From 7bfbdf94697101785f15fe97a71adcbc5f115827 Mon Sep 17 00:00:00 2001 From: Daniel Upton Date: Tue, 6 Sep 2022 10:19:39 +0100 Subject: [PATCH 1/5] Integrate consul-server-connection-manager library --- Makefile | 5 - buf.gen.yaml | 14 - cmd/consul-dataplane/main.go | 60 +- cmd/consul-dataplane/map_flag.go | 36 + cmd/consul-dataplane/map_flag_test.go | 80 ++ go.mod | 8 +- go.sum | 15 + internal/consul-proto/pbacl/acl.pb.go | 508 ------------ internal/consul-proto/pbacl/acl_grpc.pb.go | 147 ---- internal/consul-proto/pbconnectca/ca.pb.go | 554 ------------- .../consul-proto/pbconnectca/ca_grpc.pb.go | 179 ---- .../consul-proto/pbdataplane/dataplane.pb.go | 764 ------------------ .../pbdataplane/dataplane_grpc.pb.go | 141 ---- .../pbserverdiscovery/serverdiscovery.pb.go | 332 -------- .../serverdiscovery_grpc.pb.go | 141 ---- pkg/consuldp/bootstrap.go | 2 +- pkg/consuldp/bootstrap_test.go | 15 +- pkg/consuldp/config.go | 162 +++- pkg/consuldp/config_test.go | 175 ++++ pkg/consuldp/consul_dataplane.go | 105 +-- pkg/consuldp/consul_dataplane_test.go | 89 +- pkg/consuldp/mock_dataplane_service_client.go | 2 +- pkg/consuldp/testdata/certs/ca/cert.pem | 18 + pkg/consuldp/testdata/certs/server/cert.pem | 16 + pkg/consuldp/testdata/certs/server/key.pem | 5 + pkg/consuldp/xds.go | 5 +- pkg/consuldp/xds_test.go | 8 +- 27 files changed, 624 insertions(+), 2962 deletions(-) delete mode 100644 buf.gen.yaml create mode 100644 cmd/consul-dataplane/map_flag.go create mode 100644 cmd/consul-dataplane/map_flag_test.go delete mode 100644 internal/consul-proto/pbacl/acl.pb.go delete mode 100644 internal/consul-proto/pbacl/acl_grpc.pb.go delete mode 100644 internal/consul-proto/pbconnectca/ca.pb.go delete mode 100644 internal/consul-proto/pbconnectca/ca_grpc.pb.go delete mode 100644 internal/consul-proto/pbdataplane/dataplane.pb.go delete mode 100644 internal/consul-proto/pbdataplane/dataplane_grpc.pb.go delete mode 100644 internal/consul-proto/pbserverdiscovery/serverdiscovery.pb.go delete mode 100644 internal/consul-proto/pbserverdiscovery/serverdiscovery_grpc.pb.go create mode 100644 pkg/consuldp/config_test.go create mode 100644 pkg/consuldp/testdata/certs/ca/cert.pem create mode 100644 pkg/consuldp/testdata/certs/server/cert.pem create mode 100644 pkg/consuldp/testdata/certs/server/key.pem diff --git a/Makefile b/Makefile index ea1ebe16..8dfa7488 100644 --- a/Makefile +++ b/Makefile @@ -96,8 +96,3 @@ copy-bootstrap-config: .PHONY: unit-tests unit-tests: go test ./... - -# TODO: Install dependencies before running this target -.PHONY: consul-proto -consul-proto: - buf generate "https://github.com/hashicorp/consul.git#branch=main,subdir=proto-public" diff --git a/buf.gen.yaml b/buf.gen.yaml deleted file mode 100644 index a24433ed..00000000 --- a/buf.gen.yaml +++ /dev/null @@ -1,14 +0,0 @@ -version: v1 -managed: - enabled: true - go_package_prefix: - default: github.com/hashicorp/consul-dataplane/internal/consul-proto -plugins: - - name: go - out: internal/consul-proto - opt: - - paths=source_relative - - name: go-grpc - out: internal/consul-proto - opt: - - paths=source_relative \ No newline at end of file diff --git a/cmd/consul-dataplane/main.go b/cmd/consul-dataplane/main.go index 5eb133b0..2292403a 100644 --- a/cmd/consul-dataplane/main.go +++ b/cmd/consul-dataplane/main.go @@ -16,8 +16,16 @@ import ( var ( printVersion bool - addresses string - grpcPort int + addresses string + grpcPort int + serverWatchDisabled bool + + tlsDisabled bool + tlsCACertsPath string + tlsServerName string + tlsCertFile string + tlsKeyFile string + tlsInsecureSkipVerify bool logLevel string logJSON bool @@ -28,7 +36,15 @@ var ( namespace string partition string - token string + credentialType string + token string + loginMethod string + loginNamespace string + loginPartition string + loginDatacenter string + loginBearer string + loginBearerPath string + loginMeta map[string]string useCentralTelemetryConfig bool @@ -53,6 +69,8 @@ func init() { flag.IntVar(&grpcPort, "grpc-port", 8502, "gRPC port on Consul servers.") + flag.BoolVar(&serverWatchDisabled, "server-watch-disabled", false, "Setting this prevents consul-dataplane from consuming the server update stream. This is useful for situations where Consul servers are behind a load balancer.") + flag.StringVar(&logLevel, "log-level", "info", "Log level of the messages to print. "+ "Available log levels are \"trace\", \"debug\", \"info\", \"warn\", and \"error\".") @@ -64,7 +82,15 @@ func init() { flag.StringVar(&namespace, "service-namespace", "", "The Consul Enterprise namespace in which the proxy service instance is registered.") flag.StringVar(&partition, "service-partition", "", "The Consul Enterprise partition in which the proxy service instance is registered.") + flag.StringVar(&credentialType, "credential-type", "", "The type of credentials that will be used to authenticate with Consul servers (static or login).") flag.StringVar(&token, "static-token", "", "The ACL token used to authenticate requests to Consul servers (when -login-method is set to static).") + flag.StringVar(&loginMethod, "login-method", "", "The auth method that will be used to log in.") + flag.StringVar(&loginNamespace, "login-namespace", "", "The Consul Enterprise namespace containing the auth method.") + flag.StringVar(&loginPartition, "login-partition", "", "The Consul Enterprise partition containing the auth method.") + flag.StringVar(&loginDatacenter, "login-datacenter", "", "The datacenter containing the auth method.") + flag.StringVar(&loginBearer, "login-bearer", "", "The bearer token that will be presented to the auth method.") + flag.StringVar(&loginBearerPath, "login-bearer-path", "", "The path to a file containing the bearer token that will be presented to the auth method.") + flag.Var((*FlagMapValue)(&loginMeta), "login-meta", "An arbitrary set of key/value pairs that will be attached to the ACL token (formatted as key=value, may be given multiple times).") flag.BoolVar(&useCentralTelemetryConfig, "telemetry-use-central-config", true, "Controls whether the proxy will apply the central telemetry configuration.") @@ -75,6 +101,13 @@ func init() { flag.StringVar(&xdsBindAddr, "xds-bind-addr", "127.0.0.1", "The address on which the Envoy xDS server will be available.") flag.IntVar(&xdsBindPort, "xds-bind-port", 0, "The port on which the Envoy xDS server will be available.") + + flag.BoolVar(&tlsDisabled, "tls-disabled", false, "Communicate with Consul servers over a plaintext connection. Useful for testing, but not recommended for production.") + flag.StringVar(&tlsCACertsPath, "ca-certs", "", "The path to a file or directory containing CA certificates that will be used to verify the server's certificate.") + flag.StringVar(&tlsCertFile, "tls-cert", "", "The path to a client certificate file (only required if tls.grpc.verify_incoming is enabled on the server).") + flag.StringVar(&tlsKeyFile, "tls-key", "", "The path to a client private key file (only required if tls.grpc.verify_incoming is enabled on the server).") + flag.StringVar(&tlsServerName, "tls-server-name", "", "The hostname to expect in the server certificate's subject (required if -addresses isn't a DNS name).") + flag.BoolVar(&tlsInsecureSkipVerify, "tls-insecure-skip-verify", false, "Do not verify the server's certificate. Useful for testing, but not recommended for production.") } // validateFlags performs semantic validation of the flag values @@ -102,9 +135,28 @@ func main() { Addresses: addresses, GRPCPort: grpcPort, Credentials: &consuldp.CredentialsConfig{ - Static: &consuldp.StaticCredentialsConfig{ + Type: consuldp.CredentialsType(credentialType), + Static: consuldp.StaticCredentialsConfig{ Token: token, }, + Login: consuldp.LoginCredentialsConfig{ + Method: loginMethod, + Namespace: loginNamespace, + Partition: loginPartition, + Datacenter: loginDatacenter, + Bearer: loginBearer, + BearerPath: loginBearerPath, + Meta: loginMeta, + }, + }, + ServerWatchDisabled: serverWatchDisabled, + TLS: &consuldp.TLSConfig{ + Disabled: tlsDisabled, + CACertsPath: tlsCACertsPath, + ServerName: tlsServerName, + CertFile: tlsCertFile, + KeyFile: tlsKeyFile, + InsecureSkipVerify: tlsInsecureSkipVerify, }, }, Service: &consuldp.ServiceConfig{ diff --git a/cmd/consul-dataplane/map_flag.go b/cmd/consul-dataplane/map_flag.go new file mode 100644 index 00000000..1465808d --- /dev/null +++ b/cmd/consul-dataplane/map_flag.go @@ -0,0 +1,36 @@ +package main + +import ( + "flag" + "fmt" + "strings" +) + +var _ flag.Value = (*FlagMapValue)(nil) + +// FlagMapValue is a flag implementation used to provide key=value semantics +// multiple times. +type FlagMapValue map[string]string + +func (h *FlagMapValue) String() string { + return fmt.Sprintf("%v", *h) +} + +func (h *FlagMapValue) Set(value string) error { + idx := strings.Index(value, "=") + if idx == -1 { + return fmt.Errorf("Missing \"=\" value in argument: %s", value) + } + + key, value := value[0:idx], value[idx+1:] + + if *h == nil { + *h = make(map[string]string) + } + + headers := *h + headers[key] = value + *h = headers + + return nil +} diff --git a/cmd/consul-dataplane/map_flag_test.go b/cmd/consul-dataplane/map_flag_test.go new file mode 100644 index 00000000..76e1ca9e --- /dev/null +++ b/cmd/consul-dataplane/map_flag_test.go @@ -0,0 +1,80 @@ +package main + +import ( + "fmt" + "testing" +) + +func TestFlagMapValueSet(t *testing.T) { + t.Parallel() + + t.Run("missing =", func(t *testing.T) { + + f := new(FlagMapValue) + if err := f.Set("foo"); err == nil { + t.Fatal("expected error, got nil") + } + }) + + t.Run("sets", func(t *testing.T) { + + f := new(FlagMapValue) + if err := f.Set("foo=bar"); err != nil { + t.Fatal(err) + } + + r, ok := (*f)["foo"] + if !ok { + t.Errorf("missing value: %#v", f) + } + if exp := "bar"; r != exp { + t.Errorf("expected %q to be %q", r, exp) + } + }) + + t.Run("sets multiple", func(t *testing.T) { + + f := new(FlagMapValue) + + r := map[string]string{ + "foo": "bar", + "zip": "zap", + "cat": "dog", + } + + for k, v := range r { + if err := f.Set(fmt.Sprintf("%s=%s", k, v)); err != nil { + t.Fatal(err) + } + } + + for k, v := range r { + r, ok := (*f)[k] + if !ok { + t.Errorf("missing value %q: %#v", k, f) + } + if exp := v; r != exp { + t.Errorf("expected %q to be %q", r, exp) + } + } + }) + + t.Run("overwrites", func(t *testing.T) { + + f := new(FlagMapValue) + if err := f.Set("foo=bar"); err != nil { + t.Fatal(err) + } + if err := f.Set("foo=zip"); err != nil { + t.Fatal(err) + } + + r, ok := (*f)["foo"] + if !ok { + t.Errorf("missing value: %#v", f) + } + if exp := "zip"; r != exp { + t.Errorf("expected %q to be %q", r, exp) + } + }) +} diff --git a/go.mod b/go.mod index 5669bd8d..979534a0 100644 --- a/go.mod +++ b/go.mod @@ -4,8 +4,9 @@ go 1.19 require ( github.com/adamthesax/grpc-proxy v0.0.0-20220525203857-13e92d14f87a + github.com/hashicorp/consul/proto-public v0.1.0 github.com/hashicorp/go-hclog v1.2.2 - github.com/hashicorp/go-netaddrs v0.0.0-20220509001840-90ed9d26ec46 + github.com/hashicorp/go-rootcerts v1.0.2 github.com/mitchellh/mapstructure v1.5.0 github.com/stretchr/testify v1.8.0 google.golang.org/grpc v1.48.0 @@ -13,12 +14,17 @@ require ( ) require ( + github.com/cenkalti/backoff/v4 v4.1.3 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/fatih/color v1.13.0 // indirect github.com/golang/protobuf v1.5.2 // indirect github.com/google/go-cmp v0.5.8 // indirect + github.com/google/uuid v1.1.2 // indirect + github.com/hashicorp/consul-server-connection-manager v0.0.0-20220908112242-b9f43f15d156 // indirect + github.com/hashicorp/go-netaddrs v0.0.0-20220509001840-90ed9d26ec46 // indirect github.com/mattn/go-colorable v0.1.12 // indirect github.com/mattn/go-isatty v0.0.14 // indirect + github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/stretchr/objx v0.4.0 // indirect golang.org/x/net v0.0.0-20220909164309-bea034e7d591 // indirect diff --git a/go.sum b/go.sum index d1158143..2d0026c1 100644 --- a/go.sum +++ b/go.sum @@ -4,6 +4,8 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03 github.com/adamthesax/grpc-proxy v0.0.0-20220525203857-13e92d14f87a h1:8fjfNnk9RLn3F4R4XEljSOZARy1+h1f0KTh6xGFefjw= github.com/adamthesax/grpc-proxy v0.0.0-20220525203857-13e92d14f87a/go.mod h1:Aku9EjGILrB1V88F+yfJ8CaIVaKqDeWkW2vkCbY2WSA= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= +github.com/cenkalti/backoff/v4 v4.1.3 h1:cFAlzYUlVYDysBEH2T5hyJZMh3+5+WCBvSnK6Q8UtC4= +github.com/cenkalti/backoff/v4 v4.1.3/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= @@ -51,12 +53,22 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= +github.com/hashicorp/consul-server-connection-manager v0.0.0-20220908112242-b9f43f15d156 h1:fg/ocjUfyx6JXmYr/UL/OC5pbG1sPjWOF3jSQWvRGKc= +github.com/hashicorp/consul-server-connection-manager v0.0.0-20220908112242-b9f43f15d156/go.mod h1:C3zdIuwQZ6GsU9jpc1iWr/+5UDgE/3p7UPGqTtvHqsY= +github.com/hashicorp/consul/proto-public v0.1.0 h1:O0LSmCqydZi363hsqc6n2v5sMz3usQMXZF6ziK3SzXU= +github.com/hashicorp/consul/proto-public v0.1.0/go.mod h1:vs2KkuWwtjkIgA5ezp4YKPzQp4GitV+q/+PvksrA92k= +github.com/hashicorp/consul/sdk v0.11.0 h1:HRzj8YSCln2yGgCumN5CL8lYlD3gBurnervJRJAZyC4= +github.com/hashicorp/go-cleanhttp v0.5.1 h1:dH3aiDG9Jvb5r5+bYHsikaOUIpcM0xvgMXVoDkXMzJM= github.com/hashicorp/go-hclog v1.2.2 h1:ihRI7YFwcZdiSD7SIenIhHfQH3OuDvWerAUBZbeQS3M= github.com/hashicorp/go-hclog v1.2.2/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-netaddrs v0.0.0-20220509001840-90ed9d26ec46 h1:BysEAd6g+0HNJ0v99u7KbSObjzxC7rfVQ6yVx6HxrvU= github.com/hashicorp/go-netaddrs v0.0.0-20220509001840-90ed9d26ec46/go.mod h1:TjKbv4FhIra0YJ82mws5+4QXOhzv09eAWs4jtOBI4IU= +github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= +github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= +github.com/hashicorp/go-uuid v1.0.1 h1:fv1ep09latC32wFoVwnqcnKJGnMSdBanPczbHAYm1BE= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40= @@ -64,8 +76,11 @@ github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= +github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= +github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= diff --git a/internal/consul-proto/pbacl/acl.pb.go b/internal/consul-proto/pbacl/acl.pb.go deleted file mode 100644 index cc5f81a7..00000000 --- a/internal/consul-proto/pbacl/acl.pb.go +++ /dev/null @@ -1,508 +0,0 @@ -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.28.1 -// protoc (unknown) -// source: pbacl/acl.proto - -package pbacl - -import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -type LogoutResponse struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields -} - -func (x *LogoutResponse) Reset() { - *x = LogoutResponse{} - if protoimpl.UnsafeEnabled { - mi := &file_pbacl_acl_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *LogoutResponse) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*LogoutResponse) ProtoMessage() {} - -func (x *LogoutResponse) ProtoReflect() protoreflect.Message { - mi := &file_pbacl_acl_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use LogoutResponse.ProtoReflect.Descriptor instead. -func (*LogoutResponse) Descriptor() ([]byte, []int) { - return file_pbacl_acl_proto_rawDescGZIP(), []int{0} -} - -type LoginRequest struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // auth_method is the name of the configured auth method that will be used to - // validate the presented bearer token. - AuthMethod string `protobuf:"bytes,1,opt,name=auth_method,json=authMethod,proto3" json:"auth_method,omitempty"` - // bearer_token is a token produced by a trusted identity provider as - // configured by the auth method. - BearerToken string `protobuf:"bytes,2,opt,name=bearer_token,json=bearerToken,proto3" json:"bearer_token,omitempty"` - // meta is a collection of arbitrary key-value pairs associated to the token, - // it is useful for tracking the origin of tokens. - Meta map[string]string `protobuf:"bytes,3,rep,name=meta,proto3" json:"meta,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - // namespace (enterprise only) is the namespace in which the auth method - // resides. - Namespace string `protobuf:"bytes,4,opt,name=namespace,proto3" json:"namespace,omitempty"` - // partition (enterprise only) is the partition in which the auth method - // resides. - Partition string `protobuf:"bytes,5,opt,name=partition,proto3" json:"partition,omitempty"` - // datacenter is the target datacenter in which the request will be processed. - Datacenter string `protobuf:"bytes,6,opt,name=datacenter,proto3" json:"datacenter,omitempty"` -} - -func (x *LoginRequest) Reset() { - *x = LoginRequest{} - if protoimpl.UnsafeEnabled { - mi := &file_pbacl_acl_proto_msgTypes[1] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *LoginRequest) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*LoginRequest) ProtoMessage() {} - -func (x *LoginRequest) ProtoReflect() protoreflect.Message { - mi := &file_pbacl_acl_proto_msgTypes[1] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use LoginRequest.ProtoReflect.Descriptor instead. -func (*LoginRequest) Descriptor() ([]byte, []int) { - return file_pbacl_acl_proto_rawDescGZIP(), []int{1} -} - -func (x *LoginRequest) GetAuthMethod() string { - if x != nil { - return x.AuthMethod - } - return "" -} - -func (x *LoginRequest) GetBearerToken() string { - if x != nil { - return x.BearerToken - } - return "" -} - -func (x *LoginRequest) GetMeta() map[string]string { - if x != nil { - return x.Meta - } - return nil -} - -func (x *LoginRequest) GetNamespace() string { - if x != nil { - return x.Namespace - } - return "" -} - -func (x *LoginRequest) GetPartition() string { - if x != nil { - return x.Partition - } - return "" -} - -func (x *LoginRequest) GetDatacenter() string { - if x != nil { - return x.Datacenter - } - return "" -} - -type LoginResponse struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // token is the generated ACL token. - Token *LoginToken `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"` -} - -func (x *LoginResponse) Reset() { - *x = LoginResponse{} - if protoimpl.UnsafeEnabled { - mi := &file_pbacl_acl_proto_msgTypes[2] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *LoginResponse) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*LoginResponse) ProtoMessage() {} - -func (x *LoginResponse) ProtoReflect() protoreflect.Message { - mi := &file_pbacl_acl_proto_msgTypes[2] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use LoginResponse.ProtoReflect.Descriptor instead. -func (*LoginResponse) Descriptor() ([]byte, []int) { - return file_pbacl_acl_proto_rawDescGZIP(), []int{2} -} - -func (x *LoginResponse) GetToken() *LoginToken { - if x != nil { - return x.Token - } - return nil -} - -type LoginToken struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // accessor_id is a UUID used to identify the ACL token. - AccessorId string `protobuf:"bytes,1,opt,name=accessor_id,json=accessorId,proto3" json:"accessor_id,omitempty"` - // secret_id is a UUID presented as a credential by clients. - SecretId string `protobuf:"bytes,2,opt,name=secret_id,json=secretId,proto3" json:"secret_id,omitempty"` -} - -func (x *LoginToken) Reset() { - *x = LoginToken{} - if protoimpl.UnsafeEnabled { - mi := &file_pbacl_acl_proto_msgTypes[3] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *LoginToken) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*LoginToken) ProtoMessage() {} - -func (x *LoginToken) ProtoReflect() protoreflect.Message { - mi := &file_pbacl_acl_proto_msgTypes[3] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use LoginToken.ProtoReflect.Descriptor instead. -func (*LoginToken) Descriptor() ([]byte, []int) { - return file_pbacl_acl_proto_rawDescGZIP(), []int{3} -} - -func (x *LoginToken) GetAccessorId() string { - if x != nil { - return x.AccessorId - } - return "" -} - -func (x *LoginToken) GetSecretId() string { - if x != nil { - return x.SecretId - } - return "" -} - -type LogoutRequest struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // token is the ACL token's secret ID. - Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"` - // datacenter is the target datacenter in which the request will be processed. - Datacenter string `protobuf:"bytes,2,opt,name=datacenter,proto3" json:"datacenter,omitempty"` -} - -func (x *LogoutRequest) Reset() { - *x = LogoutRequest{} - if protoimpl.UnsafeEnabled { - mi := &file_pbacl_acl_proto_msgTypes[4] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *LogoutRequest) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*LogoutRequest) ProtoMessage() {} - -func (x *LogoutRequest) ProtoReflect() protoreflect.Message { - mi := &file_pbacl_acl_proto_msgTypes[4] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use LogoutRequest.ProtoReflect.Descriptor instead. -func (*LogoutRequest) Descriptor() ([]byte, []int) { - return file_pbacl_acl_proto_rawDescGZIP(), []int{4} -} - -func (x *LogoutRequest) GetToken() string { - if x != nil { - return x.Token - } - return "" -} - -func (x *LogoutRequest) GetDatacenter() string { - if x != nil { - return x.Datacenter - } - return "" -} - -var File_pbacl_acl_proto protoreflect.FileDescriptor - -var file_pbacl_acl_proto_rawDesc = []byte{ - 0x0a, 0x0f, 0x70, 0x62, 0x61, 0x63, 0x6c, 0x2f, 0x61, 0x63, 0x6c, 0x2e, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x12, 0x14, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, - 0x73, 0x75, 0x6c, 0x2e, 0x61, 0x63, 0x6c, 0x22, 0x10, 0x0a, 0x0e, 0x4c, 0x6f, 0x67, 0x6f, 0x75, - 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xa9, 0x02, 0x0a, 0x0c, 0x4c, 0x6f, - 0x67, 0x69, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x61, 0x75, - 0x74, 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0a, 0x61, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x21, 0x0a, 0x0c, 0x62, - 0x65, 0x61, 0x72, 0x65, 0x72, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x0b, 0x62, 0x65, 0x61, 0x72, 0x65, 0x72, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x40, - 0x0a, 0x04, 0x6d, 0x65, 0x74, 0x61, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2c, 0x2e, 0x68, - 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, - 0x61, 0x63, 0x6c, 0x2e, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, - 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x04, 0x6d, 0x65, 0x74, 0x61, - 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x04, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x1c, - 0x0a, 0x09, 0x70, 0x61, 0x72, 0x74, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x09, 0x70, 0x61, 0x72, 0x74, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1e, 0x0a, 0x0a, - 0x64, 0x61, 0x74, 0x61, 0x63, 0x65, 0x6e, 0x74, 0x65, 0x72, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x0a, 0x64, 0x61, 0x74, 0x61, 0x63, 0x65, 0x6e, 0x74, 0x65, 0x72, 0x1a, 0x37, 0x0a, 0x09, - 0x4d, 0x65, 0x74, 0x61, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, - 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, - 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, - 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x47, 0x0a, 0x0d, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, - 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x36, 0x0a, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, - 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x61, 0x63, 0x6c, 0x2e, 0x4c, 0x6f, 0x67, - 0x69, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x4a, - 0x0a, 0x0a, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x1f, 0x0a, 0x0b, - 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6f, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x0a, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6f, 0x72, 0x49, 0x64, 0x12, 0x1b, 0x0a, - 0x09, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x08, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x49, 0x64, 0x22, 0x45, 0x0a, 0x0d, 0x4c, 0x6f, - 0x67, 0x6f, 0x75, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x74, - 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, - 0x6e, 0x12, 0x1e, 0x0a, 0x0a, 0x64, 0x61, 0x74, 0x61, 0x63, 0x65, 0x6e, 0x74, 0x65, 0x72, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x64, 0x61, 0x74, 0x61, 0x63, 0x65, 0x6e, 0x74, 0x65, - 0x72, 0x32, 0xb7, 0x01, 0x0a, 0x0a, 0x41, 0x43, 0x4c, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, - 0x12, 0x52, 0x0a, 0x05, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x12, 0x22, 0x2e, 0x68, 0x61, 0x73, 0x68, - 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x61, 0x63, 0x6c, - 0x2e, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x23, 0x2e, - 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, - 0x2e, 0x61, 0x63, 0x6c, 0x2e, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, - 0x73, 0x65, 0x22, 0x00, 0x12, 0x55, 0x0a, 0x06, 0x4c, 0x6f, 0x67, 0x6f, 0x75, 0x74, 0x12, 0x23, - 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, - 0x6c, 0x2e, 0x61, 0x63, 0x6c, 0x2e, 0x4c, 0x6f, 0x67, 0x6f, 0x75, 0x74, 0x52, 0x65, 0x71, 0x75, - 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, - 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x61, 0x63, 0x6c, 0x2e, 0x4c, 0x6f, 0x67, 0x6f, 0x75, - 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, 0xd9, 0x01, 0x0a, 0x18, - 0x63, 0x6f, 0x6d, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, - 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x61, 0x63, 0x6c, 0x42, 0x08, 0x41, 0x63, 0x6c, 0x50, 0x72, 0x6f, - 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x41, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, - 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x63, 0x6f, 0x6e, 0x73, 0x75, - 0x6c, 0x2d, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2f, 0x69, 0x6e, 0x74, 0x65, - 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2d, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x2f, 0x70, 0x62, 0x61, 0x63, 0x6c, 0xa2, 0x02, 0x03, 0x48, 0x43, 0x41, 0xaa, 0x02, 0x14, - 0x48, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, - 0x2e, 0x41, 0x63, 0x6c, 0xca, 0x02, 0x14, 0x48, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, - 0x5c, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x5c, 0x41, 0x63, 0x6c, 0xe2, 0x02, 0x20, 0x48, 0x61, - 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x5c, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x5c, 0x41, - 0x63, 0x6c, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, - 0x16, 0x48, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x3a, 0x3a, 0x43, 0x6f, 0x6e, 0x73, - 0x75, 0x6c, 0x3a, 0x3a, 0x41, 0x63, 0x6c, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_pbacl_acl_proto_rawDescOnce sync.Once - file_pbacl_acl_proto_rawDescData = file_pbacl_acl_proto_rawDesc -) - -func file_pbacl_acl_proto_rawDescGZIP() []byte { - file_pbacl_acl_proto_rawDescOnce.Do(func() { - file_pbacl_acl_proto_rawDescData = protoimpl.X.CompressGZIP(file_pbacl_acl_proto_rawDescData) - }) - return file_pbacl_acl_proto_rawDescData -} - -var file_pbacl_acl_proto_msgTypes = make([]protoimpl.MessageInfo, 6) -var file_pbacl_acl_proto_goTypes = []interface{}{ - (*LogoutResponse)(nil), // 0: hashicorp.consul.acl.LogoutResponse - (*LoginRequest)(nil), // 1: hashicorp.consul.acl.LoginRequest - (*LoginResponse)(nil), // 2: hashicorp.consul.acl.LoginResponse - (*LoginToken)(nil), // 3: hashicorp.consul.acl.LoginToken - (*LogoutRequest)(nil), // 4: hashicorp.consul.acl.LogoutRequest - nil, // 5: hashicorp.consul.acl.LoginRequest.MetaEntry -} -var file_pbacl_acl_proto_depIdxs = []int32{ - 5, // 0: hashicorp.consul.acl.LoginRequest.meta:type_name -> hashicorp.consul.acl.LoginRequest.MetaEntry - 3, // 1: hashicorp.consul.acl.LoginResponse.token:type_name -> hashicorp.consul.acl.LoginToken - 1, // 2: hashicorp.consul.acl.ACLService.Login:input_type -> hashicorp.consul.acl.LoginRequest - 4, // 3: hashicorp.consul.acl.ACLService.Logout:input_type -> hashicorp.consul.acl.LogoutRequest - 2, // 4: hashicorp.consul.acl.ACLService.Login:output_type -> hashicorp.consul.acl.LoginResponse - 0, // 5: hashicorp.consul.acl.ACLService.Logout:output_type -> hashicorp.consul.acl.LogoutResponse - 4, // [4:6] is the sub-list for method output_type - 2, // [2:4] is the sub-list for method input_type - 2, // [2:2] is the sub-list for extension type_name - 2, // [2:2] is the sub-list for extension extendee - 0, // [0:2] is the sub-list for field type_name -} - -func init() { file_pbacl_acl_proto_init() } -func file_pbacl_acl_proto_init() { - if File_pbacl_acl_proto != nil { - return - } - if !protoimpl.UnsafeEnabled { - file_pbacl_acl_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*LogoutResponse); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbacl_acl_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*LoginRequest); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbacl_acl_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*LoginResponse); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbacl_acl_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*LoginToken); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbacl_acl_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*LogoutRequest); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_pbacl_acl_proto_rawDesc, - NumEnums: 0, - NumMessages: 6, - NumExtensions: 0, - NumServices: 1, - }, - GoTypes: file_pbacl_acl_proto_goTypes, - DependencyIndexes: file_pbacl_acl_proto_depIdxs, - MessageInfos: file_pbacl_acl_proto_msgTypes, - }.Build() - File_pbacl_acl_proto = out.File - file_pbacl_acl_proto_rawDesc = nil - file_pbacl_acl_proto_goTypes = nil - file_pbacl_acl_proto_depIdxs = nil -} diff --git a/internal/consul-proto/pbacl/acl_grpc.pb.go b/internal/consul-proto/pbacl/acl_grpc.pb.go deleted file mode 100644 index 76807a17..00000000 --- a/internal/consul-proto/pbacl/acl_grpc.pb.go +++ /dev/null @@ -1,147 +0,0 @@ -// Code generated by protoc-gen-go-grpc. DO NOT EDIT. -// versions: -// - protoc-gen-go-grpc v1.2.0 -// - protoc (unknown) -// source: pbacl/acl.proto - -package pbacl - -import ( - context "context" - grpc "google.golang.org/grpc" - codes "google.golang.org/grpc/codes" - status "google.golang.org/grpc/status" -) - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the grpc package it is being compiled against. -// Requires gRPC-Go v1.32.0 or later. -const _ = grpc.SupportPackageIsVersion7 - -// ACLServiceClient is the client API for ACLService service. -// -// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. -type ACLServiceClient interface { - // Login exchanges the presented bearer token for a Consul ACL token using a - // configured auth method. - Login(ctx context.Context, in *LoginRequest, opts ...grpc.CallOption) (*LoginResponse, error) - // Logout destroys the given ACL token once the caller is done with it. - Logout(ctx context.Context, in *LogoutRequest, opts ...grpc.CallOption) (*LogoutResponse, error) -} - -type aCLServiceClient struct { - cc grpc.ClientConnInterface -} - -func NewACLServiceClient(cc grpc.ClientConnInterface) ACLServiceClient { - return &aCLServiceClient{cc} -} - -func (c *aCLServiceClient) Login(ctx context.Context, in *LoginRequest, opts ...grpc.CallOption) (*LoginResponse, error) { - out := new(LoginResponse) - err := c.cc.Invoke(ctx, "/hashicorp.consul.acl.ACLService/Login", in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - -func (c *aCLServiceClient) Logout(ctx context.Context, in *LogoutRequest, opts ...grpc.CallOption) (*LogoutResponse, error) { - out := new(LogoutResponse) - err := c.cc.Invoke(ctx, "/hashicorp.consul.acl.ACLService/Logout", in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - -// ACLServiceServer is the server API for ACLService service. -// All implementations must embed UnimplementedACLServiceServer -// for forward compatibility -type ACLServiceServer interface { - // Login exchanges the presented bearer token for a Consul ACL token using a - // configured auth method. - Login(context.Context, *LoginRequest) (*LoginResponse, error) - // Logout destroys the given ACL token once the caller is done with it. - Logout(context.Context, *LogoutRequest) (*LogoutResponse, error) - mustEmbedUnimplementedACLServiceServer() -} - -// UnimplementedACLServiceServer must be embedded to have forward compatible implementations. -type UnimplementedACLServiceServer struct { -} - -func (UnimplementedACLServiceServer) Login(context.Context, *LoginRequest) (*LoginResponse, error) { - return nil, status.Errorf(codes.Unimplemented, "method Login not implemented") -} -func (UnimplementedACLServiceServer) Logout(context.Context, *LogoutRequest) (*LogoutResponse, error) { - return nil, status.Errorf(codes.Unimplemented, "method Logout not implemented") -} -func (UnimplementedACLServiceServer) mustEmbedUnimplementedACLServiceServer() {} - -// UnsafeACLServiceServer may be embedded to opt out of forward compatibility for this service. -// Use of this interface is not recommended, as added methods to ACLServiceServer will -// result in compilation errors. -type UnsafeACLServiceServer interface { - mustEmbedUnimplementedACLServiceServer() -} - -func RegisterACLServiceServer(s grpc.ServiceRegistrar, srv ACLServiceServer) { - s.RegisterService(&ACLService_ServiceDesc, srv) -} - -func _ACLService_Login_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(LoginRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(ACLServiceServer).Login(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: "/hashicorp.consul.acl.ACLService/Login", - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(ACLServiceServer).Login(ctx, req.(*LoginRequest)) - } - return interceptor(ctx, in, info, handler) -} - -func _ACLService_Logout_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(LogoutRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(ACLServiceServer).Logout(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: "/hashicorp.consul.acl.ACLService/Logout", - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(ACLServiceServer).Logout(ctx, req.(*LogoutRequest)) - } - return interceptor(ctx, in, info, handler) -} - -// ACLService_ServiceDesc is the grpc.ServiceDesc for ACLService service. -// It's only intended for direct use with grpc.RegisterService, -// and not to be introspected or modified (even as a copy) -var ACLService_ServiceDesc = grpc.ServiceDesc{ - ServiceName: "hashicorp.consul.acl.ACLService", - HandlerType: (*ACLServiceServer)(nil), - Methods: []grpc.MethodDesc{ - { - MethodName: "Login", - Handler: _ACLService_Login_Handler, - }, - { - MethodName: "Logout", - Handler: _ACLService_Logout_Handler, - }, - }, - Streams: []grpc.StreamDesc{}, - Metadata: "pbacl/acl.proto", -} diff --git a/internal/consul-proto/pbconnectca/ca.pb.go b/internal/consul-proto/pbconnectca/ca.pb.go deleted file mode 100644 index ca8dcf18..00000000 --- a/internal/consul-proto/pbconnectca/ca.pb.go +++ /dev/null @@ -1,554 +0,0 @@ -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.28.1 -// protoc (unknown) -// source: pbconnectca/ca.proto - -package pbconnectca - -import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - timestamppb "google.golang.org/protobuf/types/known/timestamppb" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -type WatchRootsRequest struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields -} - -func (x *WatchRootsRequest) Reset() { - *x = WatchRootsRequest{} - if protoimpl.UnsafeEnabled { - mi := &file_pbconnectca_ca_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *WatchRootsRequest) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*WatchRootsRequest) ProtoMessage() {} - -func (x *WatchRootsRequest) ProtoReflect() protoreflect.Message { - mi := &file_pbconnectca_ca_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use WatchRootsRequest.ProtoReflect.Descriptor instead. -func (*WatchRootsRequest) Descriptor() ([]byte, []int) { - return file_pbconnectca_ca_proto_rawDescGZIP(), []int{0} -} - -type WatchRootsResponse struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // active_root_id is the ID of a root in Roots that is the active CA root. - // Other roots are still valid if they're in the Roots list but are in the - // process of being rotated out. - ActiveRootId string `protobuf:"bytes,1,opt,name=active_root_id,json=activeRootId,proto3" json:"active_root_id,omitempty"` - // trust_domain is the identification root for this Consul cluster. All - // certificates signed by the cluster's CA must have their identifying URI - // in this domain. - // - // This does not include the protocol (currently spiffe://) since we may - // implement other protocols in future with equivalent semantics. It should - // be compared against the "authority" section of a URI (i.e. host:port). - TrustDomain string `protobuf:"bytes,2,opt,name=trust_domain,json=trustDomain,proto3" json:"trust_domain,omitempty"` - // roots is a list of root CA certs to trust. - Roots []*CARoot `protobuf:"bytes,3,rep,name=roots,proto3" json:"roots,omitempty"` -} - -func (x *WatchRootsResponse) Reset() { - *x = WatchRootsResponse{} - if protoimpl.UnsafeEnabled { - mi := &file_pbconnectca_ca_proto_msgTypes[1] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *WatchRootsResponse) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*WatchRootsResponse) ProtoMessage() {} - -func (x *WatchRootsResponse) ProtoReflect() protoreflect.Message { - mi := &file_pbconnectca_ca_proto_msgTypes[1] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use WatchRootsResponse.ProtoReflect.Descriptor instead. -func (*WatchRootsResponse) Descriptor() ([]byte, []int) { - return file_pbconnectca_ca_proto_rawDescGZIP(), []int{1} -} - -func (x *WatchRootsResponse) GetActiveRootId() string { - if x != nil { - return x.ActiveRootId - } - return "" -} - -func (x *WatchRootsResponse) GetTrustDomain() string { - if x != nil { - return x.TrustDomain - } - return "" -} - -func (x *WatchRootsResponse) GetRoots() []*CARoot { - if x != nil { - return x.Roots - } - return nil -} - -type CARoot struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // id is a globally unique ID (UUID) representing this CA root. - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - // name is a human-friendly name for this CA root. This value is opaque to - // Consul and is not used for anything internally. - Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` - // serial_number is the x509 serial number of the