config: fix TLS config when address and grpc_address are the same (#2975)

2025-04-29 02:16:28 +02:00 · 2022-01-27 09:18:07 -07:00 · 2022-01-27 09:18:07 -07:00 · fbdbe9c86f
commit fbdbe9c86f
parent 7fbf0e522c
2 changed files with 40 additions and 7 deletions
--- a/config/envoyconfig/listeners.go
+++ b/config/envoyconfig/listeners.go
@ -21,6 +21,7 @@ import (
 	"github.com/golang/protobuf/ptypes"
 	"github.com/golang/protobuf/ptypes/any"
 	"github.com/golang/protobuf/ptypes/wrappers"
+	"github.com/scylladb/go-set"
 	"google.golang.org/protobuf/types/known/durationpb"
 	"google.golang.org/protobuf/types/known/emptypb"
 	"google.golang.org/protobuf/types/known/wrapperspb"
@ -734,15 +735,28 @@ func getRouteableDomainsForTLSDomain(options *config.Options, addr string, tlsDo
 }

 func getAllRouteableDomains(options *config.Options, addr string) ([]string, error) {
-	switch addr {
-	case options.Addr:
-		return options.GetAllRouteableHTTPDomains()
-	case options.GetGRPCAddr():
-		return options.GetAllRouteableGRPCDomains()
+	allDomains := set.NewStringSet()
+
+	if addr == options.Addr {
+		domains, err := options.GetAllRouteableHTTPDomains()
+		if err != nil {
+			return nil, err
+		}
+		allDomains.Add(domains...)
 	}

-	// no other domains supported
-	return nil, nil
+	if addr == options.GetGRPCAddr() {
+		domains, err := options.GetAllRouteableGRPCDomains()
+		if err != nil {
+			return nil, err
+		}
+		allDomains.Add(domains...)
+	}
+
+	domains := allDomains.List()
+	sort.Strings(domains)
+
+	return domains, nil
 }

 func getAllTLSDomains(options *config.Options, addr string) ([]string, error) {
--- a/config/envoyconfig/listeners_test.go
+++ b/config/envoyconfig/listeners_test.go
@ -750,6 +750,25 @@ func Test_getAllDomains(t *testing.T) {
 			}
 			assert.Equal(t, expect, actual)
 		})
+		t.Run("both", func(t *testing.T) {
+			newOptions := *options
+			newOptions.GRPCAddr = newOptions.Addr
+			actual, err := getAllRouteableDomains(&newOptions, "127.0.0.1:9000")
+			require.NoError(t, err)
+			expect := []string{
+				"a.example.com",
+				"a.example.com:80",
+				"authenticate.example.com",
+				"authenticate.example.com:443",
+				"authorize.example.com:9001",
+				"b.example.com",
+				"b.example.com:443",
+				"c.example.com",
+				"c.example.com:443",
+				"cache.example.com:9001",
+			}
+			assert.Equal(t, expect, actual)
+		})
 	})
 	t.Run("tls", func(t *testing.T) {
 		t.Run("http", func(t *testing.T) {