diff --git a/.changelog/12825.txt b/.changelog/12825.txt new file mode 100644 index 000000000..95a0184fa --- /dev/null +++ b/.changelog/12825.txt @@ -0,0 +1,3 @@ +```release-note:feature +grpc: New gRPC endpoint to return envoy bootstrap parameters. +``` \ No newline at end of file diff --git a/agent/consul/server.go b/agent/consul/server.go index d9b4aed6b..bfe0d65fe 100644 --- a/agent/consul/server.go +++ b/agent/consul/server.go @@ -677,8 +677,10 @@ func NewServer(config *Config, flat Deps, publicGRPCServer *grpc.Server) (*Serve s.publicConnectCAServer.Register(s.publicGRPCServer) dataplane.NewServer(dataplane.Config{ + GetStore: func() dataplane.StateStore { return s.FSM().State() }, Logger: logger.Named("grpc-api.dataplane"), ACLResolver: plainACLResolver{s.ACLResolver}, + Datacenter: s.config.Datacenter, }).Register(s.publicGRPCServer) // Initialize private gRPC server. diff --git a/agent/consul/state/catalog.go b/agent/consul/state/catalog.go index db256cfe1..052132018 100644 --- a/agent/consul/state/catalog.go +++ b/agent/consul/state/catalog.go @@ -34,6 +34,8 @@ var ( startingVirtualIP = net.IP{240, 0, 0, 0} virtualIPMaxOffset = net.IP{15, 255, 255, 254} + + ErrNodeNotFound = errors.New("node not found") ) func resizeNodeLookupKey(s string) string { @@ -1463,6 +1465,17 @@ func (s *Store) NodeService(nodeName string, serviceID string, entMeta *acl.Ente } func getNodeServiceTxn(tx ReadTxn, nodeName, serviceID string, entMeta *acl.EnterpriseMeta) (*structs.NodeService, error) { + sn, err := getServiceNodeTxn(tx, nodeName, serviceID, entMeta) + if err != nil { + return nil, err + } + if sn != nil { + return sn.ToNodeService(), nil + } + return nil, nil +} + +func getServiceNodeTxn(tx ReadTxn, nodeName, serviceID string, entMeta *acl.EnterpriseMeta) (*structs.ServiceNode, error) { // TODO: pass non-pointer type for ent meta if entMeta == nil { entMeta = structs.DefaultEnterpriseMetaInDefaultPartition() @@ -1477,12 +1490,48 @@ func getNodeServiceTxn(tx ReadTxn, nodeName, serviceID string, entMeta *acl.Ente if err != nil { return nil, fmt.Errorf("failed querying service for node %q: %s", nodeName, err) } - if service != nil { - return service.(*structs.ServiceNode).ToNodeService(), nil + return service.(*structs.ServiceNode), nil + } + return nil, nil +} + +// ServiceNode is used to retrieve a specific service by service ID and node ID or name. +func (s *Store) ServiceNode(nodeID, nodeName, serviceID string, entMeta *acl.EnterpriseMeta) (uint64, *structs.ServiceNode, error) { + var ( + node *structs.Node + err error + ) + if nodeID != "" { + _, node, err = s.GetNodeID(types.NodeID(nodeID), entMeta) + if err != nil { + return 0, nil, fmt.Errorf("Failure looking up node by ID %s: %w", nodeID, err) + } + } else if nodeName != "" { + _, node, err = s.GetNode(nodeName, entMeta) + if err != nil { + return 0, nil, fmt.Errorf("Failure looking up node by name %s: %w", nodeName, err) + } + } else { + return 0, nil, fmt.Errorf("Node ID or name required to lookup the service") + } + if node == nil { + return 0, nil, ErrNodeNotFound } - return nil, nil + tx := s.db.Txn(false) + defer tx.Abort() + + // Get the table index. + idx := catalogServicesMaxIndex(tx, entMeta) + + // Query the service + service, err := getServiceNodeTxn(tx, node.Node, serviceID, entMeta) + if err != nil { + return 0, nil, fmt.Errorf("failed querying service for node %q: %w", node.Node, err) + } + + return idx, service, nil } func (s *Store) nodeServices(ws memdb.WatchSet, nodeNameOrID string, entMeta *acl.EnterpriseMeta, allowWildcard bool) (bool, uint64, *structs.Node, memdb.ResultIterator, error) { diff --git a/agent/consul/state/catalog_test.go b/agent/consul/state/catalog_test.go index c9860a9df..aee7781a0 100644 --- a/agent/consul/state/catalog_test.go +++ b/agent/consul/state/catalog_test.go @@ -265,6 +265,37 @@ func TestStateStore_EnsureRegistration(t *testing.T) { t.Fatalf("got err, idx: %s, %d want nil, %d", err, gotidx, wantidx) } require.Equal(t, svcmap["redis1"], r) + + // look service by node name + idx, sn, err := s.ServiceNode("", "node1", "redis1", nil) + if gotidx, wantidx := idx, uint64(2); err != nil || gotidx != wantidx { + t.Fatalf("got err, idx: %s, %d want nil, %d", err, gotidx, wantidx) + } + require.Equal(t, svcmap["redis1"].ToServiceNode("node1"), sn) + + // lookup service by node ID + idx, sn, err = s.ServiceNode(string(nodeID), "", "redis1", nil) + if gotidx, wantidx := idx, uint64(2); err != nil || gotidx != wantidx { + t.Fatalf("got err, idx: %s, %d want nil, %d", err, gotidx, wantidx) + } + require.Equal(t, svcmap["redis1"].ToServiceNode("node1"), sn) + + // lookup service by invalid node + _, _, err = s.ServiceNode("", "invalid-node", "redis1", nil) + if err != nil { + require.Equal(t, "node not found", err.Error()) + } + if err == nil { + t.Fatalf("Expected error on lookup of \"invalid-node\"") + } + // lookup service without node name or ID + _, _, err = s.ServiceNode("", "", "redis1", nil) + if err != nil { + require.Equal(t, "Node ID or name required to lookup the service", err.Error()) + } + if err == nil { + t.Fatalf("Expected error on lookup of service without node name or ID") + } } verifyNode() verifyService() diff --git a/agent/grpc/public/services/connectca/watch_roots_test.go b/agent/grpc/public/services/connectca/watch_roots_test.go index 1106aa35d..da4317c8c 100644 --- a/agent/grpc/public/services/connectca/watch_roots_test.go +++ b/agent/grpc/public/services/connectca/watch_roots_test.go @@ -54,7 +54,7 @@ func TestWatchRoots_Success(t *testing.T) { // Mock the ACL Resolver to return an authorizer with `service:write`. aclResolver := &MockACLResolver{} aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything). - Return(testutils.TestAuthorizer(t), nil) + Return(testutils.TestAuthorizerServiceWriteAny(t), nil) ctx := public.ContextWithToken(context.Background(), testACLToken) @@ -140,7 +140,7 @@ func TestWatchRoots_ACLTokenInvalidated(t *testing.T) { // first two times it is called (initial connect and first re-auth). aclResolver := &MockACLResolver{} aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything). - Return(testutils.TestAuthorizer(t), nil).Twice() + Return(testutils.TestAuthorizerServiceWriteAny(t), nil).Twice() ctx := public.ContextWithToken(context.Background(), testACLToken) @@ -208,7 +208,7 @@ func TestWatchRoots_StateStoreAbandoned(t *testing.T) { // Mock the ACL Resolver to return an authorizer with `service:write`. aclResolver := &MockACLResolver{} aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything). - Return(testutils.TestAuthorizer(t), nil) + Return(testutils.TestAuthorizerServiceWriteAny(t), nil) ctx := public.ContextWithToken(context.Background(), testACLToken) diff --git a/agent/grpc/public/services/dataplane/get_envoy_boostrap_params_test.go b/agent/grpc/public/services/dataplane/get_envoy_boostrap_params_test.go new file mode 100644 index 000000000..0db8f5f22 --- /dev/null +++ b/agent/grpc/public/services/dataplane/get_envoy_boostrap_params_test.go @@ -0,0 +1,260 @@ +package dataplane + +import ( + "context" + "testing" + + acl "github.com/hashicorp/consul/acl" + "github.com/hashicorp/consul/agent/grpc/public" + "github.com/hashicorp/consul/agent/grpc/public/testutils" + structs "github.com/hashicorp/consul/agent/structs" + "github.com/hashicorp/consul/proto-public/pbdataplane" + "github.com/hashicorp/consul/types" + "github.com/hashicorp/go-hclog" + mock "github.com/stretchr/testify/mock" + "github.com/stretchr/testify/require" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/status" + "google.golang.org/protobuf/types/known/structpb" +) + +const ( + testToken = "acl-token-get-envoy-bootstrap-params" + proxyServiceID = "web-proxy" + nodeName = "foo" + nodeID = "2980b72b-bd9d-9d7b-d4f9-951bf7508d95" + proxyConfigKey = "envoy_dogstatsd_url" + proxyConfigValue = "udp://127.0.0.1:8125" + serverDC = "dc1" +) + +func testRegisterRequestProxy(t *testing.T) *structs.RegisterRequest { + return &structs.RegisterRequest{ + Datacenter: serverDC, + Node: nodeName, + ID: types.NodeID(nodeID), + Address: "127.0.0.1", + Service: &structs.NodeService{ + Kind: structs.ServiceKindConnectProxy, + Service: proxyServiceID, + ID: proxyServiceID, + Address: "127.0.0.2", + Port: 2222, + Proxy: structs.ConnectProxyConfig{ + DestinationServiceName: "web", + Config: map[string]interface{}{ + proxyConfigKey: proxyConfigValue, + }, + }, + EnterpriseMeta: *structs.DefaultEnterpriseMetaInDefaultPartition(), + }, + } +} + +func