You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
consul/proto/private/pbconfigentry/config_entry.proto

1153 lines
30 KiB

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
syntax = "proto3";
package hashicorp.consul.internal.configentry;
import "google/protobuf/duration.proto";
import "google/protobuf/timestamp.proto";
Protobuf Refactoring for Multi-Module Cleanliness (#16302) Protobuf Refactoring for Multi-Module Cleanliness This commit includes the following: Moves all packages that were within proto/ to proto/private Rewrites imports to account for the packages being moved Adds in buf.work.yaml to enable buf workspaces Names the proto-public buf module so that we can override the Go package imports within proto/buf.yaml Bumps the buf version dependency to 1.14.0 (I was trying out the version to see if it would get around an issue - it didn't but it also doesn't break things and it seemed best to keep up with the toolchain changes) Why: In the future we will need to consume other protobuf dependencies such as the Google HTTP annotations for openapi generation or grpc-gateway usage. There were some recent changes to have our own ratelimiting annotations. The two combined were not working when I was trying to use them together (attempting to rebase another branch) Buf workspaces should be the solution to the problem Buf workspaces means that each module will have generated Go code that embeds proto file names relative to the proto dir and not the top level repo root. This resulted in proto file name conflicts in the Go global protobuf type registry. The solution to that was to add in a private/ directory into the path within the proto/ directory. That then required rewriting all the imports. Is this safe? AFAICT yes The gRPC wire protocol doesn't seem to care about the proto file names (although the Go grpc code does tack on the proto file name as Metadata in the ServiceDesc) Other than imports, there were no changes to any generated code as a result of this.
2 years ago
import "private/pbcommon/common.proto";
enum Kind {
KindUnknown = 0;
KindMeshConfig = 1;
KindServiceResolver = 2;
KindIngressGateway = 3;
KindServiceIntentions = 4;
KindServiceDefaults = 5;
Native API Gateway Config Entries (#15897) * Stub Config Entries for Consul Native API Gateway (#15644) * Add empty InlineCertificate struct and protobuf * apigateway stubs * Stub HTTPRoute in api pkg * Stub HTTPRoute in structs pkg * Simplify api.APIGatewayConfigEntry to be consistent w/ other entries * Update makeConfigEntry switch, add docstring for HTTPRouteConfigEntry * Add TCPRoute to MakeConfigEntry, return unique Kind * Stub BoundAPIGatewayConfigEntry in agent * Add RaftIndex to APIGatewayConfigEntry stub * Add new config entry kinds to validation allow-list * Add RaftIndex to other added config entry stubs * Update usage metrics assertions to include new cfg entries * Add Meta and acl.EnterpriseMeta to all new ConfigEntry types * Remove unnecessary Services field from added config entry types * Implement GetMeta(), GetEnterpriseMeta() for added config entry types * Add meta field to proto, name consistently w/ existing config entries * Format config_entry.proto * Add initial implementation of CanRead + CanWrite for new config entry types * Add unit tests for decoding of new config entry types * Add unit tests for parsing of new config entry types * Add unit tests for API Gateway config entry ACLs * Return typed PermissionDeniedError on BoundAPIGateway CanWrite * Add unit tests for added config entry ACLs * Add BoundAPIGateway type to AllConfigEntryKinds * Return proper kind from BoundAPIGateway * Add docstrings for new config entry types * Add missing config entry kinds to proto def * Update usagemetrics_oss_test.go * Use utility func for returning PermissionDeniedError * EventPublisher subscriptions for Consul Native API Gateway (#15757) * Create new event topics in subscribe proto * Add tests for PBSubscribe func * Make configs singular, add all configs to PBToStreamSubscribeRequest * Add snapshot methods * Add config_entry_events tests * Add config entry kind to topic for new configs * Add unit tests for snapshot methods * Start adding integration test * Test using the new controller code * Update agent/consul/state/config_entry_events.go * Check value of error * Add controller stubs for API Gateway (#15837) * update initial stub implementation * move files, clean up mutex references * Remove embed, use idiomatic names for constructors * Remove stray file introduced in merge * Add APIGateway validation (#15847) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * APIGateway InlineCertificate validation (#15856) * Add APIGateway validation * Add additional validations * Add protobuf definitions * Tabs to spaces * Add API structs * Move struct fields around a bit * Add validation for InlineCertificate * Fix ACL test * APIGateway BoundAPIGateway validation (#15858) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * Add validation for BoundAPIGateway * APIGateway TCPRoute validation (#15855) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Add TCPRoute normalization and validation * Add forgotten Status * Add some more field docs in api package * Fix test * Format imports * Rename snapshot test variable names * Add plumbing for Native API GW Subscriptions (#16003) Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com> Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
2 years ago
KindInlineCertificate = 6;
KindAPIGateway = 7;
KindBoundAPIGateway = 8;
KindHTTPRoute = 9;
KindTCPRoute = 10;
KindSamenessGroup = 11;
KindJWTProvider = 12;
}
message ConfigEntry {
Kind Kind = 1;
string Name = 2;
common.EnterpriseMeta EnterpriseMeta = 3;
common.RaftIndex RaftIndex = 4;
oneof Entry {
MeshConfig MeshConfig = 5;
ServiceResolver ServiceResolver = 6;
IngressGateway IngressGateway = 7;
ServiceIntentions ServiceIntentions = 8;
ServiceDefaults ServiceDefaults = 9;
APIGateway APIGateway = 10;
BoundAPIGateway BoundAPIGateway = 11;
TCPRoute TCPRoute = 12;
HTTPRoute HTTPRoute = 13;
InlineCertificate InlineCertificate = 14;
SamenessGroup SamenessGroup = 15;
JWTProvider JWTProvider = 16;
}
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.MeshConfigEntry
// output=config_entry.gen.go
// name=Structs
// ignore-fields=RaftIndex,EnterpriseMeta
message MeshConfig {
TransparentProxyMeshConfig TransparentProxy = 1;
MeshTLSConfig TLS = 2;
MeshHTTPConfig HTTP = 3;
map<string, string> Meta = 4;
PeeringMeshConfig Peering = 5;
bool AllowEnablingPermissiveMutualTLS = 6;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.TransparentProxyMeshConfig
// output=config_entry.gen.go
// name=Structs
message TransparentProxyMeshConfig {
bool MeshDestinationsOnly = 1;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.MeshTLSConfig
// output=config_entry.gen.go
// name=Structs
message MeshTLSConfig {
MeshDirectionalTLSConfig Incoming = 1;
MeshDirectionalTLSConfig Outgoing = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.MeshDirectionalTLSConfig
// output=config_entry.gen.go
// name=Structs
message MeshDirectionalTLSConfig {
// mog: func-from=tlsVersionFromStructs func-to=tlsVersionToStructs
string TLSMinVersion = 1;
// mog: func-from=tlsVersionFromStructs func-to=tlsVersionToStructs
string TLSMaxVersion = 2;
// mog: func-from=cipherSuitesFromStructs func-to=cipherSuitesToStructs
repeated string CipherSuites = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.MeshHTTPConfig
// output=config_entry.gen.go
// name=Structs
message MeshHTTPConfig {
bool SanitizeXForwardedClientCert = 1;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.PeeringMeshConfig
// output=config_entry.gen.go
// name=Structs
message PeeringMeshConfig {
