From d531963f95706315764ae7d718097d1ac3258061 Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Mon, 12 Sep 2022 17:40:09 +0200 Subject: [PATCH] Update valkeyrie to v1.0.0 --- .../reference/static-configuration/cli-ref.md | 63 ++++++------------ .../reference/static-configuration/env-ref.md | 63 ++++++------------ .../reference/static-configuration/file.toml | 28 +++----- .../reference/static-configuration/file.yaml | 31 ++++----- go.mod | 16 +++-- go.sum | 32 +++++++--- integration/consul_test.go | 7 +- integration/etcd_test.go | 8 +-- integration/redis_test.go | 10 ++- integration/zk_test.go | 8 +-- pkg/provider/kv/consul/consul.go | 31 ++++++++- pkg/provider/kv/etcd/etcd.go | 29 ++++++++- pkg/provider/kv/kv.go | 57 +++-------------- pkg/provider/kv/redis/redis.go | 29 ++++++++- pkg/provider/kv/zk/zk.go | 17 ++++- pkg/redactor/redactor_config_test.go | 64 ++++++++----------- .../testdata/anonymized-static-config.json | 26 +++----- pkg/types/tls.go | 24 +++---- 18 files changed, 254 insertions(+), 289 deletions(-) diff --git a/docs/content/reference/static-configuration/cli-ref.md b/docs/content/reference/static-configuration/cli-ref.md index 30835389e..060d882f9 100644 --- a/docs/content/reference/static-configuration/cli-ref.md +++ b/docs/content/reference/static-configuration/cli-ref.md @@ -400,7 +400,7 @@ Terminating status code (Default: ```503```) Enable Consul backend with default settings. (Default: ```false```) `--providers.consul.endpoints`: -KV store endpoints (Default: ```127.0.0.1:8500```) +KV store endpoints. (Default: ```127.0.0.1:8500```) `--providers.consul.namespace`: Sets the namespace used to discover the configuration (Consul Enterprise only). @@ -408,11 +408,8 @@ Sets the namespace used to discover the configuration (Consul Enterprise only). `--providers.consul.namespaces`: Sets the namespaces used to discover the configuration (Consul Enterprise only). -`--providers.consul.password`: -KV Password - `--providers.consul.rootkey`: -Root key used for KV store (Default: ```traefik```) +Root key used for KV store. (Default: ```traefik```) `--providers.consul.tls.ca`: TLS CA @@ -430,10 +427,7 @@ TLS insecure skip verify (Default: ```false```) TLS key `--providers.consul.token`: -KV Token - -`--providers.consul.username`: -KV Username +Per-request ACL token. `--providers.consulcatalog`: Enable ConsulCatalog backend with default settings. (Default: ```false```) @@ -601,13 +595,13 @@ The AWS credentials access key to use for making requests Enable Etcd backend with default settings. (Default: ```false```) `--providers.etcd.endpoints`: -KV store endpoints (Default: ```127.0.0.1:2379```) +KV store endpoints. (Default: ```127.0.0.1:2379```) `--providers.etcd.password`: -KV Password +Password for authentication. `--providers.etcd.rootkey`: -Root key used for KV store (Default: ```traefik```) +Root key used for KV store. (Default: ```traefik```) `--providers.etcd.tls.ca`: TLS CA @@ -624,11 +618,8 @@ TLS insecure skip verify (Default: ```false```) `--providers.etcd.tls.key`: TLS key -`--providers.etcd.token`: -KV Token - `--providers.etcd.username`: -KV Username +Username for authentication. `--providers.file.debugloggeneratedtemplate`: Enable debug logging of generated configuration template. (Default: ```false```) @@ -912,14 +903,17 @@ Watch provider. (Default: ```true```) `--providers.redis`: Enable Redis backend with default settings. (Default: ```false```) +`--providers.redis.db`: +Database to be selected after connecting to the server. (Default: ```0```) + `--providers.redis.endpoints`: -KV store endpoints (Default: ```127.0.0.1:6379```) +KV store endpoints. (Default: ```127.0.0.1:6379```) `--providers.redis.password`: -KV Password +Password for authentication. `--providers.redis.rootkey`: -Root key used for KV store (Default: ```traefik```) +Root key used for KV store. (Default: ```traefik```) `--providers.redis.tls.ca`: TLS CA @@ -936,11 +930,8 @@ TLS insecure skip verify (Default: ```false```) `--providers.redis.tls.key`: TLS key -`--providers.redis.token`: -KV Token - `--providers.redis.username`: -KV Username +Username for authentication. `--providers.rest`: Enable Rest backend with default settings. (Default: ```false```) @@ -952,34 +943,16 @@ Activate REST Provider directly on the entryPoint named traefik. (Default: ```fa Enable ZooKeeper backend with default settings. (Default: ```false```) `--providers.zookeeper.endpoints`: -KV store endpoints (Default: ```127.0.0.1:2181```) +KV store endpoints. (Default: ```127.0.0.1:2181```) `--providers.zookeeper.password`: -KV Password +Password for authentication. `--providers.zookeeper.rootkey`: -Root key used for KV store (Default: ```traefik```) - -`--providers.zookeeper.tls.ca`: -TLS CA - -`--providers.zookeeper.tls.caoptional`: -TLS CA.Optional (Default: ```false```) - -`--providers.zookeeper.tls.cert`: -TLS cert - -`--providers.zookeeper.tls.insecureskipverify`: -TLS insecure skip verify (Default: ```false```) - -`--providers.zookeeper.tls.key`: -TLS key - -`--providers.zookeeper.token`: -KV Token +Root key used for KV store. (Default: ```traefik```) `--providers.zookeeper.username`: -KV Username +Username for authentication. `--serverstransport.forwardingtimeouts.dialtimeout`: The amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists. (Default: ```30```) diff --git a/docs/content/reference/static-configuration/env-ref.md b/docs/content/reference/static-configuration/env-ref.md index 62a496b6d..f255ff58d 100644 --- a/docs/content/reference/static-configuration/env-ref.md +++ b/docs/content/reference/static-configuration/env-ref.md @@ -481,7 +481,7 @@ Use stale consistency for catalog reads. (Default: ```false```) Watch Consul API events. (Default: ```false```) `TRAEFIK_PROVIDERS_CONSUL_ENDPOINTS`: -KV store endpoints (Default: ```127.0.0.1:8500```) +KV store endpoints. (Default: ```127.0.0.1:8500```) `TRAEFIK_PROVIDERS_CONSUL_NAMESPACE`: Sets the namespace used to discover the configuration (Consul Enterprise only). @@ -489,11 +489,8 @@ Sets the namespace used to discover the configuration (Consul Enterprise only). `TRAEFIK_PROVIDERS_CONSUL_NAMESPACES`: Sets the namespaces used to discover the configuration (Consul Enterprise only). -`TRAEFIK_PROVIDERS_CONSUL_PASSWORD`: -KV Password - `TRAEFIK_PROVIDERS_CONSUL_ROOTKEY`: -Root key used for KV store (Default: ```traefik```) +Root key used for KV store. (Default: ```traefik```) `TRAEFIK_PROVIDERS_CONSUL_TLS_CA`: TLS CA @@ -511,10 +508,7 @@ TLS insecure skip verify (Default: ```false```) TLS key `TRAEFIK_PROVIDERS_CONSUL_TOKEN`: -KV Token - -`TRAEFIK_PROVIDERS_CONSUL_USERNAME`: -KV Username +Per-request ACL token. `TRAEFIK_PROVIDERS_DOCKER`: Enable Docker backend with default settings. (Default: ```false```) @@ -601,13 +595,13 @@ The AWS credentials access key to use for making requests Enable Etcd backend with default settings. (Default: ```false```) `TRAEFIK_PROVIDERS_ETCD_ENDPOINTS`: -KV store endpoints (Default: ```127.0.0.1:2379```) +KV store endpoints. (Default: ```127.0.0.1:2379```) `TRAEFIK_PROVIDERS_ETCD_PASSWORD`: -KV Password +Password for authentication. `TRAEFIK_PROVIDERS_ETCD_ROOTKEY`: -Root key used for KV store (Default: ```traefik```) +Root key used for KV store. (Default: ```traefik```) `TRAEFIK_PROVIDERS_ETCD_TLS_CA`: TLS CA @@ -624,11 +618,8 @@ TLS insecure skip verify (Default: ```false```) `TRAEFIK_PROVIDERS_ETCD_TLS_KEY`: TLS key -`TRAEFIK_PROVIDERS_ETCD_TOKEN`: -KV Token - `TRAEFIK_PROVIDERS_ETCD_USERNAME`: -KV Username +Username for authentication. `TRAEFIK_PROVIDERS_FILE_DEBUGLOGGENERATEDTEMPLATE`: Enable debug logging of generated configuration template. (Default: ```false```) @@ -912,14 +903,17 @@ Watch provider. (Default: ```true```) `TRAEFIK_PROVIDERS_REDIS`: Enable Redis backend with default settings. (Default: ```false```) +`TRAEFIK_PROVIDERS_REDIS_DB`: +Database to be selected after connecting to the server. (Default: ```0```) + `TRAEFIK_PROVIDERS_REDIS_ENDPOINTS`: -KV store endpoints (Default: ```127.0.0.1:6379```) +KV store endpoints. (Default: ```127.0.0.1:6379```) `TRAEFIK_PROVIDERS_REDIS_PASSWORD`: -KV Password +Password for authentication. `TRAEFIK_PROVIDERS_REDIS_ROOTKEY`: -Root key used for KV store (Default: ```traefik```) +Root key used for KV store. (Default: ```traefik```) `TRAEFIK_PROVIDERS_REDIS_TLS_CA`: TLS CA @@ -936,11 +930,8 @@ TLS insecure skip verify (Default: ```false```) `TRAEFIK_PROVIDERS_REDIS_TLS_KEY`: TLS key -`TRAEFIK_PROVIDERS_REDIS_TOKEN`: -KV Token - `TRAEFIK_PROVIDERS_REDIS_USERNAME`: -KV Username +Username for authentication. `TRAEFIK_PROVIDERS_REST`: Enable Rest backend with default settings. (Default: ```false```) @@ -952,34 +943,16 @@ Activate REST Provider directly on the entryPoint named traefik. (Default: ```fa Enable ZooKeeper backend with default settings. (Default: ```false```) `TRAEFIK_PROVIDERS_ZOOKEEPER_ENDPOINTS`: -KV store endpoints (Default: ```127.0.0.1:2181```) +KV store endpoints. (Default: ```127.0.0.1:2181```) `TRAEFIK_PROVIDERS_ZOOKEEPER_PASSWORD`: -KV Password +Password for authentication. `TRAEFIK_PROVIDERS_ZOOKEEPER_ROOTKEY`: -Root key used for KV store (Default: ```traefik```) - -`TRAEFIK_PROVIDERS_ZOOKEEPER_TLS_CA`: -TLS CA - -`TRAEFIK_PROVIDERS_ZOOKEEPER_TLS_CAOPTIONAL`: -TLS CA.Optional (Default: ```false```) - -`TRAEFIK_PROVIDERS_ZOOKEEPER_TLS_CERT`: -TLS cert - -`TRAEFIK_PROVIDERS_ZOOKEEPER_TLS_INSECURESKIPVERIFY`: -TLS insecure skip verify (Default: ```false```) - -`TRAEFIK_PROVIDERS_ZOOKEEPER_TLS_KEY`: -TLS key - -`TRAEFIK_PROVIDERS_ZOOKEEPER_TOKEN`: -KV Token +Root key used for KV store. (Default: ```traefik```) `TRAEFIK_PROVIDERS_ZOOKEEPER_USERNAME`: -KV Username +Username for authentication. `TRAEFIK_SERVERSTRANSPORT_FORWARDINGTIMEOUTS_DIALTIMEOUT`: The amount of time to wait until a connection to a backend server can be established. If zero, no timeout exists. (Default: ```30```) diff --git a/docs/content/reference/static-configuration/file.toml b/docs/content/reference/static-configuration/file.toml index df98baa19..a1b4bdbd3 100644 --- a/docs/content/reference/static-configuration/file.toml +++ b/docs/content/reference/static-configuration/file.toml @@ -125,8 +125,8 @@ allowExternalNameServices = true labelSelector = "foobar" ingressClass = "foobar" - allowEmptyServices = true throttleDuration = "42s" + allowEmptyServices = true [providers.kubernetesGateway] endpoint = "foobar" token = "foobar" @@ -157,9 +157,9 @@ connectAware = true connectByDefault = true serviceName = "foobar" + watch = true namespace = "foobar" namespaces = ["foobar", "foobar"] - watch = true [providers.consulCatalog.endpoint] address = "foobar" scheme = "foobar" @@ -176,13 +176,13 @@ username = "foobar" password = "foobar" [providers.nomad] + defaultRule = "foobar" constraints = "foobar" prefix = "foobar" - refreshInterval = "42s" stale = true - exposedByDefault = true - defaultRule = "foobar" namespace = "foobar" + exposedByDefault = true + refreshInterval = "42s" [providers.nomad.endpoint] address = "foobar" region = "foobar" @@ -207,8 +207,6 @@ [providers.consul] rootKey = "foobar" endpoints = ["foobar", "foobar"] - username = "foobar" - password = "foobar" token = "foobar" namespace = "foobar" namespaces = ["foobar", "foobar"] @@ -223,7 +221,6 @@ endpoints = ["foobar", "foobar"] username = "foobar" password = "foobar" - token = "foobar" [providers.etcd.tls] ca = "foobar" caOptional = true @@ -235,19 +232,12 @@ endpoints = ["foobar", "foobar"] username = "foobar" password = "foobar" - token = "foobar" - [providers.zooKeeper.tls] - ca = "foobar" - caOptional = true - cert = "foobar" - key = "foobar" - insecureSkipVerify = true [providers.redis] rootKey = "foobar" endpoints = ["foobar", "foobar"] username = "foobar" password = "foobar" - token = "foobar" + db = 42 [providers.redis.tls] ca = "foobar" caOptional = true @@ -307,7 +297,8 @@ addRoutersLabels = true addServicesLabels = true [metrics.influxDB.additionalLabels] - foobar = "foobar" + name0 = "foobar" + name1 = "foobar" [metrics.influxDB2] address = "foobar" token = "foobar" @@ -318,7 +309,8 @@ addRoutersLabels = true addServicesLabels = true [metrics.influxDB2.additionalLabels] - foobar = "foobar" + name0 = "foobar" + name1 = "foobar" [ping] entryPoint = "foobar" diff --git a/docs/content/reference/static-configuration/file.yaml b/docs/content/reference/static-configuration/file.yaml index 844776d9f..04aae4093 100644 --- a/docs/content/reference/static-configuration/file.yaml +++ b/docs/content/reference/static-configuration/file.yaml @@ -30,8 +30,8 @@ entryPoints: forwardedHeaders: insecure: true trustedIPs: - - foobar - - foobar + - foobar + - foobar http: redirections: entryPoint: @@ -169,11 +169,11 @@ providers: connectAware: true connectByDefault: true serviceName: foobar + watch: true namespace: foobar namespaces: - foobar - foobar - watch: true endpoint: address: foobar scheme: foobar @@ -190,13 +190,13 @@ providers: username: foobar password: foobar nomad: + defaultRule: foobar constraints: foobar prefix: foobar - refreshInterval: 42s stale: true - exposedByDefault: true - defaultRule: foobar namespace: foobar + exposedByDefault: true + refreshInterval: 42s endpoint: address: foobar region: foobar @@ -225,8 +225,6 @@ providers: endpoints: - foobar - foobar - username: foobar - password: foobar token: foobar namespace: foobar namespaces: @@ -245,7 +243,6 @@ providers: - foobar username: foobar password: foobar - token: foobar tls: ca: foobar caOptional: true @@ -259,13 +256,6 @@ providers: - foobar username: foobar password: foobar - token: foobar - tls: - ca: foobar - caOptional: true - cert: foobar - key: foobar - insecureSkipVerify: true redis: rootKey: foobar endpoints: @@ -273,7 +263,7 @@ providers: - foobar username: foobar password: foobar - token: foobar + db: 42 tls: ca: foobar caOptional: true @@ -333,7 +323,8 @@ metrics: addRoutersLabels: true addServicesLabels: true additionalLabels: - foobar: foobar + name0: foobar + name1: foobar influxDB2: address: foobar token: foobar @@ -344,8 +335,8 @@ metrics: addRoutersLabels: true addServicesLabels: true additionalLabels: - foobar: foobar - + name0: foobar + name1: foobar ping: entryPoint: foobar manualRouting: true diff --git a/go.mod b/go.mod index 8e4cac64d..737119fa1 100644 --- a/go.mod +++ b/go.mod @@ -27,7 +27,7 @@ require ( github.com/gorilla/mux v1.8.0 github.com/gorilla/websocket v1.5.0 github.com/hashicorp/consul v1.10.4 - github.com/hashicorp/consul/api v1.12.0 + github.com/hashicorp/consul/api v1.14.0 github.com/hashicorp/go-hclog v0.16.2 github.com/hashicorp/go-multierror v1.1.1 github.com/hashicorp/go-version v1.3.0 @@ -36,7 +36,11 @@ require ( github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d github.com/instana/go-sensor v1.38.3 github.com/klauspost/compress v1.14.2 - github.com/kvtools/valkeyrie v0.4.2-0.20220810161836-a9a70ee3f199 + github.com/kvtools/consul v1.0.1 + github.com/kvtools/etcdv3 v1.0.1 + github.com/kvtools/redis v1.0.1 + github.com/kvtools/valkeyrie v1.0.0 + github.com/kvtools/zookeeper v1.0.1 github.com/lucas-clemente/quic-go v0.28.1 github.com/mailgun/ttlmap v0.0.0-20170619185759-c1c17f74874f github.com/miekg/dns v1.1.47 @@ -162,7 +166,7 @@ require ( github.com/go-redis/redis/v8 v8.11.5 // indirect github.com/go-resty/resty/v2 v2.1.1-0.20191201195748-d7b97669fe48 // indirect github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 // indirect - github.com/go-zookeeper/zk v1.0.2 // indirect + github.com/go-zookeeper/zk v1.0.3 // indirect github.com/gofrs/flock v0.8.0 // indirect github.com/gofrs/uuid v4.0.0+incompatible // indirect github.com/gogo/googleapis v1.4.0 // indirect @@ -183,7 +187,7 @@ require ( github.com/gravitational/trace v1.1.16-0.20220114165159-14a9a7dd6aaf // indirect github.com/grpc-ecosystem/go-grpc-middleware v1.2.0 // indirect github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 // indirect - github.com/hashicorp/consul/sdk v0.8.0 // indirect + github.com/hashicorp/consul/sdk v0.10.0 // indirect github.com/hashicorp/cronexpr v1.1.1 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect @@ -195,10 +199,10 @@ require ( github.com/hashicorp/go-uuid v1.0.2 // indirect github.com/hashicorp/golang-lru v0.5.4 // indirect github.com/hashicorp/hcl v1.0.0 // indirect - github.com/hashicorp/memberlist v0.3.0 // indirect + github.com/hashicorp/memberlist v0.3.1 // indirect github.com/hashicorp/raft v1.3.2 // indirect github.com/hashicorp/raft-autopilot v0.1.5 // indirect - github.com/hashicorp/serf v0.9.6 // indirect + github.com/hashicorp/serf v0.9.7 // indirect github.com/hashicorp/yamux v0.0.0-20210826001029-26ff87cf9493 // indirect github.com/huandu/xstrings v1.3.1 // indirect github.com/iij/doapi v0.0.0-20190504054126-0bbf12d6d7df // indirect diff --git a/go.sum b/go.sum index 70b1a54e6..bffecb2a2 100644 --- a/go.sum +++ b/go.sum @@ -737,8 +737,8 @@ github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg78 github.com/go-test/deep v1.0.2-0.20181118220953-042da051cf31/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= -github.com/go-zookeeper/zk v1.0.2 h1:4mx0EYENAdX/B/rbunjlt5+4RTA/a9SMHBRuSKdGxPM= -github.com/go-zookeeper/zk v1.0.2/go.mod h1:nOB03cncLtlp4t+UAkGSV+9beXP/akpekBwL+UX1Qcw= +github.com/go-zookeeper/zk v1.0.3 h1:7M2kwOsc//9VeeFiPtf+uSJlVpU66x9Ba5+8XK7/TDg= +github.com/go-zookeeper/zk v1.0.3/go.mod h1:nOB03cncLtlp4t+UAkGSV+9beXP/akpekBwL+UX1Qcw= github.com/gobs/pretty v0.0.0-20180724170744-09732c25a95b h1:/vQ+oYKu+JoyaMPDsv5FzwuL2wwWBgBbtj/YLCi4LuA= github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0= github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY= @@ -965,14 +965,15 @@ github.com/hashicorp/consul/api v1.0.0/go.mod h1:mbFwfRxOTDHZpT3iUsMAFcLNoVm6Xbe github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE= github.com/hashicorp/consul/api v1.10.0/go.mod h1:sDjTOq0yUyv5G4h+BqSea7Fn6BU+XbolEz1952UB+mk= -github.com/hashicorp/consul/api v1.12.0 h1:k3y1FYv6nuKyNTqj6w9gXOx5r5CfLj/k/euUeBXj1OY= -github.com/hashicorp/consul/api v1.12.0/go.mod h1:6pVBMo0ebnYdt2S3H87XhekM/HHrUoTD2XXb/VrZVy0= +github.com/hashicorp/consul/api v1.14.0 h1:Y64GIJ8hYTu+tuGekwO4G4ardXoiCivX9wv1iP/kihk= +github.com/hashicorp/consul/api v1.14.0/go.mod h1:bcaw5CSZ7NE9qfOfKCI1xb7ZKjzu/MyvQkCLTfqLqxQ= github.com/hashicorp/consul/internal v0.1.0/go.mod h1:zi9bMZYbiPHyAjgBWo7kCUcy5l2NrTdrkVupCc7Oo6c= github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= github.com/hashicorp/consul/sdk v0.7.0/go.mod h1:fY08Y9z5SvJqevyZNy6WWPXiG3KwBPAvlcdx16zZ0fM= -github.com/hashicorp/consul/sdk v0.8.0 h1:OJtKBtEjboEZvG6AOUdh4Z1Zbyu0WcxQ0qatRrZHTVU= github.com/hashicorp/consul/sdk v0.8.0/go.mod h1:GBvyrGALthsZObzUGsfgHZQDXjg4lOjagTIwIR1vPms= +github.com/hashicorp/consul/sdk v0.10.0 h1:rGLEh2AWK4K0KCMvqWAz2EYxQqgciIfMagWZ0nVe5MI= +github.com/hashicorp/consul/sdk v0.10.0/go.mod h1:yPkX5Q6CsxTFMjQQDJwzeNmUUF5NUGGbrDsv9wTb8cw= github.com/hashicorp/cronexpr v1.1.1 h1:NJZDd87hGXjoZBdvyCF9mX4DCq5Wy7+A/w+A7q0wn6c= github.com/hashicorp/cronexpr v1.1.1/go.mod h1:P4wA0KBl9C5q2hABiMO7cp6jcIg96CDh1Efb3g1PWA4= github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -1052,8 +1053,9 @@ github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2p github.com/hashicorp/memberlist v0.1.6/go.mod h1:5VDNHjqFMgEcclnwmkCnC99IPwxBmIsxwY8qn+Nl0H4= github.com/hashicorp/memberlist v0.2.2/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= github.com/hashicorp/memberlist v0.2.4/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= -github.com/hashicorp/memberlist v0.3.0 h1:8+567mCcFDnS5ADl7lrpxPMWiFCElyUEeW0gtj34fMA= github.com/hashicorp/memberlist v0.3.0/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= +github.com/hashicorp/memberlist v0.3.1 h1:MXgUXLqva1QvpVEDQW1IQLG0wivQAtmFlHRQ+1vWZfM= +github.com/hashicorp/memberlist v0.3.1/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= github.com/hashicorp/net-rpc-msgpackrpc v0.0.0-20151116020338-a14192a58a69/go.mod h1:/z+jUGRBlwVpUZfjute9jWaF6/HuhjuFQuL1YXzVD1Q= github.com/hashicorp/nomad/api v0.0.0-20220506174431-b5665129cd1f h1:jSBbBJcPca465gK6XfwdXRQnFCd63e0oJmqllZTsawI= github.com/hashicorp/nomad/api v0.0.0-20220506174431-b5665129cd1f/go.mod h1:b/AoT79m3PEpb6tKCFKva/M+q1rKJNUk5mdu1S8DymM= @@ -1067,8 +1069,8 @@ github.com/hashicorp/raft-boltdb v0.0.0-20171010151810-6e5ba93211ea/go.mod h1:pN github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= github.com/hashicorp/serf v0.8.6/go.mod h1:P/AVgr4UHsUYqVHG1y9eFhz8S35pqhGhLZaDpfGKIMo= github.com/hashicorp/serf v0.9.5/go.mod h1:UWDWwZeL5cuWDJdl0C6wrvrUwEqtQ4ZKBKKENpqIUyk= -github.com/hashicorp/serf v0.9.6 h1:uuEX1kLR6aoda1TBttmJQKDLZE1Ob7KN0NPdE7EtCDc= -github.com/hashicorp/serf v0.9.6/go.mod h1:TXZNMjZQijwlDvp+r0b63xZ45H7JmCmgg4gpTwn9UV4= +github.com/hashicorp/serf v0.9.7 h1:hkdgbqizGQHuU5IPqYM1JdSMV8nKfpuOnZYXssk9muY= +github.com/hashicorp/serf v0.9.7/go.mod h1:TXZNMjZQijwlDvp+r0b63xZ45H7JmCmgg4gpTwn9UV4= github.com/hashicorp/uuid v0.0.0-20160311170451-ebb0a03e909c/go.mod h1:fHzc09UnyJyqyW+bFuq864eh+wC7dj65aXmXLRe5to0= github.com/hashicorp/vault/api v1.0.5-0.20200717191844-f687267c8086/go.mod h1:R3Umvhlxi2TN7Ex2hzOowyeNb+SfbVWI973N+ctaFMk= github.com/hashicorp/vault/api v1.1.0/go.mod h1:R3Umvhlxi2TN7Ex2hzOowyeNb+SfbVWI973N+ctaFMk= @@ -1272,8 +1274,16 @@ github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/kvtools/valkeyrie v0.4.2-0.20220810161836-a9a70ee3f199 h1:SF+ZjtFyUPxkkCLYowtWzTeEMeziEKdW0Qhg9siq9b8= -github.com/kvtools/valkeyrie v0.4.2-0.20220810161836-a9a70ee3f199/go.mod