDefault sometimes returns true even if there was a proxy-defaults or service-defaults config entry that was consulted. This PR fixes that. --- .changelog/12512.txt | 3 +++ agent/consul/discovery_chain_endpoint.go | 4 ++-- agent/consul/state/config_entry.go | 20 ++++++++++---------- 3 files changed, 15 insertions(+), 12 deletions(-) create mode 100644 .changelog/12512.txt diff --git a/.changelog/12512.txt b/.changelog/12512.txt new file mode 100644 index 000000000..ff48d134d --- /dev/null +++ b/.changelog/12512.txt @@ -0,0 +1,3 @@ +```release-note:bug +server: fix spurious blocking query suppression for discovery chains +``` diff --git a/agent/consul/discovery_chain_endpoint.go b/agent/consul/discovery_chain_endpoint.go index 79ccbe49d..501dc4f45 100644 --- a/agent/consul/discovery_chain_endpoint.go +++ b/agent/consul/discovery_chain_endpoint.go @@ -66,7 +66,7 @@ func (c *DiscoveryChain) Get(args *structs.DiscoveryChainRequest, reply *structs OverrideProtocol: args.OverrideProtocol, OverrideConnectTimeout: args.OverrideConnectTimeout, } - index, chain, err := state.ServiceDiscoveryChain(ws, args.Name, entMeta, req) + index, chain, entries, err := state.ServiceDiscoveryChain(ws, args.Name, entMeta, req) if err != nil { return err } @@ -93,7 +93,7 @@ func (c *DiscoveryChain) Get(args *structs.DiscoveryChainRequest, reply *structs reply.Index = index reply.Chain = chain - if chain.IsDefault() { + if entries.IsEmpty() { return errNotFound } diff --git a/agent/consul/state/config_entry.go b/agent/consul/state/config_entry.go index 7f5277561..507388283 100644 --- a/agent/consul/state/config_entry.go +++ b/agent/consul/state/config_entry.go @@ -431,7 +431,7 @@ func (s *Store) discoveryChainTargetsTxn(tx ReadTxn, ws memdb.WatchSet, dc, serv EvaluateInPartition: source.PartitionOrDefault(), EvaluateInDatacenter: dc, } - idx, chain, err := s.serviceDiscoveryChainTxn(tx, ws, source.Name, entMeta, req) + idx, chain, _, err := s.serviceDiscoveryChainTxn(tx, ws, source.Name, entMeta, req) if err != nil { return 0, nil, fmt.Errorf("failed to fetch discovery chain for %q: %v", source.String(), err) } @@ -488,7 +488,7 @@ func (s *Store) discoveryChainSourcesTxn(tx ReadTxn, ws memdb.WatchSet, dc strin EvaluateInPartition: sn.PartitionOrDefault(), EvaluateInDatacenter: dc, } - idx, chain, err := s.serviceDiscoveryChainTxn(tx, ws, sn.Name, &sn.EnterpriseMeta, req) + idx, chain, _, err := s.serviceDiscoveryChainTxn(tx, ws, sn.Name, &sn.EnterpriseMeta, req) if err != nil { return 0, nil, fmt.Errorf("failed to fetch discovery chain for %q: %v", sn.String(), err) } @@ -772,7 +772,7 @@ func (s *Store) ServiceDiscoveryChain( serviceName string, entMeta *structs.EnterpriseMeta, req discoverychain.CompileRequest, -) (uint64, *structs.CompiledDiscoveryChain, error) { +) (uint64, *structs.CompiledDiscoveryChain, *configentry.DiscoveryChainSet, error) { tx := s.db.ReadTxn() defer tx.Abort() @@ -785,19 +785,19 @@ func (s *Store) serviceDiscoveryChainTxn( serviceName string, entMeta *structs.EnterpriseMeta, req discoverychain.CompileRequest, -) (uint64, *structs.CompiledDiscoveryChain, error) { +) (uint64, *structs.CompiledDiscoveryChain, *configentry.DiscoveryChainSet, error) { index, entries, err := readDiscoveryChainConfigEntriesTxn(tx, ws, serviceName, nil, entMeta) if err != nil { - return 0, nil, err + return 0, nil, nil, err } req.Entries = entries _, config, err := s.CAConfig(ws) if err != nil { - return 0, nil, err + return 0, nil, nil, err } else if config == nil { - return 0, nil, errors.New("no cluster ca config setup") + return 0, nil, nil, errors.New("no cluster ca config setup") } // Build TrustDomain based on the ClusterID stored. @@ -805,17 +805,17 @@ func (s *Store) serviceDiscoveryChainTxn( if signingID == nil { // If CA is bootstrapped at all then this should never happen but be // defensive. - return 0, nil, errors.New("no cluster trust domain setup") + return 0, nil, nil, errors.New("no cluster trust domain setup") } req.EvaluateInTrustDomain = signingID.Host() // Then we compile it into something useful. chain, err := discoverychain.Compile(req) if err != nil { - return 0, nil, fmt.Errorf("failed to compile discovery chain: %v", err) + return 0, nil, nil, fmt.Errorf("failed to compile discovery chain: %v", err) } - return index, chain, nil + return index, chain, entries, nil } func (s *Store) ReadResolvedServiceConfigEntries(