mirror of
https://github.com/minio/minio.git
synced 2025-11-07 12:52:58 -05:00
Add subsystem level validation on config set (#14269)
When setting a config of a particular sub-system, validate the existing config and notification targets of only that sub-system, so that existing errors related to one sub-system (e.g. notification target offline) do not result in errors for other sub-systems.
This commit is contained in:
Shireesh Anjal
GitHub
@@ -394,14 +394,7 @@ func GetAuditKafka(kafkaKVS map[string]config.KVS) (map[string]kafka.Config, err
|
||||
return kafkaTargets, nil
|
||||
}
|
||||
|
||||
// LookupConfig - lookup logger config, override with ENVs if set.
|
||||
func LookupConfig(scfg config.Config) (Config, error) {
|
||||
// Lookup for legacy environment variables first
|
||||
cfg, err := lookupLegacyConfig()
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
func lookupLoggerWebhookConfig(scfg config.Config, cfg Config) (Config, error) {
|
||||
envs := env.List(EnvLoggerWebhookEndpoint)
|
||||
var loggerTargets []string
|
||||
for _, k := range envs {
|
||||
@@ -412,16 +405,6 @@ func LookupConfig(scfg config.Config) (Config, error) {
|
||||
loggerTargets = append(loggerTargets, target)
|
||||
}
|
||||
|
||||
var loggerAuditTargets []string
|
||||
envs = env.List(EnvAuditWebhookEndpoint)
|
||||
for _, k := range envs {
|
||||
target := strings.TrimPrefix(k, EnvAuditWebhookEndpoint+config.Default)
|
||||
if target == EnvAuditWebhookEndpoint {
|
||||
target = config.Default
|
||||
}
|
||||
loggerAuditTargets = append(loggerAuditTargets, target)
|
||||
}
|
||||
|
||||
// Load HTTP logger from the environment if found
|
||||
for _, target := range loggerTargets {
|
||||
if v, ok := cfg.HTTP[target]; ok && v.Enabled {
|
||||
@@ -478,6 +461,62 @@ func LookupConfig(scfg config.Config) (Config, error) {
|
||||
}
|
||||
}
|
||||
|
||||
for starget, kv := range scfg[config.LoggerWebhookSubSys] {
|
||||
if l, ok := cfg.HTTP[starget]; ok && l.Enabled {
|
||||
// Ignore this HTTP logger config since there is
|
||||
// a target with the same name loaded and enabled
|
||||
// from the environment.
|
||||
continue
|
||||
}
|
||||
subSysTarget := config.LoggerWebhookSubSys
|
||||
if starget != config.Default {
|
||||
subSysTarget = config.LoggerWebhookSubSys + config.SubSystemSeparator + starget
|
||||
}
|
||||
if err := config.CheckValidKeys(subSysTarget, kv, DefaultLoggerWebhookKVS); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
enabled, err := config.ParseBool(kv.Get(config.Enable))
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
if !enabled {
|
||||
continue
|
||||
}
|
||||
err = config.EnsureCertAndKey(kv.Get(ClientCert), kv.Get(ClientKey))
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
queueSize, err := strconv.Atoi(kv.Get(QueueSize))
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
if queueSize <= 0 {
|
||||
return cfg, errors.New("invalid queue_size value")
|
||||
}
|
||||
cfg.HTTP[starget] = http.Config{
|
||||
Enabled: true,
|
||||
Endpoint: kv.Get(Endpoint),
|
||||
AuthToken: kv.Get(AuthToken),
|
||||
ClientCert: kv.Get(ClientCert),
|
||||
ClientKey: kv.Get(ClientKey),
|
||||
QueueSize: queueSize,
|
||||
}
|
||||
}
|
||||
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
func lookupAuditWebhookConfig(scfg config.Config, cfg Config) (Config, error) {
|
||||
var loggerAuditTargets []string
|
||||
envs := env.List(EnvAuditWebhookEndpoint)
|
||||
for _, k := range envs {
|
||||
target := strings.TrimPrefix(k, EnvAuditWebhookEndpoint+config.Default)
|
||||
if target == EnvAuditWebhookEndpoint {
|
||||
target = config.Default
|
||||
}
|
||||
loggerAuditTargets = append(loggerAuditTargets, target)
|
||||
}
|
||||
|
||||
for _, target := range loggerAuditTargets {
|
||||
if v, ok := cfg.AuditWebhook[target]; ok && v.Enabled {
|
||||
// This target is already enabled using the
|
||||
@@ -533,48 +572,6 @@ func LookupConfig(scfg config.Config) (Config, error) {
|
||||
}
|
||||
}
|
||||
|
||||
for starget, kv := range scfg[config.LoggerWebhookSubSys] {
|
||||
if l, ok := cfg.HTTP[starget]; ok && l.Enabled {
|
||||
// Ignore this HTTP logger config since there is
|
||||
// a target with the same name loaded and enabled
|
||||
// from the environment.
