Backport of Stop JWT provider from being written in non default namespace into release/1.16.x (#18331)
backport of commit f15be60e488a77cf80f78a84c35a4a1154637d03 Co-authored-by: Ronald Ekambi <ronekambi@gmail.com>
This commit is contained in:
parent
5114b031a7
commit
5429e56d1d
|
@ -0,0 +1,3 @@
|
|||
```release-note:bug
|
||||
mesh: **(Enterprise Only)** Require that `jwt-provider` config entries are created in the `default` namespace.
|
||||
```
|
|
@ -509,7 +509,7 @@ func (e *JWTProviderConfigEntry) Validate() error {
|
|||
return err
|
||||
}
|
||||
|
||||
if err := e.validatePartition(); err != nil {
|
||||
if err := e.validatePartitionAndNamespace(); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
|
|
|
@ -12,9 +12,14 @@ import (
|
|||
"github.com/hashicorp/consul/acl"
|
||||
)
|
||||
|
||||
func (e *JWTProviderConfigEntry) validatePartition() error {
|
||||
func (e *JWTProviderConfigEntry) validatePartitionAndNamespace() error {
|
||||
if !acl.IsDefaultPartition(e.PartitionOrDefault()) {
|
||||
return fmt.Errorf("Partitions are an enterprise only feature")
|
||||
}
|
||||
|
||||
if acl.DefaultNamespaceName != e.NamespaceOrDefault() {
|
||||
return fmt.Errorf("Namespaces are an enterprise only feature")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue