diff --git a/.changelog/21230.txt b/.changelog/21230.txt new file mode 100644 index 000000000000..5a57333afa9d --- /dev/null +++ b/.changelog/21230.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +dns: new version was not supporting partition or namespace being set to 'default' in CE version. +``` \ No newline at end of file diff --git a/acl/acl_ce.go b/acl/acl_ce.go index 7d2b8513b832..0d207ad4211a 100644 --- a/acl/acl_ce.go +++ b/acl/acl_ce.go @@ -8,12 +8,25 @@ package acl const ( WildcardPartitionName = "" DefaultPartitionName = "" -) + // NonEmptyDefaultPartitionName is the name of the default partition that is + // not empty. An example of this being supplied is when a partition is specified + // in the request for DNS by consul-dataplane. This has been added to support + // DNS v1.5, which needs to be compatible with the original DNS subsystem which + // supports partition being "default" or empty. Otherwise, use DefaultPartitionName. + NonEmptyDefaultPartitionName = "default" + + // DefaultNamespaceName is used to mimic the behavior in consul/structs/intention.go, + // where we define IntentionDefaultNamespace as 'default' and so we use the same here. + // This is a little bit strange; one might want it to be "" like DefaultPartitionName. + DefaultNamespaceName = "default" -// Reviewer Note: This is a little bit strange; one might want it to be "" like partition name -// However in consul/structs/intention.go we define IntentionDefaultNamespace as 'default' and so -// we use the same here -const DefaultNamespaceName = "default" + // EmptyNamespaceName is the name of the default partition that is an empty string. + // An example of this being supplied is when a namespace is specifiedDNS v1. + // EmptyNamespaceName has been added to support DNS v1.5, which needs to be + // compatible with the original DNS subsystem which supports partition being "default" or empty. + // Otherwise, use DefaultNamespaceName. + EmptyNamespaceName = "" +) type EnterpriseConfig struct { // no fields in CE diff --git a/agent/discovery/query_fetcher_v1_ce.go b/agent/discovery/query_fetcher_v1_ce.go index 090db0e5f789..06299704bdc9 100644 --- a/agent/discovery/query_fetcher_v1_ce.go +++ b/agent/discovery/query_fetcher_v1_ce.go @@ -14,8 +14,12 @@ func (f *V1DataFetcher) NormalizeRequest(req *QueryPayload) { return } +// validateEnterpriseTenancy validates the tenancy fields for an enterprise request to +// make sure that they are either set to an empty string or "default" to align with the behavior +// in CE. func validateEnterpriseTenancy(req QueryTenancy) error { - if req.Namespace != "" || req.Partition != acl.DefaultPartitionName { + if !(req.Namespace == acl.EmptyNamespaceName || req.Namespace == acl.DefaultNamespaceName) || + !(req.Partition == acl.DefaultPartitionName || req.Partition == acl.NonEmptyDefaultPartitionName) { return ErrNotSupported } return nil diff --git a/agent/discovery/query_fetcher_v1_ce_test.go b/agent/discovery/query_fetcher_v1_ce_test.go index 717475c9dccd..69cd2dea98d9 100644 --- a/agent/discovery/query_fetcher_v1_ce_test.go +++ b/agent/discovery/query_fetcher_v1_ce_test.go @@ -5,7 +5,60 @@ package discovery +import ( + "github.com/stretchr/testify/require" + "testing" +) + const ( defaultTestNamespace = "" defaultTestPartition = "" ) + +func Test_validateEnterpriseTenancy(t *testing.T) { + testCases := []struct { + name string + req QueryTenancy + expected error + }{ + { + name: "empty namespace and partition returns no error", + req: QueryTenancy{ + Namespace: defaultTestNamespace, + Partition: defaultTestPartition, + }, + expected: nil, + }, + { + name: "namespace and partition set to 'default' returns no error", + req: QueryTenancy{ + Namespace: "default", + Partition: "default", + }, + expected: nil, + }, + { + name: "namespace set to something other than empty string or `default` returns not supported error", + req: QueryTenancy{ + Namespace: "namespace-1", + Partition: "default", + }, + expected: ErrNotSupported, + }, + { + name: "partition set to something other than empty string or `default` returns not supported error", + req: QueryTenancy{ + Namespace: "default", + Partition: "partition-1", + }, + expected: ErrNotSupported, + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + err := validateEnterpriseTenancy(tc.req) + require.Equal(t, tc.expected, err) + }) + } +}