h1:6gM2lOTGIFQxcIioo3/EEeOS0knFB8+AFKydVIN/nAU= +github.com/kvtools/consul v1.0.1 h1:RHwW0qTPL8Gwb+ueH6kpAIZ3fuNnSdAZaydfKjMIr/4= +github.com/kvtools/consul v1.0.1/go.mod h1:bFnzfGJ5ZIRRXCBGBmwhJlLdEWOlrjOcS1WjyAQzaJA= +github.com/kvtools/etcdv3 v1.0.1 h1:Ugr5ryI+FIeZQh0RCmtGFJptgSlbrVGjAnJWk9r//WI= +github.com/kvtools/etcdv3 v1.0.1/go.mod h1:Xr6DbwqjuCEcXAIWmXxw0DX+N5BhuvablXgN90XeqMM= +github.com/kvtools/redis v1.0.1 h1:vtLE3D3xfMbXfenRGuclDU8pe64OiqcBMmKm2RY4Wuo= +github.com/kvtools/redis v1.0.1/go.mod h1:wuUNwwKOHi2TYxDxj1sGF74Jdg0jywydnatXtnOR3hA= +github.com/kvtools/valkeyrie v1.0.0 h1:LAITop2wPoYCMitR24GZZsW0b57hmI+ePD18VRTtOf0= +github.com/kvtools/valkeyrie v1.0.0/go.mod h1:bDi/OdhJCSbGPMsCgUQl881yuEweKCSItAtTBI+ZjpU= +github.com/kvtools/zookeeper v1.0.1 h1:CBKNOuesj4CgW5PisK2jVx1+XP+T51bVgYHrZPQL5OM= +github.com/kvtools/zookeeper v1.0.1/go.mod h1:6TfxUwJ7IuBk5srgnoe528W0ftanNECHgOiShx/t0Aw= github.com/kylelemons/go-gypsy v0.0.0-20160905020020-08cad365cd28/go.mod h1:T/T7jsxVqf9k/zYOqbgNAsANsjxTd1Yq3htjDhQ1H0c= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/labbsr0x/bindman-dns-webhook v1.0.2 h1:I7ITbmQPAVwrDdhd6dHKi+MYJTJqPCK0jE6YNBAevnk= @@ -2237,6 +2247,7 @@ golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211020060615-d418f374d309/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e h1:TsQ7F31D3bUCLeqPT0u+yjp1guoArKaNKmCr22PYgTQ= @@ -2400,6 +2411,7 @@ golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e h1:CsOuNlbOuf0mzxJIefr6Q4uAUetRUwZE4qt7VfzP+xo= golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/integration/consul_test.go b/integration/consul_test.go index 7037ab46c..27c9171d8 100644 --- a/integration/consul_test.go +++ b/integration/consul_test.go @@ -12,9 +12,9 @@ import ( "time" "github.com/go-check/check" + "github.com/kvtools/consul" "github.com/kvtools/valkeyrie" "github.com/kvtools/valkeyrie/store" - "github.com/kvtools/valkeyrie/store/consul" "github.com/pmezard/go-difflib/difflib" "github.com/traefik/traefik/v2/integration/try" "github.com/traefik/traefik/v2/pkg/api" @@ -35,12 +35,11 @@ func (s *ConsulSuite) setupStore(c *check.C) { consulAddr := net.JoinHostPort(s.getComposeServiceIP(c, "consul"), "8500") s.consulURL = fmt.Sprintf("http://%s", consulAddr) - consul.Register() kv, err := valkeyrie.NewStore( context.Background(), - store.CONSUL, + consul.StoreName, []string{consulAddr}, - &store.Config{ + &consul.Config{ ConnectionTimeout: 10 * time.Second, }, ) diff --git a/integration/etcd_test.go b/integration/etcd_test.go index 8f0630181..71d8a8fa2 100644 --- a/integration/etcd_test.go +++ b/integration/etcd_test.go @@ -11,9 +11,9 @@ import ( "time" "github.com/go-check/check" + "github.com/kvtools/etcdv3" "github.com/kvtools/valkeyrie" "github.com/kvtools/valkeyrie/store" - etcdv3 "github.com/kvtools/valkeyrie/store/etcd/v3" "github.com/pmezard/go-difflib/difflib" "github.com/traefik/traefik/v2/integration/try" "github.com/traefik/traefik/v2/pkg/api" @@ -31,15 +31,13 @@ func (s *EtcdSuite) SetUpSuite(c *check.C) { s.createComposeProject(c, "etcd") s.composeUp(c) - etcdv3.Register() - var err error s.etcdAddr = net.JoinHostPort(s.getComposeServiceIP(c, "etcd"), "2379") s.kvClient, err = valkeyrie.NewStore( context.Background(), - store.ETCDV3, + etcdv3.StoreName, []string{s.etcdAddr}, - &store.Config{ + &etcdv3.Config{ ConnectionTimeout: 10 * time.Second, }, ) diff --git a/integration/redis_test.go b/integration/redis_test.go index 859d5498a..b642691c4 100644 --- a/integration/redis_test.go +++ b/integration/redis_test.go @@ -11,9 +11,9 @@ import ( "time" "github.com/go-check/check" + "github.com/kvtools/redis" "github.com/kvtools/valkeyrie" "github.com/kvtools/valkeyrie/store" - "github.com/kvtools/valkeyrie/store/redis" "github.com/pmezard/go-difflib/difflib" "github.com/traefik/traefik/v2/integration/try" "github.com/traefik/traefik/v2/pkg/api" @@ -32,14 +32,12 @@ func (s *RedisSuite) setupStore(c *check.C) { s.composeUp(c) s.redisAddr = net.JoinHostPort(s.getComposeServiceIP(c, "redis"), "6379") - redis.Register() + kv, err := valkeyrie.NewStore( context.Background(), - store.REDIS, + redis.StoreName, []string{s.redisAddr}, - &store.Config{ - ConnectionTimeout: 10 * time.Second, - }, + &redis.Config{}, ) if err != nil { c.Fatal("Cannot create store redis") diff --git a/integration/zk_test.go b/integration/zk_test.go index 04ebbe5b2..63dcbb0b7 100644 --- a/integration/zk_test.go +++ b/integration/zk_test.go @@ -13,7 +13,7 @@ import ( "github.com/go-check/check" "github.com/kvtools/valkeyrie" "github.com/kvtools/valkeyrie/store" - "github.com/kvtools/valkeyrie/store/zookeeper" + "github.com/kvtools/zookeeper" "github.com/pmezard/go-difflib/difflib" "github.com/traefik/traefik/v2/integration/try" "github.com/traefik/traefik/v2/pkg/api" @@ -31,16 +31,14 @@ func (s *ZookeeperSuite) setupStore(c *check.C) { s.createComposeProject(c, "zookeeper") s.composeUp(c) - zookeeper.Register() - s.zookeeperAddr = net.JoinHostPort(s.getComposeServiceIP(c, "zookeeper"), "2181") var err error s.kvClient, err = valkeyrie.NewStore( context.Background(), - store.ZK, + zookeeper.StoreName, []string{s.zookeeperAddr}, - &store.Config{ + &zookeeper.Config{ ConnectionTimeout: 10 * time.Second, }, ) diff --git a/pkg/provider/kv/consul/consul.go b/pkg/provider/kv/consul/consul.go index 53f49a2c1..86aac23bf 100644 --- a/pkg/provider/kv/consul/consul.go +++ b/pkg/provider/kv/consul/consul.go @@ -1,12 +1,16 @@ package consul import ( + "context" "errors" + "fmt" + "time" - "github.com/kvtools/valkeyrie/store" + "github.com/kvtools/consul" "github.com/traefik/traefik/v2/pkg/log" "github.com/traefik/traefik/v2/pkg/provider" "github.com/traefik/traefik/v2/pkg/provider/kv" + "github.com/traefik/traefik/v2/pkg/types" ) // providerName is the Consul provider name. @@ -18,6 +22,9 @@ var _ provider.Provider = (*Provider)(nil) type ProviderBuilder struct { kv.Provider `yaml:",inline" export:"true"` + Token string `description:"Per-request ACL token." json:"token,omitempty" toml:"token,omitempty" yaml:"token,omitempty" loggable:"false"` + TLS *types.ClientTLS `description:"Enable TLS support." json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true"` + // Deprecated: use Namespaces instead. Namespace string `description:"Sets the namespace used to discover the configuration (Consul Enterprise only)." json:"namespace,omitempty" toml:"namespace,omitempty" yaml:"namespace,omitempty"` Namespaces []string `description:"Sets the namespaces used to discover the configuration (Consul Enterprise only)." json:"namespaces,omitempty" toml:"namespaces,omitempty" yaml:"namespaces,omitempty"` @@ -43,6 +50,8 @@ func (p *ProviderBuilder) BuildProviders() []*Provider { name: providerName, // p.Namespace could very well be empty. namespace: p.Namespace, + token: p.Token, + tls: p.TLS, }} } @@ -52,6 +61,8 @@ func (p *ProviderBuilder) BuildProviders() []*Provider { Provider: p.Provider, name: providerName + "-" + namespace, namespace: namespace, + token: p.Token, + tls: p.TLS, }) } @@ -64,6 +75,8 @@ type Provider struct { name string namespace string + token string + tls *types.ClientTLS } // Init the provider. @@ -79,5 +92,19 @@ func (p *Provider) Init() error { p.name = providerName } - return p.Provider.Init(store.CONSUL, p.name, p.namespace) + config := &consul.Config{ + ConnectionTimeout: 3 * time.Second, + Token: p.token, + Namespace: p.namespace, + } + + if p.tls != nil { + var err error + config.TLS, err = p.tls.CreateTLSConfig(context.Background()) + if err != nil { + return fmt.Errorf("unable to create client TLS configuration: %w", err) + } + } + + return p.Provider.Init(consul.StoreName, p.name, config) } diff --git a/pkg/provider/kv/etcd/etcd.go b/pkg/provider/kv/etcd/etcd.go index a4b83bfbf..7cf027fed 100644 --- a/pkg/provider/kv/etcd/etcd.go +++ b/pkg/provider/kv/etcd/etcd.go @@ -1,16 +1,25 @@ package etcd import ( - "github.com/kvtools/valkeyrie/store" + "context" + "fmt" + "time" + + "github.com/kvtools/etcdv3" "github.com/traefik/traefik/v2/pkg/provider" "github.com/traefik/traefik/v2/pkg/provider/kv" + "github.com/traefik/traefik/v2/pkg/types" ) var _ provider.Provider = (*Provider)(nil) // Provider holds configurations of the provider. type Provider struct { - kv.Provider `export:"true"` + kv.Provider `yaml:",inline" export:"true"` + + TLS *types.ClientTLS `description:"Enable TLS support." json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true"` + Username string `description:"Username for authentication." json:"username,omitempty" toml:"username,omitempty" yaml:"username,omitempty" loggable:"false"` + Password string `description:"Password for authentication." json:"password,omitempty" toml:"password,omitempty" yaml:"password,omitempty" loggable:"false"` } // SetDefaults sets the default values. @@ -21,5 +30,19 @@ func (p *Provider) SetDefaults() { // Init the provider. func (p *Provider) Init() error { - return p.Provider.Init(store.ETCDV3, "etcd", "") + config := &etcdv3.Config{ + ConnectionTimeout: 3 * time.Second, + Username: p.Username, + Password: p.Password, + } + + if p.TLS != nil { + var err error + config.TLS, err = p.TLS.CreateTLSConfig(context.Background()) + if err != nil { + return fmt.Errorf("unable to create client TLS configuration: %w", err) + } + } + + return p.Provider.Init(etcdv3.StoreName, "etcd", config) } diff --git a/pkg/provider/kv/kv.go b/pkg/provider/kv/kv.go index 4ced1362a..3bbf201f9 100644 --- a/pkg/provider/kv/kv.go +++ b/pkg/provider/kv/kv.go @@ -10,32 +10,21 @@ import ( "github.com/cenkalti/backoff/v4" "github.com/kvtools/valkeyrie" "github.com/kvtools/valkeyrie/store" - "github.com/kvtools/valkeyrie/store/consul" - etcdv3 "github.com/kvtools/valkeyrie/store/etcd/v3" - "github.com/kvtools/valkeyrie/store/redis" - "github.com/kvtools/valkeyrie/store/zookeeper" "github.com/traefik/traefik/v2/pkg/config/dynamic" "github.com/traefik/traefik/v2/pkg/config/kv" "github.com/traefik/traefik/v2/pkg/job" "github.com/traefik/traefik/v2/pkg/log" "github.com/traefik/traefik/v2/pkg/safe" - "github.com/traefik/traefik/v2/pkg/types" ) // Provider holds configurations of the provider. type Provider struct { - RootKey string `description:"Root key used for KV store" json:"rootKey,omitempty" toml:"rootKey,omitempty" yaml:"rootKey,omitempty"` + RootKey string `description:"Root key used for KV store." json:"rootKey,omitempty" toml:"rootKey,omitempty" yaml:"rootKey,omitempty"` - Endpoints []string `description:"KV store endpoints" json:"endpoints,omitempty" toml:"endpoints,omitempty" yaml:"endpoints,omitempty"` - Username string `description:"KV Username" json:"username,omitempty" toml:"username,omitempty" yaml:"username,omitempty" loggable:"false"` - Password string `description:"KV Password" json:"password,omitempty" toml:"password,omitempty" yaml:"password,omitempty" loggable:"false"` - Token