github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add config changes for UI metrics

pull/8694/head
Paul Banks 2020-09-10 17:25:56 +01:00
parent 0df4371be2
commit 526bab6164
No known key found for this signature in database
GPG Key ID: C25A851A849B8221
10 changed files with 612 additions and 196 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
agent/agent.go
View File

@ -334,6 +334,9 @@ func New(bd BaseDeps) (*Agent, error) {
cache: bd.Cache,
}
// Initialize the UI Config
a.uiConfig.Store(a.config.UIConfig)
a.serviceManager = NewServiceManager(&a)
// TODO: do this somewhere else, maybe move to newBaseDeps
@ -3823,3 +3826,14 @@ func defaultIfEmpty(val, defaultVal string) string {
}
return defaultVal
}
// getUIConfig is the canonical way to read the value of the UIConfig at
// runtime. It is thread safe and returns the most recent configuration which
// may have changed since the agent started due to config reload.
func (a *Agent) getUIConfig() config.UIConfig {
if cfg, ok := a.uiConfig.Load().(config.UIConfig); ok {
return cfg
}
// Shouldn't happen but be defensive
return config.UIConfig{}
}

30
agent/agent_test.go
View File

@ -3503,6 +3503,36 @@ func TestAgent_ReloadConfigTLSConfigFailure(t *testing.T) {
require.Len(t, tlsConf.RootCAs.Subjects(), 1)
}
func TestAgent_ReloadConfigUIConfig(t *testing.T) {
t.Parallel()
dataDir := testutil.TempDir(t, "agent") // we manage the data dir
hcl := `
data_dir = "` + dataDir + `"
ui_config {
enabled = true // note that this is _not_ reloadable
metrics_provider = "foo"
}
`
a := NewTestAgent(t, hcl)
defer a.Shutdown()
uiCfg := a.getUIConfig()
require.Equal(t, "foo", uiCfg.MetricsProvider)
hcl = `
data_dir = "` + dataDir + `"
ui_config {
enabled = true
metrics_provider = "bar"
}
`
c := TestConfig(testutil.Logger(t), config.FileSource{Name: t.Name(), Format: "hcl", Data: hcl})
require.NoError(t, a.reloadConfigInternal(c))
uiCfg = a.getUIConfig()
require.Equal(t, "bar", uiCfg.MetricsProvider)
}
func TestAgent_consulConfig_AutoEncryptAllowTLS(t *testing.T) {
t.Parallel()
dataDir := testutil.TempDir(t, "agent") // we manage the data dir