testRegisterIngressGateway(t *testing.T) *structs.RegisterRequest { + registerReq := structs.TestRegisterIngressGateway(t) + registerReq.ID = types.NodeID("2980b72b-bd9d-9d7b-d4f9-951bf7508d95") + registerReq.Service.ID = registerReq.Service.Service + registerReq.Service.Proxy.Config = map[string]interface{}{ + proxyConfigKey: proxyConfigValue, + } + return registerReq +} + +func TestGetEnvoyBootstrapParams_Success(t *testing.T) { + type testCase struct { + name string + registerReq *structs.RegisterRequest + nodeID bool + } + + run := func(t *testing.T, tc testCase) { + store := testStateStore(t) + err := store.EnsureRegistration(1, tc.registerReq) + require.NoError(t, err) + + aclResolver := &MockACLResolver{} + aclResolver.On("ResolveTokenAndDefaultMeta", testToken, mock.Anything, mock.Anything). + Return(testutils.TestAuthorizerServiceRead(t, tc.registerReq.Service.ID), nil) + ctx := public.ContextWithToken(context.Background(), testToken) + + server := NewServer(Config{ + GetStore: func() StateStore { return store }, + Logger: hclog.NewNullLogger(), + ACLResolver: aclResolver, + Datacenter: serverDC, + }) + client := testClient(t, server) + + req := &pbdataplane.GetEnvoyBootstrapParamsRequest{ + ServiceId: tc.registerReq.Service.ID, + NodeSpec: &pbdataplane.GetEnvoyBootstrapParamsRequest_NodeName{NodeName: tc.registerReq.Node}} + if tc.nodeID { + req.NodeSpec = &pbdataplane.GetEnvoyBootstrapParamsRequest_NodeId{NodeId: string(tc.registerReq.ID)} + } + resp, err := client.GetEnvoyBootstrapParams(ctx, req) + require.NoError(t, err) + + require.Equal(t, tc.registerReq.Service.Proxy.DestinationServiceName, resp.Service) + require.Equal(t, serverDC, resp.Datacenter) + require.Equal(t, tc.registerReq.EnterpriseMeta.PartitionOrDefault(), resp.Partition) + require.Equal(t, tc.registerReq.EnterpriseMeta.NamespaceOrDefault(), resp.Namespace) + require.Contains(t, resp.Config.Fields, proxyConfigKey) + require.Equal(t, structpb.NewStringValue(proxyConfigValue), resp.Config.Fields[proxyConfigKey]) + require.Equal(t, convertToResponseServiceKind(tc.registerReq.Service.Kind), resp.ServiceKind) + + } + + testCases := []testCase{ + { + name: "lookup service side car proxy by node name", + registerReq: testRegisterRequestProxy(t), + }, + { + name: "lookup service side car proxy by node ID", + registerReq: testRegisterRequestProxy(t), + nodeID: true, + }, + { + name: "lookup ingress gw service by node name", + registerReq: testRegisterIngressGateway(t), + }, + { + name: "lookup ingress gw service by node ID", + registerReq: testRegisterIngressGateway(t), + nodeID: true, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + run(t, tc) + }) + } +} + +func TestGetEnvoyBootstrapParams_Error(t *testing.T) { + type testCase struct { + name string + req *pbdataplane.GetEnvoyBootstrapParamsRequest + expectedErrCode codes.Code + expecteErrMsg string + } + + run := func(t *testing.T, tc testCase) { + aclResolver := &MockACLResolver{} + + aclResolver.On("ResolveTokenAndDefaultMeta", testToken, mock.Anything, mock.Anything). + Return(testutils.TestAuthorizerServiceRead(t, proxyServiceID), nil) + ctx := public.ContextWithToken(context.Background(), testToken) + + store := testStateStore(t) + registerReq := testRegisterRequestProxy(t) + err := store.EnsureRegistration(1, registerReq) + require.NoError(t, err) + + server := NewServer(Config{ + GetStore: func() StateStore { return store }, + Logger: hclog.NewNullLogger(), + ACLResolver: aclResolver, + }) + client := testClient(t, server) + + resp, err := client.GetEnvoyBootstrapParams(ctx, tc.req) + require.Nil(t, resp) + require.Error(t, err) + errStatus, ok := status.FromError(err) + require.True(t, ok) + require.Equal(t, tc.expectedErrCode.String(), errStatus.Code().String()) + require.Equal(t, tc.expecteErrMsg, errStatus.Message()) + } + + testCases := []testCase{ + { + name: "lookup-service-by-unregistered-node-name", + req: &pbdataplane.GetEnvoyBootstrapParamsRequest{ + ServiceId: proxyServiceID, + NodeSpec: &pbdataplane.GetEnvoyBootstrapParamsRequest_NodeName{NodeName: "blah"}}, + expectedErrCode: codes.NotFound, + expecteErrMsg: "node not found", + }, + { + name: "lookup-service-by-unregistered-node-id", + req: &pbdataplane.GetEnvoyBootstrapParamsRequest{ + ServiceId: proxyServiceID, + NodeSpec: &pbdataplane.GetEnvoyBootstrapParamsRequest_NodeId{NodeId: "5980b72b-bd9d-9d7b-d4f9-951bf7508d98"}}, + expectedErrCode: codes.NotFound, + expecteErrMsg: "node not found", + }, + { + name: "lookup-service-by-unregistered-service", + req: &pbdataplane.GetEnvoyBootstrapParamsRequest{ + ServiceId: "blah-service", + NodeSpec: &pbdataplane.GetEnvoyBootstrapParamsRequest_NodeName{NodeName: nodeName}}, + expectedErrCode: codes.NotFound, + expecteErrMsg: "Service not found", + }, + { + name: "lookup-service-without-node-details", + req: &pbdataplane.GetEnvoyBootstrapParamsRequest{ + ServiceId: proxyServiceID}, + expectedErrCode: codes.InvalidArgument, + expecteErrMsg: "Node ID or name required to lookup the service", + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + run(t, tc) + }) + } + +} + +func TestGetEnvoyBootstrapParams_Unauthenticated(t *testing.T) { + // Mock the ACL resolver to return ErrNotFound. + aclResolver := &MockACLResolver{} + aclResolver.On("ResolveTokenAndDefaultMeta", mock.Anything, mock.Anything, mock.Anything). + Return(nil, acl.ErrNotFound) + ctx := public.ContextWithToken(context.Background(), testToken) + store := testStateStore(t) + server := NewServer(Config{ + GetStore: func() StateStore { return store }, + Logger: hclog.NewNullLogger(), + ACLResolver: aclResolver, + }) + client := testClient(t, server) + resp, err := client.GetEnvoyBootstrapParams(ctx, &pbdataplane.GetEnvoyBootstrapParamsRequest{}) + require.Error(t, err) + require.Equal(t, codes.Unauthenticated.String(), status.Code(err).String()) + require.Nil(t, resp) +} + +func TestGetEnvoyBootstrapParams_PermissionDenied(t *testing.T) { + // Mock the ACL resolver to return a deny all authorizer + aclResolver := &MockACLResolver{} + aclResolver.On("ResolveTokenAndDefaultMeta", testToken, mock.Anything, mock.Anything). + Return(acl.DenyAll(), nil) + ctx := public.ContextWithToken(context.Background(), testToken) + store := testStateStore(t) + registerReq := structs.TestRegisterRequestProxy(t) + proxyServiceID := "web-sidecar-proxy" + registerReq.Service.ID = proxyServiceID + err := store.EnsureRegistration(1, registerReq) + require.NoError(t, err) + + server := NewServer(Config{ + GetStore: func() StateStore { return store }, + Logger: hclog.NewNullLogger(), + ACLResolver: aclResolver, + }) + client := testClient(t, server) + req := &pbdataplane.GetEnvoyBootstrapParamsRequest{ + ServiceId: proxyServiceID, + NodeSpec: &pbdataplane.GetEnvoyBootstrapParamsRequest_NodeName{NodeName: registerReq.Node}} + + resp, err := client.GetEnvoyBootstrapParams(ctx, req) + require.Error(t, err) + require.Equal(t, codes.PermissionDenied.String(), status.Code(err).String()) + require.Nil(t, resp) +} diff --git a/agent/grpc/public/services/dataplane/get_envoy_bootstrap_params.go b/agent/grpc/public/services/dataplane/get_envoy_bootstrap_params.go new file mode 100644 index 000000000..872e2e74b --- /dev/null +++ b/agent/grpc/public/services/dataplane/get_envoy_bootstrap_params.go @@ -0,0 +1,87 @@ +package dataplane + +import ( + "context" + "errors" + "strings" + + acl "github.com/hashicorp/consul/acl" + "github.com/hashicorp/consul/agent/consul/state" + "github.com/hashicorp/consul/agent/grpc/public" + structs "github.com/hashicorp/consul/agent/structs" + "github.com/hashicorp/consul/proto-public/pbdataplane" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/status" + "google.golang.org/protobuf/types/known/structpb" +) + +func (s *Server) GetEnvoyBootstrapParams(ctx context.Context, req *pbdataplane.GetEnvoyBootstrapParamsRequest) (*pbdataplane.GetEnvoyBootstrapParamsResponse, error) { + logger := s.Logger.Named("get-envoy-bootstrap-params").With("service_id", req.GetServiceId(), "request_id", public.TraceID()) + + logger.Trace("Started processing request") + defer logger.Trace("Finished processing request") + + token := public.TokenFromContext(ctx) + var authzContext acl.AuthorizerContext + entMeta := acl.NewEnterpriseMetaWithPartition(req.GetPartition(), req.GetNamespace()) + authz, err := s.ACLResolver.ResolveTokenAndDefaultMeta(token, &entMeta, &authzContext) + if err != nil { + return nil, status.Error(codes.Unauthenticated, err.Error()) + } + + store := s.GetStore() + + _, svc, err := store.ServiceNode(req.GetNodeId(), req.GetNodeName(), req.GetServiceId(), &entMeta) + if err != nil { + logger.Error("Error looking up service", "error", err) + if errors.Is(err, state.ErrNodeNotFound) { + return nil, status.Error(codes.NotFound, err.Error()) + } else if strings.Contains(err.Error(), "Node ID or name required") { + return nil, status.Error(codes.InvalidArgument, err.Error()) + } else { + return nil, status.Error(codes.Internal, "Failure looking up service") + } + } + if svc == nil { + return nil, status.Error(codes.NotFound, "Service not found") + } + + if err := authz.ToAllowAuthorizer().ServiceReadAllowed(svc.ServiceName, &authzContext); err != nil { + return nil, status.Error(codes.PermissionDenied, err.Error()) + } + + // Build out the response + + resp := &pbdataplane.GetEnvoyBootstrapParamsResponse{ + Service: svc.ServiceProxy.DestinationServiceName, + Partition: svc.EnterpriseMeta.PartitionOrDefault(), + Namespace: svc.EnterpriseMeta.NamespaceOrDefault(), + Datacenter: s.Datacenter, + ServiceKind: convertToResponseServiceKind(svc.ServiceKind), + } + + bootstrapConfig, err := structpb.NewStruct(svc.ServiceProxy.Config) + if err != nil { + logger.Error("Error creating the envoy boostrap params config", "error", err) + return nil, status.Error(codes.Unknown, "Error creating the envoy boostrap params config") + } + resp.Config = bootstrapConfig + + return resp, nil +} + +func convertToResponseServiceKind(serviceKind structs.ServiceKind) (respKind pbdataplane.ServiceKind) { + switch serviceKind { + case structs.ServiceKindConnectProxy: + respKind = pbdataplane.ServiceKind_CONNECT_PROXY + case structs.ServiceKindMeshGateway: + respKind = pbdataplane.ServiceKind_MESH_GATEWAY + case structs.ServiceKindTerminatingGateway: + respKind = pbdataplane.ServiceKind_TERMINATING_GATEWAY + case structs.ServiceKindIngressGateway: + respKind = pbdataplane.ServiceKind_INGRESS_GATEWAY + case structs.ServiceKindTypical: + respKind = pbdataplane.ServiceKind_TYPICAL + } + return +} diff --git a/agent/grpc/public/services/dataplane/get_supported_features.go b/agent/grpc/public/services/dataplane/get_supported_features.go index f9a817190..ffb3517e8 100644 --- a/agent/grpc/public/services/dataplane/get_supported_features.go +++ b/agent/grpc/public/services/dataplane/get_supported_features.go @@ -12,14 +12,17 @@ import ( "github.com/hashicorp/consul/proto-public/pbdataplane" ) -func (d *Server) SupportedDataplaneFeatures(ctx context.Context, req *pbdataplane.SupportedDataplaneFeaturesRequest) (*pbdataplane.SupportedDataplaneFeaturesResponse, error) { - d.Logger.Trace("Received request for supported dataplane features") +func (s *Server) GetSupportedDataplaneFeatures(ctx context.Context, req *pbdataplane.GetSupportedDataplaneFeaturesRequest) (*pbdataplane.GetSupportedDataplaneFeaturesResponse, error) { + logger := s.Logger.Named("get-supported-dataplane-features").With("request_id", public.TraceID()) + + logger.Trace("Started processing request") + defer logger.Trace("Finished processing request") // Require the given ACL token to have `service:write` on any service token := public.TokenFromContext(ctx) var authzContext acl.AuthorizerContext entMeta := structs.WildcardEnterpriseMetaInPartition(structs.WildcardSpecifier) - authz, err := d.ACLResolver.ResolveTokenAndDefaultMeta(token, entMeta, &authzContext) + authz, err := s.ACLResolver.ResolveTokenAndDefaultMeta(token, entMeta, &authzContext) if err != nil { return nil, status.Error(codes.Unauthenticated, err.Error()) } @@ -42,5 +45,5 @@ func (d *Server) SupportedDataplaneFeatures(ctx context.Context, req *pbdataplan }, } - return &pbdataplane.SupportedDataplaneFeaturesResponse{SupportedDataplaneFeatures: supportedFeatures}, nil + return &pbdataplane.GetSupportedDataplaneFeaturesResponse{SupportedDataplaneFeatures: supportedFeatures}, nil } diff --git a/agent/grpc/public/services/dataplane/get_supported_features_test.go b/agent/grpc/public/services/dataplane/get_supported_features_test.go index 36ac7400c..b1f28af0e 100644 --- a/agent/grpc/public/services/dataplane/get_supported_features_test.go +++ b/agent/grpc/public/services/dataplane/get_supported_features_test.go @@ -22,15 +22,14 @@ func TestSupportedDataplaneFeatures_Success(t *testing.T) { // Mock the ACL Resolver to return an authorizer with `service:write`. aclResolver := &MockACLResolver{} aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything). - Return(testutils.TestAuthorizer(t), nil) + Return(testutils.TestAuthorizerServiceWriteAny(t), nil) ctx := public.ContextWithToken(context.Background(), testACLToken) server := NewServer(Config{ Logger: hclog.NewNullLogger(), ACLResolver: aclResolver, }) - client := testClient(t, server) - resp, err := client.SupportedDataplaneFeatures(ctx, &pbdataplane.SupportedDataplaneFeaturesRequest{}) + resp, err := client.GetSupportedDataplaneFeatures(ctx, &pbdataplane.GetSupportedDataplaneFeaturesRequest{}) require.NoError(t, err) require.Equal(t, 3, len(resp.SupportedDataplaneFeatures)) @@ -59,14 +58,14 @@ func TestSupportedDataplaneFeatures_Unauthenticated(t *testing.T) { ACLResolver: aclResolver, }) client := testClient(t, server) - resp, err := client.SupportedDataplaneFeatures(ctx, &pbdataplane.SupportedDataplaneFeaturesRequest{}) + resp, err := client.GetSupportedDataplaneFeatures(ctx, &pbdataplane.GetSupportedDataplaneFeaturesRequest{}) require.Error(t, err) require.Equal(t, codes.Unauthenticated.String(), status.Code(err).String()) require.Nil(t, resp) } func TestSupportedDataplaneFeatures_PermissionDenied(t *testing.T) { - // Mock the ACL resolver to return ErrNotFound. + // Mock the ACL resolver to return a deny all authorizer aclResolver := &MockACLResolver{} aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything). Return(acl.DenyAll(), nil) @@ -76,7 +75,7 @@ func TestSupportedDataplaneFeatures_PermissionDenied(t *testing.T) { ACLResolver: aclResolver, }) client := testClient(t, server) - resp, err := client.SupportedDataplaneFeatures(ctx, &pbdataplane.SupportedDataplaneFeaturesRequest{}) + resp, err := client.GetSupportedDataplaneFeatures(ctx, &pbdataplane.GetSupportedDataplaneFeaturesRequest{}) require.Error(t, err) require.Equal(t, codes.PermissionDenied.String(), status.Code(err).String()) require.Nil(t, resp) diff --git a/agent/grpc/public/services/dataplane/server.go b/agent/grpc/public/services/dataplane/server.go index 6c05a0d08..3419b2d26 100644 --- a/agent/grpc/public/services/dataplane/server.go +++ b/agent/grpc/public/services/dataplane/server.go @@ -1,10 +1,12 @@ package dataplane import ( - "github.com/hashicorp/go-hclog" "google.golang.org/grpc" + "github.com/hashicorp/go-hclog" + "github.com/hashicorp/consul/acl" + "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/proto-public/pbdataplane" ) @@ -13,8 +15,15 @@ type Server struct { } type Config struct { + GetStore func() StateStore Logger hclog.Logger ACLResolver ACLResolver + // Datacenter of the Consul server this gRPC server is hosted on + Datacenter string +} + +type StateStore interface { + ServiceNode(string, string, string, *acl.EnterpriseMeta) (uint64, *structs.ServiceNode, error) } //go:generate mockery -name ACLResolver -inpkg diff --git a/agent/grpc/public/services/dataplane/server_test.go b/agent/grpc/public/services/dataplane/server_test.go index 5a9186c5a..95aea273a 100644 --- a/agent/grpc/public/services/dataplane/server_test.go +++ b/agent/grpc/public/services/dataplane/server_test.go @@ -4,12 +4,23 @@ import ( "context" "net" "testing" + "time" + "github.com/hashicorp/consul/agent/consul/state" "github.com/hashicorp/consul/proto-public/pbdataplane" "github.com/stretchr/testify/require" "google.golang.org/grpc" ) +func testStateStore(t *testing.T) *state.Store { + t.Helper() + + gc, err := state.NewTombstoneGC(time.Second, time.Millisecond) + require.NoError(t, err) + + return state.NewStateStore(gc) +} + func testClient(t *testing.T, server *Server) pbdataplane.DataplaneServiceClient { t.Helper() diff --git a/agent/grpc/public/testutils/acl.go b/agent/grpc/public/testutils/acl.go index 3bea248ba..8caacb105 100644 --- a/agent/grpc/public/testutils/acl.go +++ b/agent/grpc/public/testutils/acl.go @@ -8,7 +8,7 @@ import ( "github.com/hashicorp/consul/acl" ) -func TestAuthorizer(t *testing.T) acl.Authorizer { +func TestAuthorizerServiceWriteAny(t *testing.T) acl.Authorizer { t.Helper() policy, err := acl.NewPolicyFromSource(` @@ -23,3 +23,22 @@ func TestAuthorizer(t *testing.T) acl.Authorizer { return authz } + +func TestAuthorizerServiceRead(t *testing.T, serviceName string) acl.Authorizer { + t.Helper() + + aclRule := &acl.Policy{ + PolicyRules: acl.PolicyRules{ + Services: []*acl.ServiceRule{ + { + Name: serviceName, + Policy: acl.PolicyRead, + }, + }, + }, + } + authz, err := acl.NewPolicyAuthorizerWithDefaults(acl.DenyAll(), []*acl.Policy{aclRule}, nil) + require.NoError(t, err) + + return authz +} diff --git a/agent/grpc/public/utils.go b/agent/grpc/public/utils.go new file mode 100644 index 000000000..70d7d1abb --- /dev/null +++ b/agent/grpc/public/utils.go @@ -0,0 +1,13 @@ +package public + +import "github.com/hashicorp/go-uuid" + +// We tag logs with a unique identifier to ease debugging. In the future this +// should probably be a real Open Telemetry trace ID. +func TraceID() string { + id, err := uuid.GenerateUUID() + if err != nil { + return "" + } + return id +} diff --git a/proto-public/pbconnectca/ca.proto b/proto-public/pbconnectca/ca.proto index 216a6e43c..029ebbea2 100644 --- a/proto-public/pbconnectca/ca.proto +++ b/proto-public/pbconnectca/ca.proto @@ -2,20 +2,22 @@ syntax = "proto3"; package connectca; -option go_package = "github.com/hashicorp/consul/proto-public/pbconnectca"; - import "google/protobuf/empty.proto"; import "google/protobuf/timestamp.proto"; +option go_package = "github.com/hashicorp/consul/proto-public/pbconnectca"; + service ConnectCAService { // WatchRoots provides a stream on which you can receive the list of active // Connect CA roots. Current roots are sent immediately at the start of the // stream, and new lists will be sent whenever the roots are rotated. - rpc WatchRoots(google.protobuf.Empty) returns (stream WatchRootsResponse) {}; + rpc WatchRoots(google.protobuf.Empty) returns (stream WatchRootsResponse) {} + // Sign a leaf certificate for the service or agent identified by the SPIFFE // ID in the given CSR's SAN. - rpc Sign(SignRequest) returns (SignResponse) {}; + rpc Sign(SignRequest) returns (SignResponse) {} + } message WatchRootsResponse { @@ -38,41 +40,41 @@ message WatchRootsResponse { } message CARoot { - // id is a globally unique ID (UUID) representing this CA root. - string id = 1; + // id is a globally unique ID (UUID) representing this CA root. + string id = 1; - // name is a human-friendly name for this CA root. This value is opaque to - // Consul and is not used for anything internally. - string name = 2; + // name is a human-friendly name for this CA root. This value is opaque to + // Consul and is not used for anything internally. + string name = 2; - // serial_number is the x509 serial number of the certificate. - uint64 serial_number = 3; + // serial_number is the x509 serial number of the certificate. + uint64 serial_number = 3; - // signing_key_id is the connect.HexString encoded id of the public key that - // corresponds to the private key used to sign leaf certificates in the - // local datacenter. - // - // The value comes from x509.Certificate.SubjectKeyId of the local leaf - // signing cert. - // - // See https://www.rfc-editor.org/rfc/rfc3280#section-4.2.1.1 for more detail. - string signing_key_id = 4; + // signing_key_id is the connect.HexString encoded id of the public key that + // corresponds to the private key used to sign leaf certificates in the + // local datacenter. + // + // The value comes from x509.Certificate.SubjectKeyId of the local leaf + // signing cert. + // + // See https://www.rfc-editor.org/rfc/rfc3280#section-4.2.1.1 for more detail. + string signing_key_id = 4; - // root_cert is the PEM-encoded public certificate. - string root_cert = 5; + // root_cert is the PEM-encoded public certificate. + string root_cert = 5; - // intermediate_certs is a list of PEM-encoded intermediate certs to - // attach to any leaf certs signed by this CA. - repeated string intermediate_certs = 6; + // intermediate_certs is a list of PEM-encoded intermediate certs to + // attach to any leaf certs signed by this CA. + repeated string intermediate_certs = 6; - // active is true if this is the current active CA. This must only - // be true for exactly one CA. - bool active = 7; + // active is true if this is the current active CA. This must only + // be true for exactly one CA. + bool active = 7; - // rotated_out_at is the time at which this CA was removed from the state. - // This will only be set on roots that have been rotated out from being the - // active root. - google.protobuf.Timestamp rotated_out_at = 8; + // rotated_out_at is the time at which this CA was removed from the state. + // This will only be set on roots that have been rotated out from being the + // active root. + google.protobuf.Timestamp rotated_out_at = 8; } message SignRequest { diff --git a/proto-public/pbdataplane/dataplane.pb.binary.go b/proto-public/pbdataplane/dataplane.pb.binary.go index aae9be911..c08cd112b 100644 --- a/proto-public/pbdataplane/dataplane.pb.binary.go +++ b/proto-public/pbdataplane/dataplane.pb.binary.go @@ -8,12 +8,12 @@ import ( ) // MarshalBinary implements encoding.BinaryMarshaler -func (msg *SupportedDataplaneFeaturesRequest) MarshalBinary() ([]byte, error) { +func (msg *GetSupportedDataplaneFeaturesRequest) MarshalBinary() ([]byte, error) { return proto.Marshal(msg) } // UnmarshalBinary implements encoding.BinaryUnmarshaler -func (msg *SupportedDataplaneFeaturesRequest) UnmarshalBinary(b []byte) error { +func (msg *GetSupportedDataplaneFeaturesRequest) UnmarshalBinary(b []byte) error { return proto.Unmarshal(b, msg) } @@ -28,11 +28,31 @@ func (msg *DataplaneFeatureSupport) UnmarshalBinary(b []byte) error { } // MarshalBinary implements encoding.BinaryMarshaler -func (msg *SupportedDataplaneFeaturesResponse) MarshalBinary() ([]byte, error) { +func (msg *GetSupportedDataplaneFeaturesResponse) MarshalBinary() ([]byte, error) { return proto.Marshal(msg) } // UnmarshalBinary implements encoding.BinaryUnmarshaler -func (msg *SupportedDataplaneFeaturesResponse) UnmarshalBinary(b []byte) error { +func (msg *GetSupportedDataplaneFeaturesResponse) UnmarshalBinary(b []byte) error { + return proto.Unmarshal(b, msg) +} + +// MarshalBinary implements encoding.BinaryMarshaler +func (msg *GetEnvoyBootstrapParamsRequest) MarshalBinary() ([]byte, error) { + return proto.Marshal(msg) +} + +// UnmarshalBinary implements encoding.BinaryUnmarshaler +func (msg *GetEnvoyBootstrapParamsRequest) UnmarshalBinary(b []byte) error { + return proto.Unmarshal(b, msg) +} + +// MarshalBinary implements encoding.BinaryMarshaler +func (msg *GetEnvoyBootstrapParamsResponse) MarshalBinary() ([]byte, error) { + return proto.Marshal(msg) +} + +// UnmarshalBinary implements encoding.BinaryUnmarshaler +func (msg *GetEnvoyBootstrapParamsResponse) UnmarshalBinary(b []byte) error { return proto.Unmarshal(b, msg) } diff --git a/proto-public/pbdataplane/dataplane.pb.go b/proto-public/pbdataplane/dataplane.pb.go index c5e48a241..2fa239769 100644 --- a/proto-public/pbdataplane/dataplane.pb.go +++ b/proto-public/pbdataplane/dataplane.pb.go @@ -16,6 +16,7 @@ import ( status "google.golang.org/grpc/status" protoreflect "google.golang.org/protobuf/reflect/protoreflect" protoimpl "google.golang.org/protobuf/runtime/protoimpl" + structpb "google.golang.org/protobuf/types/known/structpb" reflect "reflect" sync "sync" ) @@ -83,14 +84,83 @@ func (DataplaneFeatures) EnumDescriptor() ([]byte, []int) { return file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP(), []int{0} } -type SupportedDataplaneFeaturesRequest struct { +type ServiceKind int32 + +const ( + // ServiceKind Typical is a typical, classic Consul service. This is + // represented by the absence of a value. This was chosen for ease of + // backwards compatibility: existing services in the catalog would + // default to the typical service. + ServiceKind_TYPICAL ServiceKind = 0 + // ServiceKind Connect Proxy is a proxy for the Connect feature. This + // service proxies another service within Consul and speaks the connect + // protocol. + ServiceKind_CONNECT_PROXY ServiceKind = 1 + // ServiceKind Mesh Gateway is a Mesh Gateway for the Connect feature. This + // service will proxy connections based off the SNI header set by other + // connect proxies. + ServiceKind_MESH_GATEWAY ServiceKind = 2 + // ServiceKind Terminating Gateway is a Terminating Gateway for the Connect + // feature. This service will proxy connections to services outside the mesh. + ServiceKind_TERMINATING_GATEWAY ServiceKind = 3 + // ServiceKind Ingress Gateway is an Ingress