Skip to content

Backport of added check if anonymous token policy exists into release/1.1.x#2863

Merged
aahel merged 2 commits intorelease/1.1.xfrom
backport/NET-5174/anonymous-token-policy/wholly-patient-cheetah
Aug 30, 2023
Merged

Backport of added check if anonymous token policy exists into release/1.1.x#2863
aahel merged 2 commits intorelease/1.1.xfrom
backport/NET-5174/anonymous-token-policy/wholly-patient-cheetah

Conversation

@hc-github-team-consul-core
Copy link
Copy Markdown
Collaborator

@hc-github-team-consul-core hc-github-team-consul-core commented Aug 30, 2023

Backport

This PR is auto-generated from #2790 to be assessed for backporting due to the inclusion of the label backport/1.1.x.

🚨

Warning automatic cherry-pick of commits failed. If the first commit failed,
you will see a blank no-op commit below. If at least one commit succeeded, you
will see the cherry-picked commits up to, not including, the commit where
the merge conflict occurred.

The person who merged in the original PR is:
@aahel
This person should manually cherry-pick the original PR into a new backport PR,
and close this one when the manual backport PR is merged in.

merge conflict error: POST https://api.github.com/repos/hashicorp/consul-k8s/merges: 409 Merge conflict []

The below text is copied from the body of the original PR.

Changes proposed in this PR:

Prevent updating anonymous token if it already exists and is attached to the anonymous token policy

How I've tested this PR:

  • setup the deafault partiton and create a non-default partition called my-partition.
  • modified the anonymous token policy rule.
  • created helm deployment in my-partiton using acl bootstrap token with following policies.
acl = "read"
operator = "read"
agent_prefix "" {
  policy = "read"
}
partition "my-partition" {
  acl = "write"
  mesh = "write"
  peering = "write"
  namespace_prefix "" {
    policy = "write"
  }
  service_prefix "" {
    policy = "write"
  }
}
  • server-acl-acl init was successfull and anonymous token policy rule didn't get updated

How I expect reviewers to test this PR:

Checklist:

Overview of commits

@hc-github-team-consul-core hc-github-team-consul-core force-pushed the backport/NET-5174/anonymous-token-policy/wholly-patient-cheetah branch from 69502c7 to 0873227 Compare August 30, 2023 05:24
@hc-github-team-consul-core hc-github-team-consul-core force-pushed the backport/NET-5174/anonymous-token-policy/wholly-patient-cheetah branch from 0873227 to 69502c7 Compare August 30, 2023 05:24
@aahel aahel marked this pull request as ready for review August 30, 2023 05:33
@aahel
added check if anonymous token policy exists (#2790)
150954c 
* added check if anonymous token policy exists

* changed checkIfAnonymousTokenPolicyExists impl

* made consts private

* added test for configureAnonymousPolicy

* fixed unit test

* fixed test and minor refactoring

* fix typo

* changed some var names

* added changelog
@aahel aahel enabled auto-merge (squash) August 30, 2023 07:49
@aahel aahel merged commit c21d0a4 into release/1.1.x Aug 30, 2023
@aahel aahel deleted the backport/NET-5174/anonymous-token-policy/wholly-patient-cheetah branch August 30, 2023 08:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@aahel aahel aahel approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@aahel aahel

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hc-github-team-consul-core @aahel