112
agent/config/builder.go
View File

@ -7,6 +7,7 @@ import (
"fmt"
"io/ioutil"
"net"
"net/url"
"os"
"path/filepath"
"reflect"
@ -797,6 +798,26 @@ func (b *Builder) Build() (rt RuntimeConfig, err error) {
return RuntimeConfig{}, fmt.Errorf("serf_wan_allowed_cidrs: %s", err)
}
// Handle Deprecated UI config fields
if c.UI != nil {
b.warn("The 'ui' field is deprecated. Use the 'ui_config.enabled' field instead.")
if c.UIConfig.Enabled == nil {
c.UIConfig.Enabled = c.UI
}
}
if c.UIDir != nil {
b.warn("The 'ui_dir' field is deprecated. Use the 'ui_config.dir' field instead.")
if c.UIConfig.Dir == nil {
c.UIConfig.Dir = c.UIDir
}
}
if c.UIContentPath != nil {
b.warn("The 'ui_content_path' field is deprecated. Use the 'ui_config.content_path' field instead.")
if c.UIConfig.ContentPath == nil {
c.UIConfig.ContentPath = c.UIContentPath
}
}
// ----------------------------------------------------------------
// build runtime config
//
@ -981,8 +1002,6 @@ func (b *Builder) Build() (rt RuntimeConfig, err error) {
EnableDebug: b.boolVal(c.EnableDebug),
EnableRemoteScriptChecks: enableRemoteScriptChecks,
EnableLocalScriptChecks: enableLocalScriptChecks,
EnableUI: b.boolVal(c.UI),
EncryptKey: b.stringVal(c.EncryptKey),
EncryptVerifyIncoming: b.boolVal(c.EncryptVerifyIncoming),
EncryptVerifyOutgoing: b.boolVal(c.EncryptVerifyOutgoing),
@ -1058,8 +1077,7 @@ func (b *Builder) Build() (rt RuntimeConfig, err error) {
TaggedAddresses: c.TaggedAddresses,
TranslateWANAddrs: b.boolVal(c.TranslateWANAddrs),
TxnMaxReqLen: b.uint64Val(c.Limits.TxnMaxReqLen),
UIDir: b.stringVal(c.UIDir),
UIContentPath: UIPathBuilder(b.stringVal(c.UIContentPath)),
UIConfig: b.uiConfigVal(c.UIConfig),
UnixSocketGroup: b.stringVal(c.UnixSocket.Group),
UnixSocketMode: b.stringVal(c.UnixSocket.Mode),
UnixSocketUser: b.stringVal(c.UnixSocket.User),
@ -1094,7 +1112,8 @@ func (b *Builder) Build() (rt RuntimeConfig, err error) {
// Validate performs semantic validation of the runtime configuration.
func (b *Builder) Validate(rt RuntimeConfig) error {
// reDatacenter defines a regexp for a valid datacenter name
var reDatacenter = regexp.MustCompile("^[a-z0-9_-]+$")
var reBasicName = regexp.MustCompile("^[a-z0-9_-]+$")
var reDatacenter = reBasicName
// validContentPath defines a regexp for a valid content path name.
var validContentPath = regexp.MustCompile(`^[A-Za-z0-9/_-]+$`)
@ -1113,12 +1132,50 @@ func (b *Builder) Validate(rt RuntimeConfig) error {
return fmt.Errorf("data_dir cannot be empty")
}
if !validContentPath.MatchString(rt.UIContentPath) {
return fmt.Errorf("ui-content-path can only contain alphanumeric, -, _, or /. received: %s", rt.UIContentPath)
if !validContentPath.MatchString(rt.UIConfig.ContentPath) {
return fmt.Errorf("ui-content-path can only contain alphanumeric, -, _, or /. received: %q", rt.UIConfig.ContentPath)
}
if hasVersion.MatchString(rt.UIContentPath) {
return fmt.Errorf("ui-content-path cannot have 'v[0-9]'. received: %s", rt.UIContentPath)
if hasVersion.MatchString(rt.UIConfig.ContentPath) {
return fmt.Errorf("ui-content-path cannot have 'v[0-9]'. received: %q", rt.UIConfig.ContentPath)
}
if rt.UIConfig.MetricsProvider != "" &&
!reBasicName.MatchString(rt.UIConfig.MetricsProvider) {
return fmt.Errorf("ui_config.metrics_provider can only contain lowercase "+
"alphanumeric or _ characters. received: %q", rt.UIConfig.MetricsProvider)
