fix related to merge

3 years ago · 1c6dcbe0ed
5 changed files with 31 additions and 157 deletions
--- a/agent/cache-types/resolved_service_config.go
+++ b/agent/cache-types/resolved_service_config.go
@ -17,7 +17,6 @@ type ResolvedServiceConfig struct {
 	RPC RPC
 }

-// TODO (dans): This is what queries for services
 func (c *ResolvedServiceConfig) Fetch(opts cache.FetchOptions, req cache.Request) (cache.FetchResult, error) {
 	var result cache.FetchResult

--- a/agent/proxycfg/snapshot.go
+++ b/agent/proxycfg/snapshot.go
@ -263,12 +263,12 @@ func (c *configSnapshotTerminatingGateway) ValidServices() []structs.ServiceName
 	return out
 }

-
 // ValidDestinations returns the list of service keys (that represent exclusively endpoints) that have enough data to be emitted.
 func (c *configSnapshotTerminatingGateway) ValidDestinations() []structs.ServiceName {
 	out := make([]structs.ServiceName, 0, len(c.DestinationServices))
 	for svc := range c.DestinationServices {
 		// It only counts if ALL of our watches have come back (with data or not).
+
 		// Skip the service if we don't have a cert to present for mTLS.
 		if cert, ok := c.ServiceLeaves[svc]; !ok || cert == nil {
 			continue
--- a/agent/proxycfg/state_test.go
+++ b/agent/proxycfg/state_test.go
@ -277,18 +277,6 @@ func genVerifyMeshConfigWatch(expectedDatacenter string) verifyWatchRequest {
 	}
 }

-func genVerifyServiceDefaultsConfigWatch(expectedDatacenter string) verifyWatchRequest {
-	return func(t testing.TB, cacheType string, request cache.Request) {
-		require.Equal(t, cachetype.ConfigEntryName, cacheType)
-
-		reqReal, ok := request.(*structs.ConfigEntryQuery)
-		require.True(t, ok)
-		require.Equal(t, expectedDatacenter, reqReal.Datacenter)
-		require.Equal(t, "", reqReal.Name)
-		require.Equal(t, structs.ServiceDefaults, reqReal.Kind)
-	}
-}
-
 func genVerifyGatewayWatch(expectedDatacenter string) verifyWatchRequest {
 	return func(t testing.TB, request any) {
 		reqReal, ok := request.(*structs.ServiceDumpRequest)
@ -1673,10 +1661,10 @@ func TestState_WatchesAndUpdates(t *testing.T) {
 			stages: []verificationStage{
 				{
 					requiredWatches: map[string]verifyWatchRequest{
-						rootsWatchID:      genVerifyRootsWatch("dc1"),
+						rootsWatchID:      genVerifyDCSpecificWatch("dc1"),
 						meshConfigEntryID: genVerifyMeshConfigWatch("dc1"),
 						gatewayServicesWatchID: genVerifyServiceSpecificRequest(gatewayServicesWatchID,
-							"terminating-gateway", "", "dc1", false),
+							"terminating-gateway", "dc1", false),
 					},
 					events: []UpdateEvent{
 						rootWatchEvent(),
@ -1689,9 +1677,9 @@ func TestState_WatchesAndUpdates(t *testing.T) {
 							Result: &structs.IndexedGatewayServices{
 								Services: structs.GatewayServices{
 									{
-										Service:    db,
-										Gateway:    structs.NewServiceName("terminating-gateway", nil),
-										IsEndpoint: true,
+										Service:     db,
+										Gateway:     structs.NewServiceName("terminating-gateway", nil),
+										ServiceKind: structs.GatewayServiceKindDestination,
 									},
 								},
 							},
@ -1700,7 +1688,7 @@ func TestState_WatchesAndUpdates(t *testing.T) {
 						{
 							CorrelationID: serviceConfigIDPrefix + db.String(),
 							Result: &structs.ServiceConfigResponse{
-								Endpoint: structs.EndpointConfig{Address: "10.0.0.1", Port: 443},
+								Destination: structs.DestinationConfig{Address: "10.0.0.1", Port: 443},
 							},
 							Err: nil,
 						},
@ -1718,7 +1706,7 @@ func TestState_WatchesAndUpdates(t *testing.T) {
 					verifySnapshot: func(t testing.TB, snap *ConfigSnapshot) {
 						require.True(t, snap.Valid(), "gateway with service list is valid")
 						require.Len(t, snap.TerminatingGateway.ValidServices(), 0)
-						require.Len(t, snap.TerminatingGateway.ValidEndpoints(), 1)
+						require.Len(t, snap.TerminatingGateway.ValidDestinations(), 1)
 					},
 				},
 				{
@ -1728,14 +1716,14 @@ func TestState_WatchesAndUpdates(t *testing.T) {
 							Result: &structs.IndexedGatewayServices{
 								Services: structs.GatewayServices{
 									{
-										Service:    db,
-										Gateway:    structs.NewServiceName("terminating-gateway", nil),
-										IsEndpoint: true,
+										Service:     db,
+										Gateway:     structs.NewServiceName("terminating-gateway", nil),
+										ServiceKind: structs.GatewayServiceKindDestination,
 									},
 									{
-										Service:    api,
-										Gateway:    structs.NewServiceName("terminating-gateway", nil),
-										IsEndpoint: true,
+										Service:     api,
+										Gateway:     structs.NewServiceName("terminating-gateway", nil),
+										ServiceKind: structs.GatewayServiceKindDestination,
 									},
 								},
 							},
@ -1744,7 +1732,7 @@ func TestState_WatchesAndUpdates(t *testing.T) {
 						{
 							CorrelationID: serviceConfigIDPrefix + api.String(),
 							Result: &structs.ServiceConfigResponse{
-								Endpoint: structs.EndpointConfig{Address: "10.0.0.4", Port: 443},
+								Destination: structs.DestinationConfig{Address: "10.0.0.4", Port: 443},
 							},
 							Err: nil,
 						},
@ -1764,9 +1752,9 @@ func TestState_WatchesAndUpdates(t *testing.T) {
 						require.Len(t, snap.TerminatingGateway.ValidServices(), 0)

