syncing changes back from enterprise (#12701)
This commit is contained in:
parent
9d67f34614
commit
12523197f9
|
@ -19,6 +19,8 @@ type policyRulesMergeContext struct {
|
|||
servicePrefixRules map[string]*ServiceRule
|
||||
sessionRules map[string]*SessionRule
|
||||
sessionPrefixRules map[string]*SessionRule
|
||||
// namespaceRule is an enterprise-only field
|
||||
namespaceRule string
|
||||
}
|
||||
|
||||
func (p *policyRulesMergeContext) init() {
|
||||
|
|
|
@ -47,9 +47,9 @@ func (m *delegateMock) RemoveFailedNode(node string, prune bool, entMeta *struct
|
|||
return m.Called(node, prune, entMeta).Error(0)
|
||||
}
|
||||
|
||||
func (m *delegateMock) ResolveTokenAndDefaultMeta(token string, entMeta *structs.EnterpriseMeta, authzContext *acl.AuthorizerContext) (acl.Authorizer, error) {
|
||||
func (m *delegateMock) ResolveTokenAndDefaultMeta(token string, entMeta *structs.EnterpriseMeta, authzContext *acl.AuthorizerContext) (consul.ACLResolveResult, error) {
|
||||
ret := m.Called(token, entMeta, authzContext)
|
||||
return ret.Get(0).(acl.Authorizer), ret.Error(1)
|
||||
return ret.Get(0).(consul.ACLResolveResult), ret.Error(1)
|
||||
}
|
||||
|
||||
func (m *delegateMock) RPC(method string, args interface{}, reply interface{}) error {
|
||||
|
|
|
@ -237,6 +237,10 @@ func prepTokenPolicies(t *testing.T, acl *ACL) (policies []*ACLPolicy) {
|
|||
}
|
||||
|
||||
func prepTokenPoliciesInPartition(t *testing.T, acl *ACL, partition string) (policies []*ACLPolicy) {
|
||||
datacenters := []string{"dc1", "dc2"}
|
||||
if partition != "" && partition != "default" {
|
||||
datacenters = []string{"dc1"}
|
||||
}
|
||||
var wqPart *WriteOptions
|
||||
if partition != "" {
|
||||
wqPart = &WriteOptions{Partition: partition}
|
||||
|
@ -245,7 +249,7 @@ func prepTokenPoliciesInPartition(t *testing.T, acl *ACL, partition string) (pol
|
|||
Name: "one",
|
||||
Description: "one description",
|
||||
Rules: `acl = "read"`,
|
||||
Datacenters: []string{"dc1", "dc2"},
|
||||
Datacenters: datacenters,
|
||||
}, wqPart)
|
||||
|
||||
require.NoError(t, err)
|
||||
|
@ -256,7 +260,7 @@ func prepTokenPoliciesInPartition(t *testing.T, acl *ACL, partition string) (pol
|
|||
Name: "two",
|
||||
Description: "two description",
|
||||
Rules: `node_prefix "" { policy = "read" }`,
|
||||
Datacenters: []string{"dc1", "dc2"},
|
||||
Datacenters: datacenters,
|
||||
}, wqPart)
|
||||
|
||||
require.NoError(t, err)
|
||||
|
|
|
@ -9,15 +9,16 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/hashicorp/go-uuid"
|
||||
"github.com/mitchellh/cli"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/hashicorp/consul/agent"
|
||||
"github.com/hashicorp/consul/agent/connect"
|
||||
"github.com/hashicorp/consul/api"
|
||||
"github.com/hashicorp/consul/command/acl"
|
||||
"github.com/hashicorp/consul/sdk/testutil"
|
||||
"github.com/hashicorp/consul/testrpc"
|
||||
"github.com/hashicorp/go-uuid"
|
||||
"github.com/mitchellh/cli"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
// activate testing auth method
|
||||
_ "github.com/hashicorp/consul/agent/consul/authmethod/testauth"
|
||||
|
@ -293,6 +294,7 @@ func TestAuthMethodCreateCommand_JSON(t *testing.T) {