}
if rt.UIConfig.MetricsProviderOptionsJSON != "" {
// Attempt to parse the JSON to ensure it's valid, parsing into a map
// ensures we get an object.
var dummyMap map[string]interface{}
err := json.Unmarshal([]byte(rt.UIConfig.MetricsProviderOptionsJSON),
&dummyMap)
if err != nil {
return fmt.Errorf("ui_config.metrics_provider_options_json must be empty "+
"or a string containing a valid JSON object. received: %q",
rt.UIConfig.MetricsProviderOptionsJSON)
}
}
if rt.UIConfig.MetricsProxy.BaseURL != "" {
u, err := url.Parse(rt.UIConfig.MetricsProxy.BaseURL)
if err != nil || !(u.Scheme == "http" || u.Scheme == "https") {
return fmt.Errorf("ui_config.metrics_proxy.base_url must be a valid http"+
" or https URL. received: %q",
rt.UIConfig.MetricsProxy.BaseURL)
}
}
for k, v := range rt.UIConfig.DashboardURLTemplates {
if !reBasicName.MatchString(k) {
return fmt.Errorf("ui_config.dashboard_url_templates key names can only "+
"contain lowercase alphanumeric or _ characters. received: %q", k)
}
u, err := url.Parse(v)
if err != nil || !(u.Scheme == "http" || u.Scheme == "https") {
return fmt.Errorf("ui_config.dashboard_url_templates values must be a"+
" valid http or https URL. received: %q",
rt.UIConfig.MetricsProxy.BaseURL)
}
}
if !rt.DevMode {
@ -1194,11 +1251,11 @@ func (b *Builder) Validate(rt RuntimeConfig) error {
return fmt.Errorf("acl_datacenter cannot be %q. Please use only [a-z0-9-_]", rt.ACLDatacenter)
}
// In DevMode, UI is enabled by default, so to enable rt.UIDir, don't perform this check
if !rt.DevMode && rt.EnableUI && rt.UIDir != "" {
if !rt.DevMode && rt.UIConfig.Enabled && rt.UIConfig.Dir != "" {
return fmt.Errorf(
"Both the ui and ui-dir flags were specified, please provide only one.\n" +
"If trying to use your own web UI resources, use the ui-dir flag.\n" +
"The web UI is included in the binary so use ui to enable it")
"Both the ui_config.enabled and ui_config.dir (or -ui and -ui-dir) were specified, please provide only one.\n" +
"If trying to use your own web UI resources, use ui_config.dir or the -ui-dir flag.\n" +
"The web UI is included in the binary so use ui_config.enabled or the -ui flag to enable it")
}
if rt.DNSUDPAnswerLimit < 0 {
return fmt.Errorf("dns_config.udp_answer_limit cannot be %d. Must be greater than or equal to zero", rt.DNSUDPAnswerLimit)
@ -1647,6 +1704,35 @@ func (b *Builder) serviceConnectVal(v *ServiceConnect) *structs.ServiceConnect {
}
}
func (b *Builder) uiConfigVal(v RawUIConfig) UIConfig {
return UIConfig{
Enabled: b.boolVal(v.Enabled),
Dir: b.stringVal(v.Dir),
ContentPath: UIPathBuilder(b.stringVal(v.ContentPath)),
MetricsProvider: b.stringVal(v.MetricsProvider),
MetricsProviderFiles: v.MetricsProviderFiles,
MetricsProviderOptionsJSON: b.stringVal(v.MetricsProviderOptionsJSON),
MetricsProxy: b.uiMetricsProxyVal(v.MetricsProxy),
DashboardURLTemplates: v.DashboardURLTemplates,
}
}
func (b *Builder) uiMetricsProxyVal(v RawUIMetricsProxy) UIMetricsProxy {
var hdrs []UIMetricsProxyAddHeader
for _, hdr := range v.AddHeaders {
hdrs = append(hdrs, UIMetricsProxyAddHeader{
Name: b.stringVal(hdr.Name),
Value: b.stringVal(hdr.Value),
})
}
return UIMetricsProxy{
BaseURL: b.stringVal(v.BaseURL),
AddHeaders: hdrs,
}
}
func (b *Builder) boolValWithDefault(v *bool, defaultVal bool) bool {
if v == nil {
return defaultVal