 						require.Len(t, snap.TerminatingGateway.WatchedServices, 0)
-						require.Len(t, snap.TerminatingGateway.ValidEndpoints(), 2)
-						require.Contains(t, snap.TerminatingGateway.ValidEndpoints(), db)
-						require.Contains(t, snap.TerminatingGateway.ValidEndpoints(), api)
+						require.Len(t, snap.TerminatingGateway.ValidDestinations(), 2)
+						require.Contains(t, snap.TerminatingGateway.ValidDestinations(), db)
+						require.Contains(t, snap.TerminatingGateway.ValidDestinations(), api)

 						require.Len(t, snap.TerminatingGateway.WatchedIntentions, 2)
 						require.Contains(t, snap.TerminatingGateway.WatchedIntentions, db)
--- a/agent/proxycfg/terminating_gateway.go
+++ b/agent/proxycfg/terminating_gateway.go
@ -351,13 +351,13 @@ func (s *handlerTerminatingGateway) handleUpdate(ctx context.Context, u UpdateEv
 		// Here we assume that any service-defaults entry with a destination address is a destination.
 		// Validation will be done at the writing side.
 		// if the Address is nil, we assume it's another type of service-defaults, and just ignore.
-		if serviceConfig.Endpoint.Address != "" {
+		if serviceConfig.Destination.Address != "" {
 			// Watch leaf certificate for the destination
 			// This cert is used to terminate mTLS connections on the destination's behalf
 			sn := structs.ServiceName{Name: sn.Name, EnterpriseMeta: sn.EnterpriseMeta}
 			if _, ok := snap.TerminatingGateway.WatchedLeaves[sn]; !ok {
 				ctx, cancel := context.WithCancel(ctx)
-				err := s.cache.Notify(ctx, cachetype.ConnectCALeafName, &cachetype.ConnectCALeafRequest{
+				err := s.dataSources.LeafCertificate.Notify(ctx, &cachetype.ConnectCALeafRequest{
 					Datacenter:     s.source.Datacenter,
 					Token:          s.token,
 					Service:        sn.Name,
--- a/agent/proxycfg/testing_terminating_gateway.go
+++ b/agent/proxycfg/testing_terminating_gateway.go
@ -10,13 +10,10 @@ func TestConfigSnapshotTerminatingGateway(t testing.T, populateServices bool, ns
 	roots, _ := TestCerts(t)

