Backport of [API Gateway] Fix trust domain for external peered services in synthesis code into release/1.16.x (#17616)
* backport of commit 63e87434721824902d1bd8c7ef72456615020180 * backport of commit 896f11789b89062c745433a17dc37da5b56185fd --------- Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
This commit is contained in:
parent
dcf9b04c34
commit
175f61f241
|
@ -0,0 +1,4 @@
|
||||||
|
```release-note:bug
|
||||||
|
gateways: Fixed a bug in API gateways where binding a route that only targets a service imported from a peer results
|
||||||
|
in the programmed gateway having no routes.
|
||||||
|
```
|
|
@ -741,14 +741,23 @@ type configSnapshotAPIGateway struct {
|
||||||
|
|
||||||
func (c *configSnapshotAPIGateway) synthesizeChains(datacenter string, listener structs.APIGatewayListener, boundListener structs.BoundAPIGatewayListener) ([]structs.IngressService, structs.Upstreams, []*structs.CompiledDiscoveryChain, error) {
|
func (c *configSnapshotAPIGateway) synthesizeChains(datacenter string, listener structs.APIGatewayListener, boundListener structs.BoundAPIGatewayListener) ([]structs.IngressService, structs.Upstreams, []*structs.CompiledDiscoveryChain, error) {
|
||||||
chains := []*structs.CompiledDiscoveryChain{}
|
chains := []*structs.CompiledDiscoveryChain{}
|
||||||
trustDomain := ""
|
|
||||||
|
// We leverage the test trust domain knowing
|
||||||
|
// that the domain will get overridden if
|
||||||
|
// there is a target to something other than an
|
||||||
|
// external/peered service. If the below
|
||||||
|
// code doesn't get a trust domain due to all the
|
||||||
|
// targets being external, the chain will
|
||||||
|
// have the domain munged anyway during synthesis.
|
||||||
|
trustDomain := connect.TestTrustDomain
|
||||||
|
|
||||||
DOMAIN_LOOP:
|
DOMAIN_LOOP:
|
||||||
for _, chain := range c.DiscoveryChain {
|
for _, chain := range c.DiscoveryChain {
|
||||||
for _, target := range chain.Targets {
|
for _, target := range chain.Targets {
|
||||||
if !target.External {
|
if !target.External {
|
||||||
trustDomain = connect.TrustDomainForTarget(*target)
|
domain := connect.TrustDomainForTarget(*target)
|
||||||
if trustDomain != "" {
|
if domain != "" {
|
||||||
|
trustDomain = domain
|
||||||
break DOMAIN_LOOP
|
break DOMAIN_LOOP
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue