Separate ACL types, update workflow

Updated workflows to build and test with feature flags.
Updated the CI/CD workflow consul config file.
Moved ACL-related types into a new acl_types.rs to make them easier to feature-gate.

Author: x0rw

.github/workflows/main.yml

@@ -11,20 +11,20 @@ jobs:
   build:
     strategy:
       matrix:
-        features: [""]
+        features: ["", "acl"]
     runs-on: "ubuntu-latest"
     container: rust:1.82
 
     steps:
       - uses: actions/checkout@v2
 
       - name: Build
-        run: cargo build ${{ matrix.features }}
+        run: cargo build --features "${{ matrix.features }}"
 
   test:
     strategy:
       matrix:
-        features: [""]
+        features: ["", "acl"]
     runs-on: "ubuntu-latest"
     container: rust:1.82
     services:
@@ -33,7 +33,7 @@ jobs:
         env:
           # We pass the config as a JSON here to simulate one service with 3 nodes.
           # TODO: Ideally, we should use the same setup in local environment (`testdata/config.hcl`) in GHA test.
-          CONSUL_LOCAL_CONFIG: '{"acl": [{"default_policy": "allow", "enable_token_persistence": true, "enabled": true}], "services": [ {"address": "1.1.1.1", "checks": [], "id": "test-service-1", "name": "test-service", "port": 20001, "tags": ["first"]}, {"address": "2.2.2.2", "checks": [], "id": "test-service-2", "name": "test-service", "port": 20002, "tags": ["second"]}, {"address": "3.3.3.3", "checks": [], "id": "test-service-3", "name": "test-service", "port": 20003, "tags": ["third"]} ]}'
+          CONSUL_LOCAL_CONFIG: '{"acl":[{"enabled":true,"default_policy":"allow","enable_token_persistence":true,"tokens":[{"initial_management":"8fc9e787-674f-0709-cfd5-bfdabd73a70d"}]}],"services":[{"id":"test-service-1","name":"test-service","address":"1.1.1.1","port":20001,"checks":[],"tags":["first"]},{"id":"test-service-2","name":"test-service","address":"2.2.2.2","port":20002,"checks":[],"tags":["second"]},{"id":"test-service-3","name":"test-service","address":"3.3.3.3","port":20003,"checks":[],"tags":["third"]}]}'
 
     env:
       CONSUL_HTTP_ADDR: http://consul:8500
@@ -42,4 +42,4 @@ jobs:
       - uses: actions/checkout@v2
 
       - name: Test
-        run: cargo test ${{ matrix.features }}
+        run: cargo test --features "${{ matrix.features }}"

.github/workflows/publish.yml

@@ -13,15 +13,17 @@ jobs:
         env:
           # We pass the config as a JSON here to simulate one service with 3 nodes.
           # TODO: Ideally, we should use the same setup in local environment (`testdata/config.hcl`) in GHA test.
-          CONSUL_LOCAL_CONFIG: '{"acl": [{"default_policy": "allow", "enable_token_persistence": true, "enabled": true}], "services": [ {"address": "1.1.1.1", "checks": [], "id": "test-service-1", "name": "test-service", "port": 20001, "tags": ["first"]}, {"address": "2.2.2.2", "checks": [], "id": "test-service-2", "name": "test-service", "port": 20002, "tags": ["second"]}, {"address": "3.3.3.3", "checks": [], "id": "test-service-3", "name": "test-service", "port": 20003, "tags": ["third"]} ]}'
+          CONSUL_LOCAL_CONFIG: '{"acl":[{"enabled":true,"default_policy":"allow","enable_token_persistence":true,"tokens":[{"initial_management":"8fc9e787-674f-0709-cfd5-bfdabd73a70d"}]}],"services":[{"id":"test-service-1","name":"test-service","address":"1.1.1.1","port":20001,"checks":[],"tags":["first"]},{"id":"test-service-2","name":"test-service","address":"2.2.2.2","port":20002,"checks":[],"tags":["second"]},{"id":"test-service-3","name":"test-service","address":"3.3.3.3","port":20003,"checks":[],"tags":["third"]}]}'
     env:
       CONSUL_HTTP_ADDR: http://consul:8500
-
+    strategy:
+      matrix:
+        features: ["", "acl"]
     steps:
       - uses: actions/checkout@v2
 
-      - name: Test
-        run: cargo test
+      - name: Tests
+        run: cargo test --features "${{ matrix.features }}"
 
   dry-run:
     runs-on: ubuntu-latest

Cargo.toml

@@ -64,10 +64,10 @@ required-features = ["acl"]
 