certificate. - SerialNumber uint64 `protobuf:"varint,3,opt,name=serial_number,json=serialNumber,proto3" json:"serial_number,omitempty"` - // signing_key_id is the connect.HexString encoded id of the public key that - // corresponds to the private key used to sign leaf certificates in the - // local datacenter. - // - // The value comes from x509.Certificate.SubjectKeyId of the local leaf - // signing cert. - // - // See https://www.rfc-editor.org/rfc/rfc3280#section-4.2.1.1 for more detail. - SigningKeyId string `protobuf:"bytes,4,opt,name=signing_key_id,json=signingKeyId,proto3" json:"signing_key_id,omitempty"` - // root_cert is the PEM-encoded public certificate. - RootCert string `protobuf:"bytes,5,opt,name=root_cert,json=rootCert,proto3" json:"root_cert,omitempty"` - // intermediate_certs is a list of PEM-encoded intermediate certs to - // attach to any leaf certs signed by this CA. - IntermediateCerts []string `protobuf:"bytes,6,rep,name=intermediate_certs,json=intermediateCerts,proto3" json:"intermediate_certs,omitempty"` - // active is true if this is the current active CA. This must only - // be true for exactly one CA. - Active bool `protobuf:"varint,7,opt,name=active,proto3" json:"active,omitempty"` - // rotated_out_at is the time at which this CA was removed from the state. - // This will only be set on roots that have been rotated out from being the - // active root. - RotatedOutAt *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=rotated_out_at,json=rotatedOutAt,proto3" json:"rotated_out_at,omitempty"` -} - -func (x *CARoot) Reset() { - *x = CARoot{} - if protoimpl.UnsafeEnabled { - mi := &file_pbconnectca_ca_proto_msgTypes[2] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *CARoot) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*CARoot) ProtoMessage() {} - -func (x *CARoot) ProtoReflect() protoreflect.Message { - mi := &file_pbconnectca_ca_proto_msgTypes[2] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use CARoot.ProtoReflect.Descriptor instead. -func (*CARoot) Descriptor() ([]byte, []int) { - return file_pbconnectca_ca_proto_rawDescGZIP(), []int{2} -} - -func (x *CARoot) GetId() string { - if x != nil { - return x.Id - } - return "" -} - -func (x *CARoot) GetName() string { - if x != nil { - return x.Name - } - return "" -} - -func (x *CARoot) GetSerialNumber() uint64 { - if x != nil { - return x.SerialNumber - } - return 0 -} - -func (x *CARoot) GetSigningKeyId() string { - if x != nil { - return x.SigningKeyId - } - return "" -} - -func (x *CARoot) GetRootCert() string { - if x != nil { - return x.RootCert - } - return "" -} - -func (x *CARoot) GetIntermediateCerts() []string { - if x != nil { - return x.IntermediateCerts - } - return nil -} - -func (x *CARoot) GetActive() bool { - if x != nil { - return x.Active - } - return false -} - -func (x *CARoot) GetRotatedOutAt() *timestamppb.Timestamp { - if x != nil { - return x.RotatedOutAt - } - return nil -} - -type SignRequest struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // csr is the PEM-encoded Certificate Signing Request (CSR). - // - // The CSR's SAN must include a SPIFFE ID that identifies a service or agent - // to which the ACL token provided in the `x-consul-token` metadata has write - // access. - Csr string `protobuf:"bytes,1,opt,name=csr,proto3" json:"csr,omitempty"` -} - -func (x *SignRequest) Reset() { - *x = SignRequest{} - if protoimpl.UnsafeEnabled { - mi := &file_pbconnectca_ca_proto_msgTypes[3] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *SignRequest) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*SignRequest) ProtoMessage() {} - -func (x *SignRequest) ProtoReflect() protoreflect.Message { - mi := &file_pbconnectca_ca_proto_msgTypes[3] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use SignRequest.ProtoReflect.Descriptor instead. -func (*SignRequest) Descriptor() ([]byte, []int) { - return file_pbconnectca_ca_proto_rawDescGZIP(), []int{3} -} - -func (x *SignRequest) GetCsr() string { - if x != nil { - return x.Csr - } - return "" -} - -type SignResponse struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // cert_pem is the PEM-encoded leaf certificate. - CertPem string `protobuf:"bytes,2,opt,name=cert_pem,json=certPem,proto3" json:"cert_pem,omitempty"` -} - -func (x *SignResponse) Reset() { - *x = SignResponse{} - if protoimpl.UnsafeEnabled { - mi := &file_pbconnectca_ca_proto_msgTypes[4] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *SignResponse) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*SignResponse) ProtoMessage() {} - -func (x *SignResponse) ProtoReflect() protoreflect.Message { - mi := &file_pbconnectca_ca_proto_msgTypes[4] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use SignResponse.ProtoReflect.Descriptor instead. -func (*SignResponse) Descriptor() ([]byte, []int) { - return file_pbconnectca_ca_proto_rawDescGZIP(), []int{4} -} - -func (x *SignResponse) GetCertPem() string { - if x != nil { - return x.CertPem - } - return "" -} - -var File_pbconnectca_ca_proto protoreflect.FileDescriptor - -var file_pbconnectca_ca_proto_rawDesc = []byte{ - 0x0a, 0x14, 0x70, 0x62, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x63, 0x61, 0x2f, 0x63, 0x61, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1a, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, - 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, - 0x63, 0x61, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, - 0x6f, 0x74, 0x6f, 0x22, 0x13, 0x0a, 0x11, 0x57, 0x61, 0x74, 0x63, 0x68, 0x52, 0x6f, 0x6f, 0x74, - 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x97, 0x01, 0x0a, 0x12, 0x57, 0x61, 0x74, - 0x63, 0x68, 0x52, 0x6f, 0x6f, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, - 0x24, 0x0a, 0x0e, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x72, 0x6f, 0x6f, 0x74, 0x5f, 0x69, - 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, 0x52, - 0x6f, 0x6f, 0x74, 0x49, 0x64, 0x12, 0x21, 0x0a, 0x0c, 0x74, 0x72, 0x75, 0x73, 0x74, 0x5f, 0x64, - 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x74, 0x72, 0x75, - 0x73, 0x74, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x12, 0x38, 0x0a, 0x05, 0x72, 0x6f, 0x6f, 0x74, - 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, - 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, - 0x63, 0x74, 0x63, 0x61, 0x2e, 0x43, 0x41, 0x52, 0x6f, 0x6f, 0x74, 0x52, 0x05, 0x72, 0x6f, 0x6f, - 0x74, 0x73, 0x22, 0x9d, 0x02, 0x0a, 0x06, 0x43, 0x41, 0x52, 0x6f, 0x6f, 0x74, 0x12, 0x0e, 0x0a, - 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, - 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, - 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x5f, 0x6e, 0x75, 0x6d, 0x62, - 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0c, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, - 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x24, 0x0a, 0x0e, 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, - 0x67, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x69, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, - 0x73, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x4b, 0x65, 0x79, 0x49, 0x64, 0x12, 0x1b, 0x0a, 0x09, - 0x72, 0x6f, 0x6f, 0x74, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x08, 0x72, 0x6f, 0x6f, 0x74, 0x43, 0x65, 0x72, 0x74, 0x12, 0x2d, 0x0a, 0x12, 0x69, 0x6e, 0x74, - 0x65, 0x72, 0x6d, 0x65, 0x64, 0x69, 0x61, 0x74, 0x65, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x73, 0x18, - 0x06, 0x20, 0x03, 0x28, 0x09, 0x52, 0x11, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6d, 0x65, 0x64, 0x69, - 0x61, 0x74, 0x65, 0x43, 0x65, 0x72, 0x74, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, - 0x76, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x76, 0x65, - 0x12, 0x40, 0x0a, 0x0e, 0x72, 0x6f, 0x74, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x75, 0x74, 0x5f, - 0x61, 0x74, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, - 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, - 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0c, 0x72, 0x6f, 0x74, 0x61, 0x74, 0x65, 0x64, 0x4f, 0x75, 0x74, - 0x41, 0x74, 0x22, 0x1f, 0x0a, 0x0b, 0x53, 0x69, 0x67, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x12, 0x10, 0x0a, 0x03, 0x63, 0x73, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, - 0x63, 0x73, 0x72, 0x22, 0x29, 0x0a, 0x0c, 0x53, 0x69, 0x67, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, - 0x6e, 0x73, 0x65, 0x12, 0x19, 0x0a, 0x08, 0x63, 0x65, 0x72, 0x74, 0x5f, 0x70, 0x65, 0x6d, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x63, 0x65, 0x72, 0x74, 0x50, 0x65, 0x6d, 0x32, 0xe0, - 0x01, 0x0a, 0x10, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x43, 0x41, 0x53, 0x65, 0x72, 0x76, - 0x69, 0x63, 0x65, 0x12, 0x6f, 0x0a, 0x0a, 0x57, 0x61, 0x74, 0x63, 0x68, 0x52, 0x6f, 0x6f, 0x74, - 0x73, 0x12, 0x2d, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, - 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x63, 0x61, 0x2e, 0x57, - 0x61, 0x74, 0x63, 0x68, 0x52, 0x6f, 0x6f, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, - 0x1a, 0x2e, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, - 0x73, 0x75, 0x6c, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x63, 0x61, 0x2e, 0x57, 0x61, - 0x74, 0x63, 0x68, 0x52, 0x6f, 0x6f, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, - 0x22, 0x00, 0x30, 0x01, 0x12, 0x5b, 0x0a, 0x04, 0x53, 0x69, 0x67, 0x6e, 0x12, 0x27, 0x2e, 0x68, - 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, - 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x63, 0x61, 0x2e, 0x53, 0x69, 0x67, 0x6e, 0x52, 0x65, - 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x28, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, - 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, - 0x63, 0x61, 0x2e, 0x53, 0x69, 0x67, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, - 0x00, 0x42, 0xfc, 0x01, 0x0a, 0x1e, 0x63, 0x6f, 0x6d, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, - 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, - 0x63, 0x74, 0x63, 0x61, 0x42, 0x07, 0x43, 0x61, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, - 0x47, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, - 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2d, 0x64, 0x61, 0x74, - 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f, - 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2d, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x70, 0x62, 0x63, - 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x63, 0x61, 0xa2, 0x02, 0x03, 0x48, 0x43, 0x43, 0xaa, 0x02, - 0x1a, 0x48, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x43, 0x6f, 0x6e, 0x73, 0x75, - 0x6c, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x63, 0x61, 0xca, 0x02, 0x1a, 0x48, 0x61, - 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x5c, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x5c, 0x43, - 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x63, 0x61, 0xe2, 0x02, 0x26, 0x48, 0x61, 0x73, 0x68, 0x69, - 0x63, 0x6f, 0x72, 0x70, 0x5c, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x5c, 0x43, 0x6f, 0x6e, 0x6e, - 0x65, 0x63, 0x74, 0x63, 0x61, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, - 0x61, 0xea, 0x02, 0x1c, 0x48, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x3a, 0x3a, 0x43, - 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x3a, 0x3a, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x63, 0x61, - 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_pbconnectca_ca_proto_rawDescOnce sync.Once - file_pbconnectca_ca_proto_rawDescData = file_pbconnectca_ca_proto_rawDesc -) - -func file_pbconnectca_ca_proto_rawDescGZIP() []byte { - file_pbconnectca_ca_proto_rawDescOnce.Do(func() { - file_pbconnectca_ca_proto_rawDescData = protoimpl.X.CompressGZIP(file_pbconnectca_ca_proto_rawDescData) - }) - return file_pbconnectca_ca_proto_rawDescData -} - -var file_pbconnectca_ca_proto_msgTypes = make([]protoimpl.MessageInfo, 5) -var file_pbconnectca_ca_proto_goTypes = []interface{}{ - (*WatchRootsRequest)(nil), // 0: hashicorp.consul.connectca.WatchRootsRequest - (*WatchRootsResponse)(nil), // 1: hashicorp.consul.connectca.WatchRootsResponse - (*CARoot)(nil), // 2: hashicorp.consul.connectca.CARoot - (*SignRequest)(nil), // 3: hashicorp.consul.connectca.SignRequest - (*SignResponse)(nil), // 4: hashicorp.consul.connectca.SignResponse - (*timestamppb.Timestamp)(nil), // 5: google.protobuf.Timestamp -} -var file_pbconnectca_ca_proto_depIdxs = []int32{ - 2, // 0: hashicorp.consul.connectca.WatchRootsResponse.roots:type_name -> hashicorp.consul.connectca.CARoot - 5, // 1: hashicorp.consul.connectca.CARoot.rotated_out_at:type_name -> google.protobuf.Timestamp - 0, // 2: hashicorp.consul.connectca.ConnectCAService.WatchRoots:input_type -> hashicorp.consul.connectca.WatchRootsRequest - 3, // 3: hashicorp.consul.connectca.ConnectCAService.Sign:input_type -> hashicorp.consul.connectca.SignRequest - 1, // 4: hashicorp.consul.connectca.ConnectCAService.WatchRoots:output_type -> hashicorp.consul.connectca.WatchRootsResponse - 4, // 5: hashicorp.consul.connectca.ConnectCAService.Sign:output_type -> hashicorp.consul.connectca.SignResponse - 4, // [4:6] is the sub-list for method output_type - 2, // [2:4] is the sub-list for method input_type - 2, // [2:2] is the sub-list for extension type_name - 2, // [2:2] is the sub-list for extension extendee - 0, // [0:2] is the sub-list for field type_name -} - -func init() { file_pbconnectca_ca_proto_init() } -func file_pbconnectca_ca_proto_init() { - if File_pbconnectca_ca_proto != nil { - return - } - if !protoimpl.UnsafeEnabled { - file_pbconnectca_ca_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*WatchRootsRequest); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbconnectca_ca_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*WatchRootsResponse); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbconnectca_ca_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*CARoot); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbconnectca_ca_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*SignRequest); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbconnectca_ca_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*SignResponse); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_pbconnectca_ca_proto_rawDesc, - NumEnums: 0, - NumMessages: 5, - NumExtensions: 0, - NumServices: 1, - }, - GoTypes: file_pbconnectca_ca_proto_goTypes, - DependencyIndexes: file_pbconnectca_ca_proto_depIdxs, - MessageInfos: file_pbconnectca_ca_proto_msgTypes, - }.Build() - File_pbconnectca_ca_proto = out.File - file_pbconnectca_ca_proto_rawDesc = nil - file_pbconnectca_ca_proto_goTypes = nil - file_pbconnectca_ca_proto_depIdxs = nil -} diff --git a/internal/consul-proto/pbconnectca/ca_grpc.pb.go b/internal/consul-proto/pbconnectca/ca_grpc.pb.go deleted file mode 100644 index 5358bf42..00000000 --- a/internal/consul-proto/pbconnectca/ca_grpc.pb.go +++ /dev/null @@ -1,179 +0,0 @@ -// Code generated by protoc-gen-go-grpc. DO NOT EDIT. -// versions: -// - protoc-gen-go-grpc v1.2.0 -// - protoc (unknown) -// source: pbconnectca/ca.proto - -package pbconnectca - -import ( - context "context" - grpc "google.golang.org/grpc" - codes "google.golang.org/grpc/codes" - status "google.golang.org/grpc/status" -) - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the grpc package it is being compiled against. -// Requires gRPC-Go v1.32.0 or later. -const _ = grpc.SupportPackageIsVersion7 - -// ConnectCAServiceClient is the client API for ConnectCAService service. -// -// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. -type ConnectCAServiceClient interface { - // WatchRoots provides a stream on which you can receive the list of active - // Connect CA roots. Current roots are sent immediately at the start of the - // stream, and new lists will be sent whenever the roots are rotated. - WatchRoots(ctx context.Context, in *WatchRootsRequest, opts ...grpc.CallOption) (ConnectCAService_WatchRootsClient, error) - // Sign a leaf certificate for the service or agent identified by the SPIFFE - // ID in the given CSR's SAN. - Sign(ctx context.Context, in *SignRequest, opts ...grpc.CallOption) (*SignResponse, error) -} - -type connectCAServiceClient struct { - cc grpc.ClientConnInterface -} - -func NewConnectCAServiceClient(cc grpc.ClientConnInterface) ConnectCAServiceClient { - return &connectCAServiceClient{cc} -} - -func (c *connectCAServiceClient) WatchRoots(ctx context.Context, in *WatchRootsRequest, opts ...grpc.CallOption) (ConnectCAService_WatchRootsClient, error) { - stream, err := c.cc.NewStream(ctx, &ConnectCAService_ServiceDesc.Streams[0], "/hashicorp.consul.connectca.ConnectCAService/WatchRoots", opts...) - if err != nil { - return nil, err - } - x := &connectCAServiceWatchRootsClient{stream} - if err := x.ClientStream.SendMsg(in); err != nil { - return nil, err - } - if err := x.ClientStream.CloseSend(); err != nil { - return nil, err - } - return x, nil -} - -type ConnectCAService_WatchRootsClient interface { - Recv() (*WatchRootsResponse, error) - grpc.ClientStream -} - -type connectCAServiceWatchRootsClient struct { - grpc.ClientStream -} - -func (x *connectCAServiceWatchRootsClient) Recv() (*WatchRootsResponse, error) { - m := new(WatchRootsResponse) - if err := x.ClientStream.RecvMsg(m); err != nil { - return nil, err - } - return m, nil -} - -func (c *connectCAServiceClient) Sign(ctx context.Context, in *SignRequest, opts ...grpc.CallOption) (*SignResponse, error) { - out := new(SignResponse) - err := c.cc.Invoke(ctx, "/hashicorp.consul.connectca.ConnectCAService/Sign", in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - -// ConnectCAServiceServer is the server API for ConnectCAService service. -// All implementations must embed UnimplementedConnectCAServiceServer -// for forward compatibility -type ConnectCAServiceServer interface { - // WatchRoots provides a stream on which you can receive the list of active - // Connect CA roots. Current roots are sent immediately at the start of the - // stream, and new lists will be sent whenever the roots are rotated. - WatchRoots(*WatchRootsRequest, ConnectCAService_WatchRootsServer) error - // Sign a leaf certificate for the service or agent identified by the SPIFFE - // ID in the given CSR's SAN. - Sign(context.Context, *SignRequest) (*SignResponse, error) - mustEmbedUnimplementedConnectCAServiceServer() -} - -// UnimplementedConnectCAServiceServer must be embedded to have forward compatible implementations. -type UnimplementedConnectCAServiceServer struct { -} - -func (UnimplementedConnectCAServiceServer) WatchRoots(*WatchRootsRequest, ConnectCAService_WatchRootsServer) error { - return status.Errorf(codes.Unimplemented, "method WatchRoots not implemented") -} -func (UnimplementedConnectCAServiceServer) Sign(context.Context, *SignRequest) (*SignResponse, error) { - return nil, status.Errorf(codes.Unimplemented, "method Sign not implemented") -} -func (UnimplementedConnectCAServiceServer) mustEmbedUnimplementedConnectCAServiceServer() {} - -// UnsafeConnectCAServiceServer may be embedded to opt out of forward compatibility for this service. -// Use of this interface is not recommended, as added methods to ConnectCAServiceServer will -// result in compilation errors. -type UnsafeConnectCAServiceServer interface { - mustEmbedUnimplementedConnectCAServiceServer() -} - -func RegisterConnectCAServiceServer(s grpc.ServiceRegistrar, srv ConnectCAServiceServer) { - s.RegisterService(&ConnectCAService_ServiceDesc, srv) -} - -func _ConnectCAService_WatchRoots_Handler(srv interface{}, stream grpc.ServerStream) error { - m := new(WatchRootsRequest) - if err := stream.RecvMsg(m); err != nil { - return err - } - return srv.