bool PeerThroughMeshGateways = 1;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.ServiceResolverConfigEntry
// output=config_entry.gen.go
// name=Structs
// ignore-fields=Kind,Name,RaftIndex,EnterpriseMeta
message ServiceResolver {
string DefaultSubset = 1;
map<string, ServiceResolverSubset> Subsets = 2;
ServiceResolverRedirect Redirect = 3;
map<string, ServiceResolverFailover> Failover = 4;
// mog: func-to=structs.DurationFromProto func-from=structs.DurationToProto
google.protobuf.Duration ConnectTimeout = 5;
LoadBalancer LoadBalancer = 6;
map<string, string> Meta = 7;
// mog: func-to=structs.DurationFromProto func-from=structs.DurationToProto
google.protobuf.Duration RequestTimeout = 8;
ServiceResolverPrioritizeByLocality PrioritizeByLocality = 9;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.ServiceResolverSubset
// output=config_entry.gen.go
// name=Structs
message ServiceResolverSubset {
string Filter = 1;
bool OnlyPassing = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.ServiceResolverRedirect
// output=config_entry.gen.go
// name=Structs
message ServiceResolverRedirect {
string Service = 1;
string ServiceSubset = 2;
string Namespace = 3;
string Partition = 4;
string Datacenter = 5;
string Peer = 6;
string SamenessGroup = 7;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.ServiceResolverFailover
// output=config_entry.gen.go
// name=Structs
message ServiceResolverFailover {
string Service = 1;
string ServiceSubset = 2;
string Namespace = 3;
repeated string Datacenters = 4;
repeated ServiceResolverFailoverTarget Targets = 5;
ServiceResolverFailoverPolicy Policy = 6;
string SamenessGroup = 7;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.ServiceResolverFailoverPolicy
// output=config_entry.gen.go
// name=Structs
message ServiceResolverFailoverPolicy {
string Mode = 1;
repeated string Regions = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.ServiceResolverPrioritizeByLocality
// output=config_entry.gen.go
// name=Structs
message ServiceResolverPrioritizeByLocality {
string Mode = 1;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.ServiceResolverFailoverTarget
// output=config_entry.gen.go
// name=Structs
message ServiceResolverFailoverTarget {
string Service = 1;
string ServiceSubset = 2;
string Partition = 3;
string Namespace = 4;
string Datacenter = 5;
string Peer = 6;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.LoadBalancer
// output=config_entry.gen.go
// name=Structs
message LoadBalancer {
string Policy = 1;
RingHashConfig RingHashConfig = 2;
LeastRequestConfig LeastRequestConfig = 3;
repeated HashPolicy HashPolicies = 4;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.RingHashConfig
// output=config_entry.gen.go
// name=Structs
message RingHashConfig {
uint64 MinimumRingSize = 1;
uint64 MaximumRingSize = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.LeastRequestConfig
// output=config_entry.gen.go
// name=Structs
message LeastRequestConfig {
uint32 ChoiceCount = 1;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.HashPolicy
// output=config_entry.gen.go
// name=Structs
message HashPolicy {
string Field = 1;
string FieldValue = 2;
CookieConfig CookieConfig = 3;
bool SourceIP = 4;
bool Terminal = 5;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.CookieConfig
// output=config_entry.gen.go
// name=Structs
message CookieConfig {
bool Session = 1;
// mog: func-to=structs.DurationFromProto func-from=structs.DurationToProto
google.protobuf.Duration TTL = 2;
string Path = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.IngressGatewayConfigEntry
// output=config_entry.gen.go
// name=Structs
// ignore-fields=Kind,Name,RaftIndex,EnterpriseMeta
message IngressGateway {
GatewayTLSConfig TLS = 1;
repeated IngressListener Listeners = 2;
map<string, string> Meta = 3;
IngressServiceConfig Defaults = 4;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.IngressServiceConfig
// output=config_entry.gen.go
// name=Structs
message IngressServiceConfig {
uint32 MaxConnections = 1;
uint32 MaxPendingRequests = 2;
uint32 MaxConcurrentRequests = 3;
PassiveHealthCheck PassiveHealthCheck = 4;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.GatewayTLSConfig
// output=config_entry.gen.go
// name=Structs
message GatewayTLSConfig {
bool Enabled = 1;
GatewayTLSSDSConfig SDS = 2;
// mog: func-from=tlsVersionFromStructs func-to=tlsVersionToStructs
string TLSMinVersion = 3;
// mog: func-from=tlsVersionFromStructs func-to=tlsVersionToStructs
string TLSMaxVersion = 4;
// mog: func-from=cipherSuitesFromStructs func-to=cipherSuitesToStructs
repeated string CipherSuites = 5;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.GatewayTLSSDSConfig
// output=config_entry.gen.go
// name=Structs
message GatewayTLSSDSConfig {
string ClusterName = 1;
string CertResource = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.IngressListener
// output=config_entry.gen.go
// name=Structs
message IngressListener {
// mog: func-to=int func-from=int32
int32 Port = 1;
string Protocol = 2;
repeated IngressService Services = 3;
GatewayTLSConfig TLS = 4;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.IngressService
// output=config_entry.gen.go
// name=Structs
message IngressService {
string Name = 1;
repeated string Hosts = 2;
GatewayServiceTLSConfig TLS = 3;
HTTPHeaderModifiers RequestHeaders = 4;
HTTPHeaderModifiers ResponseHeaders = 5;
map<string, string> Meta = 6;
// mog: func-to=enterpriseMetaToStructs func-from=enterpriseMetaFromStructs
common.EnterpriseMeta EnterpriseMeta = 7;
uint32 MaxConnections = 8;
uint32 MaxPendingRequests = 9;
uint32 MaxConcurrentRequests = 10;
PassiveHealthCheck PassiveHealthCheck = 11;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.GatewayServiceTLSConfig
// output=config_entry.gen.go
// name=Structs
message GatewayServiceTLSConfig {
GatewayTLSSDSConfig SDS = 1;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.HTTPHeaderModifiers
// output=config_entry.gen.go
// name=Structs
message HTTPHeaderModifiers {
map<string, string> Add = 1;
map<string, string> Set = 2;
repeated string Remove = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.ServiceIntentionsConfigEntry
// output=config_entry.gen.go
// name=Structs
// ignore-fields=Kind,Name,RaftIndex,EnterpriseMeta
message ServiceIntentions {
repeated SourceIntention Sources = 1;
map<string, string> Meta = 2;
IntentionJWTRequirement JWT = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.IntentionJWTRequirement
// output=config_entry.gen.go
// name=Structs
message IntentionJWTRequirement {
repeated IntentionJWTProvider Providers = 1;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.IntentionJWTProvider
// output=config_entry.gen.go
// name=Structs
message IntentionJWTProvider {
string Name = 1;
repeated IntentionJWTClaimVerification VerifyClaims = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.IntentionJWTClaimVerification
// output=config_entry.gen.go
// name=Structs
message IntentionJWTClaimVerification {
repeated string Path = 1;
string Value = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.SourceIntention
// output=config_entry.gen.go
// name=Structs
message SourceIntention {
string Name = 1;
// mog: func-to=intentionActionToStructs func-from=intentionActionFromStructs
IntentionAction Action = 2;
repeated IntentionPermission Permissions = 3;
// mog: func-to=int func-from=int32
int32 Precedence = 4;
string LegacyID = 5;
// mog: func-to=intentionSourceTypeToStructs func-from=intentionSourceTypeFromStructs
IntentionSourceType Type = 6;
string Description = 7;
map<string, string> LegacyMeta = 8;
// mog: func-to=timeToStructs func-from=timeFromStructs
google.protobuf.Timestamp LegacyCreateTime = 9;
// mog: func-to=timeToStructs func-from=timeFromStructs
google.protobuf.Timestamp LegacyUpdateTime = 10;
