Adds check to verify that the API Gateway is being created with at least one listener

This commit is contained in:
Melisa Griffin 2023-03-20 12:37:30 -04:00 committed by GitHub
parent 578eeeb653
commit fa1b6e7450
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 32 additions and 6 deletions

3
.changelog/16649.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:bug
gateways: Adds validation to ensure the API Gateway has a listener defined when created
```

View File

@ -411,7 +411,16 @@ func TestConfigEntries_ListRelatedServices_AndACLs(t *testing.T) {
},
{
name: "api-gateway",
entry: &APIGatewayConfigEntry{Name: "test"},
entry: &APIGatewayConfigEntry{
Name: "test",
Listeners: []APIGatewayListener{
{
Name: "test",
Port: 100,
Protocol: "http",
},
},
},
expectACLs: []testACL{
{
name: "no-authz",

View File

@ -769,6 +769,9 @@ func (e *APIGatewayConfigEntry) Validate() error {
return err
}
if len(e.Listeners) == 0 {
return fmt.Errorf("api gateway must have at least one listener")
}
if err := e.validateListenerNames(); err != nil {
return err
}

View File

@ -1126,6 +1126,13 @@ func TestGatewayService_Addresses(t *testing.T) {
func TestAPIGateway_Listeners(t *testing.T) {
cases := map[string]configEntryTestcase{
"no listeners defined": {
entry: &APIGatewayConfigEntry{
Kind: "api-gateway",
Name: "api-gw-one",
},
validateErr: "api gateway must have at least one listener",
},
"listener name conflict": {
entry: &APIGatewayConfigEntry{
Kind: "api-gateway",

View File

@ -27,6 +27,7 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
| Config Entry Kind | Required ACL |
| ------------------- | ------------------ |
| api-gateway | `mesh:write` |
| ingress-gateway | `operator:write` |
| proxy-defaults | `operator:write` |
| service-defaults | `service:write` |
@ -45,16 +46,16 @@ Usage: `consul config delete [options]`
- `-kind` - Specifies the kind of the config entry to read.
- `-name` - Specifies the name of the config entry to delete. The name of the
`proxy-defaults` config entry must be `global`, and the name of the `mesh`
config entry must be `mesh`.
`proxy-defaults` config entry must be `global`, and the name of the `mesh`
config entry must be `mesh`.
- `-filename` - Specifies the file describing the config entry to delete.
- `-cas` - Perform a Check-And-Set operation. Specifying this value also
requires the -modify-index flag to be set. The default value is false.
requires the -modify-index flag to be set. The default value is false.
- `-modify-index=<int>` - Unsigned integer representing the ModifyIndex of the
config entry. This is used in combination with the -cas flag.
config entry. This is used in combination with the -cas flag.
#### Enterprise Options

View File

@ -27,6 +27,7 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
| Config Entry Kind | Required ACL |
| ------------------- | ----------------- |
| api-gateway | `mesh:read` |
| ingress-gateway | `service:read` |
| proxy-defaults | `<none>` |
| service-defaults | `service:read` |

View File

@ -28,6 +28,7 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
| Config Entry Kind | Required ACL |
| ------------------- | ----------------- |
| api-gateway | `mesh:read` |
| ingress-gateway | `service:read` |
| proxy-defaults | `<none>` |
| service-defaults | `service:read` |

View File

@ -30,6 +30,7 @@ are not supported from commands, but may be from the corresponding HTTP endpoint
| Config Entry Kind | Required ACL |
| ------------------- | ------------------ |
| api-gateway | `mesh:write` |
| ingress-gateway | `operator:write` |
| proxy-defaults | `operator:write` |
| service-defaults | `service:write` |