Backport of dns v2 - both empty string and default should be allowed for namespace and partition in CE into release/1.19.x (#21233)

* backport of commit 8513eda629

* backport of commit 329bdc1345

* backport of commit 0f5d0adebd

* backport of commit 8a1d017999

---------

Co-authored-by: John Murret <john.murret@hashicorp.com>
Co-authored-by: Michael Zalimeni <michael.zalimeni@hashicorp.com>
pull/21237/head sdk/v0.16.1
hc-github-team-consul-core 2024-05-28 15:39:54 -07:00 committed by GitHub
parent f3d1a8bc78
commit 408ed18246
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 79 additions and 6 deletions

3
.changelog/21230.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:enhancement
dns: new version was not supporting partition or namespace being set to 'default' in CE version.
```

View File

@ -8,12 +8,25 @@ package acl
const (
WildcardPartitionName = ""
DefaultPartitionName = ""
)
// NonEmptyDefaultPartitionName is the name of the default partition that is
// not empty. An example of this being supplied is when a partition is specified
// in the request for DNS by consul-dataplane. This has been added to support
// DNS v1.5, which needs to be compatible with the original DNS subsystem which
// supports partition being "default" or empty. Otherwise, use DefaultPartitionName.
NonEmptyDefaultPartitionName = "default"
// Reviewer Note: This is a little bit strange; one might want it to be "" like partition name
// However in consul/structs/intention.go we define IntentionDefaultNamespace as 'default' and so
// we use the same here
const DefaultNamespaceName = "default"
// DefaultNamespaceName is used to mimic the behavior in consul/structs/intention.go,
// where we define IntentionDefaultNamespace as 'default' and so we use the same here.
// This is a little bit strange; one might want it to be "" like DefaultPartitionName.
DefaultNamespaceName = "default"
// EmptyNamespaceName is the name of the default partition that is an empty string.
// An example of this being supplied is when a namespace is specifiedDNS v1.
// EmptyNamespaceName has been added to support DNS v1.5, which needs to be
// compatible with the original DNS subsystem which supports partition being "default" or empty.
// Otherwise, use DefaultNamespaceName.
EmptyNamespaceName = ""
)
type EnterpriseConfig struct {
// no fields in CE

View File

@ -14,8 +14,12 @@ func (f *V1DataFetcher) NormalizeRequest(req *QueryPayload) {
return
}
// validateEnterpriseTenancy validates the tenancy fields for an enterprise request to
// make sure that they are either set to an empty string or "default" to align with the behavior
// in CE.
func validateEnterpriseTenancy(req QueryTenancy) error {
if req.Namespace != "" || req.Partition != acl.DefaultPartitionName {
if !(req.Namespace == acl.EmptyNamespaceName || req.Namespace == acl.DefaultNamespaceName) ||
!(req.Partition == acl.DefaultPartitionName || req.Partition == acl.NonEmptyDefaultPartitionName) {
return ErrNotSupported
}
return nil

View File

@ -5,7 +5,60 @@
package discovery
import (
"github.com/stretchr/testify/require"
"testing"
)
const (
defaultTestNamespace = ""
defaultTestPartition = ""
)
func Test_validateEnterpriseTenancy(t *testing.T) {
testCases := []struct {
name string
req QueryTenancy
expected error
}{
{
name: "empty namespace and partition returns no error",
req: QueryTenancy{
Namespace: defaultTestNamespace,
Partition: defaultTestPartition,
},
expected: nil,
},
{
name: "namespace and partition set to 'default' returns no error",
req: QueryTenancy{
Namespace: "default",
Partition: "default",
},
expected: nil,
},
{
name: "namespace set to something other than empty string or `default` returns not supported error",
req: QueryTenancy{
Namespace: "namespace-1",
Partition: "default",
},
expected: ErrNotSupported,
},
{
name: "partition set to something other than empty string or `default` returns not supported error",
req: QueryTenancy{
Namespace: "default",
Partition: "partition-1",
},
expected: ErrNotSupported,
},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
err := validateEnterpriseTenancy(tc.req)
require.Equal(t, tc.expected, err)
})
}
}