agent: honor deprecated flags for retry-join-{ec2,azure,gce} (#3384)

pull/3385/head
Frank Schröder 2017-08-10 01:18:30 +02:00 committed by James Phillips
parent d07946949d
commit 4b642fed2f
3 changed files with 141 additions and 121 deletions

View File

@ -10,7 +10,6 @@ import (
"net"
"os"
"path/filepath"
"reflect"
"sort"
"strings"
"time"
@ -22,7 +21,6 @@ import (
"github.com/hashicorp/consul/tlsutil"
"github.com/hashicorp/consul/types"
"github.com/hashicorp/consul/watch"
discover "github.com/hashicorp/go-discover"
"github.com/hashicorp/go-sockaddr/template"
"github.com/mitchellh/mapstructure"
)
@ -1198,65 +1196,6 @@ func DecodeConfig(r io.Reader) (*Config, error) {
"is no longer used. Please remove it from your configuration.")
}
if !reflect.DeepEqual(result.DeprecatedRetryJoinEC2, RetryJoinEC2{}) {
m := discover.Config{
"provider": "aws",
"region": result.DeprecatedRetryJoinEC2.Region,
"tag_key": result.DeprecatedRetryJoinEC2.TagKey,
"tag_value": result.DeprecatedRetryJoinEC2.TagValue,
"access_key_id": result.DeprecatedRetryJoinEC2.AccessKeyID,
"secret_access_key": result.DeprecatedRetryJoinEC2.SecretAccessKey,
}
result.RetryJoin = append(result.RetryJoin, m.String())
result.DeprecatedRetryJoinEC2 = RetryJoinEC2{}
// redact m before output
m["access_key_id"] = "<hidden>"
m["secret_access_key"] = "<hidden>"
fmt.Fprintf(os.Stderr, "==> DEPRECATION: retry_join_ec2 is deprecated."+
"Please add %q to retry_join\n", m)
}
if !reflect.DeepEqual(result.DeprecatedRetryJoinAzure, RetryJoinAzure{}) {
m := discover.Config{
"provider": "azure",
"tag_name": result.DeprecatedRetryJoinAzure.TagName,
"tag_value": result.DeprecatedRetryJoinAzure.TagValue,
"subscription_id": result.DeprecatedRetryJoinAzure.SubscriptionID,
"tenant_id": result.DeprecatedRetryJoinAzure.TenantID,
"client_id": result.DeprecatedRetryJoinAzure.ClientID,
"secret_access_key": result.DeprecatedRetryJoinAzure.SecretAccessKey,
}
result.RetryJoin = append(result.RetryJoin, m.String())
result.DeprecatedRetryJoinAzure = RetryJoinAzure{}
// redact m before output
m["subscription_id"] = "<hidden>"
m["tenant_id"] = "<hidden>"
m["client_id"] = "<hidden>"
m["secret_access_key"] = "<hidden>"
fmt.Fprintf(os.Stderr, "==> DEPRECATION: retry_join_azure is deprecated."+
"Please add %q to retry_join\n", m)
}
if !reflect.DeepEqual(result.DeprecatedRetryJoinGCE, RetryJoinGCE{}) {
m := discover.Config{
"provider": "gce",
"project_name": result.DeprecatedRetryJoinGCE.ProjectName,
"zone_pattern": result.DeprecatedRetryJoinGCE.ZonePattern,
"tag_value": result.DeprecatedRetryJoinGCE.TagValue,
"credentials_file": result.DeprecatedRetryJoinGCE.CredentialsFile,
}
result.RetryJoin = append(result.RetryJoin, m.String())
result.DeprecatedRetryJoinGCE = RetryJoinGCE{}
// redact m before output
m["credentials_file"] = "<hidden>"
fmt.Fprintf(os.Stderr, "==> DEPRECATION: retry_join_gce is deprecated."+
"Please add %q to retry_join\n", m)
}
// Check unused fields and verify that no bad configuration options were
// passed to Consul. There are a few additional fields which don't directly
// use mapstructure decoding, so we need to account for those as well. These