27
agent/config/config.go
View File

@ -240,9 +240,15 @@ type Config struct {
TaggedAddresses map[string]string `json:"tagged_addresses,omitempty" hcl:"tagged_addresses" mapstructure:"tagged_addresses"`
Telemetry Telemetry `json:"telemetry,omitempty" hcl:"telemetry" mapstructure:"telemetry"`
TranslateWANAddrs *bool `json:"translate_wan_addrs,omitempty" hcl:"translate_wan_addrs" mapstructure:"translate_wan_addrs"`
// DEPRECATED (ui-config) - moved to the ui_config stanza
UI *bool `json:"ui,omitempty" hcl:"ui" mapstructure:"ui"`
// DEPRECATED (ui-config) - moved to the ui_config stanza
UIContentPath *string `json:"ui_content_path,omitempty" hcl:"ui_content_path" mapstructure:"ui_content_path"`
// DEPRECATED (ui-config) - moved to the ui_config stanza
UIDir *string `json:"ui_dir,omitempty" hcl:"ui_dir" mapstructure:"ui_dir"`
UIConfig RawUIConfig `json:"ui_config,omitempty" hcl:"ui_config" mapstructure:"ui_config"`
UnixSocket UnixSocket `json:"unix_sockets,omitempty" hcl:"unix_sockets" mapstructure:"unix_sockets"`
VerifyIncoming *bool `json:"verify_incoming,omitempty" hcl:"verify_incoming" mapstructure:"verify_incoming"`
VerifyIncomingHTTPS *bool `json:"verify_incoming_https,omitempty" hcl:"verify_incoming_https" mapstructure:"verify_incoming_https"`
@ -769,3 +775,24 @@ type AutoConfigAuthorizerRaw struct {
NotBeforeLeeway *string `json:"not_before_leeway,omitempty" hcl:"not_before_leeway" mapstructure:"not_before_leeway"`
ClockSkewLeeway *string `json:"clock_skew_leeway,omitempty" hcl:"clock_skew_leeway" mapstructure:"clock_skew_leeway"`
}
type RawUIConfig struct {
Enabled *bool `json:"enabled,omitempty" hcl:"enabled" mapstructure:"enabled"`
Dir *string `json:"dir,omitempty" hcl:"dir" mapstructure:"dir"`
ContentPath *string `json:"content_path,omitempty" hcl:"content_path" mapstructure:"content_path"`
MetricsProvider *string `json:"metrics_provider,omitempty" hcl:"metrics_provider" mapstructure:"metrics_provider"`
MetricsProviderFiles []string `json:"metrics_provider_files,omitempty" hcl:"metrics_provider_files" mapstructure:"metrics_provider_files"`
MetricsProviderOptionsJSON *string `json:"metrics_provider_options_json,omitempty" hcl:"metrics_provider_options_json" mapstructure:"metrics_provider_options_json"`
MetricsProxy RawUIMetricsProxy `json:"metrics_proxy,omitempty" hcl:"metrics_proxy" mapstructure:"metrics_proxy"`
DashboardURLTemplates map[string]string `json:"dashboard_url_templates" hcl:"dashboard_url_templates" mapstructure:"dashboard_url_templates"`
}
type RawUIMetricsProxy struct {
BaseURL *string `json:"base_url,omitempty" hcl:"base_url" mapstructure:"base_url"`
AddHeaders []RawUIMetricsProxyAddHeader `json:"add_headers,omitempty" hcl:"add_headers" mapstructure:"add_headers"`
}
type RawUIMetricsProxyAddHeader struct {
Name *string `json:"name,omitempty" hcl:"name" mapstructure:"name"`
Value *string `json:"value,omitempty" hcl:"value" mapstructure:"value"`
}

4
agent/config/default.go
View File

@ -139,7 +139,9 @@ func DevSource() Source {
disable_anonymous_signature = true
disable_keyring_file = true
enable_debug = true
ui = true
ui_config {
enabled = true
}
log_level = "DEBUG"
server = true

6
agent/config/flags.go
View File

@ -111,8 +111,8 @@ func AddFlags(fs *flag.FlagSet, f *BuilderOpts) {
add(&f.Config.Ports.SerfWAN, "serf-wan-port", "Sets the Serf WAN port to listen on.")
add(&f.Config.ServerMode, "server", "Switches agent to server mode.")
add(&f.Config.EnableSyslog, "syslog", "Enables logging to syslog.")
add(&f.Config.UI, "ui", "Enables the built-in static web UI server.")
add(&f.Config.UIContentPath, "ui-content-path", "Sets the external UI path to a string. Defaults to: /ui/ ")
add(&f.Config.UIDir, "ui-dir", "Path to directory containing the web UI resources.")
add(&f.Config.UIConfig.Enabled, "ui", "Enables the built-in static web UI server.")
add(&f.Config.UIConfig.ContentPath, "ui-content-path", "Sets the external UI path to a string. Defaults to: /ui/ ")
add(&f.Config.UIConfig.Dir, "ui-dir", "Path to directory containing the web UI resources.")
add(&f.HCL, "hcl", "hcl config fragment. Can be specified multiple times.")
}

