ENH: Adds filtering service processing (#36)

Author: thomasjpfan

Dockerfile

@@ -22,6 +22,7 @@ ENV CERTS="" \
     DEFAULT_REQ_MODE="http" \
     DO_NOT_RESOLVE_ADDR="false" \
     ENABLE_H2="true" \
+    FILTER_PROXY_INSTANCE_NAME="false" \
     HEALTHCHECK="true" \
     HTTPS_ONLY="false" \
     EXTRA_FRONTEND="" \

Dockerfile.linux-arm

@@ -13,6 +13,7 @@ ENV CERTS="" \
     DEFAULT_REQ_MODE="http" \
     DO_NOT_RESOLVE_ADDR="false" \
     ENABLE_H2="true" \
+    FILTER_PROXY_INSTANCE_NAME="false" \
     HEALTHCHECK="true" \
     HTTPS_ONLY="false" \
     EXTRA_FRONTEND="" \

actions/reconfigure.go

@@ -47,6 +47,10 @@ var NewReconfigure = func(baseData BaseReconfigure, serviceData proxy.Service) R
 
 // Execute creates a new configuration and reloads the proxy
 func (m *Reconfigure) Execute(reloadAfter bool) error {
+	if strings.EqualFold(os.Getenv("FILTER_PROXY_INSTANCE_NAME"), "true") &&
+		!strings.EqualFold(m.InstanceName, m.Service.ProxyInstanceName) {
+		return nil
+	}
 	mu.Lock()
 	defer mu.Unlock()
 	if strings.EqualFold(os.Getenv("SKIP_ADDRESS_VALIDATION"), "false") {

actions/reconfigure_test.go

@@ -1124,6 +1124,70 @@ func (s *ReconfigureTestSuite) Test_Execute_ReturnsError_WhenAddressIsNotAccessi
 	s.Error(err)
 }
 
+func (s *ReconfigureTestSuite) Test_Execute_WhenFilterProxyInstanceIsTrue_SameProxyInstanceName() {
+	mockObj := getProxyMock("")
+	proxyOrig := proxy.Instance
+	os.Setenv("FILTER_PROXY_INSTANCE_NAME", "true")
+	defer func() {
+		proxy.Instance = proxyOrig
+		os.Unsetenv("FILTER_PROXY_INSTANCE_NAME")
+	}()
+	proxy.Instance = mockObj
+	sd := proxy.ServiceDest{
+		ServicePath: []string{"path/to/my/service/api", "path/to/my/other/service/api"},
+	}
+	expected := proxy.Service{
+		ServiceName:       s.ServiceName,
+		ServiceDest:       []proxy.ServiceDest{sd},
+		PathType:          s.PathType,
+		ProxyInstanceName: s.InstanceName,
+	}
+	r := NewReconfigure(
+		BaseReconfigure{
+			TemplatesPath: s.TemplatesPath,
+			ConfigsPath:   s.ConfigsPath,
+			InstanceName:  s.InstanceName,
+		},
+		expected,
+	)
+
+	r.Execute(true)
+
+	mockObj.AssertCalled(s.T(), "AddService", mock.Anything)
+}
+
+func (s *ReconfigureTestSuite) Test_Execute_WhenFilterProxyInstanceIsTrue_DifferentProxyInstanceName() {
+	mockObj := getProxyMock("")
+	proxyOrig := proxy.Instance
+	os.Setenv("FILTER_PROXY_INSTANCE_NAME", "true")
+	defer func() {
+		proxy.Instance = proxyOrig
+		os.Unsetenv("FILTER_PROXY_INSTANCE_NAME")
+	}()
+	proxy.Instance = mockObj
+	sd := proxy.ServiceDest{
+		ServicePath: []string{"path/to/my/service/api", "path/to/my/other/service/api"},
+	}
+	expected := proxy.Service{
+		ServiceName:       s.ServiceName,
+		ServiceDest:       []proxy.ServiceDest{sd},
+		PathType:          s.PathType,
+		ProxyInstanceName: "another-docker-flow",
+	}
+	r := NewReconfigure(
+		BaseReconfigure{
+			TemplatesPath: s.TemplatesPath,
+			ConfigsPath:   s.ConfigsPath,
+			InstanceName:  "docker-flow",
+		},
+		expected,
+	)
+
+	r.Execute(true)
+
+	mockObj.AssertNotCalled(s.T(), "AddService", mock.Anything)
+}
+
 // Mock
 
