consul/agent/watch_handler.go

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: BUSL-1.1

package agent

import (
	"bytes"
	"crypto/tls"
	"encoding/json"
	"fmt"
	"io"
	"net/http"
	"os"
	osexec "os/exec"
	"strconv"

	"github.com/armon/circbuf"
	"github.com/hashicorp/consul/agent/exec"
	"github.com/hashicorp/consul/api/watch"
	"github.com/hashicorp/go-cleanhttp"
	"github.com/hashicorp/go-hclog"
	"golang.org/x/net/context"
)

const (
	// Limit the size of a watch handlers's output to the
	// last WatchBufSize. Prevents an enormous buffer
	// from being captured
	WatchBufSize = 4 * 1024 // 4KB
)

// makeWatchHandler returns a handler for the given watch
func makeWatchHandler(logger hclog.Logger, handler interface{}) watch.HandlerFunc {
	var args []string
	var script string

	// Figure out whether to run in shell or raw subprocess mode
	switch h := handler.(type) {
	case string:
		script = h
	case []string:
		args = h
	default:
		panic(fmt.Errorf("unknown handler type %T", handler))
	}

	fn := func(idx uint64, data interface{}) {
		// Create the command
		var cmd *osexec.Cmd
		var err error

		if len(args) > 0 {
			cmd, err = exec.Subprocess(args)
		} else {
			cmd, err = exec.Script(script)
		}
		if err != nil {
			logger.Error("Failed to setup watch", "error", err)
			return
		}

		cmd.Env = append(os.Environ(),
			"CONSUL_INDEX="+strconv.FormatUint(idx, 10),
		)

		// Collect the output
		output, _ := circbuf.NewBuffer(WatchBufSize)
		cmd.Stdout = output
		cmd.Stderr = output

		// Setup the input
		var inp bytes.Buffer
		enc := json.NewEncoder(&inp)
		if err := enc.Encode(data); err != nil {
			logger.Error("Failed to encode data for watch",
				"watch", handler,
				"error", err,
			)
			return
		}
		cmd.Stdin = &inp

		// Run the handler
		if err := cmd.Run(); err != nil {
			logger.Error("Failed to run watch handler",
				"watch_handler", handler,
				"error", err,
			)
		}

		// Get the output, add a message about truncation
		outputStr := string(output.Bytes())
		if output.TotalWritten() > output.Size() {
			outputStr = fmt.Sprintf("Captured %d of %d bytes\n...\n%s",
				output.Size(), output.TotalWritten(), outputStr)
		}

		// Log the output
		logger.Debug("watch handler output",
			"watch_handler", handler,
			"output", outputStr,
		)
	}
	return fn
}

func makeHTTPWatchHandler(logger hclog.Logger, config *watch.HttpHandlerConfig) watch.HandlerFunc {
	fn := func(idx uint64, data interface{}) {
		trans := cleanhttp.DefaultTransport()

		// Skip SSL certificate verification if TLSSkipVerify is true
		if trans.TLSClientConfig == nil {
			trans.TLSClientConfig = &tls.Config{
				InsecureSkipVerify: config.TLSSkipVerify,
			}
		} else {
			trans.TLSClientConfig.InsecureSkipVerify = config.TLSSkipVerify
		}

		ctx := context.Background()
		ctx, cancel := context.WithTimeout(ctx, config.Timeout)
		defer cancel()

		// Create the HTTP client.
		httpClient := &http.Client{
			Transport: trans,
		}

		// Setup the input
		var inp bytes.Buffer
		enc := json.NewEncoder(&inp)
		if err := enc.Encode(data); err != nil {
			logger.Error("Failed to encode data for http watch",
				"watch", config.Path,
				"error", err,
			)
			return
		}

		req, err := http.NewRequest(config.Method, config.Path, &inp)
		if err != nil {
			logger.Error("Failed to setup http watch", "error", err)
			return
		}
		req = req.WithContext(ctx)
		req.Header.Add("Content-Type", "application/json")
		req.Header.Add("X-Consul-Index", strconv.FormatUint(idx, 10))
		for key, values := range config.Header {
			for _, val := range values {
				req.Header.Add(key, val)
			}
		}
		resp, err := httpClient.Do(req)
		if err != nil {
			logger.Error("Failed to invoke http watch handler",
				"watch", config.Path,
				"error", err,
			)
			return
		}
		defer resp.Body.Close()