Gateway for the Connect feature. + // This service will ingress connections into the service mesh. + ServiceKind_INGRESS_GATEWAY ServiceKind = 4 +) + +// Enum value maps for ServiceKind. +var ( + ServiceKind_name = map[int32]string{ + 0: "TYPICAL", + 1: "CONNECT_PROXY", + 2: "MESH_GATEWAY", + 3: "TERMINATING_GATEWAY", + 4: "INGRESS_GATEWAY", + } + ServiceKind_value = map[string]int32{ + "TYPICAL": 0, + "CONNECT_PROXY": 1, + "MESH_GATEWAY": 2, + "TERMINATING_GATEWAY": 3, + "INGRESS_GATEWAY": 4, + } +) + +func (x ServiceKind) Enum() *ServiceKind { + p := new(ServiceKind) + *p = x + return p +} + +func (x ServiceKind) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (ServiceKind) Descriptor() protoreflect.EnumDescriptor { + return file_proto_public_pbdataplane_dataplane_proto_enumTypes[1].Descriptor() +} + +func (ServiceKind) Type() protoreflect.EnumType { + return &file_proto_public_pbdataplane_dataplane_proto_enumTypes[1] +} + +func (x ServiceKind) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use ServiceKind.Descriptor instead. +func (ServiceKind) EnumDescriptor() ([]byte, []int) { + return file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP(), []int{1} +} + +type GetSupportedDataplaneFeaturesRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields } -func (x *SupportedDataplaneFeaturesRequest) Reset() { - *x = SupportedDataplaneFeaturesRequest{} +func (x *GetSupportedDataplaneFeaturesRequest) Reset() { + *x = GetSupportedDataplaneFeaturesRequest{} if protoimpl.UnsafeEnabled { mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[0] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -98,13 +168,13 @@ func (x *SupportedDataplaneFeaturesRequest) Reset() { } } -func (x *SupportedDataplaneFeaturesRequest) String() string { +func (x *GetSupportedDataplaneFeaturesRequest) String() string { return protoimpl.X.MessageStringOf(x) } -func (*SupportedDataplaneFeaturesRequest) ProtoMessage() {} +func (*GetSupportedDataplaneFeaturesRequest) ProtoMessage() {} -func (x *SupportedDataplaneFeaturesRequest) ProtoReflect() protoreflect.Message { +func (x *GetSupportedDataplaneFeaturesRequest) ProtoReflect() protoreflect.Message { mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[0] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -116,8 +186,8 @@ func (x *SupportedDataplaneFeaturesRequest) ProtoReflect() protoreflect.Message return mi.MessageOf(x) } -// Deprecated: Use SupportedDataplaneFeaturesRequest.ProtoReflect.Descriptor instead. -func (*SupportedDataplaneFeaturesRequest) Descriptor() ([]byte, []int) { +// Deprecated: Use GetSupportedDataplaneFeaturesRequest.ProtoReflect.Descriptor instead. +func (*GetSupportedDataplaneFeaturesRequest) Descriptor() ([]byte, []int) { return file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP(), []int{0} } @@ -176,7 +246,7 @@ func (x *DataplaneFeatureSupport) GetSupported() bool { return false } -type SupportedDataplaneFeaturesResponse struct { +type GetSupportedDataplaneFeaturesResponse struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields @@ -184,8 +254,8 @@ type SupportedDataplaneFeaturesResponse struct { SupportedDataplaneFeatures []*DataplaneFeatureSupport `protobuf:"bytes,1,rep,name=supported_dataplane_features,json=supportedDataplaneFeatures,proto3" json:"supported_dataplane_features,omitempty"` } -func (x *SupportedDataplaneFeaturesResponse) Reset() { - *x = SupportedDataplaneFeaturesResponse{} +func (x *GetSupportedDataplaneFeaturesResponse) Reset() { + *x = GetSupportedDataplaneFeaturesResponse{} if protoimpl.UnsafeEnabled { mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[2] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -193,13 +263,13 @@ func (x *SupportedDataplaneFeaturesResponse) Reset() { } } -func (x *SupportedDataplaneFeaturesResponse) String() string { +func (x *GetSupportedDataplaneFeaturesResponse) String() string { return protoimpl.X.MessageStringOf(x) } -func (*SupportedDataplaneFeaturesResponse) ProtoMessage() {} +func (*GetSupportedDataplaneFeaturesResponse) ProtoMessage() {} -func (x *SupportedDataplaneFeaturesResponse) ProtoReflect() protoreflect.Message { +func (x *GetSupportedDataplaneFeaturesResponse) ProtoReflect() protoreflect.Message { mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[2] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) @@ -211,64 +281,303 @@ func (x *SupportedDataplaneFeaturesResponse) ProtoReflect() protoreflect.Message return mi.MessageOf(x) } -// Deprecated: Use SupportedDataplaneFeaturesResponse.ProtoReflect.Descriptor instead. -func (*SupportedDataplaneFeaturesResponse) Descriptor() ([]byte, []int) { +// Deprecated: Use GetSupportedDataplaneFeaturesResponse.ProtoReflect.Descriptor instead. +func (*GetSupportedDataplaneFeaturesResponse) Descriptor() ([]byte, []int) { return file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP(), []int{2} } -func (x *SupportedDataplaneFeaturesResponse) GetSupportedDataplaneFeatures() []*DataplaneFeatureSupport { +func (x *GetSupportedDataplaneFeaturesResponse) GetSupportedDataplaneFeatures() []*DataplaneFeatureSupport { if x != nil { return x.SupportedDataplaneFeatures } return nil } +type GetEnvoyBootstrapParamsRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Types that are assignable to NodeSpec: + // *GetEnvoyBootstrapParamsRequest_NodeId + // *GetEnvoyBootstrapParamsRequest_NodeName + NodeSpec isGetEnvoyBootstrapParamsRequest_NodeSpec `protobuf_oneof:"node_spec"` + // The proxy service ID + ServiceId string `protobuf:"bytes,3,opt,name=service_id,json=serviceId,proto3" json:"service_id,omitempty"` + Partition string `protobuf:"bytes,4,opt,name=partition,proto3" json:"partition,omitempty"` + Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace,omitempty"` +} + +func (x *GetEnvoyBootstrapParamsRequest) Reset() { + *x = GetEnvoyBootstrapParamsRequest{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *GetEnvoyBootstrapParamsRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GetEnvoyBootstrapParamsRequest) ProtoMessage() {} + +func (x *GetEnvoyBootstrapParamsRequest) ProtoReflect() protoreflect.Message { + mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GetEnvoyBootstrapParamsRequest.ProtoReflect.Descriptor instead. +func (*GetEnvoyBootstrapParamsRequest) Descriptor() ([]byte, []int) { + return file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP(), []int{3} +} + +func (m *GetEnvoyBootstrapParamsRequest) GetNodeSpec() isGetEnvoyBootstrapParamsRequest_NodeSpec { + if m != nil { + return m.NodeSpec + } + return nil +} + +func (x *GetEnvoyBootstrapParamsRequest) GetNodeId() string { + if x, ok := x.GetNodeSpec().(*GetEnvoyBootstrapParamsRequest_NodeId); ok { + return x.NodeId + } + return "" +} + +func (x *GetEnvoyBootstrapParamsRequest) GetNodeName() string { + if x, ok := x.GetNodeSpec().(*GetEnvoyBootstrapParamsRequest_NodeName); ok { + return x.NodeName + } + return "" +} + +func (x *GetEnvoyBootstrapParamsRequest) GetServiceId() string { + if x != nil { + return x.ServiceId + } + return "" +} + +func (x *GetEnvoyBootstrapParamsRequest) GetPartition() string { + if x != nil { + return x.Partition + } + return "" +} + +func (x *GetEnvoyBootstrapParamsRequest) GetNamespace() string { + if x != nil { + return x.Namespace + } + return "" +} + +type isGetEnvoyBootstrapParamsRequest_NodeSpec interface { + isGetEnvoyBootstrapParamsRequest_NodeSpec() +} + +type GetEnvoyBootstrapParamsRequest_NodeId struct { + NodeId string `protobuf:"bytes,1,opt,name=node_id,json=nodeId,proto3,oneof"` +} + +type GetEnvoyBootstrapParamsRequest_NodeName struct { + NodeName string `protobuf:"bytes,2,opt,name=node_name,json=nodeName,proto3,oneof"` +} + +func (*GetEnvoyBootstrapParamsRequest_NodeId) isGetEnvoyBootstrapParamsRequest_NodeSpec() {} + +func (*GetEnvoyBootstrapParamsRequest_NodeName) isGetEnvoyBootstrapParamsRequest_NodeSpec() {} + +type GetEnvoyBootstrapParamsResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + ServiceKind ServiceKind `protobuf:"varint,1,opt,name=service_kind,json=serviceKind,proto3,enum=dataplane.ServiceKind" json:"service_kind,omitempty"` + // The destination service name + Service string `protobuf:"bytes,2,opt,name=service,proto3" json:"service,omitempty"` + Namespace string `protobuf:"bytes,3,opt,name=namespace,proto3" json:"namespace,omitempty"` + Partition string `protobuf:"bytes,4,opt,name=partition,proto3" json:"partition,omitempty"` + Datacenter string `protobuf:"bytes,5,opt,name=datacenter,proto3" json:"datacenter,omitempty"` + Config *structpb.Struct `protobuf:"bytes,6,opt,name=config,proto3" json:"config,omitempty"` +} + +func (x *GetEnvoyBootstrapParamsResponse) Reset() { + *x = GetEnvoyBootstrapParamsResponse{} + if protoimpl.UnsafeEnabled { + mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *GetEnvoyBootstrapParamsResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GetEnvoyBootstrapParamsResponse) ProtoMessage() {} + +func (x *GetEnvoyBootstrapParamsResponse) ProtoReflect() protoreflect.Message { + mi := &file_proto_public_pbdataplane_dataplane_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GetEnvoyBootstrapParamsResponse.ProtoReflect.Descriptor instead. +func (*GetEnvoyBootstrapParamsResponse) Descriptor() ([]byte, []int) { + return file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP(), []int{4} +} + +func (x *GetEnvoyBootstrapParamsResponse) GetServiceKind() ServiceKind { + if x != nil { + return x.ServiceKind + } + return ServiceKind_TYPICAL +} + +func (x *GetEnvoyBootstrapParamsResponse) GetService() string { + if x != nil { + return x.Service + } + return "" +} + +func (x *GetEnvoyBootstrapParamsResponse) GetNamespace() string { + if x != nil { + return x.Namespace + } + return "" +} + +func (x *GetEnvoyBootstrapParamsResponse) GetPartition() string { + if x != nil { + return x.Partition + } + return "" +} + +func (x *GetEnvoyBootstrapParamsResponse) GetDatacenter() string { + if x != nil { + return x.Datacenter + } + return "" +} + +func (x *GetEnvoyBootstrapParamsResponse) GetConfig() *structpb.Struct { + if x != nil { + return x.Config + } + return nil +} + var File_proto_public_pbdataplane_dataplane_proto protoreflect.FileDescriptor var file_proto_public_pbdataplane_dataplane_proto_rawDesc = []byte{ 0x0a, 0x28, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2d, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x2f, 0x70, 0x62, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2f, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x09, 0x64, 0x61, 0x74, 0x61, - 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x22, 0x23, 0x0a, 0x21, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, - 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, - 0x72, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x78, 0x0a, 0x17, 0x44, 0x61, - 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x53, 0x75, - 0x70, 0x70, 0x6f, 0x72, 0x74, 0x12, 0x3f, 0x0a, 0x0c, 0x66, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, - 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1c, 0x2e, 0x64, 0x61, - 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, - 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x0b, 0x66, 0x65, 0x61, 0x74, 0x75, - 0x72, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x73, 0x75, 0x70, 0x70, 0x6f, 0x72, - 0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x73, 0x75, 0x70, 0x70, 0x6f, - 0x72, 0x74, 0x65, 0x64, 0x22, 0x8a, 0x01, 0x0a, 0x22, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, - 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, - 0x72, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x64, 0x0a, 0x1c, 0x73, - 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, - 0x6e, 0x65, 0x5f, 0x66, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, - 0x0b, 0x32, 0x22, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x44, 0x61, - 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x53, 0x75, - 0x70, 0x70, 0x6f, 0x72, 0x74, 0x52, 0x1a, 0x73, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, - 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, - 0x73, 0x2a, 0x77, 0x0a, 0x11, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, - 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, - 0x4e, 0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x57, 0x41, 0x54, 0x43, 0x48, 0x5f, 0x53, 0x45, 0x52, - 0x56, 0x45, 0x52, 0x53, 0x10, 0x01, 0x12, 0x1f, 0x0a, 0x1b, 0x45, 0x44, 0x47, 0x45, 0x5f, 0x43, - 0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x5f, 0x4d, 0x41, 0x4e, 0x41, 0x47, - 0x45, 0x4d, 0x45, 0x4e, 0x54, 0x10, 0x02, 0x12, 0x21, 0x0a, 0x1d, 0x45, 0x4e, 0x56, 0x4f, 0x59, - 0x5f, 0x42, 0x4f, 0x4f, 0x54, 0x53, 0x54, 0x52, 0x41, 0x50, 0x5f, 0x43, 0x4f, 0x4e, 0x46, 0x49, - 0x47, 0x55, 0x52, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x10, 0x03, 0x32, 0x8f, 0x01, 0x0a, 0x10, 0x44, - 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, - 0x7b, 0x0a, 0x1a, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, - 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x12, 0x2c, 0x2e, - 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, + 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x22, 0x26, 0x0a, 0x24, 0x47, 0x65, 0x74, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, - 0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2d, 0x2e, 0x64, 0x61, - 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, - 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, - 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, 0x36, 0x5a, 0x34, - 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69, - 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2f, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x2d, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x2f, 0x70, 0x62, 0x64, 0x61, 0x74, 0x61, 0x70, - 0x6c, 0x61, 0x6e, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x78, 0x0a, 0x17, 0x44, + 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x53, + 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x12, 0x3f, 0x0a, 0x0c, 0x66, 0x65, 0x61, 0x74, 0x75, 0x72, + 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1c, 0x2e, 0x64, + 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, + 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x0b, 0x66, 0x65, 0x61, 0x74, + 0x75, 0x72, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x73, 0x75, 0x70, 0x70, 0x6f, + 0x72, 0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x73, 0x75, 0x70, 0x70, + 0x6f, 0x72, 0x74, 0x65, 0x64, 0x22, 0x8d, 0x01, 0x0a, 0x25, 0x47, 0x65, 0x74, 0x53, 0x75, 0x70, + 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, + 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, + 0x64, 0x0a, 0x1c, 0x73, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x5f, 0x64, 0x61, 0x74, + 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x5f, 0x66, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x18, + 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, + 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, + 0x72, 0x65, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x52, 0x1a, 0x73, 0x75, 0x70, 0x70, 0x6f, + 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, + 0x74, 0x75, 0x72, 0x65, 0x73, 0x22, 0xc2, 0x01, 0x0a, 0x1e, 0x47, 0x65, 0x74, 0x45, 0x6e, 0x76, + 0x6f, 0x79, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x61, 0x72, 0x61, 0x6d, + 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x19, 0x0a, 0x07, 0x6e, 0x6f, 0x64, 0x65, + 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x06, 0x6e, 0x6f, 0x64, + 0x65, 0x49, 0x64, 0x12, 0x1d, 0x0a, 0x09, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x08, 0x6e, 0x6f, 0x64, 0x65, 0x4e, 0x61, + 0x6d, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x69, 0x64, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x49, + 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x70, 0x61, 0x72, 0x74, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x72, 0x74, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x12, + 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x05, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x42, 0x0b, 0x0a, + 0x09, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x73, 0x70, 0x65, 0x63, 0x22, 0x83, 0x02, 0x0a, 0x1f, 0x47, + 0x65, 0x74, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, + 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x39, + 0x0a, 0x0c, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x0e, 0x32, 0x16, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, + 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4b, 0x69, 0x6e, 0x64, 0x52, 0x0b, 0x73, 0x65, + 0x72, 0x76, 0x69, 0x63, 0x65, 0x4b, 0x69, 0x6e, 0x64, 0x12, 0x18, 0x0a, 0x07, 0x73, 0x65, 0x72, + 0x76, 0x69, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, + 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x70, 0x61, 0x72, 0x74, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x72, 0x74, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x12, + 0x1e, 0x0a, 0x0a, 0x64, 0x61, 0x74, 0x61, 0x63, 