(ConnectCAServiceServer).WatchRoots(m, &connectCAServiceWatchRootsServer{stream}) -} - -type ConnectCAService_WatchRootsServer interface { - Send(*WatchRootsResponse) error - grpc.ServerStream -} - -type connectCAServiceWatchRootsServer struct { - grpc.ServerStream -} - -func (x *connectCAServiceWatchRootsServer) Send(m *WatchRootsResponse) error { - return x.ServerStream.SendMsg(m) -} - -func _ConnectCAService_Sign_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(SignRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(ConnectCAServiceServer).Sign(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: "/hashicorp.consul.connectca.ConnectCAService/Sign", - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(ConnectCAServiceServer).Sign(ctx, req.(*SignRequest)) - } - return interceptor(ctx, in, info, handler) -} - -// ConnectCAService_ServiceDesc is the grpc.ServiceDesc for ConnectCAService service. -// It's only intended for direct use with grpc.RegisterService, -// and not to be introspected or modified (even as a copy) -var ConnectCAService_ServiceDesc = grpc.ServiceDesc{ - ServiceName: "hashicorp.consul.connectca.ConnectCAService", - HandlerType: (*ConnectCAServiceServer)(nil), - Methods: []grpc.MethodDesc{ - { - MethodName: "Sign", - Handler: _ConnectCAService_Sign_Handler, - }, - }, - Streams: []grpc.StreamDesc{ - { - StreamName: "WatchRoots", - Handler: _ConnectCAService_WatchRoots_Handler, - ServerStreams: true, - }, - }, - Metadata: "pbconnectca/ca.proto", -} diff --git a/internal/consul-proto/pbdataplane/dataplane.pb.go b/internal/consul-proto/pbdataplane/dataplane.pb.go deleted file mode 100644 index 2d3a1842..00000000 --- a/internal/consul-proto/pbdataplane/dataplane.pb.go +++ /dev/null @@ -1,764 +0,0 @@ -// Package dataplane provides a service on Consul servers for the Consul Dataplane - -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.28.1 -// protoc (unknown) -// source: pbdataplane/dataplane.proto - -package pbdataplane - -import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - structpb "google.golang.org/protobuf/types/known/structpb" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -type DataplaneFeatures int32 - -const ( - DataplaneFeatures_DATAPLANE_FEATURES_UNSPECIFIED DataplaneFeatures = 0 - DataplaneFeatures_DATAPLANE_FEATURES_WATCH_SERVERS DataplaneFeatures = 1 - DataplaneFeatures_DATAPLANE_FEATURES_EDGE_CERTIFICATE_MANAGEMENT DataplaneFeatures = 2 - DataplaneFeatures_DATAPLANE_FEATURES_ENVOY_BOOTSTRAP_CONFIGURATION DataplaneFeatures = 3 -) - -// Enum value maps for DataplaneFeatures. -var ( - DataplaneFeatures_name = map[int32]string{ - 0: "DATAPLANE_FEATURES_UNSPECIFIED", - 1: "DATAPLANE_FEATURES_WATCH_SERVERS", - 2: "DATAPLANE_FEATURES_EDGE_CERTIFICATE_MANAGEMENT", - 3: "DATAPLANE_FEATURES_ENVOY_BOOTSTRAP_CONFIGURATION", - } - DataplaneFeatures_value = map[string]int32{ - "DATAPLANE_FEATURES_UNSPECIFIED": 0, - "DATAPLANE_FEATURES_WATCH_SERVERS": 1, - "DATAPLANE_FEATURES_EDGE_CERTIFICATE_MANAGEMENT": 2, - "DATAPLANE_FEATURES_ENVOY_BOOTSTRAP_CONFIGURATION": 3, - } -) - -func (x DataplaneFeatures) Enum() *DataplaneFeatures { - p := new(DataplaneFeatures) - *p = x - return p -} - -func (x DataplaneFeatures) String() string { - return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) -} - -func (DataplaneFeatures) Descriptor() protoreflect.EnumDescriptor { - return file_pbdataplane_dataplane_proto_enumTypes[0].Descriptor() -} - -func (DataplaneFeatures) Type() protoreflect.EnumType { - return &file_pbdataplane_dataplane_proto_enumTypes[0] -} - -func (x DataplaneFeatures) Number() protoreflect.EnumNumber { - return protoreflect.EnumNumber(x) -} - -// Deprecated: Use DataplaneFeatures.Descriptor instead. -func (DataplaneFeatures) EnumDescriptor() ([]byte, []int) { - return file_pbdataplane_dataplane_proto_rawDescGZIP(), []int{0} -} - -type ServiceKind int32 - -const ( - // ServiceKind UNSPECIFIED is a sentinel value for when a request - // did not specify a service kind. This will be treated the same - // as if TYPICAL was explicitly used. - ServiceKind_SERVICE_KIND_UNSPECIFIED ServiceKind = 0 - // ServiceKind Typical is a typical, classic Consul service. This is - // represented by the absence of a value. This was chosen for ease of - // backwards compatibility: existing services in the catalog would - // default to the typical service. - ServiceKind_SERVICE_KIND_TYPICAL ServiceKind = 1 - // ServiceKind Connect Proxy is a proxy for the Connect feature. This - // service proxies another service within Consul and speaks the connect - // protocol. - ServiceKind_SERVICE_KIND_CONNECT_PROXY ServiceKind = 2 - // ServiceKind Mesh Gateway is a Mesh Gateway for the Connect feature. This - // service will proxy connections based off the SNI header set by other - // connect proxies. - ServiceKind_SERVICE_KIND_MESH_GATEWAY ServiceKind = 3 - // ServiceKind Terminating Gateway is a Terminating Gateway for the Connect - // feature. This service will proxy connections to services outside the mesh. - ServiceKind_SERVICE_KIND_TERMINATING_GATEWAY ServiceKind = 4 - // ServiceKind Ingress Gateway is an Ingress Gateway for the Connect feature. - // This service will ingress connections into the service mesh. - ServiceKind_SERVICE_KIND_INGRESS_GATEWAY ServiceKind = 5 -) - -// Enum value maps for ServiceKind. -var ( - ServiceKind_name = map[int32]string{ - 0: "SERVICE_KIND_UNSPECIFIED", - 1: "SERVICE_KIND_TYPICAL", - 2: "SERVICE_KIND_CONNECT_PROXY", - 3: "SERVICE_KIND_MESH_GATEWAY", - 4: "SERVICE_KIND_TERMINATING_GATEWAY", - 5: "SERVICE_KIND_INGRESS_GATEWAY", - } - ServiceKind_value = map[string]int32{ - "SERVICE_KIND_UNSPECIFIED": 0, - "SERVICE_KIND_TYPICAL": 1, - "SERVICE_KIND_CONNECT_PROXY": 2, - "SERVICE_KIND_MESH_GATEWAY": 3, - "SERVICE_KIND_TERMINATING_GATEWAY": 4, - "SERVICE_KIND_INGRESS_GATEWAY": 5, - } -) - -func (x ServiceKind) Enum() *ServiceKind { - p := new(ServiceKind) - *p = x - return p -} - -func (x ServiceKind) String() string { - return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) -} - -func (ServiceKind) Descriptor() protoreflect.EnumDescriptor { - return file_pbdataplane_dataplane_proto_enumTypes[1].Descriptor() -} - -func (ServiceKind) Type() protoreflect.EnumType { - return &file_pbdataplane_dataplane_proto_enumTypes[1] -} - -func (x ServiceKind) Number() protoreflect.EnumNumber { - return protoreflect.EnumNumber(x) -} - -// Deprecated: Use ServiceKind.Descriptor instead. -func (ServiceKind) EnumDescriptor() ([]byte, []int) { - return file_pbdataplane_dataplane_proto_rawDescGZIP(), []int{1} -} - -type GetSupportedDataplaneFeaturesRequest struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields -} - -func (x *GetSupportedDataplaneFeaturesRequest) Reset() { - *x = GetSupportedDataplaneFeaturesRequest{} - if protoimpl.UnsafeEnabled { - mi := &file_pbdataplane_dataplane_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *GetSupportedDataplaneFeaturesRequest) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*GetSupportedDataplaneFeaturesRequest) ProtoMessage() {} - -func (x *GetSupportedDataplaneFeaturesRequest) ProtoReflect() protoreflect.Message { - mi := &file_pbdataplane_dataplane_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use GetSupportedDataplaneFeaturesRequest.ProtoReflect.Descriptor instead. -func (*GetSupportedDataplaneFeaturesRequest) Descriptor() ([]byte, []int) { - return file_pbdataplane_dataplane_proto_rawDescGZIP(), []int{0} -} - -type DataplaneFeatureSupport struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - FeatureName DataplaneFeatures `protobuf:"varint,1,opt,name=feature_name,json=featureName,proto3,enum=hashicorp.consul.dataplane.DataplaneFeatures" json:"feature_name,omitempty"` - Supported bool `protobuf:"varint,2,opt,name=supported,proto3" json:"supported,omitempty"` -} - -func (x *DataplaneFeatureSupport) Reset() { - *x = DataplaneFeatureSupport{} - if protoimpl.UnsafeEnabled { - mi := &file_pbdataplane_dataplane_proto_msgTypes[1] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *DataplaneFeatureSupport) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*DataplaneFeatureSupport) ProtoMessage() {} - -func (x *DataplaneFeatureSupport) ProtoReflect() protoreflect.Message { - mi := &file_pbdataplane_dataplane_proto_msgTypes[1] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use DataplaneFeatureSupport.ProtoReflect.Descriptor instead. -func (*DataplaneFeatureSupport) Descriptor() ([]byte, []int) { - return file_pbdataplane_dataplane_proto_rawDescGZIP(), []int{1} -} - -func (x *DataplaneFeatureSupport) GetFeatureName() DataplaneFeatures { - if x != nil { - return x.FeatureName - } - return DataplaneFeatures_DATAPLANE_FEATURES_UNSPECIFIED -} - -func (x *DataplaneFeatureSupport) GetSupported() bool { - if x != nil { - return x.Supported - } - return false -} - -type GetSupportedDataplaneFeaturesResponse struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - SupportedDataplaneFeatures []*DataplaneFeatureSupport `protobuf:"bytes,1,rep,name=supported_dataplane_features,json=supportedDataplaneFeatures,proto3" json:"supported_dataplane_features,omitempty"` -} - -func (x *GetSupportedDataplaneFeaturesResponse) Reset() { - *x = GetSupportedDataplaneFeaturesResponse{} - if protoimpl.UnsafeEnabled { - mi := &file_pbdataplane_dataplane_proto_msgTypes[2] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *GetSupportedDataplaneFeaturesResponse) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*GetSupportedDataplaneFeaturesResponse) ProtoMessage() {} - -func (x *GetSupportedDataplaneFeaturesResponse) ProtoReflect() protoreflect.Message { - mi := &file_pbdataplane_dataplane_proto_msgTypes[2] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use GetSupportedDataplaneFeaturesResponse.ProtoReflect.Descriptor instead. -func (*GetSupportedDataplaneFeaturesResponse) Descriptor() ([]byte, []int) { - return file_pbdataplane_dataplane_proto_rawDescGZIP(), []int{2} -} - -func (x *GetSupportedDataplaneFeaturesResponse) GetSupportedDataplaneFeatures() []*DataplaneFeatureSupport { - if x != nil { - return x.SupportedDataplaneFeatures - } - return nil -} - -type GetEnvoyBootstrapParamsRequest struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // Types that are assignable to NodeSpec: - // *GetEnvoyBootstrapParamsRequest_NodeId - // *GetEnvoyBootstrapParamsRequest_NodeName - NodeSpec isGetEnvoyBootstrapParamsRequest_NodeSpec `protobuf_oneof:"node_spec"` - // The proxy service ID - ServiceId string `protobuf:"bytes,3,opt,name=service_id,json=serviceId,proto3" json:"service_id,omitempty"` - Partition string `protobuf:"bytes,4,opt,name=partition,proto3" json:"partition,omitempty"` - Namespace string `protobuf:"bytes,5,opt,name=namespace,proto3" json:"namespace,omitempty"` -} - -func (x *GetEnvoyBootstrapParamsRequest) Reset() { - *x = GetEnvoyBootstrapParamsRequest{} - if protoimpl.UnsafeEnabled { - mi := &file_pbdataplane_dataplane_proto_msgTypes[3] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *GetEnvoyBootstrapParamsRequest) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*GetEnvoyBootstrapParamsRequest) ProtoMessage() {} - -func (x *GetEnvoyBootstrapParamsRequest) ProtoReflect() protoreflect.Message { - mi := &file_pbdataplane_dataplane_proto_msgTypes[3] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use GetEnvoyBootstrapParamsRequest.ProtoReflect.Descriptor instead. -func (*GetEnvoyBootstrapParamsRequest) Descriptor() ([]byte, []int) { - return file_pbdataplane_dataplane_proto_rawDescGZIP(), []int{3} -} - -func (m *GetEnvoyBootstrapParamsRequest) GetNodeSpec() isGetEnvoyBootstrapParamsRequest_NodeSpec { - if m != nil { - return m.NodeSpec - } - return nil -} - -func (x *GetEnvoyBootstrapParamsRequest) GetNodeId() string { - if x, ok := x.GetNodeSpec().(*GetEnvoyBootstrapParamsRequest_NodeId); ok { - return x.NodeId - } - return "" -} - -func (x *GetEnvoyBootstrapParamsRequest) GetNodeName() string { - if x, ok := x.GetNodeSpec().(*GetEnvoyBootstrapParamsRequest_NodeName); ok { - return x.NodeName - } - return "" -} - -func (x *GetEnvoyBootstrapParamsRequest) GetServiceId() string { - if x != nil { - return x.ServiceId - } - return "" -} - -func (x *GetEnvoyBootstrapParamsRequest) GetPartition() string { - if x != nil { - return x.Partition - } - return "" -} - -func (x *GetEnvoyBootstrapParamsRequest) GetNamespace() string { - if x != nil { - return x.Namespace - } - return "" -} - -type isGetEnvoyBootstrapParamsRequest_NodeSpec interface { - isGetEnvoyBootstrapParamsRequest_NodeSpec() -} - -type GetEnvoyBootstrapParamsRequest_NodeId struct { - NodeId string `protobuf:"bytes,1,opt,name=node_id,json=nodeId,proto3,oneof"` -} - -type GetEnvoyBootstrapParamsRequest_NodeName struct { - NodeName string `protobuf:"bytes,2,opt,name=node_name,json=nodeName,proto3,oneof"` -} - -func (*GetEnvoyBootstrapParamsRequest_NodeId) isGetEnvoyBootstrapParamsRequest_NodeSpec() {} - -func (*GetEnvoyBootstrapParamsRequest_NodeName) isGetEnvoyBootstrapParamsRequest_NodeSpec() {} - -type GetEnvoyBootstrapParamsResponse struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - ServiceKind ServiceKind `protobuf:"varint,1,opt,name=service_kind,json=serviceKind,proto3,enum=hashicorp.consul.dataplane.ServiceKind" json:"service_kind,omitempty"` - // service is be used to identify the service (as the local cluster name and - // in metric tags). If the service is a connect proxy it will be the name of - // the proxy's destination service, for gateways it will be the gateway - // service's name. - Service string `protobuf:"bytes,2,opt,name=service,proto3" json:"service,omitempty"` - Namespace string `protobuf:"bytes,3,opt,name=namespace,proto3" json:"namespace,omitempty"` - Partition string `protobuf:"bytes,4,opt,name=partition,proto3" json:"partition,omitempty"` - Datacenter string `protobuf:"bytes,5,opt,name=datacenter,proto3" json:"datacenter,omitempty"` - Config *structpb.Struct `protobuf:"bytes,6,opt,name=config,proto3" json:"config,omitempty"` - NodeId string `protobuf:"bytes,7,opt,name=node_id,json=nodeId,proto3" json:"node_id,omitempty"` - NodeName string `protobuf:"bytes,8,opt,name=node_name,json=nodeName,proto3" json:"node_name,omitempty"` -} - -func (x *GetEnvoyBootstrapParamsResponse) Reset() { - *x = GetEnvoyBootstrapParamsResponse{} - if protoimpl.UnsafeEnabled { - mi := &file_pbdataplane_dataplane_proto_msgTypes[4] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *GetEnvoyBootstrapParamsResponse) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*GetEnvoyBootstrapParamsResponse) ProtoMessage() {} - -func (x *GetEnvoyBootstrapParamsResponse) ProtoReflect() protoreflect.Message { - mi := &file_pbdataplane_dataplane_proto_msgTypes[4] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use GetEnvoyBootstrapParamsResponse.ProtoReflect.Descriptor instead. -func (*GetEnvoyBootstrapParamsResponse) Descriptor() ([]byte, []int) { - return file_pbdataplane_dataplane_proto_rawDescGZIP(), []int{4} -} - -func (x *GetEnvoyBootstrapParamsResponse) GetServiceKind() ServiceKind { - if x != nil { - return x.ServiceKind - } - return ServiceKind_SERVICE_KIND_UNSPECIFIED -} - -func (x *GetEnvoyBootstrapParamsResponse) GetService() string { - if x != nil { - return x.Service - } - return "" -} - -func (x *GetEnvoyBootstrapParamsResponse) GetNamespace() string { - if x != nil { - return x.Namespace - } - return "" -} - -func (x *GetEnvoyBootstrapParamsResponse) GetPartition() string { - if x != nil { - return x.Partition - } - return "" -} - -func (x *GetEnvoyBootstrapParamsResponse) GetDatacenter() string { - if x != nil { - return x.Datacenter - } - return "" -} - -func (x *GetEnvoyBootstrapParamsResponse) GetConfig() *structpb.Struct { - if x != nil { - return x.Config - } - return nil -} - -func (x *GetEnvoyBootstrapParamsResponse) GetNodeId() string { - if x != nil { - return x.NodeId - } - return "" -} - -func (x *GetEnvoyBootstrapParamsResponse) GetNodeName() string { - if x != nil { - return x.NodeName - } - return "" -} - -var File_pbdataplane_dataplane_proto protoreflect.FileDescriptor - -var file_pbdataplane_dataplane_proto_rawDesc = []byte{ - 0x0a, 0x1b, 0x70, 0x62, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2f, 0x64, 0x61, - 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1a, 0x68, - 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, - 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, - 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, - 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x26, 0x0a, 0x24, 0x47, 0x65, 0x74, 0x53, 0x75, - 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, - 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, - 0x89, 0x01, 0x0a, 0x17, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, - 0x74, 0x75, 0x72, 0x65, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x12, 0x50, 0x0a, 0x0c, 0x66, - 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x0e, 0x32, 0x2d, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, - 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x44, - 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, - 0x52, 0x0b, 0x66, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1c, 0x0a, - 0x09, 0x73, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, - 0x52, 0x09, 0x73, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x22, 0x9e, 0x01, 0x0a, 0x25, - 0x47, 0x65, 0x74, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, - 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x73, - 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x75, 0x0a, 0x1c, 0x73, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, - 0x65, 0x64, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x5f, 0x66, 0x65, 0x61, - 0x74, 0x75, 0x72, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x68, 0x61, - 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x64, - 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, - 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, - 0x52, 0x1a, 0x73, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, - 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x22, 0xc2, 0x01, 0x0a, - 0x1e, 0x47, 0x65, 0x74, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, - 0x61, 0x70, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, - 0x19, 0x0a, 0x07, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, - 0x48, 0x00, 0x52, 0x06, 0x6e, 0x6f, 0x64, 0x65, 0x49, 0x64, 0x12, 0x1d, 0x0a, 0x09, 0x6e, 0x6f, - 0x64, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, - 0x08, 0x6e, 0x6f, 0x64, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x65, 0x72, - 0x76, 