		// Collect the output
		output, _ := circbuf.NewBuffer(WatchBufSize)
		io.Copy(output, resp.Body)

		// Get the output, add a message about truncation
		outputStr := string(output.Bytes())
		if output.TotalWritten() > output.Size() {
			outputStr = fmt.Sprintf("Captured %d of %d bytes\n...\n%s",
				output.Size(), output.TotalWritten(), outputStr)
		}

		if resp.StatusCode >= 200 && resp.StatusCode <= 299 {
			// Log the output
			logger.Trace("http watch handler output",
				"watch", config.Path,
				"output", outputStr,
			)
		} else {
			logger.Error("http watch handler failed with output",
				"watch", config.Path,
				"status", resp.Status,
				"output", outputStr,
			)
		}
	}
	return fn
}

// TODO: return a fully constructed watch.Plan with a Plan.Handler, so that Exempt
// can be ignored by the caller.
func makeWatchPlan(logger hclog.Logger, params map[string]interface{}) (*watch.Plan, error) {
	wp, err := watch.ParseExempt(params, []string{"handler", "args"})
	if err != nil {
		return nil, fmt.Errorf("Failed to parse watch (%#v): %v", params, err)
	}

	handler, hasHandler := wp.Exempt["handler"]
	if hasHandler {
		logger.Warn("The 'handler' field in watches has been deprecated " +
			"and replaced with the 'args' field. See https://www.consul.io/docs/agent/watches.html")
	}
	if _, ok := handler.(string); hasHandler && !ok {
		return nil, fmt.Errorf("Watch handler must be a string")
	}

	args, hasArgs := wp.Exempt["args"]
	if hasArgs {
		wp.Exempt["args"], err = parseWatchArgs(args)
		if err != nil {
			return nil, err
		}
	}

	if hasHandler && hasArgs || hasHandler && wp.HandlerType == "http" || hasArgs && wp.HandlerType == "http" {
		return nil, fmt.Errorf("Only one watch handler allowed")
	}
	if !hasHandler && !hasArgs && wp.HandlerType != "http" {
		return nil, fmt.Errorf("Must define a watch handler")
	}
	return wp, nil
}

func parseWatchArgs(args interface{}) ([]string, error) {
	switch args := args.(type) {
	case string:
		return []string{args}, nil
	case []string:
		return args, nil
	case []interface{}:
		result := make([]string, 0, len(args))
		for _, arg := range args {
			v, ok := arg.(string)
			if !ok {
				return nil, fmt.Errorf("Watch args must be a list of strings")
			}

			result = append(result, v)
		}
		return result, nil
	default:
		return nil, fmt.Errorf("Watch args must be a list of strings")
	}
}
copyright headers for agent folder (#16704) * copyright headers for agent folder * Ignore test data files * fix proto files and remove headers in agent/uiserver folder * ignore deep-copy files 2 years ago			`// Copyright (c) HashiCorp, Inc.`
[COMPLIANCE] License changes (#18443) * Adding explicit MPL license for sub-package This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Adding explicit MPL license for sub-package This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Updating the license from MPL to Business Source License Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at <Blog URL>, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl. * add missing license headers * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 * Update copyright file headers to BUSL-1.1 --------- Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com> 1 year ago			`// SPDX-License-Identifier: BUSL-1.1`
copyright headers for agent folder (#16704) * copyright headers for agent folder * Ignore test data files * fix proto files and remove headers in agent/uiserver folder * ignore deep-copy files 2 years ago
agent: First pass at agent-based watches 10 years ago			`package agent`