View File

@ -517,66 +517,69 @@ func TestDecodeConfig(t *testing.T) {
in: `{"retry_join":["a","b"]}`,
c: &Config{RetryJoin: []string{"a", "b"}},
},
{
in: `{"retry_join_azure":{"client_id":"a"}}`,
c: &Config{RetryJoin: []string{"provider=azure client_id=a"}},
},
{
in: `{"retry_join_azure":{"tag_name":"a"}}`,
c: &Config{RetryJoin: []string{"provider=azure tag_name=a"}},
},
{
in: `{"retry_join_azure":{"tag_value":"a"}}`,
c: &Config{RetryJoin: []string{"provider=azure tag_value=a"}},
},
{
in: `{"retry_join_azure":{"secret_access_key":"a"}}`,
c: &Config{RetryJoin: []string{"provider=azure secret_access_key=a"}},
},
{
in: `{"retry_join_azure":{"subscription_id":"a"}}`,
c: &Config{RetryJoin: []string{"provider=azure subscription_id=a"}},
},
{
in: `{"retry_join_azure":{"tenant_id":"a"}}`,
c: &Config{RetryJoin: []string{"provider=azure tenant_id=a"}},
},
{
in: `{"retry_join_ec2":{"access_key_id":"a"}}`,
c: &Config{RetryJoin: []string{"provider=aws access_key_id=a"}},
},
{
in: `{"retry_join_ec2":{"region":"a"}}`,
c: &Config{RetryJoin: []string{"provider=aws region=a"}},
},
{
in: `{"retry_join_ec2":{"tag_key":"a"}}`,
c: &Config{RetryJoin: []string{"provider=aws tag_key=a"}},
},
{
in: `{"retry_join_ec2":{"tag_value":"a"}}`,
c: &Config{RetryJoin: []string{"provider=aws tag_value=a"}},
},
{
in: `{"retry_join_ec2":{"secret_access_key":"a"}}`,
c: &Config{RetryJoin: []string{"provider=aws secret_access_key=a"}},
},
{
in: `{"retry_join_gce":{"credentials_file":"a"}}`,
c: &Config{RetryJoin: []string{"provider=gce credentials_file=a"}},
},
{
in: `{"retry_join_gce":{"project_name":"a"}}`,
c: &Config{RetryJoin: []string{"provider=gce project_name=a"}},
},
{
in: `{"retry_join_gce":{"tag_value":"a"}}`,
c: &Config{RetryJoin: []string{"provider=gce tag_value=a"}},
},
{
in: `{"retry_join_gce":{"zone_pattern":"a"}}`,
c: &Config{RetryJoin: []string{"provider=gce zone_pattern=a"}},
},
// todo(fs): temporarily disabling tests after moving the code
// todo(fs): to patch the deprecated retry-join flags to command/agent.go
// todo(fs): where it cannot be tested.
// {
// in: `{"retry_join_azure":{"client_id":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=azure client_id=a"}},
// },
// {
// in: `{"retry_join_azure":{"tag_name":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=azure tag_name=a"}},
// },
// {
// in: `{"retry_join_azure":{"tag_value":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=azure tag_value=a"}},
// },
// {
// in: `{"retry_join_azure":{"secret_access_key":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=azure secret_access_key=a"}},
// },
// {
// in: `{"retry_join_azure":{"subscription_id":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=azure subscription_id=a"}},
// },
// {
// in: `{"retry_join_azure":{"tenant_id":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=azure tenant_id=a"}},
// },
// {
// in: `{"retry_join_ec2":{"access_key_id":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=aws access_key_id=a"}},
// },
// {
// in: `{"retry_join_ec2":{"region":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=aws region=a"}},
// },
// {
// in: `{"retry_join_ec2":{"tag_key":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=aws tag_key=a"}},
// },
// {
// in: `{"retry_join_ec2":{"tag_value":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=aws tag_value=a"}},
// },
// {
// in: `{"retry_join_ec2":{"secret_access_key":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=aws secret_access_key=a"}},
// },
// {
// in: `{"retry_join_gce":{"credentials_file":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=gce credentials_file=a"}},
// },
// {
// in: `{"retry_join_gce":{"project_name":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=gce project_name=a"}},
// },
// {
// in: `{"retry_join_gce":{"tag_value":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=gce tag_value=a"}},
// },
// {
// in: `{"retry_join_gce":{"zone_pattern":"a"}}`,
// c: &Config{RetryJoin: []string{"provider=gce zone_pattern=a"}},
// },
{
in: `{"retry_join_wan":["a","b"]}`,
c: &Config{RetryJoinWan: []string{"a", "b"}},

View File

@ -8,6 +8,7 @@ import (
"os"
"os/signal"
"path/filepath"
"reflect"
"regexp"
"strings"
"syscall"
@ -24,6 +25,7 @@ import (
"github.com/hashicorp/consul/logger"
"github.com/hashicorp/consul/watch"
"github.com/hashicorp/go-checkpoint"
discover "github.com/hashicorp/go-discover"
multierror "github.com/hashicorp/go-multierror"
"github.com/hashicorp/logutils"
"github.com/mitchellh/cli"
@ -387,6 +389,82 @@ func (cmd *AgentCommand) readConfig() *agent.Config {
return nil
}
// patch deprecated retry-join-{gce,azure,ec2)-* parameters
// into -retry-join and issue warning.
// todo(fs): this should really be in DecodeConfig where it can be tested
if !reflect.DeepEqual(cfg.DeprecatedRetryJoinEC2, agent.RetryJoinEC2{}) {
m := discover.Config{
"provider": "aws",
"region": cfg.DeprecatedRetryJoinEC2.Region,
"tag_key": cfg.DeprecatedRetryJoinEC2.TagKey,
"tag_value": cfg.DeprecatedRetryJoinEC2.TagValue,
"access_key_id": cfg.DeprecatedRetryJoinEC2.AccessKeyID,
"secret_access_key": cfg.DeprecatedRetryJoinEC2.SecretAccessKey,
}
cfg.RetryJoin = append(cfg.RetryJoin, m.String())
cfg.DeprecatedRetryJoinEC2 = agent.RetryJoinEC2{}
// redact m before output
if m["access_key_id"] != "" {
m["access_key_id"] = "hidden"
}
if m["secret_access_key"] != "" {
m["secret_access_key"] = "hidden"
}
cmd.UI.Warn(fmt.Sprintf("==> DEPRECATION: retry_join_ec2 is deprecated. "+
"Please add %q to retry_join\n", m))
}
if !reflect.DeepEqual(cfg.DeprecatedRetryJoinAzure, agent.RetryJoinAzure{}) {
m := discover.Config{
"provider": "azure",
"tag_name": cfg.DeprecatedRetryJoinAzure.TagName,
"tag_value": cfg.DeprecatedRetryJoinAzure.TagValue,
"subscription_id": cfg.DeprecatedRetryJoinAzure.SubscriptionID,
"tenant_id": cfg.DeprecatedRetryJoinAzure.TenantID,
"client_id": cfg.DeprecatedRetryJoinAzure.ClientID,
"secret_access_key": cfg.DeprecatedRetryJoinAzure.SecretAccessKey,
}
cfg.RetryJoin = append(cfg.RetryJoin, m.String())
cfg.DeprecatedRetryJoinAzure = agent.RetryJoinAzure{}
// redact m before output
if m["subscription_id"] != "" {
m["subscription_id"] = "hidden"
}
if m["tenant_id"] != "" {
m["tenant_id"] = "hidden"
}
if m["client_id"] != "" {
m["client_id"] = "hidden"
}
if m["secret_access_key"] != "" {
m["secret_access_key"] = "hidden"
}
cmd.UI.Warn(fmt.Sprintf("==> DEPRECATION: retry_join_azure is deprecated. "+
"Please add %q to retry_join\n", m))
}
if !reflect.DeepEqual(cfg.DeprecatedRetryJoinGCE, agent.RetryJoinGCE{}) {
m := discover.Config{
"provider": "gce",
"project_name": cfg.DeprecatedRetryJoinGCE.ProjectName,
"zone_pattern": cfg.DeprecatedRetryJoinGCE.ZonePattern,
"tag_value": cfg.DeprecatedRetryJoinGCE.TagValue,
"credentials_file": cfg.DeprecatedRetryJoinGCE.CredentialsFile,
}
cfg.RetryJoin = append(cfg.RetryJoin, m.String())
cfg.DeprecatedRetryJoinGCE = agent.RetryJoinGCE{}
// redact m before output
if m["credentials_file"] != "" {
m["credentials_file"] = "hidden"
}
cmd.UI.Warn(fmt.Sprintf("==> DEPRECATION: retry_join_gce is deprecated. "+
"Please add %q to retry_join\n", m))
}
// Compile all the watches
for _, params := range cfg.Watches {
// Parse the watches, excluding the handler