 type ReconfigureMock struct {

docs/config.md

@@ -30,6 +30,7 @@ The following environment variables can be used to configure the *Docker Flow Pr
 |ENABLE_H2          |Whether to enable http/2<br>**Example:** `false`<br>**Default:** `true`|
 |EXTRA_FRONTEND     |Value will be added to the default `frontend` configuration. Multiple lines should be separated with comma (*,*).|
 |EXTRA_GLOBAL       |Value will be added to the default `global` configuration. Multiple lines should be separated with comma (*,*).|
+|FILTER_PROXY_INSTANCE_NAME|If set to `true`, only services with `com.df.proxyInstanceName` equal to env variable `PROXY_INSTANCE_NAME` will be processed by the proxy.<br>**Default:** `false`|
 |HTTPS_ONLY         |If set to true, all requests to all services will be redirected to HTTPS.<br>**Example:** `true`<br>**Default Value:** `false`|
 |LISTENER_ADDRESS   |The address of the [Docker Flow: Swarm Listener](https://github.com/docker-flow/docker-flow-swarm-listener) used for automatic proxy configuration. Multiple values can be separated with comma (`,`). When set to multiple values, the proxy will query each address in order.<br>**Example:** `swarm-listener`|
 PROXY_INSTANCE_NAME|The name of the proxy instance. Useful if multiple proxies are running inside a cluster.<br>**Default value:** `docker-flow`|

docs/usage.md

@@ -59,6 +59,7 @@ The following query parameters can be used only when `reqMode` is set to `http`
 |outboundHostname|The hostname where the service is running, for instance on a separate swarm. If specified, the proxy will dispatch requests to that domain. The parameter can be prefixed with an index thus allowing definition of multiple destinations for a single service (e.g. `outboundHostname.1`, `outboundHostname.2`, and so on).<br>**Example:** `ecme.com`|
 |pathType     |The ACL derivative. Defaults to *path_beg*. See [HAProxy path](https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#7.3.6-path) for more info.<br>**Example:** `path_beg`|
 |redirectFromDomain|If a request is sent to one of the domains in this list, it will be redirected to one of the values of the `serviceDomain`. Multiple domains can be separated with comma (e.g. `acme.com,something.acme.com`). The parameter can be prefixed with an index thus allowing definition of multiple destinations for a single service.<br>**Example:** `acme.com,something.acme.com`|
+|proxyInstanceName|When `FILTER_PROXY_INSTANCE_NAME` is set to `true`, only services with proxyInstanceName equal to `PROXY_INSTANCE_NAME` will be configured by this proxy.<br>**Example:** `docker-flow`|
 |redirectWhenHttpProto|Whether to redirect to https when X-Forwarded-Proto is set and the request is made over an HTTP port.<br>**Example:** `true`<br>**Default Value:** `false`|
 |serviceCert  |Content of the PEM-encoded certificate to be used by the proxy when serving traffic over SSL.|
 |serviceDomain  |The domain of the service. If set, the proxy will allow access only to requests coming to that domain. Multiple domains can be separated with comma (e.g. `acme.com,something.else.com`). The parameter can be prefixed with an index thus allowing definition of multiple destinations for a single service (e.g. `serviceDomain.1`, `serviceDomain.2`, and so on).  Asterisk sign can be placed to beginning of value and in this case **serviceDomainAlgo** parameter will be **replaced** to `hdr_end(host)`. This parameter is **mandatory** if `servicePath` is not specified.<br>**Example:** `ecme.com`|

proxy/types.go

@@ -161,6 +161,9 @@ type Service struct {
 	// The ACL derivative. Defaults to path_beg.
 	// See https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#7.3.6-path for more info.
 	PathType string `split_words:"true"`
+	// When `FILTER_PROXY_INSTANCE_NAME` is set to `true`, only services with
+	// ProxyInstanceName equal to `PROXY_INSTANCE_NAME` will be configured by this proxy.
+	ProxyInstanceName string `split_words:"true"`
 	// Whether to redirect to https when X-Forwarded-Proto is http
 	RedirectWhenHttpProto bool `split_words:"true"`
 	// The number of replicas of a service.