			`import (`
			`"bytes"`
Cleans up import sorting. 7 years ago			`"crypto/tls"`
agent: First pass at agent-based watches 10 years ago			`"encoding/json"`
			`"fmt"`
			`"io"`
Cleans up import sorting. 7 years ago			`"net/http"`
agent: First pass at agent-based watches 10 years ago			`"os"`
Decouple the code that executes checks from the agent 7 years ago			`osexec "os/exec"`
agent: First pass at agent-based watches 10 years ago			`"strconv"`

			`"github.com/armon/circbuf"`
Decouple the code that executes checks from the agent 7 years ago			`"github.com/hashicorp/consul/agent/exec"`
Move the watch package into the api module (#5664) * Move the watch package into the api module It was already just a thin wrapper around the API anyways. The biggest change was to the testing. Instead of using a test agent directly from the agent package it now uses the binary on the PATH just like the other API tests. The other big changes were to fix up the connect based watch tests so that we didn’t need to pull in the connect package (and therefore all of Consul) 6 years ago			`"github.com/hashicorp/consul/api/watch"`
Implement HTTP Watch handler (#3413) Implement HTTP Watch handler 7 years ago			`"github.com/hashicorp/go-cleanhttp"`
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`"github.com/hashicorp/go-hclog"`
Implement HTTP Watch handler (#3413) Implement HTTP Watch handler 7 years ago			`"golang.org/x/net/context"`
agent: First pass at agent-based watches 10 years ago			`)`

			`const (`
			`// Limit the size of a watch handlers's output to the`
			`// last WatchBufSize. Prevents an enormous buffer`
			`// from being captured`
			`WatchBufSize = 4 * 1024 // 4KB`
			`)`

			`// makeWatchHandler returns a handler for the given watch`
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`func makeWatchHandler(logger hclog.Logger, handler interface{}) watch.HandlerFunc {`
Clean up subprocess handling and make shell use optional (#3509) * Clean up handling of subprocesses and make using a shell optional * Update docs for subprocess changes * Fix tests for new subprocess behavior * More cleanup of subprocesses * Minor adjustments and cleanup for subprocess logic * Makes the watch handler reload test use the new path. * Adds check tests for new args path, and updates existing tests to use new path. * Adds support for script args in Docker checks. * Fixes the sanitize unit test. * Adds panic for unknown watch type, and reverts back to Run(). * Adds shell option back to consul lock command. * Adds shell option back to consul exec command. * Adds shell back into consul watch command. * Refactors signal forwarding and makes Windows-friendly. * Adds a clarifying comment. * Changes error wording to a warning. * Scopes signals to interrupt and kill. This avoids us trying to send SIGCHILD to the dead process. * Adds an error for shell=false for consul exec. * Adds notes about the deprecated script and handler fields. * De-nests an if statement. 7 years ago			`var args []string`
			`var script string`

			`// Figure out whether to run in shell or raw subprocess mode`
			`switch h := handler.(type) {`
			`case string:`
			`script = h`
			`case []string:`
			`args = h`
			`default:`
			`panic(fmt.Errorf("unknown handler type %T", handler))`
			`}`

agent: First pass at agent-based watches 10 years ago			`fn := func(idx uint64, data interface{}) {`
			`// Create the command`
Decouple the code that executes checks from the agent 7 years ago			`var cmd *osexec.Cmd`
Clean up subprocess handling and make shell use optional (#3509) * Clean up handling of subprocesses and make using a shell optional * Update docs for subprocess changes * Fix tests for new subprocess behavior * More cleanup of subprocesses * Minor adjustments and cleanup for subprocess logic * Makes the watch handler reload test use the new path. * Adds check tests for new args path, and updates existing tests to use new path. * Adds support for script args in Docker checks. * Fixes the sanitize unit test. * Adds panic for unknown watch type, and reverts back to Run(). * Adds shell option back to consul lock command. * Adds shell option back to consul exec command. * Adds shell back into consul watch command. * Refactors signal forwarding and makes Windows-friendly. * Adds a clarifying comment. * Changes error wording to a warning. * Scopes signals to interrupt and kill. This avoids us trying to send SIGCHILD to the dead process. * Adds an error for shell=false for consul exec. * Adds notes about the deprecated script and handler fields. * De-nests an if statement. 7 years ago			`var err error`