|
||||
continue
|
||||
}
|
||||
subSysTarget := config.LoggerWebhookSubSys
|
||||
if starget != config.Default {
|
||||
subSysTarget = config.LoggerWebhookSubSys + config.SubSystemSeparator + starget
|
||||
}
|
||||
if err := config.CheckValidKeys(subSysTarget, kv, DefaultLoggerWebhookKVS); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
enabled, err := config.ParseBool(kv.Get(config.Enable))
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
if !enabled {
|
||||
continue
|
||||
}
|
||||
err = config.EnsureCertAndKey(kv.Get(ClientCert), kv.Get(ClientKey))
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
queueSize, err := strconv.Atoi(kv.Get(QueueSize))
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
if queueSize <= 0 {
|
||||
return cfg, errors.New("invalid queue_size value")
|
||||
}
|
||||
cfg.HTTP[starget] = http.Config{
|
||||
Enabled: true,
|
||||
Endpoint: kv.Get(Endpoint),
|
||||
AuthToken: kv.Get(AuthToken),
|
||||
ClientCert: kv.Get(ClientCert),
|
||||
ClientKey: kv.Get(ClientKey),
|
||||
QueueSize: queueSize,
|
||||
}
|
||||
}
|
||||
|
||||
for starget, kv := range scfg[config.AuditWebhookSubSys] {
|
||||
if l, ok := cfg.AuditWebhook[starget]; ok && l.Enabled {
|
||||
// Ignore this audit config since another target
|
||||
@@ -617,10 +614,49 @@ func LookupConfig(scfg config.Config) (Config, error) {
|
||||
}
|
||||
}
|
||||
|
||||
cfg.AuditKafka, err = GetAuditKafka(scfg[config.AuditKafkaSubSys])
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
// LookupConfig - lookup logger config, override with ENVs if set.
|
||||
func LookupConfig(scfg config.Config) (Config, error) {
|
||||
// Lookup for legacy environment variables first
|
||||
cfg, err := lookupLegacyConfig()
|
||||
if err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
for _, ss := range config.LoggerSubSystems.ToSlice() {
|
||||
lookupConfigForSubSys(scfg, cfg, ss)
|
||||
}
|
||||
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
func lookupConfigForSubSys(scfg config.Config, cfg Config, subSys string) (Config, error) {
|
||||
switch subSys {
|
||||
case config.LoggerWebhookSubSys:
|
||||
if _, err := lookupLoggerWebhookConfig(scfg, cfg); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
case config.AuditWebhookSubSys:
|
||||
if _, err := lookupAuditWebhookConfig(scfg, cfg); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
case config.AuditKafkaSubSys:
|
||||
if _, err := GetAuditKafka(scfg[config.AuditKafkaSubSys]); err != nil {
|
||||
return cfg, err
|
||||
}
|
||||
}
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
// ValidateSubSysConfig - validates logger related config of given sub-system
|
||||
func ValidateSubSysConfig(scfg config.Config, subSys string) error {
|
||||
// Lookup for legacy environment variables first
|
||||
cfg, err := lookupLegacyConfig()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = lookupConfigForSubSys(scfg, cfg, subSys)
|
||||
return err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user