 	var (
-		web              = structs.NewServiceName("web", nil)
-		api              = structs.NewServiceName("api", nil)
-		db               = structs.NewServiceName("db", nil)
-		cache            = structs.NewServiceName("cache", nil)
-		externalCIDR     = structs.NewServiceName("external-CIDR", nil)
-		externalIP       = structs.NewServiceName("external-IP", nil)
-		externalHostname = structs.NewServiceName("external-hostanem", nil)
+		web   = structs.NewServiceName("web", nil)
+		api   = structs.NewServiceName("api", nil)
+		db    = structs.NewServiceName("db", nil)
+		cache = structs.NewServiceName("cache", nil)
 	)

 	baseEvents := []UpdateEvent{
@ -329,110 +326,6 @@ func TestConfigSnapshotTerminatingGateway(t testing.T, populateServices bool, ns
 		})
 	}

-	if populateEndpoints {
-		tgtwyServices = append(tgtwyServices,
-			&structs.GatewayService{
-				Service:    externalCIDR,
-				IsEndpoint: true,
-			},
-			&structs.GatewayService{
-				Service:    externalIP,
-				IsEndpoint: true,
-			},
-			&structs.GatewayService{
-				Service:    externalHostname,
-				IsEndpoint: true,
-			},
-		)
-
-		baseEvents = testSpliceEvents(baseEvents, []UpdateEvent{
-			{
-				CorrelationID: gatewayServicesWatchID,
-				Result: &structs.IndexedGatewayServices{
-					Services: tgtwyServices,
-				},
-			},
-			// no intentions defined for these services
-			{
-				CorrelationID: serviceIntentionsIDPrefix + externalCIDR.String(),
-				Result: &structs.IndexedIntentionMatches{
-					Matches: []structs.Intentions{
-						nil,
-					},
-				},
-			},
-			{
-				CorrelationID: serviceIntentionsIDPrefix + externalIP.String(),
-				Result: &structs.IndexedIntentionMatches{
-					Matches: []structs.Intentions{
-						nil,
-					},
-				},
-			},
-			{
-				CorrelationID: serviceIntentionsIDPrefix + externalHostname.String(),
-				Result: &structs.IndexedIntentionMatches{
-					Matches: []structs.Intentions{
-						nil,
-					},
-				},
-			},
-			// ========
-			{
-				CorrelationID: serviceLeafIDPrefix + externalCIDR.String(),
-				Result: &structs.IssuedCert{
-					CertPEM:       "placeholder.crt",
-					PrivateKeyPEM: "placeholder.key",
-				},
-			},
-			{
-				CorrelationID: serviceLeafIDPrefix + externalIP.String(),
-				Result: &structs.IssuedCert{
-					CertPEM:       "placeholder.crt",
-					PrivateKeyPEM: "placeholder.key",
-				},
-			},
-			{
-				CorrelationID: serviceLeafIDPrefix + externalHostname.String(),
-				Result: &structs.IssuedCert{
-					CertPEM:       "placeholder.crt",
-					PrivateKeyPEM: "placeholder.key",
-				},
-			},
-			// ========
-			{
-				CorrelationID: serviceConfigIDPrefix + externalCIDR.String(),
-				Result: &structs.ServiceConfigResponse{
-					ProxyConfig: map[string]interface{}{"protocol": "tcp"},
-					Endpoint: structs.EndpointConfig{
-						Address: "10.0.0.1/8",
-						Port:    443,
-					},
-				},
-			},
-			{
-				CorrelationID: serviceConfigIDPrefix + externalIP.String(),
-				Result: &structs.ServiceConfigResponse{
-					ProxyConfig: map[string]interface{}{"protocol": "http"},
-					Endpoint: structs.EndpointConfig{
-						Address: "192.168.0.1",
-						Port:    80,
-					},
-				},
-			},
-			{
-				CorrelationID: serviceConfigIDPrefix + externalHostname.String(),
-				Result: &structs.ServiceConfigResponse{
-					ProxyConfig: map[string]interface{}{"protocol": "grpc"},
-					Endpoint: structs.EndpointConfig{
-						Address: "*.hashicorp.com",
-						Port:    8089,
-					},
-				},
-			},
-		})
-	}
-
 	return testConfigSnapshotFixture(t, &structs.NodeService{
 		Kind:    structs.ServiceKindTerminatingGateway,
 		Service: "terminating-gateway",
@ -628,13 +521,13 @@ func testConfigSnapshotTerminatingGatewayServiceSubsets(t testing.T, alsoAdjustC
 		})
 	}

