From 6d51282adfb3bb0af1f07849b3f2f6c808e702f6 Mon Sep 17 00:00:00 2001 From: freddygv Date: Mon, 29 Nov 2021 11:21:33 -0700 Subject: [PATCH] Prevent partition-exports entry from OSS usage Validation was added on the config entry kind since that is called when validating config entries to bootstrap via agent configuration and when applying entries via the config RPC endpoint. --- agent/structs/config_entry_exports.go | 10 +++++++--- agent/structs/config_entry_oss.go | 4 ++++ 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/agent/structs/config_entry_exports.go b/agent/structs/config_entry_exports.go index 044f9d62a..7b9d7cfb8 100644 --- a/agent/structs/config_entry_exports.go +++ b/agent/structs/config_entry_exports.go @@ -113,7 +113,12 @@ func (e *PartitionExportsConfigEntry) Validate() error { return fmt.Errorf("partition-exports Name must be the name of a partition, and not a wildcard") } - validationErr := validateConfigEntryMeta(e.Meta) + if err := requireEnterprise(e.GetKind()); err != nil { + return err + } + if err := validateConfigEntryMeta(e.Meta); err != nil { + return err + } for _, svc := range e.Services { if svc.Name == "" { @@ -128,8 +133,7 @@ func (e *PartitionExportsConfigEntry) Validate() error { } } } - - return validationErr + return nil } func (e *PartitionExportsConfigEntry) CanRead(authz acl.Authorizer) bool { diff --git a/agent/structs/config_entry_oss.go b/agent/structs/config_entry_oss.go index c338bdcba..f7ccac38c 100644 --- a/agent/structs/config_entry_oss.go +++ b/agent/structs/config_entry_oss.go @@ -35,3 +35,7 @@ func validateUnusedKeys(unused []string) error { func validateInnerEnterpriseMeta(_, _ *EnterpriseMeta) error { return nil } + +func requireEnterprise(kind string) error { + return fmt.Errorf("Config entry kind %q requires Consul Enterprise", kind) +}