Commit Graph

157 Commits

Author SHA1 Message Date
Kyle Havlovitz 9080006a37
Add support for multiple metadata filters to remaining endpoints
Enabled multiple meta filters for /v1/catalog/nodes and /v1/catalog/services
2017-01-13 20:49:13 -05:00
Kyle Havlovitz e37f25dc02
Add node metadata filtering to remaining health/catalog endpoints 2017-01-13 20:08:43 -05:00
James Phillips c837d055cd
Breaks up the state store into several files. 2017-01-13 11:47:16 -08:00
Kyle Havlovitz 3620e5e199
Fix inconsistency in TestStateStore_ServicesByNodeMeta 2017-01-12 19:46:58 -05:00
Kyle Havlovitz d77890a011
Validate metadata config earlier and handle multiple filters 2017-01-11 15:12:03 -05:00
Kyle Havlovitz aee766baba
Add meta key validations and more tests 2017-01-09 11:21:49 -08:00
Kyle Havlovitz b25f4c7d35
Add tests for node metadata functionality 2017-01-05 17:21:56 -08:00
Kyle Havlovitz 2a423c6e2c
Add support for setting node metadata fields 2017-01-05 14:10:26 -08:00
James Phillips 8ed0b81adb
Adds complete ACL coverage for /v1/catalog/deregister.
This included some state store helpers to make this more efficient.
2016-12-09 21:04:44 -08:00
James Phillips 7fa693a338
Adds complete ACL coverage for /v1/catalog/register. 2016-12-09 21:04:37 -08:00
James Phillips 29e52307cb
Makes empty checkServiceNode return a nil.
The change in #2308 had an inadvertent interface change, so we fix that with
a special case in this fix.
2016-08-29 19:12:07 -07:00
James Phillips 327fe725d9
Preallocates result struct, which was a profiling hot spot. 2016-08-26 16:34:28 -07:00
James Phillips 1f539d9914
Makes the filled-in parts of ServiceNode more explicit. 2016-08-12 18:25:36 -07:00
David van Geest 360e196c93
Translate Address to tagged WAN address in HTTP API when appropriate. 2016-08-12 18:25:36 -07:00
Sean Chittenden 7482a9207d
Chase casting types.CheckID to a string into the state_store.
It turns out the indexer can only use strings as arguments when
creating a query.  Cast `types.CheckID` to a `string` before calling
into `memdb`.

Ideally the indexer would be smart enough to do this at compile-time,
but I need to look into how to do this without reflection and the
runtime package.  For the time being statically cast `types.CheckID`
to a `string` at the call sites.
2016-06-07 16:59:02 -04:00
Sean Chittenden ff45f8c8ff
Revert "Move `structs.CheckID` to a new top-level package, `types`."
This reverts commit 2bbd52e3b44ff1b60939a8400264d534662d6d51.
2016-06-07 16:59:02 -04:00
Sean Chittenden a4554b945c
Move `structs.CheckID` to a new top-level package, `types`.
Per discussion w/ @slackpad, move this type to its own top-level package
2016-06-07 16:59:02 -04:00
Sean Chittenden cd68cd3868
Move `structs.CheckID` to a new top-level package, `types`.
Per discussion w/ @slackpad, move this type to its own top-level package
2016-06-07 16:59:02 -04:00
Sean Chittenden 0857e93d0b
Float a type balloon. Some strings are square pegs in round holes.
This experiment was brought about because of variable naming
confusion where name and checkIDs were interchanged.  Gave CheckID
an Qualified Type Name and chased downstream changes.
2016-06-07 16:59:02 -04:00
James Phillips a11f32a1da Adds a get-tree verb to KV transaction operations. 2016-05-13 16:57:39 -07:00
James Phillips 5fd99b13ef Removes null results for deletes, and preps for more than one result from an operation. 2016-05-13 01:47:55 -07:00
James Phillips 2649a6336e Adds a read-only optimized path for transactions. 2016-05-13 00:34:05 -07:00
James Phillips 0c34ed078c Adds a comment for the txnKVS() function. 2016-05-12 16:11:26 -07:00
James Phillips 88b1c7d054 Makes get fail a transaction if the key doesn't exist. 2016-05-11 14:18:31 -07:00
James Phillips 3d35acaa90 De-nests the KV output structure (removes DirEnt member). 2016-05-11 13:48:03 -07:00
James Phillips 04a13ec3d7 Switches to "KV" instead of "KV" for the KV operations. 2016-05-11 10:58:27 -07:00
James Phillips dc662f7e35 Refactors TxnRequest/TxnResponse into a form that will allow non-KV ops.
This isn't needed/used yet, but it's a good hook to get in there so we
can add more atomic operations in the future. The Go API hides this detail
so that feels like a KV-specific API. The implications on the REST API are
pretty minimal.
2016-05-11 01:39:10 -07:00
James Phillips 907d8bab34 Fixes some go vet findings in a unit test. 2016-05-10 20:01:52 -07:00
James Phillips 6a96e052c4 Adds an empty get test case. 2016-05-09 22:18:26 -07:00
James Phillips 471160d8f0 Performs basic plumbing of KVS transactions through all the layers. 2016-05-09 22:15:49 -07:00
James Phillips dca00c96f7 Adds state store support for atomic KVS ops. 2016-05-05 15:46:59 -07:00
James Phillips a1a59bee73 Splits existing KVS operations into *Txn helpers for later reuse. 2016-05-04 14:20:11 -07:00
James Phillips 9185450fd5 Moves KVS-related state store code out into its own set of files. 2016-05-02 16:21:04 -07:00
James Phillips 63c826c2c0 Adds a comment about the embedded struct. 2016-03-07 10:45:39 -08:00
James Phillips 3c512fc089 Adds a test for the custom prepared query template indexer. 2016-03-07 10:45:39 -08:00
James Phillips 39d3094d50 Adds core query template tests to the state store. 2016-03-07 10:45:39 -08:00
James Phillips 06087633f0 Adds in basic query template lookups and vendors newly-updated memdb as well as improved iradix tree. 2016-03-07 10:45:39 -08:00
James Phillips 2a9a5f823e Factors rendering down into the resolve function. 2016-03-07 10:45:39 -08:00
James Phillips fa60d575bf Integrates templates into state store and endpoint (sans tests). 2016-03-07 10:45:39 -08:00
James Phillips 62405110dc Wraps the prepared query to also store the compiled template. 2016-03-07 10:45:39 -08:00
Mike Cowgill 25613895e3 one line schema change to not allow missing for sessions Table node index, Fixes #1774 2016-03-02 21:19:53 -08:00
James Phillips 633c231d67 Creates new "prepared-query" ACL type and new token capture behavior.
Prior to this change, prepared queries had the following behavior for
ACLs, which will need to change to support templates:

1. A management token, or a token with read access to the service being
   queried needed to be provided in order to create a prepared query.

2. The token used to create the prepared query was stored with the query
   in the state store and used to execute the query.

3. A management token, or the token used to create the query needed to be
   supplied to perform and CRUD operations on an existing prepared query.

This was pretty subtle and complicated behavior, and won't work for
templates since the service name is computed at execution time. To solve
this, we introduce a new "prepared-query" ACL type, where the prefix
applies to the query name for static prepared query types and to the
prefix for template prepared query types.

With this change, the new behavior is:

1. A management token, or a token with "prepared-query" write access to
   the query name or (soon) the given template prefix is required to do
   any CRUD operations on a prepared query, or to list prepared queries
   (the list is filtered by this ACL).

2. You will no longer need a management token to list prepared queries,
   but you will only be able to see prepared queries that you have access
   to (you get an empty list instead of permission denied).

3. When listing or getting a query, because it was easy to capture
   management tokens given the past behavior, this will always blank out
   the "Token" field (replacing the contents as <hidden>) for all tokens
   unless a management token is supplied. Going forward, we should
   discourage people from binding tokens for execution unless strictly
   necessary.

4. No token will be captured by default when a prepared query is created.
   If the user wishes to supply an execution token then can pass it in via
   the "Token" field in the prepared query definition. Otherwise, this
   field will default to empty.

5. At execution time, we will use the captured token if it exists with the
   prepared query definition, otherwise we will use the token that's passed
   in with the request, just like we do for other RPCs (or you can use the
   agent's configured token for DNS).

6. Prepared queries with no name (accessible only by ID) will not require
   ACLs to create or modify (execution time will depend on the service ACL
   configuration). Our argument here is that these are designed to be
   ephemeral and the IDs are as good as an ACL. Management tokens will be
   able to list all of these.

These changes enable templates, but also enable delegation of authority to
manage the prepared query namespace.
2016-02-23 17:12:43 -08:00
James Phillips f398e1880e Adds a test for node registration and tagged addresses. 2016-02-07 13:15:22 -08:00
James Phillips 79bd1fd4bb Sets up config for more address tags down the road, renames struct members. 2016-02-07 10:37:34 -08:00
Evan Gilman 71cf39b5f8 Use a map for additional node addresses 2016-02-06 23:01:45 -08:00
Evan Gilman 369e501dd5 Store WanAddress on Node 2016-02-06 23:01:45 -08:00
Sean Chittenden c470553b6b Factor out duplicate functions into a lib package
Consolidate code duplication and tests into a single lib package.  Most of these functions were from various **/util.go functions that couldn't be imported due to cyclic imports.  The consul/lib package is intended to be a terminal node in an import DAG and a place to stash various consul-only helper functions.  Pulled in hashicorp/go-uuid instead of consolidating UUID access.
2016-01-29 16:57:45 -08:00
James Phillips 0010b788ed Prevents watches from being orphaned when KVS blocking queries loop. 2016-01-20 07:18:47 -08:00
James Phillips 38bdcc9907 Adds a check to make sure query names can't be registered twice. 2015-12-02 09:04:51 -08:00
James Phillips 86bc3db7b3 Returns a zero index for a lookup error case. 2015-11-17 09:25:20 -08:00