-	return TestConfigSnapshotTerminatingGateway(t, true, false, nil, events)
+	return TestConfigSnapshotTerminatingGateway(t, true, nil, events)
 }

 func TestConfigSnapshotTerminatingGatewayDefaultServiceSubset(t testing.T) *ConfigSnapshot {
 	web := structs.NewServiceName("web", nil)

-	return TestConfigSnapshotTerminatingGateway(t, true, false, nil, []UpdateEvent{
+	return TestConfigSnapshotTerminatingGateway(t, true, nil, []UpdateEvent{
 		{
 			CorrelationID: serviceResolverIDPrefix + web.String(),
 			Result: &structs.ConfigEntryResponse{
@ -654,12 +547,6 @@ func TestConfigSnapshotTerminatingGatewayDefaultServiceSubset(t testing.T) *Conf
 				},
 			},
 		},
-		// {
-		// 	CorrelationID: serviceConfigIDPrefix + web.String(),
-		// 	Result: &structs.ServiceConfigResponse{
-		// 		ProxyConfig: map[string]interface{}{"protocol": "http"},
-		// 	},
-		// },
 	})
 }

@ -718,7 +605,7 @@ func testConfigSnapshotTerminatingGatewayLBConfig(t testing.T, variant string) *
 		return nil
 	}

-	return TestConfigSnapshotTerminatingGateway(t, true, false, nil, []UpdateEvent{
+	return TestConfigSnapshotTerminatingGateway(t, true, nil, []UpdateEvent{
 		{
 			CorrelationID: serviceConfigIDPrefix + web.String(),
 			Result: &structs.ServiceConfigResponse{
@ -741,7 +628,7 @@ func testConfigSnapshotTerminatingGatewayLBConfig(t testing.T, variant string) *
 }

 func TestConfigSnapshotTerminatingGatewaySNI(t testing.T) *ConfigSnapshot {
-	return TestConfigSnapshotTerminatingGateway(t, true, false, nil, []UpdateEvent{
+	return TestConfigSnapshotTerminatingGateway(t, true, nil, []UpdateEvent{
 		{
 			CorrelationID: "gateway-services",
 			Result: &structs.IndexedGatewayServices{
@ -770,7 +657,7 @@ func TestConfigSnapshotTerminatingGatewayHostnameSubsets(t testing.T) *ConfigSna
 		cache = structs.NewServiceName("cache", nil)
 	)

-	return TestConfigSnapshotTerminatingGateway(t, true, false, nil, []UpdateEvent{
+	return TestConfigSnapshotTerminatingGateway(t, true, nil, []UpdateEvent{
 		{
 			CorrelationID: serviceResolverIDPrefix + api.String(),
 			Result: &structs.ConfigEntryResponse{
@ -820,7 +707,7 @@ func TestConfigSnapshotTerminatingGatewayIgnoreExtraResolvers(t testing.T) *Conf
 		notfound = structs.NewServiceName("notfound", nil)
 	)

-	return TestConfigSnapshotTerminatingGateway(t, true, false, nil, []UpdateEvent{
+	return TestConfigSnapshotTerminatingGateway(t, true, nil, []UpdateEvent{
 		{
 			CorrelationID: serviceResolverIDPrefix + web.String(),
 			Result: &structs.ConfigEntryResponse{
@ -882,7 +769,7 @@ func TestConfigSnapshotTerminatingGatewayWithLambdaService(t testing.T, extraUpd
 			},
 		},
 	})
-	return TestConfigSnapshotTerminatingGateway(t, true, false, nil, updateEvents)
+	return TestConfigSnapshotTerminatingGateway(t, true, nil, updateEvents)
 }

 func TestConfigSnapshotTerminatingGatewayWithLambdaServiceAndServiceResolvers(t testing.T) *ConfigSnapshot {