string `description:"KV Token" json:"token,omitempty" toml:"token,omitempty" yaml:"token,omitempty" loggable:"false"` - TLS *types.ClientTLS `description:"Enable TLS support" json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true" ` + Endpoints []string `description:"KV store endpoints." json:"endpoints,omitempty" toml:"endpoints,omitempty" yaml:"endpoints,omitempty"` - name string - namespace string - storeType store.Backend - kvClient store.Store + name string + kvClient store.Store } // SetDefaults sets the default values. @@ -44,14 +33,12 @@ func (p *Provider) SetDefaults() { } // Init the provider. -func (p *Provider) Init(storeType store.Backend, name, namespace string) error { +func (p *Provider) Init(storeType, name string, config valkeyrie.Config) error { ctx := log.With(context.Background(), log.Str(log.ProviderName, name)) p.name = name - p.namespace = namespace - p.storeType = storeType - kvClient, err := p.createKVClient(ctx) + kvClient, err := p.createKVClient(ctx, storeType, config) if err != nil { return fmt.Errorf("failed to Connect to KV store: %w", err) } @@ -161,36 +148,8 @@ func (p *Provider) buildConfiguration(ctx context.Context) (*dynamic.Configurati return cfg, nil } -func (p *Provider) createKVClient(ctx context.Context) (store.Store, error) { - storeConfig := &store.Config{ - ConnectionTimeout: 3 * time.Second, - Bucket: "traefik", - Username: p.Username, - Password: p.Password, - Token: p.Token, - Namespace: p.namespace, - } - - if p.TLS != nil { - var err error - storeConfig.TLS, err = p.TLS.CreateTLSConfig(ctx) - if err != nil { - return nil, fmt.Errorf("unable to create client TLS configuration: %w", err) - } - } - - switch p.storeType { - case store.CONSUL: - consul.Register() - case store.ETCDV3: - etcdv3.Register() - case store.ZK: - zookeeper.Register() - case store.REDIS: - redis.Register() - } - - kvStore, err := valkeyrie.NewStore(ctx, p.storeType, p.Endpoints, storeConfig) +func (p *Provider) createKVClient(ctx context.Context, storeType string, config valkeyrie.Config) (store.Store, error) { + kvStore, err := valkeyrie.NewStore(ctx, storeType, p.Endpoints, config) if err != nil { return nil, err } diff --git a/pkg/provider/kv/redis/redis.go b/pkg/provider/kv/redis/redis.go index 96e48380e..546c93d94 100644 --- a/pkg/provider/kv/redis/redis.go +++ b/pkg/provider/kv/redis/redis.go @@ -1,16 +1,25 @@ package redis import ( - "github.com/kvtools/valkeyrie/store" + "context" + "fmt" + + "github.com/kvtools/redis" "github.com/traefik/traefik/v2/pkg/provider" "github.com/traefik/traefik/v2/pkg/provider/kv" + "github.com/traefik/traefik/v2/pkg/types" ) var _ provider.Provider = (*Provider)(nil) // Provider holds configurations of the provider. type Provider struct { - kv.Provider `export:"true"` + kv.Provider `yaml:",inline" export:"true"` + + TLS *types.ClientTLS `description:"Enable TLS support." json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true"` + Username string `description:"Username for authentication." json:"username,omitempty" toml:"username,omitempty" yaml:"username,omitempty" loggable:"false"` + Password string `description:"Password for authentication." json:"password,omitempty" toml:"password,omitempty" yaml:"password,omitempty" loggable:"false"` + DB int `description:"Database to be selected after connecting to the server." json:"db,omitempty" toml:"db,omitempty" yaml:"db,omitempty"` } // SetDefaults sets the default values. @@ -21,5 +30,19 @@ func (p *Provider) SetDefaults() { // Init the provider. func (p *Provider) Init() error { - return p.Provider.Init(store.REDIS, "redis", "") + config := redis.Config{ + Username: p.Username, + Password: p.Password, + DB: p.DB, + } + + if p.TLS != nil { + var err error + config.TLS, err = p.TLS.CreateTLSConfig(context.Background()) + if err != nil { + return fmt.Errorf("unable to create client TLS configuration: %w", err) + } + } + + return p.Provider.Init(redis.StoreName, "redis", config) } diff --git a/pkg/provider/kv/zk/zk.go b/pkg/provider/kv/zk/zk.go index 01e5c9698..28b7fee12 100644 --- a/pkg/provider/kv/zk/zk.go +++ b/pkg/provider/kv/zk/zk.go @@ -1,7 +1,9 @@ package zk import ( - "github.com/kvtools/valkeyrie/store" + "time" + + "github.com/kvtools/zookeeper" "github.com/traefik/traefik/v2/pkg/provider" "github.com/traefik/traefik/v2/pkg/provider/kv" ) @@ -10,7 +12,10 @@ var _ provider.Provider = (*Provider)(nil) // Provider holds configurations of the provider. type Provider struct { - kv.Provider `export:"true"` + kv.Provider `yaml:",inline" export:"true"` + + Username string `description:"Username for authentication." json:"username,omitempty" toml:"username,omitempty" yaml:"username,omitempty" loggable:"false"` + Password string `description:"Password for authentication." json:"password,omitempty" toml:"password,omitempty" yaml:"password,omitempty" loggable:"false"` } // SetDefaults sets the default values. @@ -21,5 +26,11 @@ func (p *Provider) SetDefaults() { // Init the provider. func (p *Provider) Init() error { - return p.Provider.Init(store.ZK, "zookeeper", "") + config := &zookeeper.Config{ + ConnectionTimeout: 3 * time.Second, + Username: p.Username, + Password: p.Password, + } + + return p.Provider.Init(zookeeper.StoreName, "zookeeper", config) } diff --git a/pkg/redactor/redactor_config_test.go