48
agent/config/runtime.go
View File

@ -694,13 +694,6 @@ type RuntimeConfig struct {
// flag: -enable-script-checks
EnableRemoteScriptChecks bool
// EnableUI enables the statically-compiled assets for the Consul web UI and
// serves them at the default /ui/ endpoint automatically.
//
// hcl: enable_ui = (true|false)
// flag: -ui
EnableUI bool
// EncryptKey contains the encryption key to use for the Serf communication.
//
// hcl: encrypt = string
@ -1411,16 +1404,18 @@ type RuntimeConfig struct {
// hcl: limits { txn_max_req_len = uint64 }
TxnMaxReqLen uint64
// UIDir is the directory containing the Web UI resources.
// If provided, the UI endpoints will be enabled.
// UIConfig holds various runtime options that control both the agent's
// behavior while serving the UI (e.g. whether it's enabled, what path it's
// mounted on) as well as options that enable or disable features within the
// UI.
//
// hcl: ui_dir = string
// flag: -ui-dir string
UIDir string
//UIContentPath is a string that sets the external
// path to a string. Default: /ui/
UIContentPath string
// NOTE: Never read from this field directly once the agent has started up
// since the UI config is reloadable. The on in the agent's config field may
// be out of date. Use the agent.getUIConfig() method to get the latest config
// in a thread-safe way.
//
// hcl: ui_config { ... }
UIConfig UIConfig
// UnixSocketGroup contains the group of the file permissions when
// Consul binds to UNIX sockets.
@ -1518,6 +1513,27 @@ type AutoConfigAuthorizer struct {
AllowReuse bool
}
type UIConfig struct {
Enabled bool
Dir string
ContentPath string
MetricsProvider string
MetricsProviderFiles []string
MetricsProviderOptionsJSON string
MetricsProxy UIMetricsProxy
DashboardURLTemplates map[string]string
}
type UIMetricsProxy struct {
BaseURL string
AddHeaders []UIMetricsProxyAddHeader
}
type UIMetricsProxyAddHeader struct {
Name string
Value string
}
func (c *RuntimeConfig) apiAddresses(maxPerType int) (unixAddrs, httpAddrs, httpsAddrs []string) {
if len(c.HTTPSAddrs) > 0 {
for i, addr := range c.HTTPSAddrs {

