-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow cluster_networking_config
to have defaults
origin
#19106
Conversation
This commit ensures that `cluster_networking_config` has the `teleport.dev/origin: defaults` label when no related field is set in the configuration file. Before this commit, `cluster_networking_config` would always have the `teleport.dev/origin: config-file`, even if no related field was set.
lib/config/configuration.go
Outdated
@@ -635,6 +635,7 @@ func applyAuthConfig(fc *FileConfig, cfg *service.Config) error { | |||
} | |||
|
|||
if fc.Auth.MessageOfTheDay != "" { | |||
cfg.Auth.Preference.SetOrigin(types.OriginConfigFile) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe this was missed in de9bdf0.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if the origin is already OriginDynamic
? MessageOfTheDay
seems less consequential than the rest of the auth preferences, I'm not sure it makes sense to overwrite the origin for this, but I don't know much about what these origin tags are used for
lib/config/configuration.go
Outdated
@@ -635,6 +635,7 @@ func applyAuthConfig(fc *FileConfig, cfg *service.Config) error { | |||
} | |||
|
|||
if fc.Auth.MessageOfTheDay != "" { | |||
cfg.Auth.Preference.SetOrigin(types.OriginConfigFile) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if the origin is already OriginDynamic
? MessageOfTheDay
seems less consequential than the rest of the auth preferences, I'm not sure it makes sense to overwrite the origin for this, but I don't know much about what these origin tags are used for
Co-authored-by: Nic Klaassen <nic@goteleport.com>
@nklaassen thanks for raising this. This PR as is can indeed change the outcome of Lines 527 to 552 in 4f89756
This can result in a breaking change (in a seemingly unlikely situation) as shown below. Given the code above, we have the following 8 possibilities:
|
lib/config/configuration_test.go
Outdated
@@ -778,6 +778,9 @@ func TestApplyConfig(t *testing.T) { | |||
require.NoError(t, err) | |||
require.Equal(t, types.AgentMesh, tunnelStrategyType) | |||
require.Equal(t, types.DefaultAgentMeshTunnelStrategy(), cfg.Auth.NetworkingConfig.GetAgentMeshTunnelStrategy()) | |||
require.Equal(t, cfg.Auth.Preference.Origin(), types.OriginConfigFile) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These assertions are backwards. The expected value should come before the actual value.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! Done in 3a7053d.
// configuration fields have values different from an empty Auth. | ||
func (a *Auth) hasCustomNetworkingConfig() bool { | ||
empty := Auth{} | ||
return a.ClientIdleTimeout != empty.ClientIdleTimeout || |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not just compare these to the zero value without creating the empty auth struct first?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This was suggested during review and done in 857fd1e.
@nklaassen @zmb3 Given the above, I decided to revert this small change in dfbad2d so that this PR is just about #19099. dfbad2d also adds a test case describing the current behaviour and I opened #19272 in case we want to fix this afterwards. |
@vitorenesduarte See the table below for backport results.
|
This commit ensures that `cluster_networking_config` has the `teleport.dev/origin: defaults` label when no related field is set in the configuration file. Before this commit, `cluster_networking_config` would always have the `teleport.dev/origin: config-file`, even if no related field was set.
…19474) This commit ensures that `cluster_networking_config` has the `teleport.dev/origin: defaults` label when no related field is set in the configuration file. Before this commit, `cluster_networking_config` would always have the `teleport.dev/origin: config-file`, even if no related field was set.
Fixes #19099.
This commit ensures that
cluster_networking_config
has theteleport.dev/origin: defaults
label when no related field is set in the configuration file.Before this commit,
cluster_networking_config
would always have theteleport.dev/origin: config-file
, even if no related field was set.