Fixup typo, comments, and regression

agent/consul/helper_test.go

@@ -911,7 +911,7 @@ func registerTestTopologyEntries(t *testing.T, codec rpc.ClientCodec, token stri
 	}
 }
 
-func registetIntentionUpstreamEntries(t *testing.T, codec rpc.ClientCodec, token string) {
+func registerIntentionUpstreamEntries(t *testing.T, codec rpc.ClientCodec, token string) {
 	t.Helper()
 
 	// api and api-proxy on node foo

agent/consul/intention_endpoint.go

@@ -683,6 +683,10 @@ func (s *Intention) Check(args *structs.IntentionQueryRequest, reply *structs.In
 		return fmt.Errorf("Invalid destination namespace %q: %v", query.DestinationNS, err)
 	}
 
+	if query.SourceType != structs.IntentionSourceConsul {
+		return fmt.Errorf("unsupported SourceType: %q", query.SourceType)
+	}
+
 	// Perform the ACL check. For Check we only require ServiceRead and
 	// NOT IntentionRead because the Check API only returns pass/fail and
 	// returns no other information about the intentions used. We could check

agent/consul/internal_endpoint.go

@@ -188,7 +188,7 @@ func (m *Internal) ServiceTopology(args *structs.ServiceSpecificRequest, reply *
 		})
 }
 
-// IntentionUpstreams returns the upstreams or downstreams of a service. Upstreams and downstreams are inferred from intentions.
+// IntentionUpstreams returns the upstreams of a service. Upstreams are inferred from intentions.
 // If intentions allow a connection from the target to some candidate service, the candidate service is considered
 // an upstream of the target.
 func (m *Internal) IntentionUpstreams(args *structs.ServiceSpecificRequest, reply *structs.IndexedServiceList) error {

agent/consul/internal_endpoint_test.go

@@ -1908,7 +1908,7 @@ func TestInternal_IntentionUpstreams(t *testing.T) {
 	// Intentions
 	// * -> * (deny) intention
 	// web -> api (allow)
-	registetIntentionUpstreamEntries(t, codec, "")
+	registerIntentionUpstreamEntries(t, codec, "")
 
 	t.Run("web", func(t *testing.T) {
 		retry.Run(t, func(r *retry.R) {
@@ -1957,7 +1957,7 @@ func TestInternal_IntentionUpstreams_ACL(t *testing.T) {
 	// Intentions
 	// * -> * (deny) intention
 	// web -> api (allow)
-	registetIntentionUpstreamEntries(t, codec, TestDefaultMasterToken)
+	registerIntentionUpstreamEntries(t, codec, TestDefaultMasterToken)
 
 	t.Run("valid token", func(t *testing.T) {
 		// Token grants read to read api service

agent/consul/state/catalog.go

@@ -747,7 +747,7 @@ func serviceListTxn(tx ReadTxn, ws memdb.WatchSet,
 		svc := service.(*structs.ServiceNode)
 		// TODO (freddy) This is a hack to exclude certain kinds.
 		//				 Need a new index to query by kind and namespace, have to coordinate with consul foundations first
-		if include != nil && include(svc) {
+		if include == nil || include(svc) {
 			unique[svc.CompoundServiceName()] = struct{}{}
 		}
 	}