b/pkg/redactor/redactor_config_test.go index 2314b8cd7..af7f131c9 100644 --- a/pkg/redactor/redactor_config_test.go +++ b/pkg/redactor/redactor_config_test.go @@ -730,15 +730,14 @@ func TestDo_staticConfiguration(t *testing.T) { Provider: kv.Provider{ RootKey: "RootKey", Endpoints: nil, - Username: "username", - Password: "password", - TLS: &types.ClientTLS{ - CA: "myCa", - CAOptional: true, - Cert: "mycert.pem", - Key: "mycert.key", - InsecureSkipVerify: true, - }, + }, + Token: "secret", + TLS: &types.ClientTLS{ + CA: "myCa", + CAOptional: true, + Cert: "mycert.pem", + Key: "mycert.key", + InsecureSkipVerify: true, }, Namespace: "ns", Namespaces: []string{"ns1", "ns2"}, @@ -748,15 +747,15 @@ func TestDo_staticConfiguration(t *testing.T) { Provider: kv.Provider{ RootKey: "RootKey", Endpoints: nil, - Username: "username", - Password: "password", - TLS: &types.ClientTLS{ - CA: "myCa", - CAOptional: true, - Cert: "mycert.pem", - Key: "mycert.key", - InsecureSkipVerify: true, - }, + }, + Username: "username", + Password: "password", + TLS: &types.ClientTLS{ + CA: "myCa", + CAOptional: true, + Cert: "mycert.pem", + Key: "mycert.key", + InsecureSkipVerify: true, }, } @@ -764,31 +763,24 @@ func TestDo_staticConfiguration(t *testing.T) { Provider: kv.Provider{ RootKey: "RootKey", Endpoints: nil, - Username: "username", - Password: "password", - TLS: &types.ClientTLS{ - CA: "myCa", - CAOptional: true, - Cert: "mycert.pem", - Key: "mycert.key", - InsecureSkipVerify: true, - }, }, + Username: "username", + Password: "password", } config.Providers.Redis = &redis.Provider{ Provider: kv.Provider{ RootKey: "RootKey", Endpoints: nil, - Username: "username", - Password: "password", - TLS: &types.ClientTLS{ - CA: "myCa", - CAOptional: true, - Cert: "mycert.pem", - Key: "mycert.key", - InsecureSkipVerify: true, - }, + }, + Username: "username", + Password: "password", + TLS: &types.ClientTLS{ + CA: "myCa", + CAOptional: true, + Cert: "mycert.pem", + Key: "mycert.key", + InsecureSkipVerify: true, }, } diff --git a/pkg/redactor/testdata/anonymized-static-config.json b/pkg/redactor/testdata/anonymized-static-config.json index 6773b047a..e159142a4 100644 --- a/pkg/redactor/testdata/anonymized-static-config.json +++ b/pkg/redactor/testdata/anonymized-static-config.json @@ -229,8 +229,7 @@ }, "consul": { "rootKey": "xxxx", - "username": "xxxx", - "password": "xxxx", + "token": "xxxx", "tls": { "ca": "xxxx", "caOptional": true, @@ -246,39 +245,32 @@ }, "etcd": { "rootKey": "xxxx", - "username": "xxxx", - "password": "xxxx", "tls": { "ca": "xxxx", "caOptional": true, "cert": "xxxx", "key": "xxxx", "insecureSkipVerify": true - } + }, + "username": "xxxx", + "password": "xxxx" }, "zooKeeper": { "rootKey": "xxxx", "username": "xxxx", - "password": "xxxx", - "tls": { - "ca": "xxxx", - "caOptional": true, - "cert": "xxxx", - "key": "xxxx", - "insecureSkipVerify": true - } + "password": "xxxx" }, "redis": { "rootKey": "xxxx", - "username": "xxxx", - "password": "xxxx", "tls": { "ca": "xxxx", "caOptional": true, "cert": "xxxx", "key": "xxxx", "insecureSkipVerify": true - } + }, + "username": "xxxx", + "password": "xxxx" }, "http": { "endpoint": "xxxx", @@ -476,4 +468,4 @@ } } } -} +} \ No newline at end of file diff --git a/pkg/types/tls.go b/pkg/types/tls.go index 821ac0c78..61cf5346c 100644 --- a/pkg/types/tls.go +++ b/pkg/types/tls.go @@ -25,29 +25,29 @@ type ClientTLS struct { } // CreateTLSConfig creates a TLS config from ClientTLS structures. -func (clientTLS *ClientTLS) CreateTLSConfig(ctx context.Context) (*tls.Config, error) { - if clientTLS == nil { +func (c *ClientTLS) CreateTLSConfig(ctx context.Context) (*tls.Config, error) { + if c == nil { log.FromContext(ctx).Warnf("clientTLS is nil") return nil, nil } - if clientTLS.CAOptional { + if c.CAOptional { log.FromContext(ctx).Warn("CAOptional is deprecated, TLS client authentication is a server side option.") } // Not initialized, to rely on system bundle. var caPool *x509.CertPool - if clientTLS.CA != "" { + if c.CA != "" { var ca []byte - if _, errCA := os.Stat(clientTLS.CA); errCA == nil { + if _, errCA := os.Stat(c.CA); errCA == nil { var err error - ca, err = os.ReadFile(clientTLS.CA) + ca, err = os.ReadFile(c.CA) if err != nil { return nil, fmt.Errorf("failed to read CA. %w", err) } } else { - ca = []byte(clientTLS.CA) + ca = []byte(c.CA) } caPool = x509.NewCertPool() @@ -56,8 +56,8 @@ func (clientTLS *ClientTLS) CreateTLSConfig(ctx context.Context) (*tls.Config, e } } - hasCert := len(clientTLS.Cert) > 0 - hasKey := len(clientTLS.Key) > 0 + hasCert := len(c.Cert) > 0 + hasKey := len(c.Key) > 0 if hasCert != hasKey { return nil, errors.New("both TLS cert and key must be defined") @@ -66,11 +66,11 @@ func (clientTLS *ClientTLS) CreateTLSConfig(ctx context.Context) (*tls.Config, e if !hasCert || !hasKey { return &tls.Config{ RootCAs: caPool, - InsecureSkipVerify: clientTLS.InsecureSkipVerify, + InsecureSkipVerify: c.InsecureSkipVerify, }, nil } - cert, err := loadKeyPair(clientTLS.Cert, clientTLS.Key) + cert, err := loadKeyPair(c.Cert, c.Key) if err != nil { return nil, err } @@ -78,7 +78,7 @@ func (clientTLS *ClientTLS) CreateTLSConfig(ctx context.Context) (*tls.Config, e return &tls.Config{ Certificates: []tls.Certificate{cert}, RootCAs: caPool, - InsecureSkipVerify: clientTLS.InsecureSkipVerify, + InsecureSkipVerify: c.InsecureSkipVerify, }, nil }