From 49b5d9f5962faf0e568206870b3c01fbd4793917 Mon Sep 17 00:00:00 2001 From: Matt Keeler Date: Tue, 8 Jan 2019 16:38:08 -0500 Subject: [PATCH] cache: Pass through wait query param to the cache.Get This adds a MaxQueryTime field to the connect ca leaf cache request type and populates it via the wait query param. The cache will then do the right thing and timeout the operation as expected if no new leaf cert is available within that time. Fixes #4462 --- agent/agent_endpoint.go | 1 + agent/agent_endpoint_test.go | 19 +++++++++++++++++++ agent/cache-types/connect_ca_leaf.go | 2 ++ 3 files changed, 22 insertions(+) diff --git a/agent/agent_endpoint.go b/agent/agent_endpoint.go index f8a56f177fd4..4ac4519c1ac9 100644 --- a/agent/agent_endpoint.go +++ b/agent/agent_endpoint.go @@ -1335,6 +1335,7 @@ func (s *HTTPServer) AgentConnectCALeafCert(resp http.ResponseWriter, req *http. return nil, nil } args.MinQueryIndex = qOpts.MinQueryIndex + args.MaxQueryTime = qOpts.MaxQueryTime // Verify the proxy token. This will check both the local proxy token // as well as the ACL if the token isn't local. The checks done in diff --git a/agent/agent_endpoint_test.go b/agent/agent_endpoint_test.go index e2ecc5ed33e6..846b9fd5ba91 100644 --- a/agent/agent_endpoint_test.go +++ b/agent/agent_endpoint_test.go @@ -4715,6 +4715,25 @@ func TestAgentConnectCALeafCert_goodNotLocal(t *testing.T) { require.Equal("HIT", resp.Header().Get("X-Cache")) } + // Test Blocking - see https://github.com/hashicorp/consul/issues/4462 + { + // Fetch it again + resp := httptest.NewRecorder() + blockingReq, _ := http.NewRequest("GET", fmt.Sprintf("/v1/agent/connect/ca/leaf/test?wait=125ms&index=%d", issued.ModifyIndex), nil) + doneCh := make(chan struct{}) + go func() { + a.srv.AgentConnectCALeafCert(resp, blockingReq) + close(doneCh) + }() + + select { + case <-time.After(500 * time.Millisecond): + require.FailNow("Shouldn't block for this long - not respecting wait parameter in the query") + + case <-doneCh: + } + } + // Test that caching is updated in the background { // Set a new CA diff --git a/agent/cache-types/connect_ca_leaf.go b/agent/cache-types/connect_ca_leaf.go index b85beb4c2632..eb64b0576aeb 100644 --- a/agent/cache-types/connect_ca_leaf.go +++ b/agent/cache-types/connect_ca_leaf.go @@ -263,6 +263,7 @@ type ConnectCALeafRequest struct { Datacenter string Service string // Service name, not ID MinQueryIndex uint64 + MaxQueryTime time.Duration } func (r *ConnectCALeafRequest) CacheInfo() cache.RequestInfo { @@ -271,5 +272,6 @@ func (r *ConnectCALeafRequest) CacheInfo() cache.RequestInfo { Key: r.Service, Datacenter: r.Datacenter, MinIndex: r.MinQueryIndex, + Timeout: r.MaxQueryTime, } }