270
agent/config/runtime_test.go
View File

@ -290,7 +290,7 @@ func TestBuilder_BuildAndValide_ConfigFlagsAndEdgecases(t *testing.T) {
rt.DisableAnonymousSignature = true
rt.DisableKeyringFile = true
rt.EnableDebug = true
rt.EnableUI = true
rt.UIConfig.Enabled = true
rt.LeaveOnTerm = false
rt.Logging.LogLevel = "DEBUG"
rt.RPCAdvertiseAddr = tcpAddr("127.0.0.1:8300")
@ -850,7 +850,7 @@ func TestBuilder_BuildAndValide_ConfigFlagsAndEdgecases(t *testing.T) {
`-data-dir=` + dataDir,
},
patch: func(rt *RuntimeConfig) {
rt.EnableUI = true
rt.UIConfig.Enabled = true
rt.DataDir = dataDir
},
},
@ -861,7 +861,7 @@ func TestBuilder_BuildAndValide_ConfigFlagsAndEdgecases(t *testing.T) {
`-data-dir=` + dataDir,
},
patch: func(rt *RuntimeConfig) {
rt.UIDir = "a"
rt.UIConfig.Dir = "a"
rt.DataDir = dataDir
},
},
@ -873,7 +873,7 @@ func TestBuilder_BuildAndValide_ConfigFlagsAndEdgecases(t *testing.T) {
},
patch: func(rt *RuntimeConfig) {
rt.UIContentPath = "/a/b/"
rt.UIConfig.ContentPath = "/a/b/"
rt.DataDir = dataDir
},
},
@ -1894,16 +1894,16 @@ func TestBuilder_BuildAndValide_ConfigFlagsAndEdgecases(t *testing.T) {
err: "DNS address cannot be a unix socket",
},
{
desc: "ui and ui_dir",
desc: "ui enabled and dir specified",
args: []string{
`-datacenter=a`,
`-data-dir=` + dataDir,
},
json: []string{`{ "ui": true, "ui_dir": "a" }`},
hcl: []string{`ui = true ui_dir = "a"`},
err: "Both the ui and ui-dir flags were specified, please provide only one.\n" +
"If trying to use your own web UI resources, use the ui-dir flag.\n" +
"The web UI is included in the binary so use ui to enable it",
json: []string{`{ "ui_config": { "enabled": true, "dir": "a" } }`},
hcl: []string{`ui_config { enabled = true dir = "a"}`},
err: "Both the ui_config.enabled and ui_config.dir (or -ui and -ui-dir) were specified, please provide only one.\n" +
"If trying to use your own web UI resources, use ui_config.dir or the -ui-dir flag.\n" +
"The web UI is included in the binary so use ui_config.enabled or the -ui flag to enable it",
},
// test ANY address failures
@ -4251,6 +4251,169 @@ func TestBuilder_BuildAndValide_ConfigFlagsAndEdgecases(t *testing.T) {
rt.CertFile = "foo"
},
},
// UI Config tests
{
desc: "ui config deprecated",
args: []string{`-data-dir=` + dataDir},
json: []string{`{
"ui": true,
"ui_content_path": "/bar"
}`},
hcl: []string{`
ui = true
ui_content_path = "/bar"
`},
warns: []string{
`The 'ui' field is deprecated. Use the 'ui_config.enabled' field instead.`,
`The 'ui_content_path' field is deprecated. Use the 'ui_config.content_path' field instead.`,
},
patch: func(rt *RuntimeConfig) {
// Should still work!
rt.UIConfig.Enabled = true
rt.UIConfig.ContentPath = "/bar/"
rt.DataDir = dataDir
},
},
{
desc: "ui-dir config deprecated",
args: []string{`-data-dir=` + dataDir},
json: []string{`{
"ui_dir": "/bar"
}`},
hcl: []string{`
ui_dir = "/bar"
`},
warns: []string{
`The 'ui_dir' field is deprecated. Use the 'ui_config.dir' field instead.`,
},
patch: func(rt *RuntimeConfig) {
// Should still work!
rt.UIConfig.Dir = "/bar"
rt.DataDir = dataDir
},
},
{
desc: "metrics_provider constraint",
args: []string{`-data-dir=` + dataDir},
json: []string{`{
"ui_config": {
"metrics_provider": "((((lisp 4 life))))"
}
}`},
hcl: []string{`
ui_config {
metrics_provider = "((((lisp 4 life))))"
}
`},
err: `ui_config.metrics_provider can only contain lowercase alphanumeric or _ characters.`,
},
{
desc: "metrics_provider_options_json invalid JSON",
args: []string{`-data-dir=` + dataDir},
json: []string{`{
"ui_config": {
"metrics_provider_options_json": "not valid JSON"
}
}`},
hcl: []string{`
ui_config {
metrics_provider_options_json = "not valid JSON"
}
`},
err: `ui_config.metrics_provider_options_json must be empty or a string containing a valid JSON object.`,
},
{
desc: "metrics_provider_options_json not an object",
args: []string{`-data-dir=` + dataDir},
json: []string{`{
"ui_config": {
"metrics_provider_options_json": "1.0"
}
}`},
hcl: []string{`
ui_config {
metrics_provider_options_json = "1.0"
}
`},
err: `ui_config.metrics_provider_options_json must be empty or a string containing a valid JSON object.`,
},
{
desc: "metrics_proxy.base_url valid",
args: []string{`-data-dir=` + dataDir},
json: []string{`{
"ui_config": {
"metrics_proxy": {
"base_url": "___"
}
}
}`},
hcl: []string{`
ui_config {
metrics_proxy {
base_url = "___"
}
}
`},
err: `ui_config.metrics_proxy.base_url must be a valid http or https URL.`,
},
{
desc: "metrics_proxy.base_url http(s)",
args: []string{`-data-dir=` + dataDir},
json: []string{`{
"ui_config": {
