agent/proxy: pass proxy ID as an env var

agent/proxy/daemon.go

@@ -33,6 +33,10 @@ type Daemon struct {
 	// be a Cmd that isn't yet started.
 	Command *exec.Cmd
 
+	// ProxyId is the ID of the proxy service. This is required for API
+	// requests (along with the token) and is passed via env var.
+	ProxyId string
+
 	// ProxyToken is the special local-only ACL token that allows a proxy
 	// to communicate to the Connect-specific endpoints.
 	ProxyToken string
@@ -204,7 +208,9 @@ func (p *Daemon) start() (*os.Process, error) {
 	// reference. We allocate an exactly sized slice.
 	cmd.Env = make([]string, len(p.Command.Env), len(p.Command.Env)+1)
 	copy(cmd.Env, p.Command.Env)
-	cmd.Env = append(cmd.Env, fmt.Sprintf("%s=%s", EnvProxyToken, p.ProxyToken))
+	cmd.Env = append(cmd.Env,
+		fmt.Sprintf("%s=%s", EnvProxyId, p.ProxyId),
+		fmt.Sprintf("%s=%s", EnvProxyToken, p.ProxyToken))
 
 	// Args must always contain a 0 entry which is usually the executed binary.
 	// To be safe and a bit more robust we default this, but only to prevent
@@ -387,6 +393,9 @@ func (p *Daemon) UnmarshalSnapshot(m map[string]interface{}) error {
 }
 
 // daemonSnapshot is the structure of the marshalled data for snapshotting.
+//
+// Note we don't have to store the ProxyId because this is stored directly
+// within the manager snapshot and is restored automatically.
 type daemonSnapshot struct {
 	// Pid of the process. This is the only value actually required to
 	// regain mangement control. The remainder values are for Equal.

agent/proxy/daemon_test.go

@@ -30,10 +30,12 @@ func TestDaemonStartStop(t *testing.T) {
 
 	d := &Daemon{
 		Command:    helperProcess("start-stop", path),
+		ProxyId:    "tubes",
 		ProxyToken: uuid,
 		Logger:     testLogger,
 	}
 	require.NoError(d.Start())
+	defer d.Stop()
 
 	// Wait for the file to exist
 	retry.Run(t, func(r *retry.R) {
@@ -49,7 +51,7 @@ func TestDaemonStartStop(t *testing.T) {
 	// that we properly passed the token as an env var.
 	data, err := ioutil.ReadFile(path)
 	require.NoError(err)
-	require.Equal(uuid, string(data))
+	require.Equal("tubes:"+uuid, string(data))
 
 	// Stop the process
 	require.NoError(d.Stop())

agent/proxy/manager.go

@@ -411,6 +411,7 @@ func (m *Manager) newProxy(mp *local.ManagedProxy) (Proxy, error) {
 
 		// Build the daemon structure
 		proxy.Command = &cmd
+		proxy.ProxyId = id
 		proxy.ProxyToken = mp.ProxyToken
 		return proxy, nil
 

agent/proxy/proxy.go

@@ -11,9 +11,16 @@ import (
 	"github.com/hashicorp/consul/agent/structs"
 )
 
-// EnvProxyToken is the name of the environment variable that is passed
-// to managed proxies containing the proxy token.
-const EnvProxyToken = "CONNECT_PROXY_TOKEN"
+const (
+	// EnvProxyId is the name of the environment variable that is set for
+	// managed proxies containing the proxy service ID. This is required along
+	// with the token to make API requests related to the proxy.
+	EnvProxyId = "CONNECT_PROXY_ID"
+
+	// EnvProxyToken is the name of the environment variable that is passed
+	// to managed proxies containing the proxy token.
+	EnvProxyToken = "CONNECT_PROXY_TOKEN"
+)
 
 // Proxy is the interface implemented by all types of managed proxies.
 //
@@ -51,6 +58,10 @@ type Proxy interface {
 	// so that Consul can recover the proxy process after a restart. The
 	// result should only contain primitive values and containers (lists/maps).
 	//
+	// MarshalSnapshot does NOT need to store the following fields, since they
+	// are part of the manager snapshot and will be automatically restored
+	// for any proxies: proxy ID.
+	//
 	// UnmarshalSnapshot is called to restore the receiving Proxy from its
 	// marshalled state. If UnmarshalSnapshot returns an error, the snapshot
 	// is ignored and the marshalled snapshot will be lost. The manager will

agent/proxy/proxy_test.go

@@ -78,7 +78,10 @@ func TestHelperProcess(t *testing.T) {
 		defer signal.Stop(ch)
 
 		path := args[0]
-		data := []byte(os.Getenv(EnvProxyToken))
+		var data []byte
+		data = append(data, []byte(os.Getenv(EnvProxyId))...)
+		data = append(data, ':')
+		data = append(data, []byte(os.Getenv(EnvProxyToken))...)
 
 		if err := ioutil.WriteFile(path, data, 0644); err != nil {
 			t.Fatalf("err: %s", err)