proxy/types_test.go

@@ -374,6 +374,7 @@ func (s *TypesTestSuite) getServiceMap(expected Service, indexSuffix, separator
 		"distribute":            strconv.FormatBool(expected.Distribute),
 		"isDefaultBackend":      strconv.FormatBool(expected.IsDefaultBackend),
 		"pathType":              expected.PathType,
+		"proxyInstanceName":     expected.ProxyInstanceName,
 		"redirectWhenHttpProto": strconv.FormatBool(expected.RedirectWhenHttpProto),
 		"reqPathReplace":        expected.ReqPathReplace,
 		"reqPathSearch":         expected.ReqPathSearch,
@@ -429,6 +430,7 @@ func (s *TypesTestSuite) getExpectedService() Service {
 		Distribute:            true,
 		IsDefaultBackend:      true,
 		PathType:              "pathType",
+		ProxyInstanceName:     "docker-flow",
 		RedirectWhenHttpProto: true,
 		ReqPathReplace:        "reqPathReplace",
 		ReqPathSearch:         "reqPathSearch",

server/server_test.go

@@ -588,6 +588,7 @@ func (s *ServerTestSuite) Test_GetServiceFromUrl_ReturnsProxyService() {
 		DiscoveryType:         "DNS",
 		Distribute:            true,
 		PathType:              "pathType",
+		ProxyInstanceName:     "docker-flow",
 		RedirectWhenHttpProto: true,
 		Replicas:              83,
 		ReqPathReplace:        "reqPathReplace",
@@ -628,7 +629,7 @@ func (s *ServerTestSuite) Test_GetServiceFromUrl_ReturnsProxyService() {
 			{Username: "user2", Password: "pass2", PassEncrypted: true}},
 	}
 	addr := fmt.Sprintf(
-		"%s?serviceName=%s&users=%s&usersPassEncrypted=%t&aclName=%s&balanceGroup=%s&checkTcp=%t&clitcpka=%t&serviceCert=%s&outboundHostname=%s&pathType=%s&reqPathSearch=%s&reqPathReplace=%s&templateFePath=%s&templateBePath=%s&timeoutServer=%s&timeoutClient=%s&timeoutTunnel=%s&reqMode=%s&httpsOnly=%t&httpsRedirectCode=%s&isDefaultBackend=%t&redirectWhenHttpProto=%t&httpsPort=%d&srcPort=%d&srcHttpsPort=%d&serviceDomain=%s&redirectFromDomain=%s&distribute=%t&sslVerifyNone=%t&serviceDomainAlgo=%s&addReqHeader=%s&addResHeader=%s&setReqHeader=%s&setResHeader=%s&delReqHeader=%s&delResHeader=%s&servicePath=/&servicePathExclude=%s&port=1234&connectionMode=%s&serviceHeader=X-Version:3,name:Viktor&allowedMethods=GET,DELETE&deniedMethods=PUT,POST&compressionAlgo=%s&compressionType=%s&checkResolvers=%t&replicas=%d&discoveryType=%s",
+		"%s?serviceName=%s&users=%s&usersPassEncrypted=%t&aclName=%s&balanceGroup=%s&checkTcp=%t&clitcpka=%t&serviceCert=%s&outboundHostname=%s&pathType=%s&proxyInstanceName=%s&reqPathSearch=%s&reqPathReplace=%s&templateFePath=%s&templateBePath=%s&timeoutServer=%s&timeoutClient=%s&timeoutTunnel=%s&reqMode=%s&httpsOnly=%t&httpsRedirectCode=%s&isDefaultBackend=%t&redirectWhenHttpProto=%t&httpsPort=%d&srcPort=%d&srcHttpsPort=%d&serviceDomain=%s&redirectFromDomain=%s&distribute=%t&sslVerifyNone=%t&serviceDomainAlgo=%s&addReqHeader=%s&addResHeader=%s&setReqHeader=%s&setResHeader=%s&delReqHeader=%s&delResHeader=%s&servicePath=/&servicePathExclude=%s&port=1234&connectionMode=%s&serviceHeader=X-Version:3,name:Viktor&allowedMethods=GET,DELETE&deniedMethods=PUT,POST&compressionAlgo=%s&compressionType=%s&checkResolvers=%t&replicas=%d&discoveryType=%s",
 
 		s.BaseUrl,
 		expected.ServiceName,
@@ -641,6 +642,7 @@ func (s *ServerTestSuite) Test_GetServiceFromUrl_ReturnsProxyService() {
 		expected.ServiceCert,
 		expected.ServiceDest[0].OutboundHostname,
 		expected.PathType,
+		expected.ProxyInstanceName,
 		expected.ReqPathSearch,
 		expected.ReqPathReplace,
 		expected.TemplateFePath,