// mog: func-to=enterpriseMetaToStructs func-from=enterpriseMetaFromStructs
common.EnterpriseMeta EnterpriseMeta = 11;
string Peer = 12;
string SamenessGroup = 13;
}
enum IntentionAction {
Deny = 0;
Allow = 1;
}
enum IntentionSourceType {
Consul = 0;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.IntentionPermission
// output=config_entry.gen.go
// name=Structs
message IntentionPermission {
// mog: func-to=intentionActionToStructs func-from=intentionActionFromStructs
IntentionAction Action = 1;
IntentionHTTPPermission HTTP = 2;
IntentionJWTRequirement JWT = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.IntentionHTTPPermission
// output=config_entry.gen.go
// name=Structs
message IntentionHTTPPermission {
string PathExact = 1;
string PathPrefix = 2;
string PathRegex = 3;
repeated IntentionHTTPHeaderPermission Header = 4;
repeated string Methods = 5;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.IntentionHTTPHeaderPermission
// output=config_entry.gen.go
// name=Structs
message IntentionHTTPHeaderPermission {
string Name = 1;
bool Present = 2;
string Exact = 3;
string Prefix = 4;
string Suffix = 5;
string Regex = 6;
bool Invert = 7;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.ServiceConfigEntry
// output=config_entry.gen.go
// name=Structs
// ignore-fields=Kind,Name,RaftIndex,EnterpriseMeta
message ServiceDefaults {
string Protocol = 1;
// mog: func-to=proxyModeToStructs func-from=proxyModeFromStructs
ProxyMode Mode = 2;
TransparentProxyConfig TransparentProxy = 3;
MeshGatewayConfig MeshGateway = 4;
ExposeConfig Expose = 5;
string ExternalSNI = 6;
UpstreamConfiguration UpstreamConfig = 7;
DestinationConfig Destination = 8;
// mog: func-to=int func-from=int32
int32 MaxInboundConnections = 9;
// mog: func-to=int func-from=int32
int32 LocalConnectTimeoutMs = 10;
// mog: func-to=int func-from=int32
int32 LocalRequestTimeoutMs = 11;
string BalanceInboundConnections = 12;
map<string, string> Meta = 13;
// mog: func-to=EnvoyExtensionsToStructs func-from=EnvoyExtensionsFromStructs
repeated hashicorp.consul.internal.common.EnvoyExtension EnvoyExtensions = 14;
// mog: func-to=mutualTLSModeToStructs func-from=mutualTLSModeFromStructs
MutualTLSMode MutualTLSMode = 15;
}
enum ProxyMode {
ProxyModeDefault = 0;
ProxyModeTransparent = 1;
ProxyModeDirect = 2;
}
enum MutualTLSMode {
MutualTLSModeDefault = 0;
MutualTLSModeStrict = 1;
MutualTLSModePermissive = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.TransparentProxyConfig
// output=config_entry.gen.go
// name=Structs
message TransparentProxyConfig {
// mog: func-to=int func-from=int32
int32 OutboundListenerPort = 1;
bool DialedDirectly = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.MeshGatewayConfig
// output=config_entry.gen.go
// name=Structs
message MeshGatewayConfig {
// mog: func-to=meshGatewayModeToStructs func-from=meshGatewayModeFromStructs
MeshGatewayMode Mode = 1;
}
enum MeshGatewayMode {
MeshGatewayModeDefault = 0;
MeshGatewayModeNone = 1;
MeshGatewayModeLocal = 2;
MeshGatewayModeRemote = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.ExposeConfig
// output=config_entry.gen.go
// name=Structs
message ExposeConfig {
bool Checks = 1;
repeated ExposePath Paths = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.ExposePath
// output=config_entry.gen.go
// name=Structs
message ExposePath {
// mog: func-to=int func-from=int32
int32 ListenerPort = 1;
string Path = 2;
// mog: func-to=int func-from=int32
int32 LocalPathPort = 3;
string Protocol = 4;
bool ParsedFromCheck = 5;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.UpstreamConfiguration
// output=config_entry.gen.go
// name=Structs
message UpstreamConfiguration {
repeated UpstreamConfig Overrides = 1;
UpstreamConfig Defaults = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.UpstreamConfig
// output=config_entry.gen.go
// name=Structs
message UpstreamConfig {
string Name = 1;
// mog: func-to=enterpriseMetaToStructs func-from=enterpriseMetaFromStructs
common.EnterpriseMeta EnterpriseMeta = 2;
string EnvoyListenerJSON = 3;
string EnvoyClusterJSON = 4;
string Protocol = 5;
// mog: func-to=int func-from=int32
int32 ConnectTimeoutMs = 6;
UpstreamLimits Limits = 7;
PassiveHealthCheck PassiveHealthCheck = 8;
MeshGatewayConfig MeshGateway = 9;
string BalanceOutboundConnections = 10;
string Peer = 11;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.UpstreamLimits
// output=config_entry.gen.go
// name=Structs
message UpstreamLimits {
// mog: func-to=pointerToIntFromInt32 func-from=int32FromPointerToInt
int32 MaxConnections = 1;
// mog: func-to=pointerToIntFromInt32 func-from=int32FromPointerToInt
int32 MaxPendingRequests = 2;
// mog: func-to=pointerToIntFromInt32 func-from=int32FromPointerToInt
int32 MaxConcurrentRequests = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.PassiveHealthCheck
// output=config_entry.gen.go
// name=Structs
message PassiveHealthCheck {
// mog: func-to=structs.DurationFromProto func-from=structs.DurationToProto
google.protobuf.Duration Interval = 1;
uint32 MaxFailures = 2;
// mog: target=EnforcingConsecutive5xx func-to=pointerToUint32FromUint32 func-from=uint32FromPointerToUint32
uint32 EnforcingConsecutive5xx = 3;
// mog: func-to=pointerToUint32FromUint32 func-from=uint32FromPointerToUint32
uint32 MaxEjectionPercent = 4;
// mog: func-to=structs.DurationPointerFromProto func-from=structs.DurationPointerToProto
google.protobuf.Duration BaseEjectionTime = 5;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.DestinationConfig
// output=config_entry.gen.go
// name=Structs
message DestinationConfig {
repeated string Addresses = 1;
// mog: func-to=int func-from=int32
int32 Port = 2;
}
Native API Gateway Config Entries (#15897) * Stub Config Entries for Consul Native API Gateway (#15644) * Add empty InlineCertificate struct and protobuf * apigateway stubs * Stub HTTPRoute in api pkg * Stub HTTPRoute in structs pkg * Simplify api.APIGatewayConfigEntry to be consistent w/ other entries * Update makeConfigEntry switch, add docstring for HTTPRouteConfigEntry * Add TCPRoute to MakeConfigEntry, return unique Kind * Stub BoundAPIGatewayConfigEntry in agent * Add RaftIndex to APIGatewayConfigEntry stub * Add new config entry kinds to validation allow-list * Add RaftIndex to other added config entry stubs * Update usage metrics assertions to include new cfg entries * Add Meta and acl.EnterpriseMeta to all new ConfigEntry types * Remove unnecessary Services field from added config entry types * Implement GetMeta(), GetEnterpriseMeta() for added config entry types * Add meta field to proto, name consistently w/ existing config entries * Format config_entry.proto * Add initial implementation of CanRead + CanWrite for new config entry types * Add unit tests for decoding of new config entry types * Add unit tests for parsing of new config entry types * Add unit tests for API Gateway config entry ACLs * Return typed PermissionDeniedError on BoundAPIGateway CanWrite * Add unit tests for added config entry ACLs * Add BoundAPIGateway type to AllConfigEntryKinds * Return proper kind from BoundAPIGateway * Add docstrings for new config entry types * Add missing config entry kinds to proto def * Update usagemetrics_oss_test.go * Use utility func for returning PermissionDeniedError * EventPublisher subscriptions for Consul Native API Gateway (#15757) * Create new event topics in subscribe proto * Add tests for PBSubscribe func * Make configs singular, add all configs to PBToStreamSubscribeRequest * Add snapshot methods * Add config_entry_events tests * Add config entry kind to topic for new configs * Add unit tests for snapshot methods * Start adding integration test * Test using the new controller code * Update