0x69, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x73, - 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x49, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x70, 0x61, 0x72, 0x74, - 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x72, - 0x74, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, - 0x61, 0x63, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, - 0x70, 0x61, 0x63, 0x65, 0x42, 0x0b, 0x0a, 0x09, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x73, 0x70, 0x65, - 0x63, 0x22, 0xca, 0x02, 0x0a, 0x1f, 0x47, 0x65, 0x74, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x42, 0x6f, - 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x52, 0x65, 0x73, - 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x4a, 0x0a, 0x0c, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, - 0x5f, 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x27, 0x2e, 0x68, 0x61, - 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x64, - 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, - 0x4b, 0x69, 0x6e, 0x64, 0x52, 0x0b, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4b, 0x69, 0x6e, - 0x64, 0x12, 0x18, 0x0a, 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x6e, - 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, - 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x70, 0x61, 0x72, - 0x74, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, - 0x72, 0x74, 0x69, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1e, 0x0a, 0x0a, 0x64, 0x61, 0x74, 0x61, 0x63, - 0x65, 0x6e, 0x74, 0x65, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x64, 0x61, 0x74, - 0x61, 0x63, 0x65, 0x6e, 0x74, 0x65, 0x72, 0x12, 0x2f, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, - 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, - 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x17, 0x0a, 0x07, 0x6e, 0x6f, 0x64, 0x65, - 0x5f, 0x69, 0x64, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6e, 0x6f, 0x64, 0x65, 0x49, - 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x08, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6e, 0x6f, 0x64, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x2a, 0xc7, - 0x01, 0x0a, 0x11, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, - 0x75, 0x72, 0x65, 0x73, 0x12, 0x22, 0x0a, 0x1e, 0x44, 0x41, 0x54, 0x41, 0x50, 0x4c, 0x41, 0x4e, - 0x45, 0x5f, 0x46, 0x45, 0x41, 0x54, 0x55, 0x52, 0x45, 0x53, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, - 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x24, 0x0a, 0x20, 0x44, 0x41, 0x54, 0x41, - 0x50, 0x4c, 0x41, 0x4e, 0x45, 0x5f, 0x46, 0x45, 0x41, 0x54, 0x55, 0x52, 0x45, 0x53, 0x5f, 0x57, - 0x41, 0x54, 0x43, 0x48, 0x5f, 0x53, 0x45, 0x52, 0x56, 0x45, 0x52, 0x53, 0x10, 0x01, 0x12, 0x32, - 0x0a, 0x2e, 0x44, 0x41, 0x54, 0x41, 0x50, 0x4c, 0x41, 0x4e, 0x45, 0x5f, 0x46, 0x45, 0x41, 0x54, - 0x55, 0x52, 0x45, 0x53, 0x5f, 0x45, 0x44, 0x47, 0x45, 0x5f, 0x43, 0x45, 0x52, 0x54, 0x49, 0x46, - 0x49, 0x43, 0x41, 0x54, 0x45, 0x5f, 0x4d, 0x41, 0x4e, 0x41, 0x47, 0x45, 0x4d, 0x45, 0x4e, 0x54, - 0x10, 0x02, 0x12, 0x34, 0x0a, 0x30, 0x44, 0x41, 0x54, 0x41, 0x50, 0x4c, 0x41, 0x4e, 0x45, 0x5f, - 0x46, 0x45, 0x41, 0x54, 0x55, 0x52, 0x45, 0x53, 0x5f, 0x45, 0x4e, 0x56, 0x4f, 0x59, 0x5f, 0x42, - 0x4f, 0x4f, 0x54, 0x53, 0x54, 0x52, 0x41, 0x50, 0x5f, 0x43, 0x4f, 0x4e, 0x46, 0x49, 0x47, 0x55, - 0x52, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x10, 0x03, 0x2a, 0xcc, 0x01, 0x0a, 0x0b, 0x53, 0x65, 0x72, - 0x76, 0x69, 0x63, 0x65, 0x4b, 0x69, 0x6e, 0x64, 0x12, 0x1c, 0x0a, 0x18, 0x53, 0x45, 0x52, 0x56, - 0x49, 0x43, 0x45, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, - 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x18, 0x0a, 0x14, 0x53, 0x45, 0x52, 0x56, 0x49, 0x43, - 0x45, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x5f, 0x54, 0x59, 0x50, 0x49, 0x43, 0x41, 0x4c, 0x10, 0x01, - 0x12, 0x1e, 0x0a, 0x1a, 0x53, 0x45, 0x52, 0x56, 0x49, 0x43, 0x45, 0x5f, 0x4b, 0x49, 0x4e, 0x44, - 0x5f, 0x43, 0x4f, 0x4e, 0x4e, 0x45, 0x43, 0x54, 0x5f, 0x50, 0x52, 0x4f, 0x58, 0x59, 0x10, 0x02, - 0x12, 0x1d, 0x0a, 0x19, 0x53, 0x45, 0x52, 0x56, 0x49, 0x43, 0x45, 0x5f, 0x4b, 0x49, 0x4e, 0x44, - 0x5f, 0x4d, 0x45, 0x53, 0x48, 0x5f, 0x47, 0x41, 0x54, 0x45, 0x57, 0x41, 0x59, 0x10, 0x03, 0x12, - 0x24, 0x0a, 0x20, 0x53, 0x45, 0x52, 0x56, 0x49, 0x43, 0x45, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x5f, - 0x54, 0x45, 0x52, 0x4d, 0x49, 0x4e, 0x41, 0x54, 0x49, 0x4e, 0x47, 0x5f, 0x47, 0x41, 0x54, 0x45, - 0x57, 0x41, 0x59, 0x10, 0x04, 0x12, 0x20, 0x0a, 0x1c, 0x53, 0x45, 0x52, 0x56, 0x49, 0x43, 0x45, - 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x5f, 0x49, 0x4e, 0x47, 0x52, 0x45, 0x53, 0x53, 0x5f, 0x47, 0x41, - 0x54, 0x45, 0x57, 0x41, 0x59, 0x10, 0x05, 0x32, 0xd2, 0x02, 0x0a, 0x10, 0x44, 0x61, 0x74, 0x61, - 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0xa6, 0x01, 0x0a, - 0x1d, 0x47, 0x65, 0x74, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, - 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x12, 0x40, - 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, - 0x6c, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x47, 0x65, 0x74, 0x53, - 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, - 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, - 0x1a, 0x41, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, - 0x73, 0x75, 0x6c, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x47, 0x65, - 0x74, 0x53, 0x75, 0x70, 0x70, 0x6f, 0x72, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, - 0x61, 0x6e, 0x65, 0x46, 0x65, 0x61, 0x74, 0x75, 0x72, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, - 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x94, 0x01, 0x0a, 0x17, 0x47, 0x65, 0x74, 0x45, 0x6e, 0x76, - 0x6f, 0x79, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x61, 0x72, 0x61, 0x6d, - 0x73, 0x12, 0x3a, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, - 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x47, - 0x65, 0x74, 0x45, 0x6e, 0x76, 0x6f, 0x79, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, - 0x50, 0x61, 0x72, 0x61, 0x6d, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x3b, 0x2e, - 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, - 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2e, 0x47, 0x65, 0x74, 0x45, 0x6e, - 0x76, 0x6f, 0x79, 0x42, 0x6f, 0x6f, 0x74, 0x73, 0x74, 0x72, 0x61, 0x70, 0x50, 0x61, 0x72, 0x61, - 0x6d, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, 0x83, 0x02, 0x0a, - 0x1e, 0x63, 0x6f, 0x6d, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, - 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x42, - 0x0e, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, - 0x01, 0x5a, 0x47, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, - 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2d, 0x64, - 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, - 0x6c, 0x2f, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2d, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x70, - 0x62, 0x64, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0xa2, 0x02, 0x03, 0x48, 0x43, 0x44, - 0xaa, 0x02, 0x1a, 0x48, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x43, 0x6f, 0x6e, - 0x73, 0x75, 0x6c, 0x2e, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0xca, 0x02, 0x1a, - 0x48, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x5c, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, - 0x5c, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0xe2, 0x02, 0x26, 0x48, 0x61, 0x73, - 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x5c, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x5c, 0x44, 0x61, - 0x74, 0x61, 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, - 0x61, 0x74, 0x61, 0xea, 0x02, 0x1c, 0x48, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x3a, - 0x3a, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x3a, 0x3a, 0x44, 0x61, 0x74, 0x61, 0x70, 0x6c, 0x61, - 0x6e, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_pbdataplane_dataplane_proto_rawDescOnce sync.Once - file_pbdataplane_dataplane_proto_rawDescData = file_pbdataplane_dataplane_proto_rawDesc -) - -func file_pbdataplane_dataplane_proto_rawDescGZIP() []byte { - file_pbdataplane_dataplane_proto_rawDescOnce.Do(func() { - file_pbdataplane_dataplane_proto_rawDescData = protoimpl.X.CompressGZIP(file_pbdataplane_dataplane_proto_rawDescData) - }) - return file_pbdataplane_dataplane_proto_rawDescData -} - -var file_pbdataplane_dataplane_proto_enumTypes = make([]protoimpl.EnumInfo, 2) -var file_pbdataplane_dataplane_proto_msgTypes = make([]protoimpl.MessageInfo, 5) -var file_pbdataplane_dataplane_proto_goTypes = []interface{}{ - (DataplaneFeatures)(0), // 0: hashicorp.consul.dataplane.DataplaneFeatures - (ServiceKind)(0), // 1: hashicorp.consul.dataplane.ServiceKind - (*GetSupportedDataplaneFeaturesRequest)(nil), // 2: hashicorp.consul.dataplane.GetSupportedDataplaneFeaturesRequest - (*DataplaneFeatureSupport)(nil), // 3: hashicorp.consul.dataplane.DataplaneFeatureSupport - (*GetSupportedDataplaneFeaturesResponse)(nil), // 4: hashicorp.consul.dataplane.GetSupportedDataplaneFeaturesResponse - (*GetEnvoyBootstrapParamsRequest)(nil), // 5: hashicorp.consul.dataplane.GetEnvoyBootstrapParamsRequest - (*GetEnvoyBootstrapParamsResponse)(nil), // 6: hashicorp.consul.dataplane.GetEnvoyBootstrapParamsResponse - (*structpb.Struct)(nil), // 7: google.protobuf.Struct -} -var file_pbdataplane_dataplane_proto_depIdxs = []int32{ - 0, // 0: hashicorp.consul.dataplane.DataplaneFeatureSupport.feature_name:type_name -> hashicorp.consul.dataplane.DataplaneFeatures - 3, // 1: hashicorp.consul.dataplane.GetSupportedDataplaneFeaturesResponse.supported_dataplane_features:type_name -> hashicorp.consul.dataplane.DataplaneFeatureSupport - 1, // 2: hashicorp.consul.dataplane.GetEnvoyBootstrapParamsResponse.service_kind:type_name -> hashicorp.consul.dataplane.ServiceKind - 7, // 3: hashicorp.consul.dataplane.GetEnvoyBootstrapParamsResponse.config:type_name -> google.protobuf.Struct - 2, // 4: hashicorp.consul.dataplane.DataplaneService.GetSupportedDataplaneFeatures:input_type -> hashicorp.consul.dataplane.GetSupportedDataplaneFeaturesRequest - 5, // 5: hashicorp.consul.dataplane.DataplaneService.GetEnvoyBootstrapParams:input_type -> hashicorp.consul.dataplane.GetEnvoyBootstrapParamsRequest - 4, // 6: hashicorp.consul.dataplane.DataplaneService.GetSupportedDataplaneFeatures:output_type -> hashicorp.consul.dataplane.GetSupportedDataplaneFeaturesResponse - 6, // 7: hashicorp.consul.dataplane.DataplaneService.GetEnvoyBootstrapParams:output_type -> hashicorp.consul.dataplane.GetEnvoyBootstrapParamsResponse - 6, // [6:8] is the sub-list for method output_type - 4, // [4:6] is the sub-list for method input_type - 4, // [4:4] is the sub-list for extension type_name - 4, // [4:4] is the sub-list for extension extendee - 0, // [0:4] is the sub-list for field type_name -} - -func init() { file_pbdataplane_dataplane_proto_init() } -func file_pbdataplane_dataplane_proto_init() { - if File_pbdataplane_dataplane_proto != nil { - return - } - if !protoimpl.UnsafeEnabled { - file_pbdataplane_dataplane_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GetSupportedDataplaneFeaturesRequest); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbdataplane_dataplane_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*DataplaneFeatureSupport); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbdataplane_dataplane_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GetSupportedDataplaneFeaturesResponse); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbdataplane_dataplane_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GetEnvoyBootstrapParamsRequest); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbdataplane_dataplane_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GetEnvoyBootstrapParamsResponse); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - file_pbdataplane_dataplane_proto_msgTypes[3].OneofWrappers = []interface{}{ - (*GetEnvoyBootstrapParamsRequest_NodeId)(nil), - (*GetEnvoyBootstrapParamsRequest_NodeName)(nil), - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_pbdataplane_dataplane_proto_rawDesc, - NumEnums: 2, - NumMessages: 5, - NumExtensions: 0, - NumServices: 1, - }, - GoTypes: file_pbdataplane_dataplane_proto_goTypes, - DependencyIndexes: file_pbdataplane_dataplane_proto_depIdxs, - EnumInfos: file_pbdataplane_dataplane_proto_enumTypes, - MessageInfos: file_pbdataplane_dataplane_proto_msgTypes, - }.Build() - File_pbdataplane_dataplane_proto = out.File - file_pbdataplane_dataplane_proto_rawDesc = nil - file_pbdataplane_dataplane_proto_goTypes = nil - file_pbdataplane_dataplane_proto_depIdxs = nil -} diff --git a/internal/consul-proto/pbdataplane/dataplane_grpc.pb.go b/internal/consul-proto/pbdataplane/dataplane_grpc.pb.go deleted file mode 100644 index 8fef5897..00000000 --- a/internal/consul-proto/pbdataplane/dataplane_grpc.pb.go +++ /dev/null @@ -1,141 +0,0 @@ -// Code generated by protoc-gen-go-grpc. DO NOT EDIT. -// versions: -// - protoc-gen-go-grpc v1.2.0 -// - protoc (unknown) -// source: pbdataplane/dataplane.proto - -package pbdataplane - -import ( - context "context" - grpc "google.golang.org/grpc" - codes "google.golang.org/grpc/codes" - status "google.golang.org/grpc/status" -) - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the grpc package it is being compiled against. -// Requires gRPC-Go v1.32.0 or later. -const _ = grpc.SupportPackageIsVersion7 - -// DataplaneServiceClient is the client API for DataplaneService service. -// -// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. -type DataplaneServiceClient interface { - GetSupportedDataplaneFeatures(ctx context.Context, in *GetSupportedDataplaneFeaturesRequest, opts ...grpc.CallOption) (*GetSupportedDataplaneFeaturesResponse, error) - GetEnvoyBootstrapParams(ctx context.Context, in *GetEnvoyBootstrapParamsRequest, opts ...grpc.CallOption) (*GetEnvoyBootstrapParamsResponse, error) -} - -type dataplaneServiceClient struct { - cc grpc.ClientConnInterface -} - -func NewDataplaneServiceClient(cc grpc.ClientConnInterface) DataplaneServiceClient { - return &dataplaneServiceClient{cc} -} - -func (c *dataplaneServiceClient) GetSupportedDataplaneFeatures(ctx context.Context, in *GetSupportedDataplaneFeaturesRequest, opts ...grpc.CallOption) (*GetSupportedDataplaneFeaturesResponse, error) { - out := new(GetSupportedDataplaneFeaturesResponse) - err := c.cc.Invoke(ctx, "/hashicorp.consul.dataplane.DataplaneService/GetSupportedDataplaneFeatures", in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - -func (c *dataplaneServiceClient) GetEnvoyBootstrapParams(ctx context.Context, in *GetEnvoyBootstrapParamsRequest, opts ...grpc.CallOption) (*GetEnvoyBootstrapParamsResponse, error) { - out := new(GetEnvoyBootstrapParamsResponse) - err := c.cc.Invoke(ctx, "/hashicorp.consul.dataplane.DataplaneService/GetEnvoyBootstrapParams", in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - -// DataplaneServiceServer is the server API for DataplaneService service. -// All implementations must embed UnimplementedDataplaneServiceServer -// for forward compatibility -type DataplaneServiceServer interface { - GetSupportedDataplaneFeatures(context.Context, *GetSupportedDataplaneFeaturesRequest) (*GetSupportedDataplaneFeaturesResponse, error) - GetEnvoyBootstrapParams(context.Context, *GetEnvoyBootstrapParamsRequest) (*GetEnvoyBootstrapParamsResponse, error) - mustEmbedUnimplementedDataplaneServiceServer() -} - -// UnimplementedDataplaneServiceServer must be embedded to have forward compatible implementations. -type UnimplementedDataplaneServiceServer struct { -} - -func (UnimplementedDataplaneServiceServer) GetSupportedDataplaneFeatures(context.Context, *GetSupportedDataplaneFeaturesRequest) (*GetSupportedDataplaneFeaturesResponse, error) { - return nil, status.Errorf(codes.Unimplemented, "method GetSupportedDataplaneFeatures not implemented") -} -func (UnimplementedDataplaneServiceServer) GetEnvoyBootstrapParams(context.Context, *GetEnvoyBootstrapParamsRequest) (*GetEnvoyBootstrapParamsResponse, error) { - return nil, status.Errorf(codes.Unimplemented, "method GetEnvoyBootstrapParams not implemented") -} -func (UnimplementedDataplaneServiceServer) mustEmbedUnimplementedDataplaneServiceServer() {} - -// UnsafeDataplaneServiceServer may be embedded to opt out of forward compatibility for this service. -// Use of this interface is not recommended, as added methods to DataplaneServiceServer will -// result in compilation errors. -type UnsafeDataplaneServiceServer interface { - mustEmbedUnimplementedDataplaneServiceServer() -} - -func RegisterDataplaneServiceServer(s grpc.ServiceRegistrar, srv DataplaneServiceServer) { - s.RegisterService(&DataplaneService_ServiceDesc, srv) -} - -func _DataplaneService_GetSupportedDataplaneFeatures_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(GetSupportedDataplaneFeaturesRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(DataplaneServiceServer).GetSupportedDataplaneFeatures(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: "/hashicorp.consul.dataplane.DataplaneService/GetSupportedDataplaneFeatures", - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(DataplaneServiceServer).GetSupportedDataplaneFeatures(ctx, req.(*GetSupportedDataplaneFeaturesRequest)) - } - return interceptor(ctx, in, info, handler) -} - -func _DataplaneService_GetEnvoyBootstrapParams_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(GetEnvoyBootstrapParamsRequest) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(DataplaneServiceServer).GetEnvoyBootstrapParams(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: "/hashicorp.consul.dataplane.DataplaneService/GetEnvoyBootstrapParams", - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(DataplaneServiceServer).GetEnvoyBootstrapParams(ctx, req.