|
|||
delete(raw, "CreateIndex")
|
||||
delete(raw, "ModifyIndex")
|
||||
delete(raw, "Namespace")
|
||||
delete(raw, "Partition")
|
||||
|
||||
require.Equal(t, map[string]interface{}{
|
||||
"Name": name,
|
||||
|
@ -342,6 +344,7 @@ func TestAuthMethodCreateCommand_JSON(t *testing.T) {
|
|||
delete(raw, "CreateIndex")
|
||||
delete(raw, "ModifyIndex")
|
||||
delete(raw, "Namespace")
|
||||
delete(raw, "Partition")
|
||||
|
||||
require.Equal(t, map[string]interface{}{
|
||||
"Name": name,
|
||||
|
@ -613,6 +616,9 @@ func getTestMethod(t *testing.T, client *api.Client, methodName string) *api.ACL
|
|||
if method.Namespace == "default" {
|
||||
method.Namespace = ""
|
||||
}
|
||||
if method.Partition == "default" {
|
||||
method.Partition = ""
|
||||
}
|
||||
|
||||
return method
|
||||
}
|
||||
|
|
|
@ -8,15 +8,16 @@ import (
|
|||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/go-uuid"
|
||||
"github.com/mitchellh/cli"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/hashicorp/consul/agent"
|
||||
"github.com/hashicorp/consul/agent/connect"
|
||||
"github.com/hashicorp/consul/api"
|
||||
"github.com/hashicorp/consul/command/acl"
|
||||
"github.com/hashicorp/consul/sdk/testutil"
|
||||
"github.com/hashicorp/consul/testrpc"
|
||||
"github.com/hashicorp/go-uuid"
|
||||
"github.com/mitchellh/cli"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
// activate testing auth method
|
||||
_ "github.com/hashicorp/consul/agent/consul/authmethod/testauth"
|
||||
|
@ -941,6 +942,9 @@ func getTestMethod(t *testing.T, client *api.Client, methodName string) *api.ACL
|
|||
if method.Namespace == "default" {
|
||||
method.Namespace = ""
|
||||
}
|
||||
if method.Partition == "default" {
|
||||
method.Partition = ""
|
||||
}
|
||||
|
||||
return method
|
||||
}
|
||||
|
|
|
@ -3,11 +3,12 @@ package expose
|
|||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/mitchellh/cli"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/hashicorp/consul/agent"
|
||||
"github.com/hashicorp/consul/api"
|
||||
"github.com/hashicorp/consul/testrpc"
|
||||
"github.com/mitchellh/cli"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestConnectExpose(t *testing.T) {
|
||||
|
@ -47,6 +48,7 @@ func TestConnectExpose(t *testing.T) {
|
|||
Kind: api.IngressGateway,
|
||||
Name: "ingress",
|
||||
Namespace: ns,
|
||||
Partition: ap,
|
||||
Listeners: []api.IngressListener{
|
||||
{
|
||||
Port: 8888,
|
||||
|
@ -280,6 +282,7 @@ func TestConnectExpose_existingConfig(t *testing.T) {
|
|||
},
|
||||
},
|
||||
})
|
||||
ingressConf.Partition = entryConf.Partition
|
||||
ingressConf.Namespace = entryConf.Namespace
|
||||
for i, listener := range ingressConf.Listeners {
|
||||
listener.Services[0].Namespace = entryConf.Listeners[i].Services[0].Namespace
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
#!/bin/bash
|
||||
|
||||
snapshot_envoy_admin localhost:19000 s1 primary || true
|
||||
snapshot_envoy_admin localhost:19001 s2 primary || true
|
|
@ -0,0 +1,4 @@
|
|||
#!/bin/bash
|
||||
|
||||
snapshot_envoy_admin localhost:19000 s1 primary || true
|
||||
snapshot_envoy_admin localhost:19001 s2 primary || true
|
Loading…
Reference in New Issue