agent/consul/state/config_entry_events.go * Check value of error * Add controller stubs for API Gateway (#15837) * update initial stub implementation * move files, clean up mutex references * Remove embed, use idiomatic names for constructors * Remove stray file introduced in merge * Add APIGateway validation (#15847) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * APIGateway InlineCertificate validation (#15856) * Add APIGateway validation * Add additional validations * Add protobuf definitions * Tabs to spaces * Add API structs * Move struct fields around a bit * Add validation for InlineCertificate * Fix ACL test * APIGateway BoundAPIGateway validation (#15858) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * Add validation for BoundAPIGateway * APIGateway TCPRoute validation (#15855) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Add TCPRoute normalization and validation * Add forgotten Status * Add some more field docs in api package * Fix test * Format imports * Rename snapshot test variable names * Add plumbing for Native API GW Subscriptions (#16003) Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com> Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
2 years ago
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.APIGatewayConfigEntry
// output=config_entry.gen.go
// name=Structs
// ignore-fields=Kind,Name,RaftIndex,EnterpriseMeta
message APIGateway {
map<string, string> Meta = 1;
repeated APIGatewayListener Listeners = 2;
Status Status = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.Status
// output=config_entry.gen.go
// name=Structs
message Status {
repeated Condition Conditions = 1;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.Condition
// output=config_entry.gen.go
// name=Structs
message Condition {
string Type = 1;
string Status = 2;
string Reason = 3;
string Message = 4;
ResourceReference Resource = 5;
Native API Gateway Config Entries (#15897) * Stub Config Entries for Consul Native API Gateway (#15644) * Add empty InlineCertificate struct and protobuf * apigateway stubs * Stub HTTPRoute in api pkg * Stub HTTPRoute in structs pkg * Simplify api.APIGatewayConfigEntry to be consistent w/ other entries * Update makeConfigEntry switch, add docstring for HTTPRouteConfigEntry * Add TCPRoute to MakeConfigEntry, return unique Kind * Stub BoundAPIGatewayConfigEntry in agent * Add RaftIndex to APIGatewayConfigEntry stub * Add new config entry kinds to validation allow-list * Add RaftIndex to other added config entry stubs * Update usage metrics assertions to include new cfg entries * Add Meta and acl.EnterpriseMeta to all new ConfigEntry types * Remove unnecessary Services field from added config entry types * Implement GetMeta(), GetEnterpriseMeta() for added config entry types * Add meta field to proto, name consistently w/ existing config entries * Format config_entry.proto * Add initial implementation of CanRead + CanWrite for new config entry types * Add unit tests for decoding of new config entry types * Add unit tests for parsing of new config entry types * Add unit tests for API Gateway config entry ACLs * Return typed PermissionDeniedError on BoundAPIGateway CanWrite * Add unit tests for added config entry ACLs * Add BoundAPIGateway type to AllConfigEntryKinds * Return proper kind from BoundAPIGateway * Add docstrings for new config entry types * Add missing config entry kinds to proto def * Update usagemetrics_oss_test.go * Use utility func for returning PermissionDeniedError * EventPublisher subscriptions for Consul Native API Gateway (#15757) * Create new event topics in subscribe proto * Add tests for PBSubscribe func * Make configs singular, add all configs to PBToStreamSubscribeRequest * Add snapshot methods * Add config_entry_events tests * Add config entry kind to topic for new configs * Add unit tests for snapshot methods * Start adding integration test * Test using the new controller code * Update agent/consul/state/config_entry_events.go * Check value of error * Add controller stubs for API Gateway (#15837) * update initial stub implementation * move files, clean up mutex references * Remove embed, use idiomatic names for constructors * Remove stray file introduced in merge * Add APIGateway validation (#15847) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * APIGateway InlineCertificate validation (#15856) * Add APIGateway validation * Add additional validations * Add protobuf definitions * Tabs to spaces * Add API structs * Move struct fields around a bit * Add validation for InlineCertificate * Fix ACL test * APIGateway BoundAPIGateway validation (#15858) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * Add validation for BoundAPIGateway * APIGateway TCPRoute validation (#15855) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Add TCPRoute normalization and validation * Add forgotten Status * Add some more field docs in api package * Fix test * Format imports * Rename snapshot test variable names * Add plumbing for Native API GW Subscriptions (#16003) Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com> Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
2 years ago
// mog: func-to=timeToStructs func-from=timeFromStructs
google.protobuf.Timestamp LastTransitionTime = 6;
Native API Gateway Config Entries (#15897) * Stub Config Entries for Consul Native API Gateway (#15644) * Add empty InlineCertificate struct and protobuf * apigateway stubs * Stub HTTPRoute in api pkg * Stub HTTPRoute in structs pkg * Simplify api.APIGatewayConfigEntry to be consistent w/ other entries * Update makeConfigEntry switch, add docstring for HTTPRouteConfigEntry * Add TCPRoute to MakeConfigEntry, return unique Kind * Stub BoundAPIGatewayConfigEntry in agent * Add RaftIndex to APIGatewayConfigEntry stub * Add new config entry kinds to validation allow-list * Add RaftIndex to other added config entry stubs * Update usage metrics assertions to include new cfg entries * Add Meta and acl.EnterpriseMeta to all new ConfigEntry types * Remove unnecessary Services field from added config entry types * Implement GetMeta(), GetEnterpriseMeta() for added config entry types * Add meta field to proto, name consistently w/ existing config entries * Format config_entry.proto * Add initial implementation of CanRead + CanWrite for new config entry types * Add unit tests for decoding of new config entry types * Add unit tests for parsing of new config entry types * Add unit tests for API Gateway config entry ACLs * Return typed PermissionDeniedError on BoundAPIGateway CanWrite * Add unit tests for added config entry ACLs * Add BoundAPIGateway type to AllConfigEntryKinds * Return proper kind from BoundAPIGateway * Add docstrings for new config entry types * Add missing config entry kinds to proto def * Update usagemetrics_oss_test.go * Use utility func for returning PermissionDeniedError * EventPublisher subscriptions for Consul Native API Gateway (#15757) * Create new event topics in subscribe proto * Add tests for PBSubscribe func * Make configs singular, add all configs to PBToStreamSubscribeRequest * Add snapshot methods * Add config_entry_events tests * Add config entry kind to topic for new configs * Add unit tests for snapshot methods * Start adding integration test * Test using the new controller code * Update agent/consul/state/config_entry_events.go * Check value of error * Add controller stubs for API Gateway (#15837) * update initial stub implementation * move files, clean up mutex references * Remove embed, use idiomatic names for constructors * Remove stray file introduced in merge * Add APIGateway validation (#15847) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * APIGateway InlineCertificate validation (#15856) * Add APIGateway validation * Add additional validations * Add protobuf definitions * Tabs to spaces * Add API structs * Move struct fields around a bit * Add validation for InlineCertificate * Fix ACL test * APIGateway BoundAPIGateway validation (#15858) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * Add validation for BoundAPIGateway * APIGateway TCPRoute validation (#15855) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Add TCPRoute normalization and validation * Add forgotten Status * Add some more field docs in api package * Fix test * Format imports * Rename snapshot test variable names * Add plumbing for Native API GW Subscriptions (#16003) Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com> Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
