diff --git a/.changelog/18983.txt b/.changelog/18983.txt new file mode 100644 index 000000000000..8a49a850eb35 --- /dev/null +++ b/.changelog/18983.txt @@ -0,0 +1,3 @@ +```release-note:improvement +api: added `Token` field to `ServiceRegisterOpts` type in Agent API +``` diff --git a/api/agent.go b/api/agent.go index 3c0934f675c7..8c2bf6b455c8 100644 --- a/api/agent.go +++ b/api/agent.go @@ -307,6 +307,10 @@ type ServiceRegisterOpts struct { // having to manually deregister checks. ReplaceExistingChecks bool + // Token is used to provide a per-request ACL token + // which overrides the agent's default token. + Token string + // ctx is an optional context pass through to the underlying HTTP // request layer. Use WithContext() to set the context. ctx context.Context @@ -835,6 +839,9 @@ func (a *Agent) serviceRegister(service *AgentServiceRegistration, opts ServiceR if opts.ReplaceExistingChecks { r.params.Set("replace-existing-checks", "true") } + if opts.Token != "" { + r.header.Set("X-Consul-Token", opts.Token) + } _, resp, err := a.c.doRequest(r) if err != nil { return err diff --git a/api/agent_test.go b/api/agent_test.go index 133cbd968f5e..2c359fe86e3d 100644 --- a/api/agent_test.go +++ b/api/agent_test.go @@ -297,6 +297,21 @@ func TestAgent_ServiceRegisterOpts_WithContextTimeout(t *testing.T) { require.True(t, errors.Is(err, context.DeadlineExceeded), "expected timeout") } +func TestAgent_ServiceRegisterOpts_Token(t *testing.T) { + c, s := makeACLClient(t) + defer s.Stop() + + reg := &AgentServiceRegistration{Name: "example"} + opts := &ServiceRegisterOpts{} + opts.Token = "invalid" + err := c.Agent().ServiceRegisterOpts(reg, *opts) + require.EqualError(t, err, "Unexpected response code: 403 (ACL not found)") + + opts.Token = "root" + err = c.Agent().ServiceRegisterOpts(reg, *opts) + require.NoError(t, err) +} + func TestAPI_NewClient_TokenFileCLIFirstPriority(t *testing.T) { os.Setenv("CONSUL_HTTP_TOKEN_FILE", "httpTokenFile.txt") os.Setenv("CONSUL_HTTP_TOKEN", "httpToken")