0x65, 0x6e, 0x74, 0x65, 0x72, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0a, 0x64, 0x61, 0x74, 0x61, 0x63, 0x65, 0x6e, 0x74, 0x65, 0x72, 0x12, + 0x2f, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x2a, 0x77, 0x0a, 0x11, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, + 0x74, 0x75, 0x72, 0x65, 0x73, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, + 0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x57, 0x41, 0x54, 0x43, 0x48, 0x5f, 0x53, 0x45, 0x52, 0x56, + 0x45, 0x52, 0x53, 0x10, 0x01, 0x12, 0x1f, 0x0a, 0x1b, 0x45, 0x44, 0x47, 0x45, 0x5f, 0x43, 0x45, + 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x5f, 0x4d, 0x41, 0x4e, 0x41, 0x47, 0x45, + 0x4d, 0x45, 0x4e, 0x54, 0x10, 0x02, 0x12, 0x21, 0x0a, 0x1d, 0x45, 0x4e, 0x56, 0x4f, 0x59, 0x5f, + 0x42, 0x4f, 0x4f, 0x54, 0x53, 0x54, 0x52, 0x41, 0x50, 0x5f, 0x43, 0x4f, 0x4e, 0x46, 0x49, 0x47, + 0x55, 0x52, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x10, 0x03, 0x2a, 0x6d, 0x0a, 0x0b, 0x53, 0x65, 0x72, + 0x76, 0x69, 0x63, 0x65, 0x4b, 0x69, 0x6e, 0x64, 0x12, 0x0b, 0x0a, 0x07, 0x54, 0x59, 0x50, 0x49, + 0x43, 0x41, 0x4c, 0x10, 0x00, 0x12, 0x11, 0x0a, 0x0d, 0x43, 0x4f, 0x4e, 0x4e, 0x45, 0x43, 0x54, + 0x5f, 0x50, 0x52, 0x4f, 0x58, 0x59, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x4d, 0x45, 0x53, 0x48, + 0x5f, 0x47, 0x41, 0x54, 0x45, 0x57, 0x41, 0x59, 0x10, 0x02, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x45, + 0x52, 0x4d, 0x49, 0x4e, 0x41, 0x54, 0x49, 0x4e, 0x47, 0x5f, 0x47, 0x41, 0x54, 0x45, 0x57, 0x41, + 0x59, 0x10, 0x03, 0x12, 0x13, 0x0a, 0x0f, 0x49, 0x4e, 0x47, 0x52, 0x45, 0x53, 0x53, 0x5f, 0x47, + 0x41, 0x54, 0x45, 0x57, 0x41, 0x59, 0x10, 0x04, 0x32, 0x8d, 0x02, 0x0a, 0x10, 0x44, 0x61, 0x74, + 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x84, 0x01, + 0x0a, 0x1d, 0x47, 0x65, 0x74, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, + 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x12, + 0x2f, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x47, 0x65, 0x74, 0x53, + 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, + 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x30, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x47, 0x65, 0x74, + 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, + 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x22, 0x00, 0x12, 0x72, 0x0a, 0x17, 0x47, 0x65, 0x74, 0x45, 0x6e, 0x76, 0x6f, 0x79, + 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x12, + 0x29, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x47, 0x65, 0x74, 0x45, + 0x6e, 0x76, 0x6f, 0x79, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x61, 0x72, + 0x61, 0x6d, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2a, 0x2e, 0x64, 0x61, 0x74, + 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x47, 0x65, 0x74, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x42, + 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, 0x36, 0x5a, 0x34, 0x67, 0x69, 0x74, 0x68, + 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, + 0x2f, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2d, 0x70, 0x75, + 0x62, 0x6c, 0x69, 0x63, 0x2f, 0x70, 0x62, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, + 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -283,24 +592,32 @@ func file_proto_public_pbdataplane_dataplane_proto_rawDescGZIP() []byte { return file_proto_public_pbdataplane_dataplane_proto_rawDescData } -var file_proto_public_pbdataplane_dataplane_proto_enumTypes = make([]protoimpl.EnumInfo, 1) -var file_proto_public_pbdataplane_dataplane_proto_msgTypes = make([]protoimpl.MessageInfo, 3) +var file_proto_public_pbdataplane_dataplane_proto_enumTypes = make([]protoimpl.EnumInfo, 2) +var file_proto_public_pbdataplane_dataplane_proto_msgTypes = make([]protoimpl.MessageInfo, 5) var file_proto_public_pbdataplane_dataplane_proto_goTypes = []interface{}{ - (DataplaneFeatures)(0), // 0: dataplane.DataplaneFeatures - (*SupportedDataplaneFeaturesRequest)(nil), // 1: dataplane.SupportedDataplaneFeaturesRequest - (*DataplaneFeatureSupport)(nil), // 2: dataplane.DataplaneFeatureSupport - (*SupportedDataplaneFeaturesResponse)(nil), // 3: dataplane.SupportedDataplaneFeaturesResponse + (DataplaneFeatures)(0), // 0: dataplane.DataplaneFeatures + (ServiceKind)(0), // 1: dataplane.ServiceKind + (*GetSupportedDataplaneFeaturesRequest)(nil), // 2: dataplane.GetSupportedDataplaneFeaturesRequest + (*DataplaneFeatureSupport)(nil), // 3: dataplane.DataplaneFeatureSupport + (*GetSupportedDataplaneFeaturesResponse)(nil), // 4: dataplane.GetSupportedDataplaneFeaturesResponse + (*GetEnvoyBootstrapParamsRequest)(nil), // 5: dataplane.GetEnvoyBootstrapParamsRequest + (*GetEnvoyBootstrapParamsResponse)(nil), // 6: dataplane.GetEnvoyBootstrapParamsResponse + (*structpb.Struct)(nil), // 7: google.protobuf.Struct } var file_proto_public_pbdataplane_dataplane_proto_depIdxs = []int32{ 0, // 0: dataplane.DataplaneFeatureSupport.feature_name:type_name -> dataplane.DataplaneFeatures - 2, // 1: dataplane.SupportedDataplaneFeaturesResponse.supported_dataplane_features:type_name -> dataplane.DataplaneFeatureSupport - 1, // 2: dataplane.DataplaneService.SupportedDataplaneFeatures:input_type -> dataplane.SupportedDataplaneFeaturesRequest - 3, // 3: dataplane.DataplaneService.SupportedDataplaneFeatures:output_type -> dataplane.SupportedDataplaneFeaturesResponse - 3, // [3:4] is the sub-list for method output_type - 2, // [2:3] is the sub-list for method input_type - 2, // [2:2] is the sub-list for extension type_name - 2, // [2:2] is the sub-list for extension extendee - 0, // [0:2] is the sub-list for field type_name + 3, // 1: dataplane.GetSupportedDataplaneFeaturesResponse.supported_dataplane_features:type_name -> dataplane.DataplaneFeatureSupport + 1, // 2: dataplane.GetEnvoyBootstrapParamsResponse.service_kind:type_name -> dataplane.ServiceKind + 7, // 3: dataplane.GetEnvoyBootstrapParamsResponse.config:type_name -> google.protobuf.Struct + 2, // 4: dataplane.DataplaneService.GetSupportedDataplaneFeatures:input_type -> dataplane.GetSupportedDataplaneFeaturesRequest + 5, // 5: dataplane.DataplaneService.GetEnvoyBootstrapParams:input_type -> dataplane.GetEnvoyBootstrapParamsRequest + 4, // 6: dataplane.DataplaneService.GetSupportedDataplaneFeatures:output_type -> dataplane.GetSupportedDataplaneFeaturesResponse + 6, // 7: dataplane.DataplaneService.GetEnvoyBootstrapParams:output_type -> dataplane.GetEnvoyBootstrapParamsResponse + 6, // [6:8] is the sub-list for method output_type + 4, // [4:6] is the sub-list for method input_type + 4, // [4:4] is the sub-list for extension type_name + 4, // [4:4] is the sub-list for extension extendee + 0, // [0:4] is the sub-list for field type_name } func init() { file_proto_public_pbdataplane_dataplane_proto_init() } @@ -310,7 +627,7 @@ func file_proto_public_pbdataplane_dataplane_proto_init() { } if !protoimpl.UnsafeEnabled { file_proto_public_pbdataplane_dataplane_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*SupportedDataplaneFeaturesRequest); i { + switch v := v.(*GetSupportedDataplaneFeaturesRequest); i { case 0: return &v.state case 1: @@ -334,7 +651,31 @@ func file_proto_public_pbdataplane_dataplane_proto_init() { } } file_proto_public_pbdataplane_dataplane_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*SupportedDataplaneFeaturesResponse); i { + switch v := v.