2 years ago
}
enum APIGatewayListenerProtocol {
ListenerProtocolHTTP = 0;
ListenerProtocolTCP = 1;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.APIGatewayListener
// output=config_entry.gen.go
// name=Structs
message APIGatewayListener {
string Name = 1;
string Hostname = 2;
// mog: func-to=int func-from=int32
int32 Port = 3;
// mog: func-to=apiGatewayProtocolToStructs func-from=apiGatewayProtocolFromStructs
APIGatewayListenerProtocol Protocol = 4;
APIGatewayTLSConfiguration TLS = 5;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.APIGatewayTLSConfiguration
// output=config_entry.gen.go
// name=Structs
message APIGatewayTLSConfiguration {
repeated ResourceReference Certificates = 1;
// mog: func-from=tlsVersionFromStructs func-to=tlsVersionToStructs
string MinVersion = 2;
// mog: func-from=tlsVersionFromStructs func-to=tlsVersionToStructs
string MaxVersion = 3;
// mog: func-from=cipherSuitesFromStructs func-to=cipherSuitesToStructs
repeated string CipherSuites = 4;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.ResourceReference
// output=config_entry.gen.go
// name=Structs
message ResourceReference {
string Kind = 1;
string Name = 2;
string SectionName = 3;
// mog: func-to=enterpriseMetaToStructs func-from=enterpriseMetaFromStructs
common.EnterpriseMeta EnterpriseMeta = 4;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.BoundAPIGatewayConfigEntry
// output=config_entry.gen.go
// name=Structs
// ignore-fields=Kind,Name,RaftIndex,EnterpriseMeta
message BoundAPIGateway {
map<string, string> Meta = 1;
repeated BoundAPIGatewayListener Listeners = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.BoundAPIGatewayListener
// output=config_entry.gen.go
// name=Structs
message BoundAPIGatewayListener {
string Name = 1;
repeated ResourceReference Certificates = 2;
repeated ResourceReference Routes = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.InlineCertificateConfigEntry
// output=config_entry.gen.go
// name=Structs
// ignore-fields=Kind,Name,RaftIndex,EnterpriseMeta
message InlineCertificate {
map<string, string> Meta = 1;
string Certificate = 2;
string PrivateKey = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.HTTPRouteConfigEntry
// output=config_entry.gen.go
// name=Structs
// ignore-fields=Kind,Name,RaftIndex,EnterpriseMeta
message HTTPRoute {
map<string, string> Meta = 1;
APIGateway HTTPRoute scaffolding (#15859) * Stub Config Entries for Consul Native API Gateway (#15644) * Add empty InlineCertificate struct and protobuf * apigateway stubs * new files * Stub HTTPRoute in api pkg * checkpoint * Stub HTTPRoute in structs pkg * Simplify api.APIGatewayConfigEntry to be consistent w/ other entries * Update makeConfigEntry switch, add docstring for HTTPRouteConfigEntry * Add TCPRoute to MakeConfigEntry, return unique Kind * proto generated files * Stub BoundAPIGatewayConfigEntry in agent Since this type is only written by a controller and read by xDS, it doesn't need to be defined in the `api` pkg * Add RaftIndex to APIGatewayConfigEntry stub * Add new config entry kinds to validation allow-list * Add RaftIndex to other added config entry stubs * fix panic * Update usage metrics assertions to include new cfg entries * Regenerate proto w/ Go 1.19 * Run buf formatter on config_entry.proto * Add Meta and acl.EnterpriseMeta to all new ConfigEntry types * Remove optional interface method Warnings() for now Will restore later if we wind up needing it * Remove unnecessary Services field from added config entry types * Implement GetMeta(), GetEnterpriseMeta() for added config entry types * Add meta field to proto, name consistently w/ existing config entries * Format config_entry.proto * Add initial implementation of CanRead + CanWrite for new config entry types * Add unit tests for decoding of new config entry types * Add unit tests for parsing of new config entry types * Add unit tests for API Gateway config entry ACLs * Return typed PermissionDeniedError on BoundAPIGateway CanWrite * Add unit tests for added config entry ACLs * Add BoundAPIGateway type to AllConfigEntryKinds * Return proper kind from BoundAPIGateway * Add docstrings for new config entry types * Add missing config entry kinds to proto def * Update usagemetrics_oss_test.go * Use utility func for returning PermissionDeniedError * Add BoundAPIGateway to proto def Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Add APIGateway validation * Fix comment * Add additional validations * Add cert ref validation * Add protobuf definitions * Tabs to spaces * Fix up field types * Add API structs * Move struct fields around a bit * EventPublisher subscriptions for Consul Native API Gateway (#15757) * Create new event topics in subscribe proto * Add tests for PBSubscribe func * Make configs singular, add all configs to PBToStreamSubscribeRequest * Add snapshot methods * Add config_entry_events tests * Add config entry kind to topic for new configs * Add unit tests for snapshot methods * Start adding integration test * Test using the new controller code * Update agent/consul/state/config_entry_events.go Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Check value of error Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Add controller stubs for API Gateway (#15837) * update initial stub implementation * move files, clean up mutex references * Remove embed, use idiomatic names for constructors * Remove stray file introduced in merge Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Initial server-side and proto defs * drop trailing whitespace * Add APIGateway validation (#15847) * Add APIGateway validation * Fix comment * Add additional validations * Add cert ref validation * Add protobuf definitions * Tabs to spaces * Fix up field types * Add API structs * Move struct fields around a bit * APIGateway InlineCertificate validation (#15856) * Add APIGateway validation * Add additional validations * Add protobuf definitions * Tabs to spaces * Add API structs * Move struct fields around a bit * Add validation for InlineCertificate * Fix ACL test * APIGateway BoundAPIGateway validation (#15858) * Add APIGateway validation * Fix comment * Add additional validations * Add cert ref validation * Add protobuf definitions * Tabs to spaces * Fix up field types * Add API structs * Move struct fields around a bit * Add validation for BoundAPIGateway * drop trailing whitespace * APIGateway TCPRoute validation (#15855) * Add APIGateway validation * Fix comment * Add additional validations * Add cert ref validation * Add protobuf definitions * Tabs to spaces * Fix up field types * Add API structs * Move struct fields around a bit * Add TCPRoute normalization and validation * Address PR feedback * Add forgotten Status * Add some more field docs in api package * Fix test * Fix bad merge * Remove duplicate helpers * Fix up proto defs * Fix up stray changes * remove extra newline --------- Co-authored-by: Thomas Eckert <teckert@hashicorp.com> Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
2 years ago
