From 9ad2a12441a288bf95ed8768f45d8c7089210a4a Mon Sep 17 00:00:00 2001 From: Mitchell Hashimoto Date: Fri, 16 Mar 2018 21:39:26 -0700 Subject: [PATCH] agent: /v1/connect/ca/roots --- agent/agent_endpoint.go | 9 +++++++++ agent/connect_ca_endpoint.go | 28 ++++++++++++++++++++++++++++ agent/http_oss.go | 2 ++ 3 files changed, 39 insertions(+) create mode 100644 agent/connect_ca_endpoint.go diff --git a/agent/agent_endpoint.go b/agent/agent_endpoint.go index 75d5807c0..e3e8fcd51 100644 --- a/agent/agent_endpoint.go +++ b/agent/agent_endpoint.go @@ -836,3 +836,12 @@ func (s *HTTPServer) AgentToken(resp http.ResponseWriter, req *http.Request) (in s.agent.logger.Printf("[INFO] agent: Updated agent's ACL token %q", target) return nil, nil } + +// AgentConnectCARoots returns the trusted CA roots. +func (s *HTTPServer) AgentConnectCARoots(resp http.ResponseWriter, req *http.Request) (interface{}, error) { + if req.Method != "GET" { + return nil, MethodNotAllowedError{req.Method, []string{"GET"}} + } + + return nil, nil +} diff --git a/agent/connect_ca_endpoint.go b/agent/connect_ca_endpoint.go new file mode 100644 index 000000000..8e92417bc --- /dev/null +++ b/agent/connect_ca_endpoint.go @@ -0,0 +1,28 @@ +package agent + +import ( + "net/http" + + "github.com/hashicorp/consul/agent/structs" +) + +// GET /v1/connect/ca/roots +func (s *HTTPServer) ConnectCARoots(resp http.ResponseWriter, req *http.Request) (interface{}, error) { + // Test the method + if req.Method != "GET" { + return nil, MethodNotAllowedError{req.Method, []string{"GET"}} + } + + var args structs.DCSpecificRequest + if done := s.parse(resp, req, &args.Datacenter, &args.QueryOptions); done { + return nil, nil + } + + var reply structs.IndexedCARoots + defer setMeta(resp, &reply.QueryMeta) + if err := s.agent.RPC("ConnectCA.Roots", &args, &reply); err != nil { + return nil, err + } + + return reply.Roots, nil +} diff --git a/agent/http_oss.go b/agent/http_oss.go index 2e2c9751a..3cb18b2e1 100644 --- a/agent/http_oss.go +++ b/agent/http_oss.go @@ -29,6 +29,7 @@ func init() { registerEndpoint("/v1/agent/check/warn/", []string{"PUT"}, (*HTTPServer).AgentCheckWarn) registerEndpoint("/v1/agent/check/fail/", []string{"PUT"}, (*HTTPServer).AgentCheckFail) registerEndpoint("/v1/agent/check/update/", []string{"PUT"}, (*HTTPServer).AgentCheckUpdate) + registerEndpoint("/v1/agent/connect/ca/roots", []string{"GET"}, (*HTTPServer).AgentConnectCARoots) registerEndpoint("/v1/agent/service/register", []string{"PUT"}, (*HTTPServer).AgentRegisterService) registerEndpoint("/v1/agent/service/deregister/", []string{"PUT"}, (*HTTPServer).AgentDeregisterService) registerEndpoint("/v1/agent/service/maintenance/", []string{"PUT"}, (*HTTPServer).AgentServiceMaintenance) @@ -40,6 +41,7 @@ func init() { registerEndpoint("/v1/catalog/services", []string{"GET"}, (*HTTPServer).CatalogServices) registerEndpoint("/v1/catalog/service/", []string{"GET"}, (*HTTPServer).CatalogServiceNodes) registerEndpoint("/v1/catalog/node/", []string{"GET"}, (*HTTPServer).CatalogNodeServices) + registerEndpoint("/v1/connect/ca/roots", []string{"GET"}, (*HTTPServer).ConnectCARoots) registerEndpoint("/v1/connect/intentions", []string{"GET", "POST"}, (*HTTPServer).IntentionEndpoint) registerEndpoint("/v1/connect/intentions/match", []string{"GET"}, (*HTTPServer).IntentionMatch) registerEndpoint("/v1/connect/intentions/", []string{"GET"}, (*HTTPServer).IntentionSpecific)