From e8ac5fd90bacd3b04f9a723ba829dee90c367787 Mon Sep 17 00:00:00 2001 From: Daniel Nephin Date: Wed, 22 Sep 2021 17:22:52 -0400 Subject: [PATCH] config: Move ACLEnableKeyListPolicy to DeprecatedConfig --- agent/config/builder.go | 2 +- agent/config/config.go | 2 -- agent/config/deprecated.go | 9 +++++++++ agent/config/deprecated_test.go | 3 +++ agent/config/runtime_test.go | 1 + 5 files changed, 14 insertions(+), 3 deletions(-) diff --git a/agent/config/builder.go b/agent/config/builder.go index 4f8da68da3..c1072c265f 100644 --- a/agent/config/builder.go +++ b/agent/config/builder.go @@ -862,7 +862,7 @@ func (b *builder) build() (rt RuntimeConfig, err error) { ACLDefaultPolicy: stringVal(c.ACL.DefaultPolicy), }, - ACLEnableKeyListPolicy: boolValWithDefault(c.ACL.EnableKeyListPolicy, boolVal(c.ACLEnableKeyListPolicy)), + ACLEnableKeyListPolicy: boolVal(c.ACL.EnableKeyListPolicy), ACLMasterToken: stringVal(c.ACL.Tokens.Master), ACLTokenReplication: boolVal(c.ACL.TokenReplication), diff --git a/agent/config/config.go b/agent/config/config.go index 8035ceaa4b..650c080fd6 100644 --- a/agent/config/config.go +++ b/agent/config/config.go @@ -130,8 +130,6 @@ type Cache struct { // configuration it should be treated as an external API which cannot be // changed and refactored at will since this will break existing setups. type Config struct { - // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl" stanza - ACLEnableKeyListPolicy *bool `mapstructure:"acl_enable_key_list_policy"` ACL ACL `mapstructure:"acl"` Addresses Addresses `mapstructure:"addresses"` AdvertiseAddrLAN *string `mapstructure:"advertise_addr"` diff --git a/agent/config/deprecated.go b/agent/config/deprecated.go index d4b173b41c..11ea57d158 100644 --- a/agent/config/deprecated.go +++ b/agent/config/deprecated.go @@ -9,6 +9,8 @@ type DeprecatedConfig struct { ACLAgentToken *string `mapstructure:"acl_agent_token"` // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl.tokens" stanza ACLToken *string `mapstructure:"acl_token"` + // DEPRECATED (ACL-Legacy-Compat) - moved to "acl.enable_key_list_policy" + ACLEnableKeyListPolicy *bool `mapstructure:"acl_enable_key_list_policy"` // DEPRECATED (ACL-Legacy-Compat) - moved into the "acl" stanza ACLMasterToken *string `mapstructure:"acl_master_token"` @@ -106,6 +108,13 @@ func applyDeprecatedConfig(d *decodeTarget) (Config, []string) { warns = append(warns, deprecationWarning("acl_ttl", "acl.token_ttl")) } + if dep.ACLEnableKeyListPolicy != nil { + if d.Config.ACL.EnableKeyListPolicy == nil { + d.Config.ACL.EnableKeyListPolicy = dep.ACLEnableKeyListPolicy + } + warns = append(warns, deprecationWarning("acl_enable_key_list_policy", "acl.enable_key_list_policy")) + } + return d.Config, warns } diff --git a/agent/config/deprecated_test.go b/agent/config/deprecated_test.go index edf378f7d1..98f7fa07a2 100644 --- a/agent/config/deprecated_test.go +++ b/agent/config/deprecated_test.go @@ -26,6 +26,7 @@ acl_default_policy = "deny" acl_down_policy = "async-cache" acl_ttl = "3h" +acl_enable_key_list_policy = true `}, } @@ -39,6 +40,7 @@ acl_ttl = "3h" deprecationWarning("acl_datacenter", "primary_datacenter"), deprecationWarning("acl_default_policy", "acl.default_policy"), deprecationWarning("acl_down_policy", "acl.down_policy"), + deprecationWarning("acl_enable_key_list_policy", "acl.enable_key_list_policy"), deprecationWarning("acl_master_token", "acl.tokens.master"), deprecationWarning("acl_replication_token", "acl.tokens.replication"), deprecationWarning("acl_token", "acl.tokens.default"), @@ -61,6 +63,7 @@ acl_ttl = "3h" require.Equal(t, "deny", rt.ACLResolverSettings.ACLDefaultPolicy) require.Equal(t, "async-cache", rt.ACLResolverSettings.ACLDownPolicy) require.Equal(t, 3*time.Hour, rt.ACLResolverSettings.ACLTokenTTL) + require.Equal(t, true, rt.ACLEnableKeyListPolicy) } func TestLoad_DeprecatedConfig_ACLReplication(t *testing.T) { diff --git a/agent/config/runtime_test.go b/agent/config/runtime_test.go index 2e8c9c3b1c..0ba64fdc8a 100644 --- a/agent/config/runtime_test.go +++ b/agent/config/runtime_test.go @@ -5924,6 +5924,7 @@ func TestLoad_FullConfig(t *testing.T) { deprecationWarning("acl_default_policy", "acl.default_policy"), deprecationWarning("acl_down_policy", "acl.down_policy"), deprecationWarning("acl_ttl", "acl.token_ttl"), + deprecationWarning("acl_enable_key_list_policy", "acl.enable_key_list_policy"), `bootstrap_expect > 0: expecting 53 servers`, } expectedWarns = append(expectedWarns, enterpriseConfigKeyWarnings...)