repeated ResourceReference Parents = 2;
repeated HTTPRouteRule Rules = 3;
repeated string Hostnames = 4;
Status Status = 5;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.HTTPRouteRule
// output=config_entry.gen.go
// name=Structs
message HTTPRouteRule {
HTTPFilters Filters = 1;
repeated HTTPMatch Matches = 2;
repeated HTTPService Services = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.HTTPMatch
// output=config_entry.gen.go
// name=Structs
message HTTPMatch {
repeated HTTPHeaderMatch Headers = 1;
// mog: func-to=httpMatchMethodToStructs func-from=httpMatchMethodFromStructs
HTTPMatchMethod Method = 2;
HTTPPathMatch Path = 3;
repeated HTTPQueryMatch Query = 4;
}
enum HTTPMatchMethod {
HTTPMatchMethodAll = 0;
HTTPMatchMethodConnect = 1;
HTTPMatchMethodDelete = 2;
HTTPMatchMethodGet = 3;
HTTPMatchMethodHead = 4;
HTTPMatchMethodOptions = 5;
HTTPMatchMethodPatch = 6;
HTTPMatchMethodPost = 7;
HTTPMatchMethodPut = 8;
HTTPMatchMethodTrace = 9;
}
enum HTTPHeaderMatchType {
HTTPHeaderMatchExact = 0;
HTTPHeaderMatchPrefix = 1;
HTTPHeaderMatchPresent = 2;
HTTPHeaderMatchRegularExpression = 3;
HTTPHeaderMatchSuffix = 4;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.HTTPHeaderMatch
// output=config_entry.gen.go
// name=Structs
message HTTPHeaderMatch {
// mog: func-to=httpHeaderMatchToStructs func-from=httpHeaderMatchFromStructs
HTTPHeaderMatchType Match = 1;
string Name = 2;
string Value = 3;
}
enum HTTPPathMatchType {
HTTPPathMatchExact = 0;
HTTPPathMatchPrefix = 1;
HTTPPathMatchRegularExpression = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.HTTPPathMatch
// output=config_entry.gen.go
// name=Structs
message HTTPPathMatch {
// mog: func-to=httpPathMatchToStructs func-from=httpPathMatchFromStructs
HTTPPathMatchType Match = 1;
string Value = 2;
}
enum HTTPQueryMatchType {
HTTPQueryMatchExact = 0;
HTTPQueryMatchPresent = 1;
HTTPQueryMatchRegularExpression = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.HTTPQueryMatch
// output=config_entry.gen.go
// name=Structs
message HTTPQueryMatch {
// mog: func-to=httpQueryMatchToStructs func-from=httpQueryMatchFromStructs
HTTPQueryMatchType Match = 1;
string Name = 2;
string Value = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.HTTPFilters
// output=config_entry.gen.go
// name=Structs
message HTTPFilters {
repeated HTTPHeaderFilter Headers = 1;
URLRewrite URLRewrite = 2;
API Gateway to Ingress Gateway Snapshot Translation and Routes to Virtual Routers and Splitters (#16127) * Stub proxycfg handler for API gateway * Add Service Kind constants/handling for API Gateway * Begin stubbing for SDS * Add new Secret type to xDS order of operations * Continue stubbing of SDS * Iterate on proxycfg handler for API gateway * Handle BoundAPIGateway config entry subscription in proxycfg-glue * Add API gateway to config snapshot validation * Add API gateway to config snapshot clone, leaf, etc. * Subscribe to bound route + cert config entries on bound-api-gateway * Track routes + certs on API gateway config snapshot * Generate DeepCopy() for types used in watch.Map * Watch all active references on api-gateway, unwatch inactive * Track loading of initial bound-api-gateway config entry * Use proper proto package for SDS mapping * Use ResourceReference instead of ServiceName, collect resources * Fix typo, add + remove TODOs * Watch discovery chains for TCPRoute * Add TODO for updating gateway services for api-gateway * make proto * Regenerate deep-copy for proxycfg * Set datacenter on upstream ID from query source * Watch discovery chains for http-route service backends * Add ServiceName getter to HTTP+TCP Service structs * Clean up unwatched discovery chains on API Gateway * Implement watch for ingress leaf certificate * Collect upstreams on http-route + tcp-route updates * Remove unused GatewayServices update handler * Remove unnecessary gateway services logic for API Gateway * Remove outdate TODO * Use .ToIngress where appropriate, including TODO for cleaning up * Cancel before returning error * Remove GatewayServices subscription * Add godoc for handlerAPIGateway functions * Update terminology from Connect => Consul Service Mesh Consistent with terminology changes in https://github.com/hashicorp/consul/pull/12690 * Add missing TODO * Remove duplicate switch case * Rerun deep-copy generator * Use correct property on config snapshot * Remove unnecessary leaf cert watch * Clean up based on code review feedback * Note handler properties that are initialized but set elsewhere * Add TODO for moving helper func into structs pkg * Update generated DeepCopy code * gofmt * Begin stubbing for SDS * Start adding tests * Remove second BoundAPIGateway case in glue * TO BE PICKED: fix formatting of str * WIP * Fix merge conflict * Implement HTTP Route to Discovery Chain config entries * Stub out function to create discovery chain * Add discovery chain merging code (#16131) * Test adding TCP and HTTP routes * Add some tests for the synthesizer * Run go mod tidy * Pairing with N8 * Run deep copy * Clean up GatewayChainSynthesizer * Fix missing assignment of BoundAPIGateway topic * Separate out synthesizeChains and toIngressTLS * Fix build errors * Ensure synthesizer skips non-matching routes by protocol * Rebase on N8s work * Generate DeepCopy() for API gateway listener types * Improve variable name * Regenerate DeepCopy() code * Fix linting issue * fix protobuf import * Fix more merge conflict errors * Fix synthesize test * Run deep copy * Add URLRewrite to proto * Update agent/consul/discoverychain/gateway_tcproute.go Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Remove APIGatewayConfigEntry that was extra * Error out if route kind is unknown * Fix formatting errors in proto --------- Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
2 years ago
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.URLRewrite
// output=config_entry.gen.go
// name=Structs
message URLRewrite {
string Path = 1;
APIGateway HTTPRoute scaffolding (#15859) * Stub Config Entries for Consul Native API Gateway (#15644) * Add empty InlineCertificate struct and protobuf * apigateway stubs * new files * Stub HTTPRoute in api pkg * checkpoint * Stub HTTPRoute in structs pkg * Simplify api.APIGatewayConfigEntry to be consistent w/ other entries * Update makeConfigEntry switch, add docstring for HTTPRouteConfigEntry * Add TCPRoute to MakeConfigEntry, return unique Kind * proto generated files * Stub BoundAPIGatewayConfigEntry in agent Since this type is only written by a controller and read by xDS, it doesn't need to be defined in the `api` pkg * Add RaftIndex to APIGatewayConfigEntry stub * Add new config entry kinds to validation allow-list * Add RaftIndex to other added config entry stubs * fix panic * Update usage metrics assertions to include new cfg entries * Regenerate proto w/ Go 1.19 * Run buf formatter on config_entry.proto * Add Meta and acl.EnterpriseMeta to all new ConfigEntry types * Remove optional interface method Warnings() for now Will restore later if we wind up needing it * Remove unnecessary Services field from added config entry types * Implement GetMeta(), GetEnterpriseMeta() for added config entry types * Add meta field to proto, name consistently w/ existing config entries * Format config_entry.proto * Add initial implementation of CanRead + CanWrite for new config entry types * Add unit tests for decoding of new config entry types * Add unit tests for parsing of new config entry types * Add unit tests for API Gateway config entry ACLs * Return typed PermissionDeniedError on BoundAPIGateway CanWrite * Add unit tests for added config entry ACLs * Add BoundAPIGateway type to AllConfigEntryKinds * Return proper kind from BoundAPIGateway * Add docstrings for new config entry types * Add missing config entry kinds to proto def * Update usagemetrics_oss_test.go * Use utility func for returning PermissionDeniedError * Add BoundAPIGateway to proto def Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Add APIGateway validation * Fix comment * Add additional validations * Add cert ref validation * Add protobuf definitions * Tabs to spaces * Fix up field types * Add API structs * Move struct fields around a bit * EventPublisher subscriptions for Consul Native API Gateway (#15757) * Create new event topics in subscribe proto * Add tests for PBSubscribe func * Make configs singular, add all configs to PBToStreamSubscribeRequest * Add snapshot methods * Add config_entry_events tests * Add config entry kind to topic for new configs * Add unit tests for snapshot methods * Start adding integration test * Test using the new controller code * Update agent/consul/state/config_entry_events.go Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Check value of error Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Add controller stubs for API Gateway (#15837) * update initial stub implementation * move files, clean up mutex references * Remove embed, use idiomatic names for constructors * Remove stray file introduced in merge Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> * Initial server-side and proto defs * drop trailing whitespace * Add APIGateway validation (#15847) * Add APIGateway validation * Fix comment * Add additional validations * Add cert ref validation * Add protobuf definitions * Tabs to spaces * Fix up field types * Add API structs * Move struct fields around a bit * APIGateway InlineCertificate validation (#15856) * Add APIGateway validation * Add additional validations * Add protobuf definitions * Tabs to spaces * Add API structs * Move struct fields around a bit * Add validation for InlineCertificate * Fix ACL test * APIGateway BoundAPIGateway validation (#15858) * Add APIGateway validation * Fix comment * Add additional validations * Add cert ref validation * Add protobuf definitions * Tabs to spaces * Fix up field types * Add API structs * Move struct fields around a bit * Add validation for BoundAPIGateway * drop trailing whitespace * APIGateway TCPRoute validation (#15855) * Add APIGateway validation * Fix comment * Add additional validations * Add cert ref validation * Add protobuf definitions * Tabs to spaces * Fix up field types * Add API structs * Move struct fields around a bit * Add TCPRoute normalization and validation * Address PR feedback * Add forgotten Status * Add some more field docs in api package * Fix test * Fix bad merge * Remove duplicate helpers * Fix up proto defs * Fix up stray changes * remove extra newline --------- Co-authored-by: Thomas Eckert <teckert@hashicorp.com> Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com>
2 years ago
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.HTTPHeaderFilter
// output=config_entry.gen.go
// name=Structs
message HTTPHeaderFilter {
map<string, string> Add = 1;
repeated string Remove = 2;
map<string, string> Set = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.HTTPService
// output=config_entry.gen.go
// name=Structs
message HTTPService {
string Name = 1;
// mog: func-to=int func-from=int32
int32 Weight = 2;
HTTPFilters Filters = 3;
// mog: func-to=enterpriseMetaToStructs func-from=enterpriseMetaFromStructs
common.EnterpriseMeta EnterpriseMeta = 4;
Native API Gateway Config Entries (#15897) * Stub Config Entries for Consul Native API Gateway (#15644) * Add empty InlineCertificate struct and protobuf * apigateway stubs * Stub HTTPRoute in api pkg * Stub HTTPRoute in structs pkg * Simplify api.APIGatewayConfigEntry to be consistent w/ other entries * Update makeConfigEntry switch, add docstring for HTTPRouteConfigEntry * Add TCPRoute to MakeConfigEntry, return unique Kind * Stub BoundAPIGatewayConfigEntry in agent * Add RaftIndex to APIGatewayConfigEntry stub * Add new config entry kinds to validation allow-list * Add RaftIndex to other added config entry stubs * Update usage metrics assertions to include new cfg entries * Add Meta and acl.EnterpriseMeta to all new ConfigEntry types * Remove unnecessary Services field from added config entry types * Implement GetMeta(), GetEnterpriseMeta() for added config entry types * Add meta field to proto, name consistently w/ existing config entries * Format config_entry.proto * Add initial implementation of CanRead + CanWrite for new config entry types * Add unit tests for decoding of new config entry types * Add unit tests for parsing of new config entry types * Add unit tests for API Gateway config entry ACLs * Return typed PermissionDeniedError on BoundAPIGateway CanWrite * Add unit tests for added config entry ACLs * Add BoundAPIGateway type to AllConfigEntryKinds * Return proper kind from BoundAPIGateway * Add docstrings for new config entry types * Add missing config entry kinds to proto def * Update usagemetrics_oss_test.go * Use utility func for returning PermissionDeniedError * EventPublisher subscriptions for Consul Native API Gateway (#15757) * Create new event topics in subscribe proto * Add tests for PBSubscribe func * Make configs singular, add all configs to PBToStreamSubscribeRequest * Add snapshot methods * Add config_entry_events tests * Add config entry kind to topic for new configs * Add unit tests for snapshot methods * Start adding integration test * Test using the new controller code * Update agent/consul/state/config_entry_events.go * Check value of error * Add controller stubs for API Gateway (#15837) * update initial stub implementation * move files, clean up mutex references * Remove embed, use idiomatic names for constructors * Remove stray file introduced in merge * Add APIGateway validation (#15847) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * APIGateway InlineCertificate validation (#15856) * Add APIGateway validation * Add additional validations * Add protobuf definitions * Tabs to spaces * Add API structs * Move struct fields around a bit * Add validation for InlineCertificate * Fix ACL test * APIGateway BoundAPIGateway validation (#15858) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * Add validation for BoundAPIGateway * APIGateway TCPRoute validation (#15855) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Add TCPRoute normalization and validation * Add forgotten Status * Add some more field docs in api package * Fix test * Format imports * Rename snapshot test variable names * Add plumbing for Native API GW Subscriptions (#16003) Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com> Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
2 years ago
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.TCPRouteConfigEntry
// output=config_entry.gen.go
// name=Structs
// ignore-fields=Kind,Name,RaftIndex,EnterpriseMeta
message TCPRoute {
map<string, string> Meta = 1;
repeated ResourceReference Parents = 2;
repeated TCPService Services = 3;
Status Status = 4;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.TCPService
// output=config_entry.gen.go
// name=Structs
message TCPService {
string Name = 1;
// mog: func-to=enterpriseMetaToStructs func-from=enterpriseMetaFromStructs
common.EnterpriseMeta EnterpriseMeta = 2;