(*GetEnvoyBootstrapParamsRequest)) - } - return interceptor(ctx, in, info, handler) -} - -// DataplaneService_ServiceDesc is the grpc.ServiceDesc for DataplaneService service. -// It's only intended for direct use with grpc.RegisterService, -// and not to be introspected or modified (even as a copy) -var DataplaneService_ServiceDesc = grpc.ServiceDesc{ - ServiceName: "hashicorp.consul.dataplane.DataplaneService", - HandlerType: (*DataplaneServiceServer)(nil), - Methods: []grpc.MethodDesc{ - { - MethodName: "GetSupportedDataplaneFeatures", - Handler: _DataplaneService_GetSupportedDataplaneFeatures_Handler, - }, - { - MethodName: "GetEnvoyBootstrapParams", - Handler: _DataplaneService_GetEnvoyBootstrapParams_Handler, - }, - }, - Streams: []grpc.StreamDesc{}, - Metadata: "pbdataplane/dataplane.proto", -} diff --git a/internal/consul-proto/pbserverdiscovery/serverdiscovery.pb.go b/internal/consul-proto/pbserverdiscovery/serverdiscovery.pb.go deleted file mode 100644 index adeb367b..00000000 --- a/internal/consul-proto/pbserverdiscovery/serverdiscovery.pb.go +++ /dev/null @@ -1,332 +0,0 @@ -// Package serverdiscovery provides a service on Consul servers to discover the set of servers -// currently able to handle incoming requests. - -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.28.1 -// protoc (unknown) -// source: pbserverdiscovery/serverdiscovery.proto - -package pbserverdiscovery - -import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -type WatchServersRequest struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // Wan being set to true will cause WAN addresses to be sent in the response - // instead of the LAN addresses which are the default - Wan bool `protobuf:"varint,1,opt,name=wan,proto3" json:"wan,omitempty"` -} - -func (x *WatchServersRequest) Reset() { - *x = WatchServersRequest{} - if protoimpl.UnsafeEnabled { - mi := &file_pbserverdiscovery_serverdiscovery_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *WatchServersRequest) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*WatchServersRequest) ProtoMessage() {} - -func (x *WatchServersRequest) ProtoReflect() protoreflect.Message { - mi := &file_pbserverdiscovery_serverdiscovery_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use WatchServersRequest.ProtoReflect.Descriptor instead. -func (*WatchServersRequest) Descriptor() ([]byte, []int) { - return file_pbserverdiscovery_serverdiscovery_proto_rawDescGZIP(), []int{0} -} - -func (x *WatchServersRequest) GetWan() bool { - if x != nil { - return x.Wan - } - return false -} - -type WatchServersResponse struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // Servers is the list of server address information. - Servers []*Server `protobuf:"bytes,1,rep,name=servers,proto3" json:"servers,omitempty"` -} - -func (x *WatchServersResponse) Reset() { - *x = WatchServersResponse{} - if protoimpl.UnsafeEnabled { - mi := &file_pbserverdiscovery_serverdiscovery_proto_msgTypes[1] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *WatchServersResponse) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*WatchServersResponse) ProtoMessage() {} - -func (x *WatchServersResponse) ProtoReflect() protoreflect.Message { - mi := &file_pbserverdiscovery_serverdiscovery_proto_msgTypes[1] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use WatchServersResponse.ProtoReflect.Descriptor instead. -func (*WatchServersResponse) Descriptor() ([]byte, []int) { - return file_pbserverdiscovery_serverdiscovery_proto_rawDescGZIP(), []int{1} -} - -func (x *WatchServersResponse) GetServers() []*Server { - if x != nil { - return x.Servers - } - return nil -} - -type Server struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // id is the unique string identifying this server for all time. - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` - // address on the network of the server - Address string `protobuf:"bytes,2,opt,name=address,proto3" json:"address,omitempty"` - // the consul version of the server - Version string `protobuf:"bytes,3,opt,name=version,proto3" json:"version,omitempty"` -} - -func (x *Server) Reset() { - *x = Server{} - if protoimpl.UnsafeEnabled { - mi := &file_pbserverdiscovery_serverdiscovery_proto_msgTypes[2] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Server) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Server) ProtoMessage() {} - -func (x *Server) ProtoReflect() protoreflect.Message { - mi := &file_pbserverdiscovery_serverdiscovery_proto_msgTypes[2] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Server.ProtoReflect.Descriptor instead. -func (*Server) Descriptor() ([]byte, []int) { - return file_pbserverdiscovery_serverdiscovery_proto_rawDescGZIP(), []int{2} -} - -func (x *Server) GetId() string { - if x != nil { - return x.Id - } - return "" -} - -func (x *Server) GetAddress() string { - if x != nil { - return x.Address - } - return "" -} - -func (x *Server) GetVersion() string { - if x != nil { - return x.Version - } - return "" -} - -var File_pbserverdiscovery_serverdiscovery_proto protoreflect.FileDescriptor - -var file_pbserverdiscovery_serverdiscovery_proto_rawDesc = []byte{ - 0x0a, 0x27, 0x70, 0x62, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, - 0x65, 0x72, 0x79, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, - 0x65, 0x72, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x20, 0x68, 0x61, 0x73, 0x68, 0x69, - 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x73, 0x65, 0x72, 0x76, - 0x65, 0x72, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x22, 0x27, 0x0a, 0x13, 0x57, - 0x61, 0x74, 0x63, 0x68, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x77, 0x61, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, - 0x03, 0x77, 0x61, 0x6e, 0x22, 0x5a, 0x0a, 0x14, 0x57, 0x61, 0x74, 0x63, 0x68, 0x53, 0x65, 0x72, - 0x76, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x42, 0x0a, 0x07, - 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x28, 0x2e, - 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, - 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, - 0x2e, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x52, 0x07, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, - 0x22, 0x4c, 0x0a, 0x06, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, - 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x18, 0x0a, 0x07, 0x61, 0x64, - 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x61, 0x64, 0x64, - 0x72, 0x65, 0x73, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, - 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x32, 0x9c, - 0x01, 0x0a, 0x16, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x44, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, - 0x72, 0x79, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x81, 0x01, 0x0a, 0x0c, 0x57, 0x61, - 0x74, 0x63, 0x68, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x12, 0x35, 0x2e, 0x68, 0x61, 0x73, - 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x73, 0x65, - 0x72, 0x76, 0x65, 0x72, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x2e, 0x57, 0x61, - 0x74, 0x63, 0x68, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x1a, 0x36, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, 0x63, 0x6f, - 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x64, 0x69, 0x73, 0x63, 0x6f, - 0x76, 0x65, 0x72, 0x79, 0x2e, 0x57, 0x61, 0x74, 0x63, 0x68, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, - 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x30, 0x01, 0x42, 0xad, 0x02, - 0x0a, 0x24, 0x63, 0x6f, 0x6d, 0x2e, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, - 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x64, 0x69, 0x73, - 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x42, 0x14, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x64, 0x69, - 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x4d, - 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69, - 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x63, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2d, 0x64, 0x61, 0x74, 0x61, - 0x70, 0x6c, 0x61, 0x6e, 0x65, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x63, - 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2d, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x70, 0x62, 0x73, 0x65, - 0x72, 0x76, 0x65, 0x72, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0xa2, 0x02, 0x03, - 0x48, 0x43, 0x53, 0xaa, 0x02, 0x20, 0x48, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2e, - 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x64, 0x69, 0x73, - 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0xca, 0x02, 0x20, 0x48, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, - 0x72, 0x70, 0x5c, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x5c, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, - 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0xe2, 0x02, 0x2c, 0x48, 0x61, 0x73, 0x68, - 0x69, 0x63, 0x6f, 0x72, 0x70, 0x5c, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x5c, 0x53, 0x65, 0x72, - 0x76, 0x65, 0x72, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x5c, 0x47, 0x50, 0x42, - 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x22, 0x48, 0x61, 0x73, 0x68, 0x69, - 0x63, 0x6f, 0x72, 0x70, 0x3a, 0x3a, 0x43, 0x6f, 0x6e, 0x73, 0x75, 0x6c, 0x3a, 0x3a, 0x53, 0x65, - 0x72, 0x76, 0x65, 0x72, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x62, 0x06, 0x70, - 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_pbserverdiscovery_serverdiscovery_proto_rawDescOnce sync.Once - file_pbserverdiscovery_serverdiscovery_proto_rawDescData = file_pbserverdiscovery_serverdiscovery_proto_rawDesc -) - -func file_pbserverdiscovery_serverdiscovery_proto_rawDescGZIP() []byte { - file_pbserverdiscovery_serverdiscovery_proto_rawDescOnce.Do(func() { - file_pbserverdiscovery_serverdiscovery_proto_rawDescData = protoimpl.X.CompressGZIP(file_pbserverdiscovery_serverdiscovery_proto_rawDescData) - }) - return file_pbserverdiscovery_serverdiscovery_proto_rawDescData -} - -var file_pbserverdiscovery_serverdiscovery_proto_msgTypes = make([]protoimpl.MessageInfo, 3) -var file_pbserverdiscovery_serverdiscovery_proto_goTypes = []interface{}{ - (*WatchServersRequest)(nil), // 0: hashicorp.consul.serverdiscovery.WatchServersRequest - (*WatchServersResponse)(nil), // 1: hashicorp.consul.serverdiscovery.WatchServersResponse - (*Server)(nil), // 2: hashicorp.consul.serverdiscovery.Server -} -var file_pbserverdiscovery_serverdiscovery_proto_depIdxs = []int32{ - 2, // 0: hashicorp.consul.serverdiscovery.WatchServersResponse.servers:type_name -> hashicorp.consul.serverdiscovery.Server - 0, // 1: hashicorp.consul.serverdiscovery.ServerDiscoveryService.WatchServers:input_type -> hashicorp.consul.serverdiscovery.WatchServersRequest - 1, // 2: hashicorp.consul.serverdiscovery.ServerDiscoveryService.WatchServers:output_type -> hashicorp.consul.serverdiscovery.WatchServersResponse - 2, // [2:3] is the sub-list for method output_type - 1, // [1:2] is the sub-list for method input_type - 1, // [1:1] is the sub-list for extension type_name - 1, // [1:1] is the sub-list for extension extendee - 0, // [0:1] is the sub-list for field type_name -} - -func init() { file_pbserverdiscovery_serverdiscovery_proto_init() } -func file_pbserverdiscovery_serverdiscovery_proto_init() { - if File_pbserverdiscovery_serverdiscovery_proto != nil { - return - } - if !protoimpl.UnsafeEnabled { - file_pbserverdiscovery_serverdiscovery_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*WatchServersRequest); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbserverdiscovery_serverdiscovery_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*WatchServersResponse); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_pbserverdiscovery_serverdiscovery_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Server); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_pbserverdiscovery_serverdiscovery_proto_rawDesc, - NumEnums: 0, - NumMessages: 3, - NumExtensions: 0, - NumServices: 1, - }, - GoTypes: file_pbserverdiscovery_serverdiscovery_proto_goTypes, - DependencyIndexes: file_pbserverdiscovery_serverdiscovery_proto_depIdxs, - MessageInfos: file_pbserverdiscovery_serverdiscovery_proto_msgTypes, - }.Build() - File_pbserverdiscovery_serverdiscovery_proto = out.File - file_pbserverdiscovery_serverdiscovery_proto_rawDesc = nil - file_pbserverdiscovery_serverdiscovery_proto_goTypes = nil - file_pbserverdiscovery_serverdiscovery_proto_depIdxs = nil -} diff --git a/internal/consul-proto/pbserverdiscovery/serverdiscovery_grpc.pb.go b/internal/consul-proto/pbserverdiscovery/serverdiscovery_grpc.pb.go deleted file mode 100644 index b802e860..00000000 --- a/internal/consul-proto/pbserverdiscovery/serverdiscovery_grpc.pb.go +++ /dev/null @@ -1,141 +0,0 @@ -// Code generated by protoc-gen-go-grpc. DO NOT EDIT. -// versions: -// - protoc-gen-go-grpc v1.2.0 -// - protoc (unknown) -// source: pbserverdiscovery/serverdiscovery.proto - -package pbserverdiscovery - -import ( - context "context" - grpc "google.golang.org/grpc" - codes "google.golang.org/grpc/codes" - status "google.golang.org/grpc/status" -) - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the grpc package it is being compiled against. -// Requires gRPC-Go v1.32.0 or later. -const _ = grpc.SupportPackageIsVersion7 - -// ServerDiscoveryServiceClient is the client API for ServerDiscoveryService service. -// -// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. -type ServerDiscoveryServiceClient interface { - // WatchServers will stream back sets of ready servers as they change such as - // when new servers are added or older ones removed. A ready server is one that - // should be considered ready for sending general RPC requests towards that would - // catalog queries, xDS proxy configurations and similar services. - WatchServers(ctx context.Context, in *WatchServersRequest, opts ...grpc.CallOption) (ServerDiscoveryService_WatchServersClient, error) -} - -type serverDiscoveryServiceClient struct { - cc grpc.ClientConnInterface -} - -func NewServerDiscoveryServiceClient(cc grpc.ClientConnInterface) ServerDiscoveryServiceClient { - return &serverDiscoveryServiceClient{cc} -} - -func (c *serverDiscoveryServiceClient) WatchServers(ctx context.Context, in *WatchServersRequest, opts ...grpc.CallOption) (ServerDiscoveryService_WatchServersClient, error) { - stream, err := c.cc.NewStream(ctx, &ServerDiscoveryService_ServiceDesc.Streams[0], "/hashicorp.consul.serverdiscovery.ServerDiscoveryService/WatchServers", opts...) - if err != nil { - return nil, err - } - x := &serverDiscoveryServiceWatchServersClient{stream} - if err := x.ClientStream.SendMsg(in); err != nil { - return nil, err - } - if err := x.ClientStream.CloseSend(); err != nil { - return nil, err - } - return x, nil -} - -type ServerDiscoveryService_WatchServersClient interface { - Recv() (*WatchServersResponse, error) - grpc.ClientStream -} - -type serverDiscoveryServiceWatchServersClient struct { - grpc.ClientStream -} - -func (x *serverDiscoveryServiceWatchServersClient) Recv() (*WatchServersResponse, error) { - m := new(WatchServersResponse) - if err := x.ClientStream.RecvMsg(m); err != nil { - return nil, err - } - return m, nil -} - -// ServerDiscoveryServiceServer is the server API for ServerDiscoveryService service. -// All implementations must embed UnimplementedServerDiscoveryServiceServer -// for forward compatibility -type ServerDiscoveryServiceServer interface { - // WatchServers will stream back sets of ready servers as they change such as - // when new servers are added or older ones removed. A ready server is one that - // should be considered ready for sending general RPC requests towards that would - // catalog queries, xDS proxy configurations and similar services. - WatchServers(*WatchServersRequest, ServerDiscoveryService_WatchServersServer) error - mustEmbedUnimplementedServerDiscoveryServiceServer() -} - -// UnimplementedServerDiscoveryServiceServer must be embedded to have forward compatible implementations. -type UnimplementedServerDiscoveryServiceServer struct { -} - -func (UnimplementedServerDiscoveryServiceServer) WatchServers(*WatchServersRequest, ServerDiscoveryService_WatchServersServer) error { - return status.Errorf(codes.Unimplemented, "method WatchServers not implemented") -} -func (UnimplementedServerDiscoveryServiceServer) mustEmbedUnimplementedServerDiscoveryServiceServer() { -} - -// UnsafeServerDiscoveryServiceServer may be embedded to opt out of forward compatibility for this service. -// Use of this interface is not recommended, as added methods to ServerDiscoveryServiceServer will -// result in compilation errors. -type UnsafeServerDiscoveryServiceServer interface { - mustEmbedUnimplementedServerDiscoveryServiceServer() -} - -func RegisterServerDiscoveryServiceServer(s grpc.ServiceRegistrar, srv ServerDiscoveryServiceServer) { - s.RegisterService(&ServerDiscoveryService_ServiceDesc, srv) -} - -func _ServerDiscoveryService_WatchServers_Handler(srv interface{}, stream grpc.ServerStream) error { - m := new(WatchServersRequest) - if err := stream.RecvMsg(m); err != nil { - return err - } - return srv.(ServerDiscoveryServiceServer).WatchServers(m, &serverDiscoveryServiceWatchServersServer{stream}) -} - -type ServerDiscoveryService_WatchServersServer interface { - Send(*WatchServersResponse) error - grpc.ServerStream -} - -type serverDiscoveryServiceWatchServersServer struct { - grpc.ServerStream -} - -func (x *serverDiscoveryServiceWatchServersServer) Send(m *WatchServersResponse) error { - return x.ServerStream.SendMsg(m) -} - -// ServerDiscoveryService_ServiceDesc is the grpc.ServiceDesc for ServerDiscoveryService service. -// It's only intended for direct use with grpc.RegisterService, -// and not to be introspected or modified (even as a copy) -var ServerDiscoveryService_ServiceDesc = grpc.ServiceDesc{ - ServiceName: "hashicorp.consul.serverdiscovery.ServerDiscoveryService", - HandlerType: (*ServerDiscoveryServiceServer)(nil), - Methods: []grpc.MethodDesc{}, - Streams: []grpc.StreamDesc{ - { - StreamName: "WatchServers", - Handler: _ServerDiscoveryService_WatchServers_Handler, - ServerStreams: true, - }, - }, - Metadata: "pbserverdiscovery/serverdiscovery.proto", -} diff --git a/pkg/consuldp/bootstrap.go b/pkg/consuldp/bootstrap.go index 5ecf97d6..ff704d00 100644 --- a/pkg/consuldp/bootstrap.go +++ b/pkg/consuldp/bootstrap.go @@ -8,10 +8,10 @@ import ( "strconv" "strings" + "github.com/hashicorp/consul/proto-public/pbdataplane" "github.com/mitchellh/mapstructure" "github.com/hashicorp/consul-dataplane/internal/bootstrap" - "github.com/hashicorp/consul-dataplane/internal/consul-proto/pbdataplane" ) const ( diff --git a/pkg/consuldp/bootstrap_test.go b/pkg/consuldp/bootstrap_test.go index 837443de..8f701f27 100644 --- a/pkg/consuldp/bootstrap_test.go +++ b/pkg/consuldp/bootstrap_test.go @@ -11,11 +11,10 @@ import ( "strings" "testing" + "github.com/hashicorp/consul/proto-public/pbdataplane" "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" "google.golang.org/protobuf/types/known/structpb" - - "github.com/hashicorp/consul-dataplane/internal/consul-proto/pbdataplane" ) var ( @@ -42,9 +41,6 @@ func TestBootstrapConfig(t *testing.T) { }{ "basic": { &Config{ - Consul: &ConsulConfig{ - GRPCPort: 1234, - }, Service: &ServiceConfig{ ServiceID: "web-proxy", NodeName: nodeName, @@ -68,9 +64,6 @@ func TestBootstrapConfig(t *testing.T) { }, "central-telemetry-config": { &Config{ - Consul: &ConsulConfig{ - GRPCPort: 1234, - }, Service: &ServiceConfig{ ServiceID: "web-proxy", NodeName: nodeName, @@ -94,9 +87,6 @@ func TestBootstrapConfig(t *testing.T) { }, "ready-listener": { &Config{ - Consul: &ConsulConfig{ - GRPCPort: 1234, - }, Service: &ServiceConfig{ ServiceID: "web-proxy", NodeName: nodeName, @@ -119,9 +109,6 @@ func TestBootstrapConfig(t *testing.T) { }, "unix-socket-xds-server": { &Config{ - Consul: &ConsulConfig{ - GRPCPort: 1234, - }, Service: &ServiceConfig{ ServiceID: "web-proxy", NodeName: nodeName, diff --git a/pkg/consuldp/config.go b/pkg/consuldp/config.go index 12c7a47c..eeeb3382 100644 --- a/pkg/consuldp/config.go +++ b/pkg/consuldp/config.go @@ -1,5 +1,14 @@ package consuldp +import ( + "crypto/tls" + "fmt" + "os" + + "github.com/hashicorp/consul-server-connection-manager/discovery" + "github.com/hashicorp/go-rootcerts" +) + // ConsulConfig are the settings required to connect with Consul servers type ConsulConfig struct { // Addresses are Consul server