Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EnvoyExtensionPolicy support metadata_options in ExtProc #4152

Open
zirain opened this issue Sep 3, 2024 · 6 comments
Open

EnvoyExtensionPolicy support metadata_options in ExtProc #4152

zirain opened this issue Sep 3, 2024 · 6 comments
Labels
area/api API-related issues kind/enhancement New feature or request

Comments

@zirain
Copy link
Contributor

zirain commented Sep 3, 2024

this's useful when we're trying to use metadata to share info across filters(e.g. envoy.filters.http.jwt_authn)

cc @envoyproxy/gateway-maintainers WDYT?
@zirain zirain added area/api API-related issues triage labels Sep 3, 2024
@zirain zirain mentioned this issue Sep 5, 2024
Open
@zirain zirain added kind/enhancement New feature or request and removed triage labels Sep 5, 2024
@guydc
Copy link
Contributor

guydc commented Sep 5, 2024
edited
Loading

+1

I would actually recommend exposing some additional ext-proc options: #3170, #3247 . Notably, attributes also provide metadata about the connection/request that could be useful for extensions to have the required context for processing traffic.

@arkodg
Copy link
Contributor

arkodg commented Sep 5, 2024

-1 on this
to use metadata_options, the user would also need to add custom modifications to other parts of envoy as well that are not exposed by the EG API and would need EnvoyPatchPolicy or Extension Manager

@zirain
Copy link
Contributor Author

zirain commented Sep 6, 2024

-1 on this to use metadata_options, the user would also need to add custom modifications to other parts of envoy as well that are not exposed by the EG API and would need EnvoyPatchPolicy or Extension Manager

why need that? it's a common case to use metadata(e.g. envoy.filters.http.jwt_authn) in ExtProc.

@arkodg
Copy link
Contributor

arkodg commented Sep 6, 2024

-1 on this to use metadata_options, the user would also need to add custom modifications to other parts of envoy as well that are not exposed by the EG API and would need EnvoyPatchPolicy or Extension Manager

why need that? it's a common case to use metadata(e.g. envoy.filters.http.jwt_authn) in ExtProc.

How would the user configure the metadata in the JWT filter ? Wouldn't they need some extension mechanism to do it ?

@zirain
Copy link
Contributor Author

zirain commented Sep 6, 2024

-1 on this to use metadata_options, the user would also need to add custom modifications to other parts of envoy as well that are not exposed by the EG API and would need EnvoyPatchPolicy or Extension Manager

why need that? it's a common case to use metadata(e.g. envoy.filters.http.jwt_authn) in ExtProc.

How would the user configure the metadata in the JWT filter ? Wouldn't they need some extension mechanism to do it ?

no, no

@zirain
Copy link
Contributor Author

zirain commented Sep 6, 2024

a demo configuration looks like following:

#                  - name: envoy.filters.http.jwt_authn
#                    typedConfig:
#                      "@type": type.googleapis.com/envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication
#                      providers:
#                        "jwt1":
#                          forward: true
#                          local_jwks:
#                            filename: /etc/envoy/jwks.json
#                          payloadInMetadata: "playload"
#                      requirementMap:
#                        "route":
#                          providerName: jwt1
#                  - name: envoy.filters.http.set_metadata
#                    typed_config:
#                      "@type": type.googleapis.com/envoy.extensions.filters.http.set_metadata.v3.Config
#                      metadata_namespace: "test1"
#                      value:
#                        key1: val1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/api API-related issues kind/enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zirain @arkodg @guydc