From 13b59265270e7bae11ddda6514468784c0977fd6 Mon Sep 17 00:00:00 2001
From: cskh <hui.kang@hashicorp.com>
Date: Tue, 23 Aug 2022 13:40:54 -0400
Subject: [PATCH] fix: missing MaxInboundConnections in service-defaults CRD
 (#1437)

---
 CHANGELOG.md                                  |  3 ++
 .../consul/templates/crd-servicedefaults.yaml |  5 ++++
 .../api/v1alpha1/servicedefaults_types.go     | 29 ++++++++++++-------
 .../v1alpha1/servicedefaults_types_test.go    |  2 ++
 .../consul.hashicorp.com_servicedefaults.yaml |  5 ++++
 .../controller/configentry_controller_test.go |  4 ++-
 control-plane/go.mod                          |  2 +-
 control-plane/go.sum                          |  4 +--
 8 files changed, 40 insertions(+), 14 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index cd40a75e77..cbf53a1f7e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,7 @@
 ## UNRELEASED
+FEATURES:
+* MaxInboundConnections in service-defaults CRD
+  * Add support for MaxInboundConnections on the Service Defaults CRD. [[GH-1437](https://github.com/hashicorp/consul-k8s/pull/1437)]
 
 IMPROVEMENTS:
 * CLI:
diff --git a/charts/consul/templates/crd-servicedefaults.yaml b/charts/consul/templates/crd-servicedefaults.yaml
index ea7720e9a2..f0ba18a616 100644
--- a/charts/consul/templates/crd-servicedefaults.yaml
+++ b/charts/consul/templates/crd-servicedefaults.yaml
@@ -113,6 +113,11 @@ spec:
                   TLS SNI value to be changed to a non-connect value when federating
                   with an external system.
                 type: string
+              maxInboundConnections:
+                description: MaxInboundConnections is the maximum number of concurrent
+                  inbound connections to each service instance. Defaults to 0 (using
+                  consul's default) if not set.
+                type: integer
               meshGateway:
                 description: MeshGateway controls the default mesh gateway configuration
                   for this service.
diff --git a/control-plane/api/v1alpha1/servicedefaults_types.go b/control-plane/api/v1alpha1/servicedefaults_types.go
index 41c855d75c..325b80cefe 100644
--- a/control-plane/api/v1alpha1/servicedefaults_types.go
+++ b/control-plane/api/v1alpha1/servicedefaults_types.go
@@ -84,6 +84,9 @@ type ServiceDefaultsSpec struct {
 	// mode. Destinations live outside of Consul's catalog, and because of this, they
 	// do not require an artificial node to be created.
 	Destination *ServiceDefaultsDestination `json:"destination,omitempty"`
+	// MaxInboundConnections is the maximum number of concurrent inbound connections to
+	// each service instance. Defaults to 0 (using consul's default) if not set.
+	MaxInboundConnections int `json:"maxInboundConnections,omitempty"`
 }
 
 type Upstreams struct {
@@ -245,16 +248,17 @@ func (in *ServiceDefaults) SyncedConditionStatus() corev1.ConditionStatus {
 // ToConsul converts the entry into it's Consul equivalent struct.
 func (in *ServiceDefaults) ToConsul(datacenter string) capi.ConfigEntry {
 	return &capi.ServiceConfigEntry{
-		Kind:             in.ConsulKind(),
-		Name:             in.ConsulName(),
-		Protocol:         in.Spec.Protocol,
-		MeshGateway:      in.Spec.MeshGateway.toConsul(),
-		Expose:           in.Spec.Expose.toConsul(),
-		ExternalSNI:      in.Spec.ExternalSNI,
-		TransparentProxy: in.Spec.TransparentProxy.toConsul(),
-		UpstreamConfig:   in.Spec.UpstreamConfig.toConsul(),
-		Destination:      in.Spec.Destination.toConsul(),
-		Meta:             meta(datacenter),
+		Kind:                  in.ConsulKind(),
+		Name:                  in.ConsulName(),
+		Protocol:              in.Spec.Protocol,
+		MeshGateway:           in.Spec.MeshGateway.toConsul(),
+		Expose:                in.Spec.Expose.toConsul(),
+		ExternalSNI:           in.Spec.ExternalSNI,
+		TransparentProxy:      in.Spec.TransparentProxy.toConsul(),
+		UpstreamConfig:        in.Spec.UpstreamConfig.toConsul(),
+		Destination:           in.Spec.Destination.toConsul(),
+		Meta:                  meta(datacenter),
+		MaxInboundConnections: in.Spec.MaxInboundConnections,
 	}
 }
 
@@ -280,6 +284,11 @@ func (in *ServiceDefaults) Validate(consulMeta common.ConsulMeta) error {
 	if err := in.Spec.Destination.validate(path.Child("destination")); err != nil {
 		allErrs = append(allErrs, err...)
 	}
+
+	if in.Spec.MaxInboundConnections < 0 {
+		allErrs = append(allErrs, field.Invalid(path.Child("maxinboundconnections"), in.Spec.MaxInboundConnections, "MaxInboundConnections must be > 0"))
+	}
+
 	allErrs = append(allErrs, in.Spec.UpstreamConfig.validate(path.Child("upstreamConfig"), consulMeta.PartitionsEnabled)...)
 	allErrs = append(allErrs, in.Spec.Expose.validate(path.Child("expose"))...)
 