 [[example]]
 name = "get_acl_tokens"
-path = "examples/get_acl_policies.rs"
+path = "examples/get_acl_tokens.rs"
 required-features = ["acl"]
 
 [[example]]
 name = "read_token"
-path = "examples/get_acl_policies.rs"
+path = "examples/read_token.rs"
 required-features = ["acl"]

src/acl.rs

@@ -1,19 +1,22 @@
 use std::time::Duration;
 
 use crate::errors::ConsulError;
-use crate::types::ACLPolicy;
-use crate::types::ACLToken;
-use crate::types::CreateACLPolicyRequest;
+use crate::ACLPolicy;
+use crate::ACLToken;
 use crate::Consul;
+use crate::CreateACLPolicyRequest;
 use crate::CreateACLTokenPayload;
 use crate::Function;
 use crate::Result;
+
 use http::Method;
 use http_body_util::combinators::BoxBody;
 use http_body_util::Empty;
 use http_body_util::Full;
+
 use hyper::body::Buf;
 use hyper::body::Bytes;
+
 impl Consul {
     /// Returns all ACL tokens.
     ///

src/acl_types.rs

@@ -0,0 +1,112 @@
+use std::time::Duration;
+
+use serde::{self, Deserialize, Serialize};
+
+/// Information related ACL token.
+/// See https://developer.hashicorp.com/consul/docs/security/acl/tokens for more information.
+#[derive(Debug, Serialize, Deserialize)]
+#[serde(rename_all = "PascalCase")]
+pub struct ACLToken {
+    /// Unique ID
+    #[serde(rename = "AccessorID")]
+    pub accessor_id: String,
+    /// Secret for authenticatioIDn
+    #[serde(rename = "SecretID")]
+    pub secret_id: String,
+    /// Description
+    pub description: String,
+    /// Policies
+    pub policies: Option<Vec<ACLTokenPolicyLink>>,
+    /// Token only valid in this datacenter
+    #[serde(default)]
+    pub local: bool,
+    /// creation time
+    pub create_time: String,
+    /// hash
+    pub hash: String,
+    /// create index
+    pub create_index: u64,
+    /// ModifyIndex is the last index that modified this key.
+    /// It can be used to establish blocking queries by setting the ?index query parameter.
+    pub modify_index: i64,
+}
+
+/// Information related to Policies
+/// see https://developer.hashicorp.com/consul/docs/security/acl/acl-policies for more information
+#[derive(Debug, Serialize, Deserialize, Default)]
+#[serde(rename_all = "PascalCase")]
+pub struct ACLTokenPolicyLink {
+    /// Policy ID
+    #[serde(rename = "ID")]
+    pub id: Option<String>,
+    /// Policy name
+    pub name: Option<String>,
+}
+
+/// Create ACL token payload
+/// See https://developer.hashicorp.com/consul/api-docs/acl/tokens for more information.
+/// todo(): NodeIdentities,TemplatedPolicies, ServiceIdentities
+#[derive(Debug, Serialize, Deserialize, Default)]
+#[serde(rename_all = "PascalCase")]
+pub struct CreateACLTokenPayload {
+    /// Unique ID
+    #[serde(rename = "AccessorID")]
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub accessor_id: Option<String>,
+    /// Secret for authenticatioIDn
+    #[serde(rename = "SecretID")]
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub secret_id: Option<String>,
+    /// Description
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub description: Option<String>,
+    /// Policies
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub policies: Option<Vec<ACLTokenPolicyLink>>,
+    /// Token only valid in this datacenter
+    #[serde(default)]
+    pub local: bool,
+    /// creation time
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub create_time: Option<String>,
+    /// hash
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub hash: Option<String>,
+    /// duration
+    #[serde(skip_serializing_if = "Option::is_none")]
+    pub expiration_time: Option<Duration>,
+}
+
+/// Acl Policy
+#[derive(Debug, Serialize, Deserialize)]
+#[serde(rename_all = "PascalCase")]
+pub struct ACLPolicy {
+    /// id
+    #[serde(rename = "ID")]
+    pub id: String,
+    /// name
+    pub name: String,
+    /// Description
+    pub description: String,
+    /// hash
+    pub hash: String,
+    /// Create index
+    pub create_index: u32,
+    /// Datacenters
+    pub datacenters: Option<String>,
+    /// modify index
+    pub modify_index: u32,
+}
+
+/// Payload to create an ACL Policy
+#[derive(Debug, Serialize, Default)]
+#[serde(rename_all = "PascalCase")]
+pub struct CreateACLPolicyRequest {
+    /// Name of the policy (unique)
+    pub name: String,
+    /// Description
+    pub description: Option<String>,
+    /// rules in HCL format
+    // todo: Make the rules strongly typed
+    pub rules: Option<String>,
+}

src/lib.rs

@@ -73,6 +73,13 @@ pub use types::*;
 #[cfg(feature = "acl")]
 /// Access Control List(acl) to control authentication and authorization
 pub mod acl;
+
+#[cfg(feature = "acl")]
+/// Types for acl related operations
+pub mod acl_types;
+#[cfg(feature = "acl")]
+pub use acl_types::*;
+
 /// Consul errors and Result type
 mod errors;
 #[cfg(feature = "trace")]

src/types.rs

@@ -458,115 +458,6 @@ pub struct Service {
     pub tags: Vec<String>,
 }
 
-/// Information related ACL token.
-/// See https://developer.hashicorp.com/consul/docs/security/acl/tokens for more information.
-#[derive(Debug, Serialize, Deserialize)]
-#[serde(rename_all = "PascalCase")]
-pub struct ACLToken {
-    /// Unique ID
-    #[serde(rename = "AccessorID")]
-    pub accessor_id: String,
-    /// Secret for authenticatioIDn
-    #[serde(rename = "SecretID")]
-    pub secret_id: String,
-    /// Description
-    pub description: String,
-    /// Policies
-    pub policies: Option<Vec<ACLTokenPolicyLink>>,
-    /// Token only valid in this datacenter
-    #[serde(default)]
-    pub local: bool,
-    /// creation time
-    pub create_time: String,
-    /// hash
-    pub hash: String,
-    /// create index
-    pub create_index: u64,
-    /// ModifyIndex is the last index that modified this key.
-    /// It can be used to establish blocking queries by setting the ?index query parameter.
-    pub modify_index: i64,
-}
-
-/// Information related to Policies
-/// see https://developer.hashicorp.com/consul/docs/security/acl/acl-policies for more information
-#[derive(Debug, Serialize, Deserialize, Default)]
-#[serde(rename_all = "PascalCase")]
-pub struct ACLTokenPolicyLink {
-    /// Policy ID
-    #[serde(rename = "ID")]
-    pub id: Option<String>,
-    /// Policy name
-    pub name: Option<String>,
-}
-
-/// Create ACL token payload
-/// See https://developer.hashicorp.com/consul/api-docs/acl/tokens for more information.
-/// todo(): NodeIdentities,TemplatedPolicies, ServiceIdentities
-#[derive(Debug, Serialize, Deserialize, Default)]
-#[serde(rename_all = "PascalCase")]
-pub struct CreateACLTokenPayload {
-    /// Unique ID
-    #[serde(rename = "AccessorID")]
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub accessor_id: Option<String>,
-    /// Secret for authenticatioIDn
-    #[serde(rename = "SecretID")]
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub secret_id: Option<String>,
-    /// Description
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub description: Option<String>,
-    /// Policies
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub policies: Option<Vec<ACLTokenPolicyLink>>,
-    /// Token only valid in this datacenter
-    #[serde(default)]
-    pub local: bool,
-    /// creation time
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub create_time: Option<String>,
-    /// hash
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub hash: Option<String>,
-    /// duration
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub expiration_time: Option<Duration>,
-}
-
-/// Acl Policy
-#[derive(Debug, Serialize, Deserialize)]
-#[serde(rename_all = "PascalCase")]
-pub struct ACLPolicy {
-    /// id
-    #[serde(rename = "ID")]
-    pub id: String,
-    /// name
-    pub name: String,
-    /// Description
-    pub description: String,
-    /// hash
-    pub hash: String,
-    /// Create index
-    pub create_index: u32,
-    /// Datacenters
-    pub datacenters: Option<String>,
-    /// modify index
-    pub modify_index: u32,
-}
-
-/// Payload to create an ACL Policy
-#[derive(Debug, Serialize, Default)]
-#[serde(rename_all = "PascalCase")]
-pub struct CreateACLPolicyRequest {
-    /// Name of the policy (unique)
-    pub name: String,
-    /// Description
-    pub description: Option<String>,
-    /// rules in HCL format
-    // todo: Make the rules strongly typed
-    pub rules: Option<String>,
-}
-
 pub(crate) fn serialize_duration_as_string<S>(
     duration: &Duration,
     serializer: S,