Native API Gateway Config Entries (#15897) * Stub Config Entries for Consul Native API Gateway (#15644) * Add empty InlineCertificate struct and protobuf * apigateway stubs * Stub HTTPRoute in api pkg * Stub HTTPRoute in structs pkg * Simplify api.APIGatewayConfigEntry to be consistent w/ other entries * Update makeConfigEntry switch, add docstring for HTTPRouteConfigEntry * Add TCPRoute to MakeConfigEntry, return unique Kind * Stub BoundAPIGatewayConfigEntry in agent * Add RaftIndex to APIGatewayConfigEntry stub * Add new config entry kinds to validation allow-list * Add RaftIndex to other added config entry stubs * Update usage metrics assertions to include new cfg entries * Add Meta and acl.EnterpriseMeta to all new ConfigEntry types * Remove unnecessary Services field from added config entry types * Implement GetMeta(), GetEnterpriseMeta() for added config entry types * Add meta field to proto, name consistently w/ existing config entries * Format config_entry.proto * Add initial implementation of CanRead + CanWrite for new config entry types * Add unit tests for decoding of new config entry types * Add unit tests for parsing of new config entry types * Add unit tests for API Gateway config entry ACLs * Return typed PermissionDeniedError on BoundAPIGateway CanWrite * Add unit tests for added config entry ACLs * Add BoundAPIGateway type to AllConfigEntryKinds * Return proper kind from BoundAPIGateway * Add docstrings for new config entry types * Add missing config entry kinds to proto def * Update usagemetrics_oss_test.go * Use utility func for returning PermissionDeniedError * EventPublisher subscriptions for Consul Native API Gateway (#15757) * Create new event topics in subscribe proto * Add tests for PBSubscribe func * Make configs singular, add all configs to PBToStreamSubscribeRequest * Add snapshot methods * Add config_entry_events tests * Add config entry kind to topic for new configs * Add unit tests for snapshot methods * Start adding integration test * Test using the new controller code * Update agent/consul/state/config_entry_events.go * Check value of error * Add controller stubs for API Gateway (#15837) * update initial stub implementation * move files, clean up mutex references * Remove embed, use idiomatic names for constructors * Remove stray file introduced in merge * Add APIGateway validation (#15847) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * APIGateway InlineCertificate validation (#15856) * Add APIGateway validation * Add additional validations * Add protobuf definitions * Tabs to spaces * Add API structs * Move struct fields around a bit * Add validation for InlineCertificate * Fix ACL test * APIGateway BoundAPIGateway validation (#15858) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Move struct fields around a bit * Add validation for BoundAPIGateway * APIGateway TCPRoute validation (#15855) * Add APIGateway validation * Add additional validations * Add cert ref validation * Add protobuf definitions * Fix up field types * Add API structs * Add TCPRoute normalization and validation * Add forgotten Status * Add some more field docs in api package * Fix test * Format imports * Rename snapshot test variable names * Add plumbing for Native API GW Subscriptions (#16003) Co-authored-by: Sarah Alsmiller <sarah.alsmiller@hashicorp.com> Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com> Co-authored-by: sarahalsmiller <100602640+sarahalsmiller@users.noreply.github.com> Co-authored-by: Andrew Stucki <andrew.stucki@hashicorp.com>
2 years ago
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.SamenessGroupConfigEntry
// output=config_entry.gen.go
// name=Structs
// ignore-fields=RaftIndex
message SamenessGroup {
string Name = 1;
bool DefaultForFailover = 2;
bool IncludeLocal = 3;
repeated SamenessGroupMember Members = 4;
map<string, string> Meta = 5;
// mog: func-to=enterpriseMetaToStructs func-from=enterpriseMetaFromStructs
common.EnterpriseMeta EnterpriseMeta = 6;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.SamenessGroupMember
// output=config_entry.gen.go
// name=Structs
message SamenessGroupMember {
string Partition = 1;
string Peer = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.JWTProviderConfigEntry
// output=config_entry.gen.go
// name=Structs
// ignore-fields=Name,Kind,RaftIndex,EnterpriseMeta
message JWTProvider {
JSONWebKeySet JSONWebKeySet = 1;
string Issuer = 2;
repeated string Audiences = 3;
repeated JWTLocation Locations = 4;
JWTForwardingConfig Forwarding = 5;
JWTCacheConfig CacheConfig = 6;
map<string, string> Meta = 7;
// mog: func-to=int func-from=int32
int32 ClockSkewSeconds = 8;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.JSONWebKeySet
// output=config_entry.gen.go
// name=Structs
message JSONWebKeySet {
LocalJWKS Local = 1;
RemoteJWKS Remote = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.LocalJWKS
// output=config_entry.gen.go
// name=Structs
message LocalJWKS {
string JWKS = 1;
string Filename = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.RemoteJWKS
// output=config_entry.gen.go
// name=Structs
message RemoteJWKS {
string URI = 1;
// mog: func-to=int func-from=int32
int32 RequestTimeoutMs = 2;
// mog: func-to=structs.DurationFromProto func-from=structs.DurationToProto
google.protobuf.Duration CacheDuration = 3;
bool FetchAsynchronously = 4;
JWKSRetryPolicy RetryPolicy = 5;
JWKSCluster JWKSCluster = 6;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.JWKSCluster
// output=config_entry.gen.go
// name=Structs
message JWKSCluster {
string DiscoveryType = 1;
JWKSTLSCertificate TLSCertificates = 2;
// mog: func-to=structs.DurationFromProto func-from=structs.DurationToProto
google.protobuf.Duration ConnectTimeout = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.JWKSTLSCertificate
// output=config_entry.gen.go
// name=Structs
message JWKSTLSCertificate {
JWKSTLSCertProviderInstance CaCertificateProviderInstance = 1;
JWKSTLSCertTrustedCA TrustedCA = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.JWKSTLSCertProviderInstance
// output=config_entry.gen.go
// name=Structs
message JWKSTLSCertProviderInstance {
string InstanceName = 1;
string CertificateName = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.JWKSTLSCertTrustedCA
// output=config_entry.gen.go
// name=Structs
message JWKSTLSCertTrustedCA {
string Filename = 1;
string EnvironmentVariable = 2;
string InlineString = 3;
bytes InlineBytes = 4;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.JWKSRetryPolicy
// output=config_entry.gen.go
// name=Structs
message JWKSRetryPolicy {
// mog: func-to=int func-from=int32
int32 NumRetries = 1;
RetryPolicyBackOff RetryPolicyBackOff = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.RetryPolicyBackOff
// output=config_entry.gen.go
// name=Structs
message RetryPolicyBackOff {
// mog: func-to=structs.DurationFromProto func-from=structs.DurationToProto
google.protobuf.Duration BaseInterval = 1;
// mog: func-to=structs.DurationFromProto func-from=structs.DurationToProto
google.protobuf.Duration MaxInterval = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.JWTLocation
// output=config_entry.gen.go
// name=Structs
message JWTLocation {
JWTLocationHeader Header = 1;
JWTLocationQueryParam QueryParam = 2;
JWTLocationCookie Cookie = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.JWTLocationHeader
// output=config_entry.gen.go
// name=Structs
message JWTLocationHeader {
string Name = 1;
string ValuePrefix = 2;
bool Forward = 3;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.JWTLocationQueryParam
// output=config_entry.gen.go
// name=Structs
message JWTLocationQueryParam {
string Name = 1;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.JWTLocationCookie
// output=config_entry.gen.go
// name=Structs
message JWTLocationCookie {
string Name = 1;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.JWTForwardingConfig
// output=config_entry.gen.go
// name=Structs
message JWTForwardingConfig {
string HeaderName = 1;
bool PadForwardPayloadHeader = 2;
}
// mog annotation:
//
// target=github.com/hashicorp/consul/agent/structs.JWTCacheConfig
// output=config_entry.gen.go
// name=Structs
message JWTCacheConfig {
// mog: func-to=int func-from=int32
int32 Size = 1;
}