"metrics_proxy": {
"base_url": "localhost:1234"
}
}
}`},
hcl: []string{`
ui_config {
metrics_proxy {
base_url = "localhost:1234"
}
}
`},
err: `ui_config.metrics_proxy.base_url must be a valid http or https URL.`,
},
{
desc: "dashboard_url_templates key format",
args: []string{`-data-dir=` + dataDir},
json: []string{`{
"ui_config": {
"dashboard_url_templates": {
"(*&ASDOUISD)": "localhost:1234"
}
}
}`},
hcl: []string{`
ui_config {
dashboard_url_templates {
"(*&ASDOUISD)" = "localhost:1234"
}
}
`},
err: `ui_config.dashboard_url_templates key names can only contain lowercase alphanumeric or _ characters.`,
},
{
desc: "dashboard_url_templates value format",
args: []string{`-data-dir=` + dataDir},
json: []string{`{
"ui_config": {
"dashboard_url_templates": {
"services": "localhost:1234"
}
}
}`},
hcl: []string{`
ui_config {
dashboard_url_templates {
services = "localhost:1234"
}
}
`},
err: `ui_config.dashboard_url_templates values must be a valid http or https URL.`,
},
}
testConfig(t, tests, dataDir)
@ -5070,9 +5233,26 @@ func TestFullConfig(t *testing.T) {
"tls_min_version": "pAOWafkR",
"tls_prefer_server_cipher_suites": true,
"translate_wan_addrs": true,
"ui": true,
"ui_dir": "11IFzAUn",
"ui_content_path": "consul",
"ui_config": {
"enabled": true,
"dir": "pVncV4Ey",
"content_path": "qp1WRhYH",
"metrics_provider": "sgnaoa_lower_case",
"metrics_provider_files": ["sgnaMFoa", "dicnwkTH"],
"metrics_provider_options_json": "{\"DIbVQadX\": 1}",
"metrics_proxy": {
"base_url": "http://foo.bar",
"add_headers": [
{
"name": "p3nynwc9",
"value": "TYBgnN2F"
}
]
},
"dashboard_url_templates": {
"u2eziu2n_lower_case": "http://lkjasd.otr"
}
},
"unix_sockets": {
"group": "8pFodrV8",
"mode": "E8sAwOv4",
@ -5736,9 +5916,26 @@ func TestFullConfig(t *testing.T) {
tls_min_version = "pAOWafkR"
tls_prefer_server_cipher_suites = true
translate_wan_addrs = true
ui = true
ui_dir = "11IFzAUn"
ui_content_path = "consul"
ui_config {
enabled = true
dir = "pVncV4Ey"
content_path = "qp1WRhYH"
metrics_provider = "sgnaoa_lower_case"
metrics_provider_files = ["sgnaMFoa", "dicnwkTH"]
metrics_provider_options_json = "{\"DIbVQadX\": 1}"
metrics_proxy {
base_url = "http://foo.bar"
add_headers = [
{
name = "p3nynwc9"
value = "TYBgnN2F"
}
]
}
dashboard_url_templates {
u2eziu2n_lower_case = "http://lkjasd.otr"
}
}
unix_sockets = {
group = "8pFodrV8"
mode = "E8sAwOv4"
@ -6110,7 +6307,6 @@ func TestFullConfig(t *testing.T) {
EnableDebug: true,
EnableRemoteScriptChecks: true,
EnableLocalScriptChecks: true,
EnableUI: true,
EncryptKey: "A4wELWqH",
EncryptVerifyIncoming: true,
EncryptVerifyOutgoing: true,
@ -6509,8 +6705,24 @@ func TestFullConfig(t *testing.T) {
},
TranslateWANAddrs: true,
TxnMaxReqLen: 5678000000000000,
UIContentPath: "/consul/",
UIDir: "11IFzAUn",
UIConfig: UIConfig{
Enabled: true,
Dir: "pVncV4Ey",
ContentPath: "/qp1WRhYH/", // slashes are added in parsing
MetricsProvider: "sgnaoa_lower_case",
MetricsProviderFiles: []string{"sgnaMFoa", "dicnwkTH"},
MetricsProviderOptionsJSON: "{\"DIbVQadX\": 1}",
MetricsProxy: UIMetricsProxy{
BaseURL: "http://foo.bar",
AddHeaders: []UIMetricsProxyAddHeader{
{
Name: "p3nynwc9",
Value: "TYBgnN2F",
},
},
},
DashboardURLTemplates: map[string]string{"u2eziu2n_lower_case": "http://lkjasd.otr"},
},
UnixSocketUser: "E0nB1DwA",
UnixSocketGroup: "8pFodrV8",
UnixSocketMode: "E8sAwOv4",
@ -6589,7 +6801,7 @@ func TestFullConfig(t *testing.T) {
// we are patching a handful of safe fields to make validation pass.
rt.Bootstrap = false
rt.DevMode = false
rt.EnableUI = false
rt.UIConfig.Enabled = false
rt.SegmentName = ""
rt.Segments = nil
@ -6599,7 +6811,7 @@ func TestFullConfig(t *testing.T) {
}
// check the warnings
require.ElementsMatch(t, warns, b.Warnings, "Warnings: %v", b.Warnings)
require.ElementsMatch(t, warns, b.Warnings, "Warnings: %#v", b.Warnings)
})
}
}
@ -7005,7 +7217,6 @@ func TestSanitize(t *testing.T) {
"EnableCentralServiceConfig": false,
"EnableLocalScriptChecks": false,
"EnableRemoteScriptChecks": false,
"EnableUI": false,
"EncryptKey": "hidden",
"EncryptVerifyIncoming": false,
"EncryptVerifyOutgoing": false,
@ -7179,8 +7390,19 @@ func TestSanitize(t *testing.T) {
},
"TranslateWANAddrs": false,
"TxnMaxReqLen": 5678000000000000,
"UIDir": "",
"UIContentPath": "",
"UIConfig": {
"ContentPath": "",
"Dir": "",
"Enabled": false,
"MetricsProvider": "",
"MetricsProviderFiles": [],
"MetricsProviderOptionsJSON": "",
"MetricsProxy": {
"AddHeaders": [],
"BaseURL": ""
},
"DashboardURLTemplates": {}
},
"UnixSocketGroup": "",
"UnixSocketMode": "",
"UnixSocketUser": "",