			`if len(args) > 0 {`
Decouple the code that executes checks from the agent 7 years ago			`cmd, err = exec.Subprocess(args)`
Clean up subprocess handling and make shell use optional (#3509) * Clean up handling of subprocesses and make using a shell optional * Update docs for subprocess changes * Fix tests for new subprocess behavior * More cleanup of subprocesses * Minor adjustments and cleanup for subprocess logic * Makes the watch handler reload test use the new path. * Adds check tests for new args path, and updates existing tests to use new path. * Adds support for script args in Docker checks. * Fixes the sanitize unit test. * Adds panic for unknown watch type, and reverts back to Run(). * Adds shell option back to consul lock command. * Adds shell option back to consul exec command. * Adds shell back into consul watch command. * Refactors signal forwarding and makes Windows-friendly. * Adds a clarifying comment. * Changes error wording to a warning. * Scopes signals to interrupt and kill. This avoids us trying to send SIGCHILD to the dead process. * Adds an error for shell=false for consul exec. * Adds notes about the deprecated script and handler fields. * De-nests an if statement. 7 years ago			`} else {`
Decouple the code that executes checks from the agent 7 years ago			`cmd, err = exec.Script(script)`
Clean up subprocess handling and make shell use optional (#3509) * Clean up handling of subprocesses and make using a shell optional * Update docs for subprocess changes * Fix tests for new subprocess behavior * More cleanup of subprocesses * Minor adjustments and cleanup for subprocess logic * Makes the watch handler reload test use the new path. * Adds check tests for new args path, and updates existing tests to use new path. * Adds support for script args in Docker checks. * Fixes the sanitize unit test. * Adds panic for unknown watch type, and reverts back to Run(). * Adds shell option back to consul lock command. * Adds shell option back to consul exec command. * Adds shell back into consul watch command. * Refactors signal forwarding and makes Windows-friendly. * Adds a clarifying comment. * Changes error wording to a warning. * Scopes signals to interrupt and kill. This avoids us trying to send SIGCHILD to the dead process. * Adds an error for shell=false for consul exec. * Adds notes about the deprecated script and handler fields. * De-nests an if statement. 7 years ago			`}`
agent: Refactor script invoke 10 years ago			`if err != nil {`
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`logger.Error("Failed to setup watch", "error", err)`
agent: Refactor script invoke 10 years ago			`return`
			`}`
Clean up subprocess handling and make shell use optional (#3509) * Clean up handling of subprocesses and make using a shell optional * Update docs for subprocess changes * Fix tests for new subprocess behavior * More cleanup of subprocesses * Minor adjustments and cleanup for subprocess logic * Makes the watch handler reload test use the new path. * Adds check tests for new args path, and updates existing tests to use new path. * Adds support for script args in Docker checks. * Fixes the sanitize unit test. * Adds panic for unknown watch type, and reverts back to Run(). * Adds shell option back to consul lock command. * Adds shell option back to consul exec command. * Adds shell back into consul watch command. * Refactors signal forwarding and makes Windows-friendly. * Adds a clarifying comment. * Changes error wording to a warning. * Scopes signals to interrupt and kill. This avoids us trying to send SIGCHILD to the dead process. * Adds an error for shell=false for consul exec. * Adds notes about the deprecated script and handler fields. * De-nests an if statement. 7 years ago
agent: First pass at agent-based watches 10 years ago			`cmd.Env = append(os.Environ(),`
			`"CONSUL_INDEX="+strconv.FormatUint(idx, 10),`
			`)`

			`// Collect the output`
			`output, _ := circbuf.NewBuffer(WatchBufSize)`
			`cmd.Stdout = output`
			`cmd.Stderr = output`

			`// Setup the input`
			`var inp bytes.Buffer`
			`enc := json.NewEncoder(&inp)`
			`if err := enc.Encode(data); err != nil {`
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`logger.Error("Failed to encode data for watch",`
			`"watch", handler,`
			`"error", err,`
			`)`
agent: First pass at agent-based watches 10 years ago			`return`
			`}`
			`cmd.Stdin = &inp`