addresses. Value can be: @@ -11,15 +20,109 @@ type ConsulConfig struct { // Credentials are the credentials used to authenticate requests and streams // to the Consul servers (e.g. static ACL token or auth method credentials). Credentials *CredentialsConfig + // ServerWatchDisabled opts-out of consuming the server update stream, for + // cases where its addresses are incorrect (e.g. servers are behind a load + // balancer). + ServerWatchDisabled bool + // TLS contains the TLS settings for communicating with Consul servers. + TLS *TLSConfig +} + +// TLSConfig contains the TLS settings for communicating with Consul servers. +type TLSConfig struct { + // Disabled causes consul-dataplane to communicate with Consul servers over + // an insecure plaintext connection. This is useful for testing, but should + // not be used in production. + Disabled bool + // CACertsPath is a path to a file or directory containing CA certificates to + // use to verify the server's certificate. This is only necessary if the server + // presents a certificate that isn't signed by a trusted public CA. + CACertsPath string + // ServerName is used to verify the server certificate's subject when it cannot + // be inferred from Consul.Addresses (i.e. it is not a DNS name). + ServerName string + // CertFile is a path to the client certificate that will be presented to + // Consul servers. + // + // Note: this is only required if servers have tls.grpc.verify_incoming enabled. + // Generally, issuing consul-dataplane instances with client certificates isn't + // necessary and creates significant operational burden. + CertFile string + // KeyFile is a path to the client private key that will be used to communicate + // with Consul servers (when CertFile is provided). + // + // Note: this is only required if servers have tls.grpc.verify_incoming enabled. + // Generally, issuing consul-dataplane instances with client certificates isn't + // necessary and creates significant operational burden. + KeyFile string + // InsecureSkipVerify causes consul-dataplane not to verify the certificate + // presented by the server. This is useful for testing, but should not be used + // in production. + InsecureSkipVerify bool +} + +// Load creates a *tls.Config, including loading the CA and client certificates. +func (t *TLSConfig) Load() (*tls.Config, error) { + if t.Disabled { + return nil, nil + } + + tlsCfg := &tls.Config{ + ServerName: t.ServerName, + InsecureSkipVerify: t.InsecureSkipVerify, + } + + var rootCfg rootcerts.Config + if path := t.CACertsPath; path != "" { + fi, err := os.Stat(path) + if err != nil { + return nil, fmt.Errorf("failed to read CA certs: %w", err) + } + if fi.IsDir() { + rootCfg.CAPath = path + } else { + rootCfg.CAFile = path + } + } + if err := rootcerts.ConfigureTLS(tlsCfg, &rootCfg); err != nil { + return nil, fmt.Errorf("failed to configure CA certs: %w", err) + } + + if t.CertFile != "" && t.KeyFile != "" { + cert, err := tls.LoadX509KeyPair(t.CertFile, t.KeyFile) + if err != nil { + return nil, fmt.Errorf("failed to configure TLS cert: %w", err) + } + tlsCfg.Certificates = []tls.Certificate{cert} + } + + return tlsCfg, nil } // CredentialsConfig contains the credentials used to authenticate requests and // streams to the Consul servers. type CredentialsConfig struct { + // Type identifies the type of credentials provided. + Type CredentialsType // Static contains the static ACL token. - Static *StaticCredentialsConfig + Static StaticCredentialsConfig + // Login contains the credentials for logging in with an auth method. + Login LoginCredentialsConfig } +// CredentialsType identifies the type of credentials provided. +type CredentialsType string + +const ( + // CredentialsTypeNone indicates that no credentials were given. + CredentialsTypeNone CredentialsType = "" + // CredentialsTypeStatic indicates that a static ACL token was provided. + CredentialsTypeStatic CredentialsType = "static" + // CredentialsTypeLogin indicates that credentials were provided to log in with + // an auth method. + CredentialsTypeLogin CredentialsType = "login" +) + // StaticCredentialsConfig contains the static ACL token that will be used to // authenticate requests and streams to the Consul servers. type StaticCredentialsConfig struct { @@ -27,6 +130,63 @@ type StaticCredentialsConfig struct { Token string } +// LoginCredentialsConfig contains credentials for logging in with an auth method. +type LoginCredentialsConfig struct { + // Method is the name of the Consul auth method. + Method string + // Namespace is the namespace containing the auth method. + Namespace string + // Partition is the partition containing the auth method. + Partition string + // Datacenter is the datacenter containing the auth method. + Datacenter string + // Bearer is the bearer token presented to the auth method. + Bearer string + // BearerPath is the path to a file containing a bearer token. + BearerPath string + // Meta is the arbitrary set of key-value pairs to attach to the + // token. These are included in the Description field of the token. + Meta map[string]string +} + +// ToDiscoveryCredentials creates a discovery.Credentials, including loading a +// bearer token from a file if BearerPath is given. +func (cc *CredentialsConfig) ToDiscoveryCredentials() (discovery.Credentials, error) { + var creds discovery.Credentials + + switch cc.Type { + case CredentialsTypeNone: + return creds, nil + case CredentialsTypeStatic: + creds.Type = discovery.CredentialsTypeStatic + creds.Static = discovery.StaticTokenCredential{ + Token: cc.Static.Token, + } + case CredentialsTypeLogin: + creds.Type = discovery.CredentialsTypeLogin + creds.Login = discovery.LoginCredential{ + AuthMethod: cc.Login.Method, + Namespace: cc.Login.Namespace, + Partition: cc.Login.Partition, + Datacenter: cc.Login.Datacenter, + BearerToken: cc.Login.Bearer, + Meta: cc.Login.Meta, + } + + if creds.Login.BearerToken == "" && cc.Login.BearerPath != "" { + bearer, err := os.ReadFile(cc.Login.BearerPath) + if err != nil { + return creds, fmt.Errorf("failed to read bearer token from file: %w", err) + } + creds.Login.BearerToken = string(bearer) + } + default: + return creds, fmt.Errorf("unknown credential type: %s", cc.Type) + } + + return creds, nil +} + // LoggingConfig can be used to specify logger configuration settings. type LoggingConfig struct { // Name of the subsystem to prefix logs with diff --git a/pkg/consuldp/config_test.go b/pkg/consuldp/config_test.go new file mode 100644 index 00000000..6bc6e719 --- /dev/null +++ b/pkg/consuldp/config_test.go @@ -0,0 +1,175 @@ +package consuldp + +import ( + "crypto/x509" + "encoding/pem" + "os" + "testing" + + "github.com/hashicorp/consul-server-connection-manager/discovery" + "github.com/stretchr/testify/require" +) + +func TestConfig_TLS(t *testing.T) { + t.Run("disabled", func(t *testing.T) { + cfg := TLSConfig{Disabled: true} + + out, err := cfg.Load() + require.NoError(t, err) + require.Nil(t, out) + }) + + t.Run("CACertsPath is a file", func(t *testing.T) { + cfg := TLSConfig{ + CACertsPath: "testdata/certs/ca/cert.pem", + } + + out, err := cfg.Load() + require.NoError(t, err) + + cert := loadCertificate(t, "testdata/certs/server/cert.pem") + _, err = cert.Verify(x509.VerifyOptions{ + Roots: out.RootCAs, + CurrentTime: cert.NotBefore, + }) + require.NoError(t, err) + }) + + t.Run("CACertsPath is a directory", func(t *testing.T) { + cfg := TLSConfig{ + CACertsPath: "testdata/certs/ca", + } + + out, err := cfg.Load() + require.NoError(t, err) + + cert := loadCertificate(t, "testdata/certs/server/cert.pem") + _, err = cert.Verify(x509.VerifyOptions{ + Roots: out.RootCAs, + CurrentTime: cert.NotBefore, + }) + require.NoError(t, err) + }) + + t.Run("setting a client certificate", func(t *testing.T) { + cfg := TLSConfig{ + CertFile: "testdata/certs/server/cert.pem", + KeyFile: "testdata/certs/server/key.pem", + } + + out, err := cfg.Load() + require.NoError(t, err) + + require.Len(t, out.Certificates, 1) + + cert, err := x509.ParseCertificate(out.Certificates[0].Certificate[0]) + require.NoError(t, err) + require.Equal(t, "server.dc1.consul", cert.Subject.CommonName) + + require.NotNil(t, out.Certificates[0].PrivateKey) + }) +} + +func TestConfig_Credentials(t *testing.T) { + tokFile, err := os.CreateTemp(os.TempDir(), "bearer-token") + require.NoError(t, err) + t.Cleanup(func() { _ = os.Remove(tokFile.Name()) }) + t.Cleanup(func() { _ = tokFile.Close() }) + + _, err = tokFile.WriteString("bearer-token-from-file") + require.NoError(t, err) + + testCases := map[string]struct { + in CredentialsConfig + out discovery.Credentials + }{ + "no credentials": { + in: CredentialsConfig{Type: CredentialsTypeNone}, + out: discovery.Credentials{}, + }, + "static credentials": { + in: CredentialsConfig{ + Type: CredentialsTypeStatic, + Static: StaticCredentialsConfig{ + Token: "my-acl-token", + }, + }, + out: discovery.Credentials{ + Type: discovery.CredentialsTypeStatic, + Static: discovery.StaticTokenCredential{ + Token: "my-acl-token", + }, + }, + }, + "login credentials (bearer token)": { + in: CredentialsConfig{ + Type: CredentialsTypeLogin, + Login: LoginCredentialsConfig{ + Method: "jwt", + Namespace: "namespace-1", + Partition: "partition-a", + Datacenter: "primary-dc", + Bearer: "bearer-token", + Meta: map[string]string{"foo": "bar"}, + }, + }, + out: discovery.Credentials{ + Type: discovery.CredentialsTypeLogin, + Login: discovery.LoginCredential{ + AuthMethod: "jwt", + Namespace: "namespace-1", + Partition: "partition-a", + Datacenter: "primary-dc", + BearerToken: "bearer-token", + Meta: map[string]string{"foo": "bar"}, + }, + }, + }, + "login credentials (bearer file)": { + in: CredentialsConfig{ + Type: CredentialsTypeLogin, + Login: LoginCredentialsConfig{ + Method: "jwt", + Namespace: "namespace-1", + Partition: "partition-a", + Datacenter: "primary-dc", + BearerPath: tokFile.Name(), + Meta: map[string]string{"foo": "bar"}, + }, + }, + out: discovery.Credentials{ + Type: discovery.CredentialsTypeLogin, + Login: discovery.LoginCredential{ + AuthMethod: "jwt", + Namespace: "namespace-1", + Partition: "partition-a", + Datacenter: "primary-dc", + BearerToken: "bearer-token-from-file", + Meta: map[string]string{"foo": "bar"}, + }, + }, + }, + } + for desc, tc := range testCases { + t.Run(desc, func(t *testing.T) { + got, err := tc.in.ToDiscoveryCredentials() + require.NoError(t, err) + require.Equal(t, tc.out, got) + }) + } +} + +func loadCertificate(t *testing.T, path string) *x509.Certificate { + t.Helper() + + pemBytes, err := os.ReadFile(path) + require.NoError(t, err) + + block, _ := pem.Decode(pemBytes) + require.Equal(t, "CERTIFICATE", block.Type) + + cert, err := x509.ParseCertificate(block.Bytes) + require.NoError(t, err) + + return cert +} diff --git a/pkg/consuldp/consul_dataplane.go b/pkg/consuldp/consul_dataplane.go index bbbd021e..2ce3a3eb 100644 --- a/pkg/consuldp/consul_dataplane.go +++ b/pkg/consuldp/consul_dataplane.go @@ -4,32 +4,17 @@ import ( "context" "errors" "fmt" - "math/rand" "net" "strings" - "time" + "github.com/hashicorp/consul-server-connection-manager/discovery" + "github.com/hashicorp/consul/proto-public/pbdataplane" "github.com/hashicorp/go-hclog" - "github.com/hashicorp/go-netaddrs" "google.golang.org/grpc" - "google.golang.org/grpc/credentials/insecure" - "github.com/hashicorp/consul-dataplane/internal/consul-proto/pbdataplane" "github.com/hashicorp/consul-dataplane/pkg/envoy" ) -// consulServer maintains the settings of the Consul server with which -// consul-dataplane has established a gRPC connection -type consulServer struct { - // address is the IP address of the Consul server - address net.IPAddr - // supportedFeatures is a map of the dataplane features supported by the Consul server - supportedFeatures map[pbdataplane.DataplaneFeatures]bool - - // grpcClientConn is the gRPC connection to the Consul server - grpcClientConn *grpc.ClientConn -} - type xdsServer struct { listener net.Listener listenerAddress string @@ -42,9 +27,10 @@ type xdsServer struct { type ConsulDataplane struct { logger hclog.Logger cfg *Config - consulServer *consulServer + serverConn *grpc.ClientConn dpServiceClient pbdataplane.DataplaneServiceClient xdsServer *xdsServer + aclToken string } // NewConsulDP creates a new instance of ConsulDataplane @@ -94,75 +80,58 @@ func validateConfig(cfg *Config) error { case !strings.HasPrefix(cfg.XDSServer.BindAddress, "unix://") && !net.ParseIP(cfg.XDSServer.BindAddress).IsLoopback(): return errors.New("non-local xDS bind address not allowed") } - return nil -} - -// TODO (CSLC-151): Integrate with server discovery library to determine a healthy server for grpc/xds connection -func (cdp *ConsulDataplane) resolveAndPickConsulServerAddress(ctx context.Context) error { - netAddrLogger := cdp.logger.Named("go-netaddrs") - addresses, err := netaddrs.IPAddrs(ctx, cdp.cfg.Consul.Addresses, netAddrLogger) - if err != nil { - errMsg := "failure resolving consul server addresses" - cdp.logger.Error(errMsg, "error", err) - return fmt.Errorf("%s. %v", errMsg, err) - } - cdp.logger.Info("resolved consul server addresses", "addresses", addresses) - // randomly pick a server address from the list of resolved addresses - rand.Seed(time.Now().Unix()) - cdp.consulServer = &consulServer{address: addresses[rand.Intn(len(addresses))]} - return nil -} -func (cdp *ConsulDataplane) setConsulServerSupportedFeatures(ctx context.Context) error { - resp, err := cdp.dpServiceClient.GetSupportedDataplaneFeatures(ctx, &pbdataplane.GetSupportedDataplaneFeaturesRequest{}) - if err != nil { - errMsg := "failure getting supported consul-dataplane features" - cdp.logger.Error(errMsg, "error", err) - return fmt.Errorf("%s. %v", errMsg, err) + creds := cfg.Consul.Credentials + if creds.Type == CredentialsTypeLogin && creds.Login.Bearer == "" && creds.Login.BearerPath == "" { + return errors.New("bearer token (or path to a file containing a bearer token) is required for login") } - serverSupportedFeatures := make(map[pbdataplane.DataplaneFeatures]bool) - cdp.logger.Info("retrieved consul server supported dataplane features") - for _, feature := range resp.SupportedDataplaneFeatures { - serverSupportedFeatures[feature.GetFeatureName()] = feature.GetSupported() - cdp.logger.Info("feature support", feature.GetFeatureName().String(), feature.GetSupported()) - } - cdp.consulServer.supportedFeatures = serverSupportedFeatures return nil } func (cdp *ConsulDataplane) Run(ctx context.Context) error { cdp.logger.Info("started consul-dataplane process") - if err := cdp.resolveAndPickConsulServerAddress(ctx); err != nil { + tls, err := cdp.cfg.Consul.TLS.Load() + if err != nil { return err } - // Establish gRPC connection to the Consul server - // TODO: Use TLS for the gRPC connection - gRPCTarget := fmt.Sprintf("%s:%d", cdp.consulServer.address.String(), cdp.cfg.Consul.GRPCPort) - grpcCtx, cancel := context.WithTimeout(ctx, time.Duration(10*time.Second)) - defer cancel() - grpcClientConn, err := grpc.DialContext(grpcCtx, gRPCTarget, grpc.WithTransportCredentials(insecure.NewCredentials()), grpc.WithBlock()) + creds, err := cdp.cfg.Consul.Credentials.ToDiscoveryCredentials() if err != nil { - cdp.logger.Error("could not connect to consul server over grpc", "error", err, "grpc-target", gRPCTarget) return err } - defer grpcClientConn.Close() - // TODO (NET-148): Ensure the server connection here is the one acquired via the server discovery library - cdp.consulServer.grpcClientConn = grpcClientConn - cdp.logger.Info("connected to consul server over grpc", "grpc-target", gRPCTarget) - dpservice := pbdataplane.NewDataplaneServiceClient(grpcClientConn) - cdp.dpServiceClient = dpservice - - // TODO: Acquire ACL token and pass it in gRPC calls. + watcher, err := discovery.NewWatcher(ctx, discovery.Config{ + Addresses: cdp.cfg.Consul.Addresses, + GRPCPort: cdp.cfg.Consul.GRPCPort, + ServerWatchDisabled: cdp.cfg.Consul.ServerWatchDisabled, + Credentials: creds, + TLS: tls, + ServerEvalFn: func(state discovery.State) bool { + // We require support for generating Envoy bootstrap configuration at least. + // + // TODO: now that we consume Consul's protobufs as a Go module, should we + // have the discovery package expose the protobuf enum type rather than the + // string representation? + return state.DataplaneFeatures[pbdataplane.DataplaneFeatures_DATAPLANE_FEATURES_ENVOY_BOOTSTRAP_CONFIGURATION.String()] + }, + }, cdp.logger.Named("server-connection-manager")) + if err != nil { + return err + } + go watcher.Run() - if err := cdp.setConsulServerSupportedFeatures(ctx); err != nil { - cdp.logger.Error("failed to set supported features", "error", err) - return fmt.Errorf("failed to set supported features: %w", err) + state, err := watcher.State() + if err != nil { + return err } + cdp.logger.Info("connected to Consul server over gRPC", "initial_server_address", state.Address.String()) + cdp.serverConn = state.GRPCConn + cdp.aclToken = state.Token + cdp.dpServiceClient = pbdataplane.NewDataplaneServiceClient(state.GRPCConn) + err = cdp.setupXDSServer() if err != nil { return err diff --git a/pkg/consuldp/consul_dataplane_test.go b/pkg/consuldp/consul_dataplane_test.go index 3fa5af89..84618bbb 100644 --- a/pkg/consuldp/consul_dataplane_test.go +++ b/pkg/consuldp/consul_dataplane_test.go @@ -1,15 +1,9 @@ package consuldp import ( - "context" - "fmt" - "net" "testing" - "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" - - "github.com/hashicorp/consul-dataplane/internal/consul-proto/pbdataplane" ) func validConfig() *Config { @@ -18,7 +12,8 @@ func validConfig() *Config { Addresses: "consul.servers.dns.com", GRPCPort: 1234, Credentials: &CredentialsConfig{ - Static: &StaticCredentialsConfig{ + Type: CredentialsTypeStatic, + Static: StaticCredentialsConfig{ Token: "some-acl-token", }, }, @@ -48,7 +43,7 @@ func TestNewConsulDP(t *testing.T) { require.Equal(t, cfg.Logging.Name, consulDP.logger.Name()) require.True(t, consulDP.logger.IsInfo()) require.Equal(t, cfg, consulDP.cfg) - require.Nil(t, consulDP.consulServer) + require.Nil(t, consulDP.serverConn) } func TestNewConsulDPError(t *testing.T) { @@ -132,6 +127,14 @@ func TestNewConsulDPError(t *testing.T) { }, expectErr: "non-local xDS bind address not allowed", }, + { + name: "no bearer token or path given", + modFn: func(c *Config) { + c.Consul.Credentials.Type = CredentialsTypeLogin + c.Consul.Credentials.Login = LoginCredentialsConfig{} + }, + expectErr: "bearer token (or path to a file containing a bearer token) is required for login", + }, } for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { @@ -143,73 +146,3 @@ func TestNewConsulDPError(t *testing.T) { }) } } - -func TestResolveAndPickConsulServerAddress(t *testing.T) { - cfg := validConfig() - cfg.Consul.Addresses = "exec=echo 127.0.0.1" - - consulDP, err := NewConsulDP(cfg) - require.NoError(t, err) - - require.NoError(t, consulDP.resolveAndPickConsulServerAddress(context.Background())) - require.Equal(t, net.IPAddr{IP: net.ParseIP("127.0.0.1")}, consulDP.consulServer.address) -} - -func TestResolveAndPickConsulServerAddressError(t *testing.T) { - cfg := validConfig() - cfg.Consul.Addresses = "invalid-dns" - - consulDP, err := NewConsulDP(cfg) - require.NoError(t, err) - require.ErrorContains(t, consulDP.resolveAndPickConsulServerAddress(context.Background()), "failure resolving consul server addresses") - require.Nil(t, consulDP.consulServer) -} - -func TestSetConsulServerSupportedFeatures(t *testing.T) { - cfg := validConfig() - consulDP, err := NewConsulDP(cfg) - require.NoError(t, err) - - consulDP.consulServer = &consulServer{address: net.IPAddr{IP: net.ParseIP("127.0.0.1")}} - - mockDataplaneServiceClient := NewMockDataplaneServiceClient(t) - consulDP.dpServiceClient = mockDataplaneServiceClient - supportedFeatures := []*pbdataplane.DataplaneFeatureSupport{ - { - FeatureName: pbdataplane.DataplaneFeatures_DATAPLANE_FEATURES_WATCH_SERVERS, - Supported: true, - }, - { - FeatureName: pbdataplane.DataplaneFeatures_DATAPLANE_FEATURES_EDGE_CERTIFICATE_MANAGEMENT, - Supported: true, - }, - { - FeatureName: pbdataplane.DataplaneFeatures_DATAPLANE_FEATURES_ENVOY_BOOTSTRAP_CONFIGURATION, - Supported: true, - }, - } - mockDataplaneServiceClient.EXPECT(). - GetSupportedDataplaneFeatures(mock.Anything, mock.Anything, mock.Anything).Call. - Return(&pbdataplane.GetSupportedDataplaneFeaturesResponse{SupportedDataplaneFeatures: supportedFeatures}, nil) - - err = consulDP.setConsulServerSupportedFeatures(context.Background()) - require.NoError(t, err) - require.Equal(t, len(supportedFeatures), len(consulDP.consulServer.supportedFeatures)) -} - -func TestSetConsulServerSupportedFeaturesError(t *testing.T) { - cfg := validConfig() - consulDP, err := NewConsulDP(cfg) - require.NoError(t, err) - - consulDP.consulServer = &consulServer{address: net.IPAddr{IP: net.ParseIP("127.0.0.1")}} - - mockDataplaneServiceClient := NewMockDataplaneServiceClient(t) - consulDP.dpServiceClient = mockDataplaneServiceClient - mockDataplaneServiceClient.EXPECT(). - GetSupportedDataplaneFeatures(mock.Anything, mock.Anything, mock.Anything).Call. - Return(nil, fmt.Errorf("error!")) - - require.ErrorContains(t, consulDP.setConsulServerSupportedFeatures(context.Background()), "failure getting supported consul-dataplane features") - require.Empty(t, consulDP.consulServer.supportedFeatures) -} diff --git a/pkg/consuldp/mock_dataplane_service_client.go b/pkg/consuldp/mock_dataplane_service_client.go index fd7d3450..5b2957b9 100644 --- a/pkg/consuldp/mock_dataplane_service_client.go +++ b/pkg/consuldp/mock_dataplane_service_client.go @@ -9,7 +9,7 @@ import ( mock "github.com/stretchr/testify/mock" - pbdataplane "github.com/hashicorp/consul-dataplane/internal/consul-proto/pbdataplane" + pbdataplane "github.com/hashicorp/consul/proto-public/pbdataplane" ) // MockDataplaneServiceClient is an autogenerated mock type for the DataplaneServiceClient type diff --git a/pkg/consuldp/testdata/certs/ca/cert.pem b/pkg/consuldp/testdata/certs/ca/cert.pem new file mode 100644 index 00000000..8f84c0c8 --- /dev/null +++ b/pkg/consuldp/testdata/certs/ca/cert.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC7TCCApSgAwIBAgIRAP1Z0cF0jKuFLwHfe+vXKgowCgYIKoZIzj0EAwIwgbkx +CzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNj +bzEaMBgGA1UECRMRMTAxIFNlY29uZCBTdHJlZXQxDjAMBgNVBBETBTk0MTA1MRcw +FQYDVQQKEw5IYXNoaUNvcnAgSW5jLjFAMD4GA1UEAxM3Q29uc3VsIEFnZW50IENB +IDMzNjc2MTA1MTcwNDcwNjE2NDY5MTIzMzAwMzY0MTA1NDM3NDQxMDAeFw0yMjA5 +MDgwOTAxMDZaFw0yNzA5MDcwOTAxMDZaMIG5MQswCQYDVQQGEwJVUzELMAkGA1UE +CBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGjAYBgNVBAkTETEwMSBTZWNv +bmQgU3RyZWV0MQ4wDAYDVQQREwU5NDEwNTEXMBUGA1UEChMOSGFzaGlDb3JwIElu +Yy4xQDA+BgNVBAMTN0NvbnN1bCBBZ2VudCBDQSAzMzY3NjEwNTE3MDQ3MDYxNjQ2 +OTEyMzMwMDM2NDEwNTQzNzQ0MTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATo +IgE4sG18GbDA21ATHGa5CAlcej0IGfKFmPLdhmYhZb0sKt+kB+/bsbpTiV2yrmBp +AJRSjx1oIk+ZlIOqreOMo3sweTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUw +AwEB/zApBgNVHQ4EIgQg6t7SJkVc4rvY8WD6a79DwQk7UDLqwqjVZX0/dnG8tFEw +KwYDVR0jBCQwIoAg6t7SJkVc4rvY8WD6a79DwQk7UDLqwqjVZX0/dnG8tFEwCgYI +KoZIzj0EAwIDRwAwRAIgQQ0gteEkbhvhVIJg9/JXvNyGGl7bpn7qm3A6iGe08FYC +IHkVVKnKmsUgbXzwq1+wQ2q9kQBtOdtmB0nxNji94PpH +-----END CERTIFICATE----- diff --git a/pkg/consuldp/testdata/certs/server/cert.pem b/pkg/consuldp/testdata/certs/server/cert.pem new file mode 100644 index 00000000..aedcc645 --- /dev/null +++ b/pkg/consuldp/testdata/certs/server/cert.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIICmzCCAkKgAwIBAgIQZsgOGinyQvnQv/4P3vqT1DAKBggqhkjOPQQDAjCBuTEL +MAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2Nv +MRowGAYDVQQJExExMDEgU2Vjb25kIFN0cmVldDEOMAwGA1UEERMFOTQxMDUxFzAV +BgNVBAoTDkhhc2hpQ29ycCBJbmMuMUAwPgYDVQQDEzdDb25zdWwgQWdlbnQgQ0Eg +MzM2NzYxMDUxNzA0NzA2MTY0NjkxMjMzMDAzNjQxMDU0Mzc0NDEwMB4XDTIyMDkw +ODA5MDExOFoXDTIzMDkwODA5MDExOFowHDEaMBgGA1UEAxMRc2VydmVyLmRjMS5j +b25zdWwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARqFvVvafIiSg3eJE6hehtu +i/tBQuYNw2apeoRS5Gtc+2OEl89jd8wZ2TnE2bkORWr2UKxpFCtcwGHBryvzytef +o4HHMIHEMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB +BQUHAwIwDAYDVR0TAQH/BAIwADApBgNVHQ4EIgQguoJeLJBVuyk+PuYRLvzT9zoE +TWV6zYx8XZzOxRNf+70wKwYDVR0jBCQwIoAg6t7SJkVc4rvY8WD6a79DwQk7UDLq +wqjVZX0/dnG8tFEwLQYDVR0RBCYwJIIRc2VydmVyLmRjMS5jb25zdWyCCWxvY2Fs +aG9zdIcEfwAAATAKBggqhkjOPQQDAgNHADBEAiBGSWVu/SavnS7+febUfm48tzbu +wPOq2cnJHrIx54mb1gIgJLtNcXPSV7sJzCh16E/l5fF2iiYBRjHnMDYDTHeZ0Bk= +-----END CERTIFICATE----- diff --git a/pkg/consuldp/testdata/certs/server/key.pem b/pkg/consuldp/testdata/certs/server/key.pem new file mode 100644 index 00000000..19f4193e --- /dev/null +++ b/pkg/consuldp/testdata/certs/server/key.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIKPQSWaeHP2KM0YkypRSfAf2wVNkqVXDvY1qVjMEi3a+oAoGCCqGSM49 +AwEHoUQDQgAEahb1b2nyIkoN3iROoXobbov7QULmDcNmqXqEUuRrXPtjhJfPY3fM +Gdk5xNm5DkVq9lCsaRQrXMBhwa8r88rXnw== +-----END EC PRIVATE KEY----- diff --git a/pkg/consuldp/xds.go b/pkg/consuldp/xds.go index 2340d12b..f89d9720 100644 --- a/pkg/consuldp/xds.go +++ b/pkg/consuldp/xds.go @@ -33,10 +33,9 @@ func (cdp *ConsulDataplane) director(ctx context.Context, fullMethodName string) } else { mdCopy = md.Copy() } - // TODO (NET-148): Inject the ACL token acquired from the server discovery library - mdCopy.Set(metadataKeyToken, cdp.cfg.Consul.Credentials.Static.Token) + mdCopy.Set(metadataKeyToken, cdp.aclToken) outCtx := metadata.NewOutgoingContext(ctx, mdCopy) - return outCtx, cdp.consulServer.grpcClientConn, nil + return outCtx, cdp.serverConn, nil } // setupXDSServer sets up the consul-dataplane xDS server diff --git a/pkg/consuldp/xds_test.go b/pkg/consuldp/xds_test.go index 9ee1efd9..2945f41a 100644 --- a/pkg/consuldp/xds_test.go +++ b/pkg/consuldp/xds_test.go @@ -11,7 +11,6 @@ import ( "github.com/hashicorp/go-hclog" "github.com/stretchr/testify/require" - "google.golang.org/grpc" "google.golang.org/grpc/codes" "google.golang.org/grpc/metadata" "google.golang.org/grpc/status" @@ -55,16 +54,13 @@ func TestDirector(t *testing.T) { for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { - cdp := &ConsulDataplane{ - cfg: &Config{Consul: &ConsulConfig{Credentials: &CredentialsConfig{Static: &StaticCredentialsConfig{Token: testToken}}}}, - consulServer: &consulServer{grpcClientConn: &grpc.ClientConn{}}, - } + cdp := &ConsulDataplane{aclToken: testToken} outctx, targetConn, err := cdp.director(tc.incomingContext, tc.methodName) if tc.expectedErr != nil { require.ErrorIs(t, err, tc.expectedErr) } else { require.NoError(t, err) - require.Equal(t, cdp.consulServer.grpcClientConn, targetConn) + require.Equal(t, cdp.serverConn, targetConn) outMD, ok := metadata.FromOutgoingContext(outctx) require.True(t, ok) require.Equal(t, []string{testToken}, outMD.Get(metadataKeyToken)) From dc38a42f4c099ff1cf4ad30fb13172269a51f6c2 Mon Sep 17 00:00:00 2001 From: Dan Upton Date: Fri, 9 Sep 2022 16:48:22 +0100 Subject: [PATCH 2/5] Fix -static-token flag help text Co-authored-by: Riddhi Shah --- cmd/consul-dataplane/main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/consul-dataplane/main.go b/cmd/consul-dataplane/main.go index 2292403a..6f7ca11d 100644 --- a/cmd/consul-dataplane/main.go +++ b/cmd/consul-dataplane/main.go @@ -83,7 +83,7 @@ func init() { flag.StringVar(&partition, "service-partition", "", "The Consul Enterprise partition in which the proxy service instance is registered.") flag.StringVar(&credentialType, "credential-type", "", "The type of credentials that will be used to authenticate with Consul servers (static or login).") - flag.StringVar(&token, "static-token", "", "The ACL token used to authenticate requests to Consul servers (when -login-method is set to static).") + flag.StringVar(&token, "static-token", "", "The ACL token used to authenticate requests to Consul servers (when -credential-type is set to static).") flag.StringVar(&loginMethod, "login-method", "", "The auth method that will be used to log in.") flag.StringVar(&loginNamespace, "login-namespace", "", "The Consul Enterprise namespace containing the auth method.") flag.StringVar(&loginPartition, "login-partition", "", "The Consul Enterprise partition containing the auth method.") From 90438124ba4b00299c33d02ca5f64f2d9cf86540 Mon Sep 17 00:00:00 2001 From: Daniel Upton Date: Thu, 15 Sep 2022 14:51:01 +0100 Subject: [PATCH 3/5] Stop the watcher on-exit --- pkg/consuldp/consul_dataplane.go | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/consuldp/consul_dataplane.go b/pkg/consuldp/consul_dataplane.go index 2ce3a3eb..ef3943f0 100644 --- a/pkg/consuldp/consul_dataplane.go +++ b/pkg/consuldp/consul_dataplane.go @@ -121,6 +121,7 @@ func (cdp *ConsulDataplane) Run(ctx context.Context) error { return err } go watcher.Run() + defer watcher.Stop() state, err := watcher.State() if err != nil { From f22826a610834f10671a7f326594ac745c8da7c5 Mon Sep 17 00:00:00 2001 From: Daniel Upton Date: Thu, 15 Sep 2022 14:56:59 +0100 Subject: [PATCH 4/5] Rename bearer and method fields for consistency --- cmd/consul-dataplane/main.go | 38 ++++++++++++++++---------------- pkg/consuldp/config.go | 20 ++++++++--------- pkg/consuldp/config_test.go | 24 ++++++++++---------- pkg/consuldp/consul_dataplane.go | 2 +- 4 files changed, 42 insertions(+), 42 deletions(-) diff --git a/cmd/consul-dataplane/main.go b/cmd/consul-dataplane/main.go index 6f7ca11d..226297c9 100644 --- a/cmd/consul-dataplane/main.go +++ b/cmd/consul-dataplane/main.go @@ -36,15 +36,15 @@ var ( namespace string partition string - credentialType string - token string - loginMethod string - loginNamespace string - loginPartition string - loginDatacenter string - loginBearer string - loginBearerPath string - loginMeta map[string]string + credentialType string + token string + loginAuthMethod string + loginNamespace string + loginPartition string + loginDatacenter string + loginBearerToken string + loginBearerTokenPath string + loginMeta map[string]string useCentralTelemetryConfig bool @@ -84,12 +84,12 @@ func init() { flag.StringVar(&credentialType, "credential-type", "", "The type of credentials that will be used to authenticate with Consul servers (static or login).") flag.StringVar(&token, "static-token", "", "The ACL token used to authenticate requests to Consul servers (when -credential-type is set to static).") - flag.StringVar(&loginMethod, "login-method", "", "The auth method that will be used to log in.") + flag.StringVar(&loginAuthMethod, "login-auth-method", "", "The auth method that will be used to log in.") flag.StringVar(&loginNamespace, "login-namespace", "", "The Consul Enterprise namespace containing the auth method.") flag.StringVar(&loginPartition, "login-partition", "", "The Consul Enterprise partition containing the auth method.") flag.StringVar(&loginDatacenter, "login-datacenter", "", "The datacenter containing the auth method.") - flag.StringVar(&loginBearer, "login-bearer", "", "The bearer token that will be presented to the auth method.") - flag.StringVar(&loginBearerPath, "login-bearer-path", "", "The path to a file containing the bearer token that will be presented to the auth method.") + flag.StringVar(&loginBearerToken, "login-bearer-token", "", "The bearer token that will be presented to the auth method.") + flag.StringVar(&loginBearerTokenPath, "login-bearer-token-path", "", "The path to a file containing the bearer token that will be presented to the auth method.") flag.Var((*FlagMapValue)(&loginMeta), "login-meta", "An arbitrary set of key/value pairs that will be attached to the ACL token (formatted as key=value, may be given multiple times).") flag.BoolVar(&useCentralTelemetryConfig, "telemetry-use-central-config", true, "Controls whether the proxy will apply the central telemetry configuration.") @@ -140,13 +140,13 @@ func main() { Token: token, }, Login: consuldp.LoginCredentialsConfig{ - Method: loginMethod, - Namespace: loginNamespace, - Partition: loginPartition, - Datacenter: loginDatacenter, - Bearer: loginBearer, - BearerPath: loginBearerPath, - Meta: loginMeta, + AuthMethod: loginAuthMethod, + Namespace: loginNamespace, + Partition: loginPartition, + Datacenter: loginDatacenter, + BearerToken: loginBearerToken, + BearerTokenPath: loginBearerTokenPath, + Meta: loginMeta, }, }, ServerWatchDisabled: serverWatchDisabled, diff --git a/pkg/consuldp/config.go b/pkg/consuldp/config.go index eeeb3382..8b58569a 100644 --- a/pkg/consuldp/config.go +++ b/pkg/consuldp/config.go @@ -132,18 +132,18 @@ type StaticCredentialsConfig struct { // LoginCredentialsConfig contains credentials for logging in with an auth method. type LoginCredentialsConfig struct { - // Method is the name of the Consul auth method. - Method string + // AuthMethod is the name of the Consul auth method. + AuthMethod string // Namespace is the namespace containing the auth method. Namespace string // Partition is the partition containing the auth method. Partition string // Datacenter is the datacenter containing the auth method. Datacenter string - // Bearer is the bearer token presented to the auth method. - Bearer string - // BearerPath is the path to a file containing a bearer token. - BearerPath string + // BearerToken is the bearer token presented to the auth method. + BearerToken string + // BearerTokenPath is the path to a file containing a bearer token. + BearerTokenPath string // Meta is the arbitrary set of key-value pairs to attach to the // token. These are included in the Description field of the token. Meta map[string]string @@ -165,16 +165,16 @@ func (cc *CredentialsConfig) ToDiscoveryCredentials() (discovery.Credentials, er case CredentialsTypeLogin: creds.Type = discovery.CredentialsTypeLogin creds.Login = discovery.LoginCredential{ - AuthMethod: cc.Login.Method, + AuthMethod: cc.Login.AuthMethod, Namespace: cc.Login.Namespace, Partition: cc.Login.Partition, Datacenter: cc.Login.Datacenter, - BearerToken: cc.Login.Bearer, + BearerToken: cc.Login.BearerToken, Meta: cc.Login.Meta, } - if creds.Login.BearerToken == "" && cc.Login.BearerPath != "" { - bearer, err := os.ReadFile(cc.Login.BearerPath) + if creds.Login.BearerToken == "" && cc.Login.BearerTokenPath != "" { + bearer, err := os.ReadFile(cc.Login.BearerTokenPath) if err != nil { return creds, fmt.Errorf("failed to read bearer token from file: %w", err) } diff --git a/pkg/consuldp/config_test.go b/pkg/consuldp/config_test.go index 6bc6e719..c011fb87 100644 --- a/pkg/consuldp/config_test.go +++ b/pkg/consuldp/config_test.go @@ -105,12 +105,12 @@ func TestConfig_Credentials(t *testing.T) { in: CredentialsConfig{ Type: CredentialsTypeLogin, Login: LoginCredentialsConfig{ - Method: "jwt", - Namespace: "namespace-1", - Partition: "partition-a", - Datacenter: "primary-dc", - Bearer: "bearer-token", - Meta: map[string]string{"foo": "bar"}, + AuthMethod: "jwt", + Namespace: "namespace-1", + Partition: "partition-a", + Datacenter: "primary-dc", + BearerToken: "bearer-token", + Meta: map[string]string{"foo": "bar"}, }, }, out: discovery.Credentials{ @@ -129,12 +129,12 @@ func TestConfig_Credentials(t *testing.T) { in: CredentialsConfig{ Type: CredentialsTypeLogin, Login: LoginCredentialsConfig{ - Method: "jwt", - Namespace: "namespace-1", - Partition: "partition-a", - Datacenter: "primary-dc", - BearerPath: tokFile.Name(), - Meta: map[string]string{"foo": "bar"}, + AuthMethod: "jwt", + Namespace: "namespace-1", + Partition: "partition-a", + Datacenter: "primary-dc", + BearerTokenPath: tokFile.Name(), + Meta: map[string]string{"foo": "bar"}, }, }, out: discovery.Credentials{ diff --git a/pkg/consuldp/consul_dataplane.go b/pkg/consuldp/consul_dataplane.go index ef3943f0..4ebac533 100644 --- a/pkg/consuldp/consul_dataplane.go +++ b/pkg/consuldp/consul_dataplane.go @@ -82,7 +82,7 @@ func validateConfig(cfg *Config) error { } creds := cfg.Consul.Credentials - if creds.Type == CredentialsTypeLogin && creds.Login.Bearer == "" && creds.Login.BearerPath == "" { + if creds.Type == CredentialsTypeLogin && creds.Login.BearerToken == "" && creds.Login.BearerTokenPath == "" { return errors.New("bearer token (or path to a file containing a bearer token) is required for login") } From f56a8826f37993e661f246eeb40158944e19649e Mon Sep 17 00:00:00 2001 From: Daniel Upton Date: Tue, 20 Sep 2022 17:14:38 +0100 Subject: [PATCH 5/5] Upgrade consul-server-connection-manager --- go.mod | 3 +-- go.sum | 5 ++--- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 979534a0..3e300eed 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,7 @@ go 1.19 require ( github.com/adamthesax/grpc-proxy v0.0.0-20220525203857-13e92d14f87a + github.com/hashicorp/consul-server-connection-manager v0.0.0-20220920152341-d96d0f93c5d9 github.com/hashicorp/consul/proto-public v0.1.0 github.com/hashicorp/go-hclog v1.2.2 github.com/hashicorp/go-rootcerts v1.0.2 @@ -19,8 +20,6 @@ require ( github.com/fatih/color v1.13.0 // indirect github.com/golang/protobuf v1.5.2 // indirect github.com/google/go-cmp v0.5.8 // indirect - github.com/google/uuid v1.1.2 // indirect - github.com/hashicorp/consul-server-connection-manager v0.0.0-20220908112242-b9f43f15d156 // indirect github.com/hashicorp/go-netaddrs v0.0.0-20220509001840-90ed9d26ec46 // indirect github.com/mattn/go-colorable v0.1.12 // indirect github.com/mattn/go-isatty v0.0.14 // indirect diff --git a/go.sum b/go.sum index 2d0026c1..f65945a2 100644 --- a/go.sum +++ b/go.sum @@ -53,11 +53,10 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/hashicorp/consul-server-connection-manager v0.0.0-20220908112242-b9f43f15d156 h1:fg/ocjUfyx6JXmYr/UL/OC5pbG1sPjWOF3jSQWvRGKc= -github.com/hashicorp/consul-server-connection-manager v0.0.0-20220908112242-b9f43f15d156/go.mod h1:C3zdIuwQZ6GsU9jpc1iWr/+5UDgE/3p7UPGqTtvHqsY= +github.com/hashicorp/consul-server-connection-manager v0.0.0-20220920152341-d96d0f93c5d9 h1:1e2vy4aPfxun9DG808QjXtShksPoaQsHvyxhVOyjeRI= +github.com/hashicorp/consul-server-connection-manager v0.0.0-20220920152341-d96d0f93c5d9/go.mod h1:I56VZ1V7WN8/oPHswKDywfepvD7rB1RrTE4fRrNz3Wc= github.com/hashicorp/consul/proto-public v0.1.0 h1:O0LSmCqydZi363hsqc6n2v5sMz3usQMXZF6ziK3SzXU= github.com/hashicorp/consul/proto-public v0.1.0/go.mod h1:vs2KkuWwtjkIgA5ezp4YKPzQp4GitV+q/+PvksrA92k= github.com/hashicorp/consul/sdk v0.11.0 h1:HRzj8YSCln2yGgCumN5CL8lYlD3gBurnervJRJAZyC4=