diff --git a/control-plane/api/v1alpha1/servicedefaults_types_test.go b/control-plane/api/v1alpha1/servicedefaults_types_test.go
index a19ea556b3..6c15c00c48 100644
--- a/control-plane/api/v1alpha1/servicedefaults_types_test.go
+++ b/control-plane/api/v1alpha1/servicedefaults_types_test.go
@@ -141,6 +141,7 @@ func TestServiceDefaults_ToConsul(t *testing.T) {
 						Addresses: []string{"api.google.com"},
 						Port:      443,
 					},
+					MaxInboundConnections: 20,
 				},
 			},
 			&capi.ServiceConfigEntry{
@@ -243,6 +244,7 @@ func TestServiceDefaults_ToConsul(t *testing.T) {
 					Addresses: []string{"api.google.com"},
 					Port:      443,
 				},
+				MaxInboundConnections: 20,
 				Meta: map[string]string{
 					common.SourceKey:     common.SourceValue,
 					common.DatacenterKey: "datacenter",
diff --git a/control-plane/config/crd/bases/consul.hashicorp.com_servicedefaults.yaml b/control-plane/config/crd/bases/consul.hashicorp.com_servicedefaults.yaml
index f536c17bed..67f33517ba 100644
--- a/control-plane/config/crd/bases/consul.hashicorp.com_servicedefaults.yaml
+++ b/control-plane/config/crd/bases/consul.hashicorp.com_servicedefaults.yaml
@@ -106,6 +106,11 @@ spec:
                   TLS SNI value to be changed to a non-connect value when federating
                   with an external system.
                 type: string
+              maxInboundConnections:
+                description: MaxInboundConnections is the maximum number of concurrent
+                  inbound connections to each service instance. Defaults to 0 (using
+                  consul's default) if not set.
+                type: integer
               meshGateway:
                 description: MeshGateway controls the default mesh gateway configuration
                   for this service.
diff --git a/control-plane/controller/configentry_controller_test.go b/control-plane/controller/configentry_controller_test.go
index 5b92feedd5..5a26d9abd6 100644
--- a/control-plane/controller/configentry_controller_test.go
+++ b/control-plane/controller/configentry_controller_test.go
@@ -51,7 +51,8 @@ func TestConfigEntryControllers_createsConfigEntry(t *testing.T) {
 					Namespace: kubeNS,
 				},
 				Spec: v1alpha1.ServiceDefaultsSpec{
-					Protocol: "http",
+					Protocol:              "http",
+					MaxInboundConnections: 100,
 				},
 			},
 			reconciler: func(client client.Client, consulClient *capi.Client, logger logr.Logger) testReconciler {
@@ -68,6 +69,7 @@ func TestConfigEntryControllers_createsConfigEntry(t *testing.T) {
 				svcDefault, ok := consulEntry.(*capi.ServiceConfigEntry)
 				require.True(t, ok, "cast error")
 				require.Equal(t, "http", svcDefault.Protocol)
+				require.Equal(t, 100, svcDefault.MaxInboundConnections)
 			},
 		},
 		{
diff --git a/control-plane/go.mod b/control-plane/go.mod
index 1848c8f435..bc8edd48ea 100644
--- a/control-plane/go.mod
+++ b/control-plane/go.mod
@@ -6,7 +6,7 @@ require (
 	github.com/go-logr/logr v0.4.0
 	github.com/google/go-cmp v0.5.7
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
-	github.com/hashicorp/consul/api v1.14.0
+	github.com/hashicorp/consul/api v1.10.1-0.20220822180451-60c82757ea35
 	github.com/hashicorp/consul/sdk v0.11.0
 	github.com/hashicorp/go-discover v0.0.0-20200812215701-c4b85f6ed31f
 	github.com/hashicorp/go-hclog v0.16.1
diff --git a/control-plane/go.sum b/control-plane/go.sum
index 03ca166926..8be9787ae3 100644
--- a/control-plane/go.sum
+++ b/control-plane/go.sum
@@ -296,8 +296,8 @@ github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgf
 github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
 github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
 github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q=
-github.com/hashicorp/consul/api v1.14.0 h1:Y64GIJ8hYTu+tuGekwO4G4ardXoiCivX9wv1iP/kihk=
-github.com/hashicorp/consul/api v1.14.0/go.mod h1:bcaw5CSZ7NE9qfOfKCI1xb7ZKjzu/MyvQkCLTfqLqxQ=
+github.com/hashicorp/consul/api v1.10.1-0.20220822180451-60c82757ea35 h1:csNww5qBHaFqsX1eMEKVvmJ4dhqcXWj0sCkbccsSsHc=
+github.com/hashicorp/consul/api v1.10.1-0.20220822180451-60c82757ea35/go.mod h1:bcaw5CSZ7NE9qfOfKCI1xb7ZKjzu/MyvQkCLTfqLqxQ=
 github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
 github.com/hashicorp/consul/sdk v0.4.1-0.20220801192236-988e1fd35d51/go.mod h1:yPkX5Q6CsxTFMjQQDJwzeNmUUF5NUGGbrDsv9wTb8cw=
 github.com/hashicorp/consul/sdk v0.11.0 h1:HRzj8YSCln2yGgCumN5CL8lYlD3gBurnervJRJAZyC4=