			`// Run the handler`
			`if err := cmd.Run(); err != nil {`
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`logger.Error("Failed to run watch handler",`
			`"watch_handler", handler,`
			`"error", err,`
			`)`
agent: First pass at agent-based watches 10 years ago			`}`

			`// Get the output, add a message about truncation`
			`outputStr := string(output.Bytes())`
			`if output.TotalWritten() > output.Size() {`
			`outputStr = fmt.Sprintf("Captured %d of %d bytes\n...\n%s",`
			`output.Size(), output.TotalWritten(), outputStr)`
			`}`

			`// Log the output`
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`logger.Debug("watch handler output",`
			`"watch_handler", handler,`
			`"output", outputStr,`
			`)`
agent: First pass at agent-based watches 10 years ago			`}`
			`return fn`
			`}`
Implement HTTP Watch handler (#3413) Implement HTTP Watch handler 7 years ago
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`func makeHTTPWatchHandler(logger hclog.Logger, config *watch.HttpHandlerConfig) watch.HandlerFunc {`
Implement HTTP Watch handler (#3413) Implement HTTP Watch handler 7 years ago			`fn := func(idx uint64, data interface{}) {`
			`trans := cleanhttp.DefaultTransport()`

			`// Skip SSL certificate verification if TLSSkipVerify is true`
			`if trans.TLSClientConfig == nil {`
			`trans.TLSClientConfig = &tls.Config{`
			`InsecureSkipVerify: config.TLSSkipVerify,`
			`}`
			`} else {`
			`trans.TLSClientConfig.InsecureSkipVerify = config.TLSSkipVerify`
			`}`

			`ctx := context.Background()`
			`ctx, cancel := context.WithTimeout(ctx, config.Timeout)`
			`defer cancel()`

			`// Create the HTTP client.`
			`httpClient := &http.Client{`
			`Transport: trans,`
			`}`

			`// Setup the input`
			`var inp bytes.Buffer`
			`enc := json.NewEncoder(&inp)`
			`if err := enc.Encode(data); err != nil {`
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`logger.Error("Failed to encode data for http watch",`
			`"watch", config.Path,`
			`"error", err,`
			`)`
Implement HTTP Watch handler (#3413) Implement HTTP Watch handler 7 years ago			`return`
			`}`

			`req, err := http.NewRequest(config.Method, config.Path, &inp)`
			`if err != nil {`
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`logger.Error("Failed to setup http watch", "error", err)`
Implement HTTP Watch handler (#3413) Implement HTTP Watch handler 7 years ago			`return`
			`}`
			`req = req.WithContext(ctx)`
			`req.Header.Add("Content-Type", "application/json")`
			`req.Header.Add("X-Consul-Index", strconv.FormatUint(idx, 10))`
			`for key, values := range config.Header {`
			`for _, val := range values {`
			`req.Header.Add(key, val)`
			`}`
			`}`
			`resp, err := httpClient.Do(req)`
			`if err != nil {`
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`logger.Error("Failed to invoke http watch handler",`
			`"watch", config.Path,`
			`"error", err,`
			`)`
Implement HTTP Watch handler (#3413) Implement HTTP Watch handler 7 years ago			`return`
			`}`
			`defer resp.Body.Close()`

			`// Collect the output`
			`output, _ := circbuf.NewBuffer(WatchBufSize)`
			`io.Copy(output, resp.Body)`

			`// Get the output, add a message about truncation`
			`outputStr := string(output.Bytes())`
			`if output.TotalWritten() > output.Size() {`
			`outputStr = fmt.Sprintf("Captured %d of %d bytes\n...\n%s",`
			`output.Size(), output.TotalWritten(), outputStr)`
			`}`

