luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Adds check to verify that the API Gateway is being created with at least one listener

This commit is contained in:
Melisa Griffin 2023-03-20 12:37:30 -04:00 committed by GitHub
parent 578eeeb653
commit fa1b6e7450
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 32 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.changelog/16649.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:bug
gateways: Adds validation to ensure the API Gateway has a listener defined when created
```

13
agent/structs/config_entry_discoverychain_test.go
View File

@ -410,8 +410,17 @@ func TestConfigEntries_ListRelatedServices_AndACLs(t *testing.T) {
}, },
}, },
{ {
name: "api-gateway", name: "api-gateway",
entry: &APIGatewayConfigEntry{Name: "test"}, entry: &APIGatewayConfigEntry{
Name: "test",
Listeners: []APIGatewayListener{
{
Name: "test",
Port: 100,
Protocol: "http",
},
},
},
expectACLs: []testACL{ expectACLs: []testACL{
{ {
name: "no-authz", name: "no-authz",

3
agent/structs/config_entry_gateways.go
View File

@ -769,6 +769,9 @@ func (e *APIGatewayConfigEntry) Validate() error {
return err return err
} }
if len(e.Listeners) == 0 {
return fmt.Errorf("api gateway must have at least one listener")
}
if err := e.validateListenerNames(); err != nil { if err := e.validateListenerNames(); err != nil {
return err return err
} }

7
agent/structs/config_entry_gateways_test.go
View File

@ -1126,6 +1126,13 @@ func TestGatewayService_Addresses(t *testing.T) {
func TestAPIGateway_Listeners(t *testing.T) { func TestAPIGateway_Listeners(t *testing.T) {
cases := map[string]configEntryTestcase{ cases := map[string]configEntryTestcase{
"no listeners defined": {
entry: &APIGatewayConfigEntry{
Kind: "api-gateway",
Name: "api-gw-one",
},
validateErr: "api gateway must have at least one listener",
},
"listener name conflict": { "listener name conflict": {
entry: &APIGatewayConfigEntry{ entry: &APIGatewayConfigEntry{
Kind: "api-gateway", Kind: "api-gateway",

9
website/content/commands/config/delete.mdx
View File

@ -27,6 +27,7 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
| Config Entry Kind | Required ACL | | Config Entry Kind | Required ACL |
| ------------------- | ------------------ | | ------------------- | ------------------ |
| api-gateway | `mesh:write` |
| ingress-gateway | `operator:write` | | ingress-gateway | `operator:write` |
| proxy-defaults | `operator:write` | | proxy-defaults | `operator:write` |
| service-defaults | `service:write` | | service-defaults | `service:write` |
@ -45,16 +46,16 @@ Usage: `consul config delete [options]`
- `-kind` - Specifies the kind of the config entry to read. - `-kind` - Specifies the kind of the config entry to read.
- `-name` - Specifies the name of the config entry to delete. The name of the - `-name` - Specifies the name of the config entry to delete. The name of the
`proxy-defaults` config entry must be `global`, and the name of the `mesh` `proxy-defaults` config entry must be `global`, and the name of the `mesh`
config entry must be `mesh`. config entry must be `mesh`.
- `-filename` - Specifies the file describing the config entry to delete. - `-filename` - Specifies the file describing the config entry to delete.
- `-cas` - Perform a Check-And-Set operation. Specifying this value also - `-cas` - Perform a Check-And-Set operation. Specifying this value also
requires the -modify-index flag to be set. The default value is false. requires the -modify-index flag to be set. The default value is false.
- `-modify-index=<int>` - Unsigned integer representing the ModifyIndex of the - `-modify-index=<int>` - Unsigned integer representing the ModifyIndex of the
config entry. This is used in combination with the -cas flag. config entry. This is used in combination with the -cas flag.
#### Enterprise Options #### Enterprise Options

1
website/content/commands/config/list.mdx
View File

@ -27,6 +27,7 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
| Config Entry Kind | Required ACL | | Config Entry Kind | Required ACL |
| ------------------- | ----------------- | | ------------------- | ----------------- |
| api-gateway | `mesh:read` |
| ingress-gateway | `service:read` | | ingress-gateway | `service:read` |
| proxy-defaults | `<none>` | | proxy-defaults | `<none>` |
| service-defaults | `service:read` | | service-defaults | `service:read` |

1
website/content/commands/config/read.mdx
View File

@ -28,6 +28,7 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
| Config Entry Kind | Required ACL | | Config Entry Kind | Required ACL |
| ------------------- | ----------------- | | ------------------- | ----------------- |
| api-gateway | `mesh:read` |
| ingress-gateway | `service:read` | | ingress-gateway | `service:read` |
| proxy-defaults | `<none>` | | proxy-defaults | `<none>` |
| service-defaults | `service:read` | | service-defaults | `service:read` |

1
website/content/commands/config/write.mdx
View File

@ -30,6 +30,7 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
| Config Entry Kind | Required ACL | | Config Entry Kind | Required ACL |
| ------------------- | ------------------ | | ------------------- | ------------------ |
| api-gateway | `mesh:write` |
| ingress-gateway | `operator:write` | | ingress-gateway | `operator:write` |
| proxy-defaults | `operator:write` | | proxy-defaults | `operator:write` |
| service-defaults | `service:write` | | service-defaults | `service:write` |