diff --git a/apis/projectcontour/v1/detailedconditions.go b/apis/projectcontour/v1/detailedconditions.go index f8c293a5bbf..f3697ef878f 100644 --- a/apis/projectcontour/v1/detailedconditions.go +++ b/apis/projectcontour/v1/detailedconditions.go @@ -197,4 +197,7 @@ const ( // ConditionTypeListenerError describes an error condition relating // to the configuration of Listeners. ConditionTypeListenerError = "ListenerError" + + // ConditionTypeExtProcError describes an error condition related to external processing. + ConditionTypeExtProcError = "ExtProcError" ) diff --git a/apis/projectcontour/v1/helpers.go b/apis/projectcontour/v1/helpers.go index 21b17f02936..721b6f253c5 100644 --- a/apis/projectcontour/v1/helpers.go +++ b/apis/projectcontour/v1/helpers.go @@ -27,16 +27,15 @@ func (v *VirtualHost) AuthorizationConfigured() bool { // authorization. If an authorization server is present, the default // policy is to not disable. func (v *VirtualHost) DisableAuthorization() bool { - // No authorization, so it is disabled. if v.AuthorizationConfigured() { // No policy specified, default is to not disable. if v.Authorization.AuthPolicy == nil { return false } - return v.Authorization.AuthPolicy.Disabled } + // No authorization, so it is not disabled. return false } @@ -51,6 +50,19 @@ func (v *VirtualHost) AuthorizationContext() map[string]string { return nil } +// ExtProcConfigured returns whether external processing are +// configured on this virtual host. +func (v *VirtualHost) ExtProcConfigured() bool { + return v.ExternalProcessing != nil && v.ExternalProcessing.Processor != nil +} + +// ExtProcDisabled returns true if this virtual host disables +// external processing explicit. If an external processor is present, the default +// policy is to not disable. +func (v *VirtualHost) ExtProcDisabled() bool { + return v.ExternalProcessing != nil && v.ExternalProcessing.Disabled +} + // GetPrefixReplacements returns replacement prefixes from the path // rewrite policy (if any). func (r *Route) GetPrefixReplacements() []ReplacePrefix { diff --git a/apis/projectcontour/v1/httpproxy.go b/apis/projectcontour/v1/httpproxy.go index 72ff28096d2..0eef9eb485d 100644 --- a/apis/projectcontour/v1/httpproxy.go +++ b/apis/projectcontour/v1/httpproxy.go @@ -25,7 +25,7 @@ type HTTPProxySpec struct { // +optional VirtualHost *VirtualHost `json:"virtualhost,omitempty"` // Routes are the ingress routes. If TCPProxy is present, Routes is ignored. - // +optional + // +optional Routes []Route `json:"routes,omitempty"` // TCPProxy holds TCP proxy information. // +optional @@ -311,6 +311,204 @@ type AuthorizationPolicy struct { Context map[string]string `json:"context,omitempty"` } +// HeaderSendMode control how headers and trailers are handled. +type HeaderSendMode string + +const ( + // The default HeaderSendMode depends on which part of the message is being + // processed. By default, request and response headers are sent, + // while trailers are skipped. + ProcessingModeDefault HeaderSendMode = "DEFAULT" + + // Send the header or trailer. + ProcessingModeSend HeaderSendMode = "SEND" + + // Do not send the header or trailer. + ProcessingModeSkip HeaderSendMode = "SKIP" +) + +// BodySendMode control how the request and response bodies are handled +type BodySendMode string + +const ( + // Do not send the body at all. This is the default. + ProcessingModeNone BodySendMode = "NONE" + + // Stream the body to the server in pieces as they arrive at the + // proxy. + ProcessingModeStreamed BodySendMode = "STREAMED" + + // Buffer the message body in memory and send the entire body at once. + // If the body exceeds the configured buffer limit, then the + // downstream system will receive an error. + ProcessingModeBuffered BodySendMode = "BUFFERED" + + // Buffer the message body in memory and send the entire body in one + // chunk. If the body exceeds the configured buffer limit, then the body contents + // up to the buffer limit will be sent. + ProcessingModeBufferedPartial BodySendMode = "BUFFERED_PARTIAL" +) + +// HeaderMutationRules specifies what headers may be manipulated by a processing filter. +// This set of rules makes it possible to control which modifications a filter may make. +type HeaderMutationRules struct { + // By default, certain headers that could affect processing of subsequent + // filters or request routing cannot be modified. These headers are + // ``host``, ``:authority``, ``:scheme``, and ``:method``. + // Setting this parameter to true allows these headers to be modified as well. + // + // +optional + AllowAllRouting bool `json:"allowAllRouting,omitempty"` + + // If true, allow modification of envoy internal headers. By default, these + // start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + // Default is false. + // + // +optional + AllowEnvoy bool `json:"allowEnvoy,omitempty"` + + // If true, prevent modification of any system header, defined as a header + // that starts with a ``:`` character, regardless of any other settings. + // A processing server may still override the ``:status`` of an HTTP response + // using an ``ImmediateResponse`` message. + // Default is false. + // + // +optional + DisallowSystem bool `json:"disallowSystem,omitempty"` + + // If true, prevent modifications of all header values, regardless of any + // other settings. A processing server may still override the ``:status`` + // of an HTTP response using an ``ImmediateResponse`` message. + // Default is false. + // + // +optional + DisallowAll bool `json:"disallowAll,omitempty"` + + // If true, and if the rules in this list cause a header mutation to be + // disallowed, then the filter using this configuration will terminate the + // request with a 500 error. In addition, regardless of the setting of this + // parameter, any attempt to set, add, or modify a disallowed header will + // cause the ``rejected_header_mutations`` counter to be incremented. + // Default is false. + // + // +optional + DisallowIsError bool `json:"disallowIsError,omitempty"` +} + +// ProcessingMode describes which parts of an HTTP request and response are sent to a remote server +// and how they are delivered. +type ProcessingMode struct { + // How to handle the request header. + // Default is "SEND". + // + // +kubebuilder:validation:Enum=DEFAULT;SEND;SKIP + // +kubebuilder:default=SEND + // +optional + RequestHeaderMode HeaderSendMode `json:"requestHeaderMode,omitempty"` + + // How to handle the response header. + // Default is "SEND". + // + // +kubebuilder:validation:Enum=DEFAULT;SEND;SKIP + // +kubebuilder:default=SEND + // +optional + ResponseHeaderMode HeaderSendMode `json:"responseHeaderMode,omitempty"` + + // How to handle the request body. + // Default is "NONE". + // + // +kubebuilder:validation:Enum=NONE;STREAMED;BUFFERED;BUFFERED_PARTIAL + // +kubebuilder:default=NONE + // +optional + RequestBodyMode BodySendMode `json:"requestBodyMode,omitempty"` + + // How do handle the response body. + // Default is "NONE". + // + // +kubebuilder:validation:Enum=NONE;STREAMED;BUFFERED;BUFFERED_PARTIAL + // +kubebuilder:default=NONE + // +optional + ResponseBodyMode BodySendMode `json:"responseBodyMode,omitempty"` + + // How to handle the request trailers. + // Default is "SKIP". + // + // +kubebuilder:validation:Enum=DEFAULT;SEND;SKIP + // +kubebuilder:default=SKIP + // +optional + RequestTrailerMode HeaderSendMode `json:"requestTrailerMode,omitempty"` + + // How to handle the response trailers. + // Default is "SKIP". + // + // +kubebuilder:validation:Enum=DEFAULT;SEND;SKIP + // +kubebuilder:default=SKIP + // +optional + ResponseTrailerMode HeaderSendMode `json:"responseTrailerMode,omitempty"` +} + +// ExternalProcessor defines the envoy External Processing filter which allows an external service to act on HTTP traffic in a flexible way +// The external server must implement the v3 Envoy external processing GRPC protocol +// (https://www.envoyproxy.io/docs/envoy/v1.27.0/api-v3/extensions/filters/http/ext_proc/v3/ext_proc.proto). +type ExternalProcessor