			`if resp.StatusCode >= 200 && resp.StatusCode <= 299 {`
			`// Log the output`
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`logger.Trace("http watch handler output",`
			`"watch", config.Path,`
			`"output", outputStr,`
			`)`
Implement HTTP Watch handler (#3413) Implement HTTP Watch handler 7 years ago			`} else {`
Allow users to configure either unstructured or JSON logging (#7130) * hclog Allow users to choose between unstructured and JSON logging 5 years ago			`logger.Error("http watch handler failed with output",`
			`"watch", config.Path,`
			`"status", resp.Status,`
			`"output", outputStr,`
			`)`
Implement HTTP Watch handler (#3413) Implement HTTP Watch handler 7 years ago			`}`
			`}`
			`return fn`
			`}`
watch: extract makeWatchPlan to facilitate testing There is a bug in here now that slices in opaque config are unsliced. But to test that bug fix we need a function that can be easily tested. 4 years ago
watch: Allow args from different types Fixes a bug where specifying a slice of args with a single item was being converted to a string when config was loaded, causing an error. 4 years ago			`// TODO: return a fully constructed watch.Plan with a Plan.Handler, so that Exempt`
watch: extract makeWatchPlan to facilitate testing There is a bug in here now that slices in opaque config are unsliced. But to test that bug fix we need a function that can be easily tested. 4 years ago			`// can be ignored by the caller.`
			`func makeWatchPlan(logger hclog.Logger, params map[string]interface{}) (*watch.Plan, error) {`
			`wp, err := watch.ParseExempt(params, []string{"handler", "args"})`
			`if err != nil {`
			`return nil, fmt.Errorf("Failed to parse watch (%#v): %v", params, err)`
			`}`

			`handler, hasHandler := wp.Exempt["handler"]`
			`if hasHandler {`
			`logger.Warn("The 'handler' field in watches has been deprecated " +`
			`"and replaced with the 'args' field. See https://www.consul.io/docs/agent/watches.html")`
			`}`
			`if _, ok := handler.(string); hasHandler && !ok {`
			`return nil, fmt.Errorf("Watch handler must be a string")`
			`}`

watch: Allow args from different types Fixes a bug where specifying a slice of args with a single item was being converted to a string when config was loaded, causing an error. 4 years ago			`args, hasArgs := wp.Exempt["args"]`
			`if hasArgs {`
			`wp.Exempt["args"], err = parseWatchArgs(args)`
			`if err != nil {`
			`return nil, err`
watch: extract makeWatchPlan to facilitate testing There is a bug in here now that slices in opaque config are unsliced. But to test that bug fix we need a function that can be easily tested. 4 years ago			`}`
			`}`
watch: Allow args from different types Fixes a bug where specifying a slice of args with a single item was being converted to a string when config was loaded, causing an error. 4 years ago
watch: extract makeWatchPlan to facilitate testing There is a bug in here now that slices in opaque config are unsliced. But to test that bug fix we need a function that can be easily tested. 4 years ago			`if hasHandler && hasArgs \|\| hasHandler && wp.HandlerType == "http" \|\| hasArgs && wp.HandlerType == "http" {`
			`return nil, fmt.Errorf("Only one watch handler allowed")`
			`}`
			`if !hasHandler && !hasArgs && wp.HandlerType != "http" {`
			`return nil, fmt.Errorf("Must define a watch handler")`
			`}`
			`return wp, nil`
			`}`
watch: Allow args from different types Fixes a bug where specifying a slice of args with a single item was being converted to a string when config was loaded, causing an error. 4 years ago
			`func parseWatchArgs(args interface{}) ([]string, error) {`
			`switch args := args.(type) {`
			`case string:`
			`return []string{args}, nil`
			`case []string:`
			`return args, nil`
			`case []interface{}:`
			`result := make([]string, 0, len(args))`
			`for _, arg := range args {`
			`v, ok := arg.(string)`
			`if !ok {`
			`return nil, fmt.Errorf("Watch args must be a list of strings")`
			`}`

			`result = append(result, v)`
			`}`
			`return result, nil`
			`default:`
			`return nil, fmt.Errorf("Watch args must be a list of strings")`
			`}`
			`}`