33
agent/http.go
View File

@ -347,16 +347,23 @@ func (s *HTTPHandlers) handler(enableDebug bool) http.Handler {
handlePProf("/debug/pprof/trace", pprof.Trace)
if s.IsUIEnabled() {
// Note that we _don't_ support reloading ui_config.{enabled,content_dir}
// since this only runs at initial startup.
var uifs http.FileSystem
// Use the custom UI dir if provided.
if s.agent.config.UIDir != "" {
uifs = http.Dir(s.agent.config.UIDir)
uiConfig := s.agent.getUIConfig()
if uiConfig.Dir != "" {
uifs = http.Dir(uiConfig.Dir)
} else {
fs := assetFS()
uifs = fs
}
uifs = &redirectFS{fs: &settingsInjectedIndexFS{fs: uifs, UISettings: s.GetUIENVFromConfig()}}
uifs = &redirectFS{fs: &settingsInjectedIndexFS{
fs: uifs,
UISettings: s.GetUIENVFromConfig(),
}}
// create a http handler using the ui file system
// and the headers specified by the http_config.response_headers user config
uifsWithHeaders := serveHandlerWithHeaders(
@ -368,9 +375,9 @@ func (s *HTTPHandlers) handler(enableDebug bool) http.Handler {
uifsWithHeaders,
)
mux.Handle(
s.agent.config.UIContentPath,
uiConfig.ContentPath,
http.StripPrefix(
s.agent.config.UIContentPath,
uiConfig.ContentPath,
uifsWithHeaders,
),
)
@ -391,9 +398,20 @@ func (s *HTTPHandlers) handler(enableDebug bool) http.Handler {
}
func (s *HTTPHandlers) GetUIENVFromConfig() map[string]interface{} {
uiCfg := s.agent.getUIConfig()
vars := map[string]interface{}{
"CONSUL_CONTENT_PATH": s.agent.config.UIContentPath,
"CONSUL_CONTENT_PATH": uiCfg.ContentPath,
"CONSUL_ACLS_ENABLED": s.agent.config.ACLsEnabled,
"CONSUL_METRICS_PROVIDER": uiCfg.MetricsProvider,
"CONSUL_METRICS_PROVIDER_OPTIONS": json.RawMessage(uiCfg.MetricsProviderOptionsJSON),
// We explicitly MUST NOT pass the metrics_proxy object since it might
// contain add_headers with secrets that the UI shouldn't know e.g. API
// tokens for the backend. The provider should either require the proxy to
// be configured and then use that or hit the backend directly from the
// browser.
"CONSUL_METRICS_PROXY_ENABLED": uiCfg.MetricsProxy.BaseURL != "",
"CONSUL_DASHBOARD_URL_TEMPLATES": uiCfg.DashboardURLTemplates,
}
s.addEnterpriseUIENVVars(vars)
@ -655,7 +673,8 @@ func (s *HTTPHandlers) Index(resp http.ResponseWriter, req *http.Request) {
}
// Redirect to the UI endpoint
http.Redirect(resp, req, s.agent.config.UIContentPath, http.StatusMovedPermanently) // 301
uiCfg := s.agent.getUIConfig()
http.Redirect(resp, req, uiCfg.ContentPath, http.StatusMovedPermanently) // 301
}
func decodeBody(body io.Reader, out interface{}) error {

2
agent/ui_endpoint_test.go
View File

@ -34,7 +34,7 @@ func TestUiIndex(t *testing.T) {
testrpc.WaitForLeader(t, a.RPC, "dc1")
// Create file
path := filepath.Join(a.Config.UIDir, "my-file")
path := filepath.Join(a.Config.UIConfig.Dir, "my-file")
if err := ioutil.WriteFile(path, []byte("test"), 0777); err != nil {
t.Fatalf("err: %v", err)
}