added AllowedSourceAddress info to events channel output #686
Conversation
| @@ -82,6 +86,7 @@ XX(Id, string, none, Id, __VA_ARGS__) \ | |||
| XX(Name, string, none, Name, __VA_ARGS__) \ | |||
| XX(Protocols, string, array, Protocols, __VA_ARGS__) \ | |||
| XX(Addresses, tunnel_address, array, Addresses, __VA_ARGS__) \ | |||
| XX(AllowedSourceAddresses, allowed_source_address, array, AllowedSourceAddresses, __VA_ARGS__) \ | |||
There was a problem hiding this comment.
make it a list -- it is easier to deal with
There was a problem hiding this comment.
why not use ziti_address instead of a new type?
There was a problem hiding this comment.
Not clear to me how I would do that. Seems all the items in the tunnel events are newly defined types in model/dtos.h which in some cases are populated with information from ziti_address i.e tunnel_address. However they do not use it as a type directly. Maybe I'm not interpreting your suggestion correctly.
There was a problem hiding this comment.
Also seems all the other multi item entries in model/dtos.h associated with a TUNNEL_SERVICE are defined as arrays i.e.
XX(Protocols, string, array, Protocols, VA_ARGS)
XX(Addresses, tunnel_address, array, Addresses, VA_ARGS)
XX(Ports, tunnel_port_range, array, Ports, VA_ARGS)
There was a problem hiding this comment.
The event models were created before the model utilities supported list containers and before the ziti_address model existed. Personally I think it makes sense to follow the existing patterns for consistency and some day we can modernize the event models.
|
Could the Also, should the other fields from hosted service configurations be represented in |
|
Yes we could reuse the tunnel_address model type and assign that to the AllowedSourceAddress key. |
| } | ||
| allowed_src_addr_arr = calloc(n + 1, sizeof(tunnel_address *)); | ||
| for (int i = 0; i < n; i++) { | ||
| if (allowed_src_addrs[i]->type != ziti_address_cidr) { |
There was a problem hiding this comment.
minor: if this test happened in the loop above where n is calculated, you could allocate precisely enough memory for allowed_src_addr_arr.
There was a problem hiding this comment.
The reason I did not was because I would have to run the same test again in the second loop since I don't have a way to know which entries were discarded from the original array and did not want redundant code and assumed it should be rare that someone actually puts a hostname instead of a prefix since it would be in error. If you prefer it I can add it. let me know.
|
Closing PR due to commits not being signed. Will submit as new PR shortly |
No description provided.