Skip to content

Commit

Permalink
relocate template function flag to ClientConfig
Browse files Browse the repository at this point in the history
  • Loading branch information
@tgross
tgross committed Aug 6, 2019
1 parent ec04841 commit 3729c72
Show file tree
Hide file tree
Showing 2 changed files with 55 additions and 54 deletions.
17 changes: 9 additions & 8 deletions command/agent/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,10 +108,6 @@ type Config struct {
// for security bulletins
DisableAnonymousSignature bool `hcl:"disable_anonymous_signature"`

// EnableInsecureTemplateFunctions enables templates to include functions
// that are unsafe because they expose information from the client host.
EnableInsecureTemplateFunctions bool `hcl:"enable_insecure_template_functions"`

// Consul contains the configuration for the Consul Agent and
// parameters necessary to register services, their checks, and
// discover the current Nomad servers.
Expand Down Expand Up @@ -246,6 +242,10 @@ type ClientConfig struct {
// DisableRemoteExec disables remote exec targeting tasks on this client
DisableRemoteExec bool `hcl:"disable_remote_exec"`

// EnableInsecureTemplateFunctions enables templates to include functions
// that are unsafe because they expose information from the client host.
EnableInsecureTemplateFunctions bool `hcl:"enable_insecure_template_functions"`

// ServerJoin contains information that is used to attempt to join servers
ServerJoin *ServerJoin `hcl:"server_join"`

Expand Down Expand Up @@ -671,7 +671,6 @@ func DevConfig() *Config {
conf.DevMode = true
conf.EnableDebug = true
conf.DisableAnonymousSignature = true
conf.EnableInsecureTemplateFunctions = false
conf.Consul.AutoAdvertise = helper.BoolToPtr(true)
if runtime.GOOS == "darwin" {
conf.Client.NetworkInterface = "lo0"
Expand All @@ -686,6 +685,7 @@ func DevConfig() *Config {
conf.Client.GCDiskUsageThreshold = 99
conf.Client.GCInodeUsageThreshold = 99
conf.Client.GCMaxAllocs = 50
conf.Client.EnableInsecureTemplateFunctions = false
conf.Telemetry.PrometheusMetrics = true
conf.Telemetry.PublishAllocationMetrics = true
conf.Telemetry.PublishNodeMetrics = true
Expand Down Expand Up @@ -830,9 +830,6 @@ func (c *Config) Merge(b *Config) *Config {
if b.DisableAnonymousSignature {
result.DisableAnonymousSignature = true
}
if b.EnableInsecureTemplateFunctions {
result.EnableInsecureTemplateFunctions = true
}

// Apply the telemetry config
if result.Telemetry == nil && b.Telemetry != nil {
Expand Down Expand Up @@ -1310,6 +1307,10 @@ func (a *ClientConfig) Merge(b *ClientConfig) *ClientConfig {
result.DisableRemoteExec = b.DisableRemoteExec
}

if b.EnableInsecureTemplateFunctions {
result.EnableInsecureTemplateFunctions = true
}

// Add the servers
result.Servers = append(result.Servers, b.Servers...)

Expand Down
92 changes: 46 additions & 46 deletions command/agent/config_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,22 +41,21 @@ func TestConfig_Merge(t *testing.T) {
}

c2 := &Config{
Region: "global",
Datacenter: "dc1",
NodeName: "node1",
DataDir: "/tmp/dir1",
PluginDir: "/tmp/pluginDir1",
LogLevel: "INFO",
LogJson: false,
EnableDebug: false,
LeaveOnInt: false,
LeaveOnTerm: false,
EnableSyslog: false,
SyslogFacility: "local0.info",
DisableUpdateCheck: helper.BoolToPtr(false),
DisableAnonymousSignature: false,
EnableInsecureTemplateFunctions: true,
BindAddr: "127.0.0.1",
Region: "global",
Datacenter: "dc1",
NodeName: "node1",
DataDir: "/tmp/dir1",
PluginDir: "/tmp/pluginDir1",
LogLevel: "INFO",
LogJson: false,
EnableDebug: false,
LeaveOnInt: false,
LeaveOnTerm: false,
EnableSyslog: false,
SyslogFacility: "local0.info",
DisableUpdateCheck: helper.BoolToPtr(false),
DisableAnonymousSignature: false,
BindAddr: "127.0.0.1",
Telemetry: &Telemetry{
StatsiteAddr: "127.0.0.1:8125",
StatsdAddr: "127.0.0.1:8125",
Expand Down Expand Up @@ -89,12 +88,13 @@ func TestConfig_Merge(t *testing.T) {
Options: map[string]string{
"foo": "bar",
},
NetworkSpeed: 100,
CpuCompute: 100,
MemoryMB: 100,
MaxKillTimeout: "20s",
ClientMaxPort: 19996,
DisableRemoteExec: false,
NetworkSpeed: 100,
CpuCompute: 100,
MemoryMB: 100,
MaxKillTimeout: "20s",
ClientMaxPort: 19996,
DisableRemoteExec: false,
EnableInsecureTemplateFunctions: true,
Reserved: &Resources{
CPU: 10,
MemoryMB: 10,
Expand Down Expand Up @@ -190,22 +190,21 @@ func TestConfig_Merge(t *testing.T) {
}

c3 := &Config{
Region: "global",
Datacenter: "dc2",
NodeName: "node2",
DataDir: "/tmp/dir2",
PluginDir: "/tmp/pluginDir2",
LogLevel: "DEBUG",
LogJson: true,
EnableDebug: true,
LeaveOnInt: true,
LeaveOnTerm: true,
EnableSyslog: true,
SyslogFacility: "local0.debug",
DisableUpdateCheck: helper.BoolToPtr(true),
DisableAnonymousSignature: true,
EnableInsecureTemplateFunctions: true,
BindAddr: "127.0.0.2",
Region: "global",
Datacenter: "dc2",
NodeName: "node2",
DataDir: "/tmp/dir2",
PluginDir: "/tmp/pluginDir2",
LogLevel: "DEBUG",
LogJson: true,
EnableDebug: true,
LeaveOnInt: true,
LeaveOnTerm: true,
EnableSyslog: true,
SyslogFacility: "local0.debug",
DisableUpdateCheck: helper.BoolToPtr(true),
DisableAnonymousSignature: true,
BindAddr: "127.0.0.2",
Telemetry: &Telemetry{
StatsiteAddr: "127.0.0.2:8125",
StatsdAddr: "127.0.0.2:8125",
Expand Down Expand Up @@ -247,14 +246,15 @@ func TestConfig_Merge(t *testing.T) {
"foo": "bar",
"baz": "zip",
},
ChrootEnv: map[string]string{},
ClientMaxPort: 20000,
ClientMinPort: 22000,
NetworkSpeed: 105,
CpuCompute: 105,
MemoryMB: 105,
MaxKillTimeout: "50s",
DisableRemoteExec: false,
ChrootEnv: map[string]string{},
ClientMaxPort: 20000,
ClientMinPort: 22000,
NetworkSpeed: 105,
CpuCompute: 105,
MemoryMB: 105,
MaxKillTimeout: "50s",
DisableRemoteExec: false,
EnableInsecureTemplateFunctions: true,
Reserved: &Resources{
CPU: 15,
MemoryMB: 15,
Expand Down

0 comments on commit 3729c72

Please sign in to comment.