From 0a6d683c841d1d9af255894e4ceafe0b755fdebd Mon Sep 17 00:00:00 2001 From: "Chris S. Kim" Date: Wed, 13 Oct 2021 10:47:12 -0400 Subject: [PATCH] Update Intentions.List with partitions (#11299) --- agent/consul/state/catalog_schema.go | 1 + agent/consul/state/config_entry_intention.go | 2 +- agent/consul/state/config_entry_oss.go | 4 +++ agent/intentions_endpoint.go | 31 ++++++++++---------- 4 files changed, 21 insertions(+), 17 deletions(-) diff --git a/agent/consul/state/catalog_schema.go b/agent/consul/state/catalog_schema.go index 7726fd6a1..808c89834 100644 --- a/agent/consul/state/catalog_schema.go +++ b/agent/consul/state/catalog_schema.go @@ -21,6 +21,7 @@ const ( indexService = "service" indexConnect = "connect" indexKind = "kind" + indexKindOnly = "kind-only" indexStatus = "status" indexNodeService = "node_service" indexNode = "node" diff --git a/agent/consul/state/config_entry_intention.go b/agent/consul/state/config_entry_intention.go index a66156e68..ad0c97694 100644 --- a/agent/consul/state/config_entry_intention.go +++ b/agent/consul/state/config_entry_intention.go @@ -128,7 +128,7 @@ func configIntentionsListTxn(tx ReadTxn, ws memdb.WatchSet, entMeta *structs.Ent idx := maxIndexTxn(tx, tableConfigEntries) - iter, err := getConfigEntryKindsWithTxn(tx, structs.ServiceIntentions, entMeta.WithWildcardNamespace()) + iter, err := getAllConfigEntriesByKindWithTxn(tx, structs.ServiceIntentions) if err != nil { return 0, nil, false, fmt.Errorf("failed config entry lookup: %s", err) } diff --git a/agent/consul/state/config_entry_oss.go b/agent/consul/state/config_entry_oss.go index 0afc18204..e7809389d 100644 --- a/agent/consul/state/config_entry_oss.go +++ b/agent/consul/state/config_entry_oss.go @@ -39,6 +39,10 @@ func getAllConfigEntriesWithTxn(tx ReadTxn, _ *structs.EnterpriseMeta) (memdb.Re return tx.Get(tableConfigEntries, indexID) } +func getAllConfigEntriesByKindWithTxn(tx ReadTxn, kind string) (memdb.ResultIterator, error) { + return getConfigEntryKindsWithTxn(tx, kind, nil) +} + func getConfigEntryKindsWithTxn(tx ReadTxn, kind string, _ *structs.EnterpriseMeta) (memdb.ResultIterator, error) { return tx.Get(tableConfigEntries, indexID+"_prefix", ConfigEntryKindQuery{Kind: kind}) } diff --git a/agent/intentions_endpoint.go b/agent/intentions_endpoint.go index e276c4072..8af3520ad 100644 --- a/agent/intentions_endpoint.go +++ b/agent/intentions_endpoint.go @@ -142,13 +142,13 @@ func (s *HTTPHandlers) IntentionMatch(resp http.ResponseWriter, req *http.Reques // order of the returned responses. args.Match.Entries = make([]structs.IntentionMatchEntry, len(names)) for i, n := range names { - _, ns, name, err := parseIntentionStringComponent(n, &entMeta) + ap, ns, name, err := parseIntentionStringComponent(n, &entMeta) if err != nil { return nil, fmt.Errorf("name %q is invalid: %s", n, err) } args.Match.Entries[i] = structs.IntentionMatchEntry{ - Partition: entMeta.PartitionOrEmpty(), + Partition: ap, Namespace: ns, Name: name, } @@ -229,25 +229,24 @@ func (s *HTTPHandlers) IntentionCheck(resp http.ResponseWriter, req *http.Reques return nil, fmt.Errorf("required query parameter 'destination' not set") } - // We parse them the same way as matches to extract namespace/name + // We parse them the same way as matches to extract partition/namespace/name args.Check.SourceName = source[0] if args.Check.SourceType == structs.IntentionSourceConsul { - // TODO(partitions): this func should return partition - _, ns, name, err := parseIntentionStringComponent(source[0], &entMeta) + ap, ns, name, err := parseIntentionStringComponent(source[0], &entMeta) if err != nil { return nil, fmt.Errorf("source %q is invalid: %s", source[0], err) } - args.Check.SourcePartition = entMeta.PartitionOrEmpty() + args.Check.SourcePartition = ap args.Check.SourceNS = ns args.Check.SourceName = name } // The destination is always in the Consul format - _, ns, name, err := parseIntentionStringComponent(destination[0], &entMeta) + ap, ns, name, err := parseIntentionStringComponent(destination[0], &entMeta) if err != nil { return nil, fmt.Errorf("destination %q is invalid: %s", destination[0], err) } - args.Check.DestinationPartition = entMeta.PartitionOrEmpty() + args.Check.DestinationPartition = ap args.Check.DestinationNS = ns args.Check.DestinationName = name @@ -286,21 +285,21 @@ func (s *HTTPHandlers) IntentionGetExact(resp http.ResponseWriter, req *http.Req } { - _, ns, name, err := parseIntentionStringComponent(source[0], &entMeta) + ap, ns, name, err := parseIntentionStringComponent(source[0], &entMeta) if err != nil { return nil, fmt.Errorf("source %q is invalid: %s", source[0], err) } - args.Exact.SourcePartition = entMeta.PartitionOrEmpty() + args.Exact.SourcePartition = ap args.Exact.SourceNS = ns args.Exact.SourceName = name } { - _, ns, name, err := parseIntentionStringComponent(destination[0], &entMeta) + ap, ns, name, err := parseIntentionStringComponent(destination[0], &entMeta) if err != nil { return nil, fmt.Errorf("destination %q is invalid: %s", destination[0], err) } - args.Exact.DestinationPartition = entMeta.PartitionOrEmpty() + args.Exact.DestinationPartition = ap args.Exact.DestinationNS = ns args.Exact.DestinationName = name } @@ -566,21 +565,21 @@ func parseIntentionQueryExact(req *http.Request, entMeta *structs.EnterpriseMeta var exact structs.IntentionQueryExact { - _, ns, name, err := parseIntentionStringComponent(source[0], entMeta) + ap, ns, name, err := parseIntentionStringComponent(source[0], entMeta) if err != nil { return nil, fmt.Errorf("source %q is invalid: %s", source[0], err) } - exact.SourcePartition = entMeta.PartitionOrEmpty() + exact.SourcePartition = ap exact.SourceNS = ns exact.SourceName = name } { - _, ns, name, err := parseIntentionStringComponent(destination[0], entMeta) + ap, ns, name, err := parseIntentionStringComponent(destination[0], entMeta) if err != nil { return nil, fmt.Errorf("destination %q is invalid: %s", destination[0], err) } - exact.DestinationPartition = entMeta.PartitionOrEmpty() + exact.DestinationPartition = ap exact.DestinationNS = ns exact.DestinationName = name }