(*GetSupportedDataplaneFeaturesResponse); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_public_pbdataplane_dataplane_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*GetEnvoyBootstrapParamsRequest); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_proto_public_pbdataplane_dataplane_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*GetEnvoyBootstrapParamsResponse); i { case 0: return &v.state case 1: @@ -346,13 +687,17 @@ func file_proto_public_pbdataplane_dataplane_proto_init() { } } } + file_proto_public_pbdataplane_dataplane_proto_msgTypes[3].OneofWrappers = []interface{}{ + (*GetEnvoyBootstrapParamsRequest_NodeId)(nil), + (*GetEnvoyBootstrapParamsRequest_NodeName)(nil), + } type x struct{} out := protoimpl.TypeBuilder{ File: protoimpl.DescBuilder{ GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_proto_public_pbdataplane_dataplane_proto_rawDesc, - NumEnums: 1, - NumMessages: 3, + NumEnums: 2, + NumMessages: 5, NumExtensions: 0, NumServices: 1, }, @@ -379,7 +724,8 @@ const _ = grpc.SupportPackageIsVersion6 // // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream. type DataplaneServiceClient interface { - SupportedDataplaneFeatures(ctx context.Context, in *SupportedDataplaneFeaturesRequest, opts ...grpc.CallOption) (*SupportedDataplaneFeaturesResponse, error) + GetSupportedDataplaneFeatures(ctx context.Context, in *GetSupportedDataplaneFeaturesRequest, opts ...grpc.CallOption) (*GetSupportedDataplaneFeaturesResponse, error) + GetEnvoyBootstrapParams(ctx context.Context, in *GetEnvoyBootstrapParamsRequest, opts ...grpc.CallOption) (*GetEnvoyBootstrapParamsResponse, error) } type dataplaneServiceClient struct { @@ -390,9 +736,18 @@ func NewDataplaneServiceClient(cc grpc.ClientConnInterface) DataplaneServiceClie return &dataplaneServiceClient{cc} } -func (c *dataplaneServiceClient) SupportedDataplaneFeatures(ctx context.Context, in *SupportedDataplaneFeaturesRequest, opts ...grpc.CallOption) (*SupportedDataplaneFeaturesResponse, error) { - out := new(SupportedDataplaneFeaturesResponse) - err := c.cc.Invoke(ctx, "/dataplane.DataplaneService/SupportedDataplaneFeatures", in, out, opts...) +func (c *dataplaneServiceClient) GetSupportedDataplaneFeatures(ctx context.Context, in *GetSupportedDataplaneFeaturesRequest, opts ...grpc.CallOption) (*GetSupportedDataplaneFeaturesResponse, error) { + out := new(GetSupportedDataplaneFeaturesResponse) + err := c.cc.Invoke(ctx, "/dataplane.DataplaneService/GetSupportedDataplaneFeatures", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *dataplaneServiceClient) GetEnvoyBootstrapParams(ctx context.Context, in *GetEnvoyBootstrapParamsRequest, opts ...grpc.CallOption) (*GetEnvoyBootstrapParamsResponse, error) { + out := new(GetEnvoyBootstrapParamsResponse) + err := c.cc.Invoke(ctx, "/dataplane.DataplaneService/GetEnvoyBootstrapParams", in, out, opts...) if err != nil { return nil, err } @@ -401,35 +756,57 @@ func (c *dataplaneServiceClient) SupportedDataplaneFeatures(ctx context.Context, // DataplaneServiceServer is the server API for DataplaneService service. type DataplaneServiceServer interface { - SupportedDataplaneFeatures(context.Context, *SupportedDataplaneFeaturesRequest) (*SupportedDataplaneFeaturesResponse, error) + GetSupportedDataplaneFeatures(context.Context, *GetSupportedDataplaneFeaturesRequest) (*GetSupportedDataplaneFeaturesResponse, error) + GetEnvoyBootstrapParams(context.Context, *GetEnvoyBootstrapParamsRequest) (*GetEnvoyBootstrapParamsResponse, error) } // UnimplementedDataplaneServiceServer can be embedded to have forward compatible implementations. type UnimplementedDataplaneServiceServer struct { } -func (*UnimplementedDataplaneServiceServer) SupportedDataplaneFeatures(context.Context, *SupportedDataplaneFeaturesRequest) (*SupportedDataplaneFeaturesResponse, error) { - return nil, status.Errorf(codes.Unimplemented, "method SupportedDataplaneFeatures not implemented") +func (*UnimplementedDataplaneServiceServer) GetSupportedDataplaneFeatures(context.Context, *GetSupportedDataplaneFeaturesRequest) (*GetSupportedDataplaneFeaturesResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetSupportedDataplaneFeatures not implemented") +} +func (*UnimplementedDataplaneServiceServer) GetEnvoyBootstrapParams(context.Context, *GetEnvoyBootstrapParamsRequest) (*GetEnvoyBootstrapParamsResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetEnvoyBootstrapParams not implemented") } func RegisterDataplaneServiceServer(s *grpc.Server, srv DataplaneServiceServer) { s.RegisterService(&_DataplaneService_serviceDesc, srv) } -func _DataplaneService_SupportedDataplaneFeatures_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(SupportedDataplaneFeaturesRequest) +func _DataplaneService_GetSupportedDataplaneFeatures_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(GetSupportedDataplaneFeaturesRequest) if err := dec(in); err != nil { return nil, err } if interceptor == nil { - return srv.(DataplaneServiceServer).SupportedDataplaneFeatures(ctx, in) + return srv.(DataplaneServiceServer).GetSupportedDataplaneFeatures(ctx, in) } info := &grpc.UnaryServerInfo{ Server: srv, - FullMethod: "/dataplane.DataplaneService/SupportedDataplaneFeatures", + FullMethod: "/dataplane.DataplaneService/GetSupportedDataplaneFeatures", } handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(DataplaneServiceServer).SupportedDataplaneFeatures(ctx, req.(*SupportedDataplaneFeaturesRequest)) + return srv.(DataplaneServiceServer).GetSupportedDataplaneFeatures(ctx, req.(*GetSupportedDataplaneFeaturesRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _DataplaneService_GetEnvoyBootstrapParams_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(GetEnvoyBootstrapParamsRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(DataplaneServiceServer).GetEnvoyBootstrapParams(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/dataplane.DataplaneService/GetEnvoyBootstrapParams", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(DataplaneServiceServer).GetEnvoyBootstrapParams(ctx, req.(*GetEnvoyBootstrapParamsRequest)) } return interceptor(ctx, in, info, handler) } @@ -439,8 +816,12 @@ var _DataplaneService_serviceDesc = grpc.ServiceDesc{ HandlerType: (*DataplaneServiceServer)(nil), Methods: []grpc.MethodDesc{ { - MethodName: "SupportedDataplaneFeatures", - Handler: _DataplaneService_SupportedDataplaneFeatures_Handler, + MethodName: "GetSupportedDataplaneFeatures", + Handler: _DataplaneService_GetSupportedDataplaneFeatures_Handler, + }, + { + MethodName: "GetEnvoyBootstrapParams", + Handler: _DataplaneService_GetEnvoyBootstrapParams_Handler, }, }, Streams: []grpc.StreamDesc{}, diff --git a/proto-public/pbdataplane/dataplane.proto b/proto-public/pbdataplane/dataplane.proto index 17789fc55..dfc672bec 100644 --- a/proto-public/pbdataplane/dataplane.proto +++ b/proto-public/pbdataplane/dataplane.proto @@ -4,29 +4,78 @@ syntax = "proto3"; package dataplane; +import "google/protobuf/struct.proto"; + option go_package = "github.com/hashicorp/consul/proto-public/pbdataplane"; - -message SupportedDataplaneFeaturesRequest {} +message GetSupportedDataplaneFeaturesRequest {} enum DataplaneFeatures { - UNKNOWN = 0; - WATCH_SERVERS = 1; - EDGE_CERTIFICATE_MANAGEMENT = 2; - ENVOY_BOOTSTRAP_CONFIGURATION = 3; + UNKNOWN = 0; + WATCH_SERVERS = 1; + EDGE_CERTIFICATE_MANAGEMENT = 2; + ENVOY_BOOTSTRAP_CONFIGURATION = 3; } - message DataplaneFeatureSupport { - DataplaneFeatures feature_name = 1; - bool supported = 2; + DataplaneFeatures feature_name = 1; + bool supported = 2; } -message SupportedDataplaneFeaturesResponse { - repeated DataplaneFeatureSupport supported_dataplane_features = 1; +message GetSupportedDataplaneFeaturesResponse { + repeated DataplaneFeatureSupport supported_dataplane_features = 1; } +message GetEnvoyBootstrapParamsRequest { + oneof node_spec { + string node_id = 1; + string node_name = 2; + } + // The proxy service ID + string service_id = 3; + string partition = 4; + string namespace = 5; +} + +enum ServiceKind { + // ServiceKind Typical is a typical, classic Consul service. This is + // represented by the absence of a value. This was chosen for ease of + // backwards compatibility: existing services in the catalog would + // default to the typical service. + TYPICAL = 0; + + // ServiceKind Connect Proxy is a proxy for the Connect feature. This + // service proxies another service within Consul and speaks the connect + // protocol. + CONNECT_PROXY = 1; + + // ServiceKind Mesh Gateway is a Mesh Gateway for the Connect feature. This + // service will proxy connections based off the SNI header set by other + // connect proxies. + MESH_GATEWAY = 2; + + // ServiceKind Terminating Gateway is a Terminating Gateway for the Connect + // feature. This service will proxy connections to services outside the mesh. + TERMINATING_GATEWAY = 3; + + // ServiceKind Ingress Gateway is an Ingress Gateway for the Connect feature. + // This service will ingress connections into the service mesh. + INGRESS_GATEWAY = 4; +} + +message GetEnvoyBootstrapParamsResponse { + ServiceKind service_kind = 1; + // The destination service name + string service = 2; + string namespace = 3; + string partition = 4; + string datacenter = 5; + google.protobuf.Struct config = 6; +} service DataplaneService { - rpc SupportedDataplaneFeatures(SupportedDataplaneFeaturesRequest) returns (SupportedDataplaneFeaturesResponse) {}; -} \ No newline at end of file + rpc GetSupportedDataplaneFeatures(GetSupportedDataplaneFeaturesRequest) returns (GetSupportedDataplaneFeaturesResponse) {} + + rpc GetEnvoyBootstrapParams(GetEnvoyBootstrapParamsRequest) returns (GetEnvoyBootstrapParamsResponse) {} + +}