struct { + // ExtensionServiceRef specifies the extension resource that will handle the client requests. + // + // +optional + ExtensionServiceRef ExtensionServiceReference `json:"extensionRef,omitempty"` + + // ResponseTimeout sets how long the proxy should wait for responses. + // Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + // Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + // The string "infinity" is also a valid input and specifies no timeout. + // + // +optional + // +kubebuilder:validation:Pattern=`^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$` + ResponseTimeout string `json:"responseTimeout,omitempty"` + + // If FailOpen is true, the client request is forwarded to the upstream service + // even if the server fails to respond. This field should not be + // set in most cases. + // + // +optional + FailOpen bool `json:"failOpen,omitempty"` + + // ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + // and how they are delivered. + // + // +optional + ProcessingMode *ProcessingMode `json:"processingMode,omitempty"` + + // MutationRules specifies what headers may be manipulated by a processing filter. + // This set of rules makes it possible to control which modifications a filter may make. + // + // for Overrides is must be nil + // + // +optional + MutationRules *HeaderMutationRules `json:"mutationRules,omitempty"` + + // If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + // If false, `mode_override` API in the response message will be ignored. + // + // +optional + AllowModeOverride bool `json:"allowModeOverride,omitempty"` +} + +// ExternalProcessing defines a external processing filter and the policy to act on HTTP traffic in a flexible way. +type ExternalProcessing struct { + // Processor defines a external processing filter which allows an external service to act on HTTP traffic in a flexible way. + // + // +optional + Processor *ExternalProcessor `json:"processor,omitempty"` + + // When true, this field disables the external processor for the scope of the policy. + // - for global: no external processing will be append to the filter chain + // + // if both Disabled and Processor are set. use disabled. + // + // +optional + Disabled bool `json:"disabled,omitempty"` +} + // VirtualHost appears at most once. If it is present, the object is considered // to be a "root". type VirtualHost struct { @@ -358,6 +556,12 @@ type VirtualHost struct { // Only one of IPAllowFilterPolicy and IPDenyFilterPolicy can be defined. // The rules defined here may be overridden in a Route. IPDenyFilterPolicy []IPFilterPolicy `json:"ipDenyPolicy,omitempty"` + + // ExternalProcessing defines a external processing filter and the policy + // to act on HTTP traffic in a flexible way. + // + // +optional + ExternalProcessing *ExternalProcessing `json:"externalProcessing,omitempty"` } // JWTProvider defines how to verify JWTs on requests. @@ -625,6 +829,11 @@ type Route struct { // Only one of IPAllowFilterPolicy and IPDenyFilterPolicy can be defined. // The rules defined here override any rules set on the root HTTPProxy. IPDenyFilterPolicy []IPFilterPolicy `json:"ipDenyPolicy,omitempty"` + + // ExternalProcessing override/disable the policy to act on HTTP traffic for the specific route in a flexible way. + // + // +optional + ExternalProcessing *ExternalProcessing `json:"externalProcessing,omitempty"` } type JWTVerificationPolicy struct { diff --git a/apis/projectcontour/v1/zz_generated.deepcopy.go b/apis/projectcontour/v1/zz_generated.deepcopy.go index 3207fef641a..3709093279b 100644 --- a/apis/projectcontour/v1/zz_generated.deepcopy.go +++ b/apis/projectcontour/v1/zz_generated.deepcopy.go @@ -283,6 +283,52 @@ func (in *ExtensionServiceReference) DeepCopy() *ExtensionServiceReference { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalProcessing) DeepCopyInto(out *ExternalProcessing) { + *out = *in + if in.Processor != nil { + in, out := &in.Processor, &out.Processor + *out = new(ExternalProcessor) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalProcessing. +func (in *ExternalProcessing) DeepCopy() *ExternalProcessing { + if in == nil { + return nil + } + out := new(ExternalProcessing) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalProcessor) DeepCopyInto(out *ExternalProcessor) { + *out = *in + out.ExtensionServiceRef = in.ExtensionServiceRef + if in.ProcessingMode != nil { + in, out := &in.ProcessingMode, &out.ProcessingMode + *out = new(ProcessingMode) + **out = **in + } + if in.MutationRules != nil { + in, out := &in.MutationRules, &out.MutationRules + *out = new(HeaderMutationRules) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalProcessor. +func (in *ExternalProcessor) DeepCopy() *ExternalProcessor { + if in == nil { + return nil + } + out := new(ExternalProcessor) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GenericKeyDescriptor) DeepCopyInto(out *GenericKeyDescriptor) { *out = *in @@ -586,6 +632,21 @@ func (in *HeaderMatchCondition) DeepCopy() *HeaderMatchCondition { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HeaderMutationRules) DeepCopyInto(out *HeaderMutationRules) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeaderMutationRules. +func (in *HeaderMutationRules) DeepCopy() *HeaderMutationRules { + if in == nil { + return nil + } + out := new(HeaderMutationRules) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HeaderValue) DeepCopyInto(out *HeaderValue) { *out = *in @@ -786,6 +847,21 @@ func (in *PathRewritePolicy) DeepCopy() *PathRewritePolicy { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ProcessingMode) DeepCopyInto(out *ProcessingMode) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProcessingMode. +func (in *ProcessingMode) DeepCopy() *ProcessingMode { + if in == nil { + return nil + } + out := new(ProcessingMode) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *QueryParameterHashOptions) DeepCopyInto(out *QueryParameterHashOptions) { *out = *in @@ -1132,6 +1208,11 @@ func (in *Route) DeepCopyInto(out *Route) { *out = make([]IPFilterPolicy, len(*in)) copy(*out, *in) } + if in.ExternalProcessing != nil { + in, out := &in.ExternalProcessing, &out.ExternalProcessing + *out = new(ExternalProcessing) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Route. @@ -1491,6 +1572,11 @@ func (in *VirtualHost) DeepCopyInto(out *VirtualHost) { *out = make([]IPFilterPolicy, len(*in)) copy(*out, *in) } + if in.ExternalProcessing != nil { + in, out := &in.ExternalProcessing, &out.ExternalProcessing + *out = new(ExternalProcessing) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VirtualHost. diff --git a/apis/projectcontour/v1alpha1/contourconfig.go b/apis/projectcontour/v1alpha1/contourconfig.go index 0af7a50e08a..879c76c4246 100644 --- a/apis/projectcontour/v1alpha1/contourconfig.go +++ b/apis/projectcontour/v1alpha1/contourconfig.go @@ -91,6 +91,11 @@ type ContourConfigurationSpec struct { // from k8s endpoint slices. defaults to true, // If false then reads endpoint data from the k8s endpoints. FeatureFlags FeatureFlags `json:"featureFlags,omitempty"` + + // GlobalExternalProcessing allows envoys external processing filter + // to be enabled for all virtual hosts. + // +optional + GlobalExternalProcessing *contour_v1.ExternalProcessing `json:"globalExternalProcessing,omitempty"` } // FeatureFlags defines the set of feature flags diff --git a/apis/projectcontour/v1alpha1/zz_generated.deepcopy.go b/apis/projectcontour/v1alpha1/zz_generated.deepcopy.go index 394c22dff6e..95a10cded7b 100644 --- a/apis/projectcontour/v1alpha1/zz_generated.deepcopy.go +++ b/apis/projectcontour/v1alpha1/zz_generated.deepcopy.go @@ -187,7 +187,7 @@ func (in *ContourConfigurationSpec) DeepCopyInto(out *ContourConfigurationSpec) if in.Gateway != nil { in, out := &in.Gateway, &out.Gateway *out = new(GatewayConfig) - (*in).DeepCopyInto(*out) + **out = **in } if in.HTTPProxy != nil { in, out := &in.HTTPProxy, &out.HTTPProxy @@ -229,6 +229,11 @@ func (in *ContourConfigurationSpec) DeepCopyInto(out *ContourConfigurationSpec) *out = make(FeatureFlags, len(*in)) copy(*out, *in) } + if in.GlobalExternalProcessing != nil { + in, out := &in.GlobalExternalProcessing, &out.GlobalExternalProcessing + *out = new(v1.ExternalProcessing) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContourConfigurationSpec. @@ -407,6 +412,11 @@ func (in *ContourSettings) DeepCopyInto(out *ContourSettings) { *out = make([]v1.Namespace, len(*in)) copy(*out, *in) } + if in.DisabledFeatures != nil { + in, out := &in.DisabledFeatures, &out.DisabledFeatures + *out = make([]v1.Feature, len(*in)) + copy(*out, *in) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContourSettings. diff --git a/cmd/contour/serve.go b/cmd/contour/serve.go index 1c48f9fce88..2989016acef 100644 --- a/cmd/contour/serve.go +++ b/cmd/contour/serve.go @@ -483,6 +483,10 @@ func (s *Server) doServe() error { return err } + if listenerConfig.GlobalExtProcConfig, err = s.setupGlobalExtProc(contourConfiguration); err != nil { + return err + } + contourMetrics := metrics.NewMetrics(s.registry) // Endpoints updates are handled directly by the EndpointsTranslator/EndpointSliceTranslator due to the high update volume. @@ -574,6 +578,7 @@ func (s *Server) doServe() error { globalRateLimitService: contourConfiguration.RateLimitService, maxRequestsPerConnection: contourConfiguration.Envoy.Cluster.MaxRequestsPerConnection, perConnectionBufferLimitBytes: contourConfiguration.Envoy.Cluster.PerConnectionBufferLimitBytes, + globalExternalProcessing: contourConfiguration.GlobalExternalProcessing, globalCircuitBreakerDefaults: contourConfiguration.Envoy.Cluster.GlobalCircuitBreakerDefaults, upstreamTLS: &dag.UpstreamTLS{ MinimumProtocolVersion: annotation.TLSVersion(contourConfiguration.Envoy.Cluster.UpstreamTLS.MinimumProtocolVersion, "1.2"), @@ -886,6 +891,26 @@ func (s *Server) setupGlobalExternalAuthentication(contourConfiguration contour_ return globalExternalAuthConfig, nil } +func (s *Server) setupGlobalExtProc(contourCfg contour_v1alpha1.ContourConfigurationSpec) (*xdscache_v3.GlobalExtProcConfig, error) { + extProc := contourCfg.GlobalExternalProcessing + if extProc == nil || extProc.Disabled || extProc.Processor == nil { + return nil, nil + } + + // ensure the specified ExtensionService exists + extSvcCfg, err := s.getExtensionSvcConfig(extProc.Processor.ExtensionServiceRef.Name, extProc.Processor.ExtensionServiceRef.Namespace) + if err != nil { + return nil, err + } + return &xdscache_v3.GlobalExtProcConfig{ + ExtensionServiceConfig: extSvcCfg, + FailOpen: extProc.Processor.FailOpen, + ProcessingMode: contourCfg.GlobalExternalProcessing.Processor.ProcessingMode, + MutationRules: contourCfg.GlobalExternalProcessing.Processor.MutationRules, + AllowModeOverride: contourCfg.GlobalExternalProcessing.Processor.AllowModeOverride, + }, nil +} + func (s *Server) setupDebugService(debugConfig contour_v1alpha1.DebugConfig, builder *dag.Builder) error { debugsvc := &debug.Service{ Service: httpsvc.Service{ @@ -1068,6 +1093,7 @@ type dagBuilderConfig struct { maxRequestsPerConnection *uint32 perConnectionBufferLimitBytes *uint32 globalRateLimitService *contour_v1alpha1.RateLimitServiceConfig + globalExternalProcessing *contour_v1.ExternalProcessing globalCircuitBreakerDefaults *contour_v1alpha1.CircuitBreakers upstreamTLS *dag.UpstreamTLS } @@ -1164,6 +1190,7 @@ func (s *Server) getDAGBuilder(dbc dagBuilderConfig) *dag.Builder { GlobalRateLimitService: dbc.globalRateLimitService, PerConnectionBufferLimitBytes: dbc.perConnectionBufferLimitBytes, SetSourceMetadataOnRoutes: true, + GlobalExternalProcessing: dbc.globalExternalProcessing, GlobalCircuitBreakerDefaults: dbc.globalCircuitBreakerDefaults, UpstreamTLS: dbc.upstreamTLS, }, diff --git a/cmd/contour/servecontext.go b/cmd/contour/servecontext.go index 51a6c3a726a..825dfcd3816 100644 --- a/cmd/contour/servecontext.go +++ b/cmd/contour/servecontext.go @@ -459,6 +459,29 @@ func (ctx *serveContext) convertToContourConfigurationSpec() contour_v1alpha1.Co } } + var globalExtProc *contour_v1.ExternalProcessing + if ctx.Config.GlobalExternalProcessing != nil { + // disabled or no processor, ignore it + if !ctx.Config.GlobalExternalProcessing.Disabled && ctx.Config.GlobalExternalProcessing.Processor != nil { + extProc := ctx.Config.GlobalExternalProcessing.Processor + + nsedName := k8s.NamespacedNameFrom(extProc.ExtensionService) + globalExtProc = &contour_v1.ExternalProcessing{ + Processor: &contour_v1.ExternalProcessor{ + ExtensionServiceRef: contour_v1.ExtensionServiceReference{ + Name: nsedName.Name, + Namespace: nsedName.Namespace, + }, + ResponseTimeout: extProc.ResponseTimeout, + FailOpen: extProc.FailOpen, + AllowModeOverride: extProc.AllowModeOverride, + ProcessingMode: extProc.ProcessingMode, + MutationRules: extProc.MutationRules, + }, + } + } + } + policy := &contour_v1alpha1.PolicyConfig{ RequestHeadersPolicy: &contour_v1alpha1.HeadersPolicy{ Set: ctx.Config.Policy.RequestHeadersPolicy.Set, @@ -592,6 +615,7 @@ func (ctx *serveContext) convertToContourConfigurationSpec() contour_v1alpha1.Co }, EnableExternalNameService: &ctx.Config.EnableExternalNameService, GlobalExternalAuthorization: globalExtAuth, + GlobalExternalProcessing: globalExtProc, RateLimitService: rateLimitService, Policy: policy, Metrics: &contourMetrics, diff --git a/examples/contour/01-crds.yaml b/examples/contour/01-crds.yaml index a6bf34783a2..ff982bd2af2 100644 --- a/examples/contour/01-crds.yaml +++ b/examples/contour/01-crds.yaml @@ -719,6 +719,179 @@ spec: type: boolean type: object type: object + globalExternalProcessing: + description: |- + GlobalExternalProcessing allows envoys external processing filter + to be enabled for all virtual hosts. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter which + allows an external service to act on HTTP traffic in a flexible + way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension resource + that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object health: description: |- Health defines the endpoints Contour uses to serve health checks. @@ -4521,6 +4694,179 @@ spec: type: boolean type: object type: object + globalExternalProcessing: + description: |- + GlobalExternalProcessing allows envoys external processing filter + to be enabled for all virtual hosts. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object health: description: |- Health defines the endpoints Contour uses to serve health checks. @@ -5993,6 +6339,179 @@ spec: enableWebsockets: description: Enables websocket support for the route. type: boolean + externalProcessing: + description: ExternalProcessing override/disable the policy + to act on HTTP traffic for the specific route in a flexible + way. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object healthCheckPolicy: description: The health check policy for this route. properties: @@ -7563,6 +8082,179 @@ spec: - allowMethods - allowOrigin type: object + externalProcessing: + description: |- + ExternalProcessing defines a external processing filter and the policy + to act on HTTP traffic in a flexible way. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object fqdn: description: |- The fully qualified domain name of the root of the ingress tree diff --git a/examples/render/contour-deployment.yaml b/examples/render/contour-deployment.yaml index e389f1820bc..0f8ee53fcff 100644 --- a/examples/render/contour-deployment.yaml +++ b/examples/render/contour-deployment.yaml @@ -939,6 +939,179 @@ spec: type: boolean type: object type: object + globalExternalProcessing: + description: |- + GlobalExternalProcessing allows envoys external processing filter + to be enabled for all virtual hosts. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter which + allows an external service to act on HTTP traffic in a flexible + way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension resource + that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object health: description: |- Health defines the endpoints Contour uses to serve health checks. @@ -4741,6 +4914,179 @@ spec: type: boolean type: object type: object + globalExternalProcessing: + description: |- + GlobalExternalProcessing allows envoys external processing filter + to be enabled for all virtual hosts. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object health: description: |- Health defines the endpoints Contour uses to serve health checks. @@ -6213,6 +6559,179 @@ spec: enableWebsockets: description: Enables websocket support for the route. type: boolean + externalProcessing: + description: ExternalProcessing override/disable the policy + to act on HTTP traffic for the specific route in a flexible + way. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object healthCheckPolicy: description: The health check policy for this route. properties: @@ -7783,6 +8302,179 @@ spec: - allowMethods - allowOrigin type: object + externalProcessing: + description: |- + ExternalProcessing defines a external processing filter and the policy + to act on HTTP traffic in a flexible way. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object fqdn: description: |- The fully qualified domain name of the root of the ingress tree diff --git a/examples/render/contour-gateway-provisioner.yaml b/examples/render/contour-gateway-provisioner.yaml index bddb47171e8..b1701b39a31 100644 --- a/examples/render/contour-gateway-provisioner.yaml +++ b/examples/render/contour-gateway-provisioner.yaml @@ -730,6 +730,179 @@ spec: type: boolean type: object type: object + globalExternalProcessing: + description: |- + GlobalExternalProcessing allows envoys external processing filter + to be enabled for all virtual hosts. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter which + allows an external service to act on HTTP traffic in a flexible + way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension resource + that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object health: description: |- Health defines the endpoints Contour uses to serve health checks. @@ -4532,6 +4705,179 @@ spec: type: boolean type: object type: object + globalExternalProcessing: + description: |- + GlobalExternalProcessing allows envoys external processing filter + to be enabled for all virtual hosts. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object health: description: |- Health defines the endpoints Contour uses to serve health checks. @@ -6004,6 +6350,179 @@ spec: enableWebsockets: description: Enables websocket support for the route. type: boolean + externalProcessing: + description: ExternalProcessing override/disable the policy + to act on HTTP traffic for the specific route in a flexible + way. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object healthCheckPolicy: description: The health check policy for this route. properties: @@ -7574,6 +8093,179 @@ spec: - allowMethods - allowOrigin type: object + externalProcessing: + description: |- + ExternalProcessing defines a external processing filter and the policy + to act on HTTP traffic in a flexible way. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object fqdn: description: |- The fully qualified domain name of the root of the ingress tree diff --git a/examples/render/contour-gateway.yaml b/examples/render/contour-gateway.yaml index 42380944242..8f93bfea164 100644 --- a/examples/render/contour-gateway.yaml +++ b/examples/render/contour-gateway.yaml @@ -755,6 +755,179 @@ spec: type: boolean type: object type: object + globalExternalProcessing: + description: |- + GlobalExternalProcessing allows envoys external processing filter + to be enabled for all virtual hosts. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter which + allows an external service to act on HTTP traffic in a flexible + way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension resource + that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object health: description: |- Health defines the endpoints Contour uses to serve health checks. @@ -4557,6 +4730,179 @@ spec: type: boolean type: object type: object + globalExternalProcessing: + description: |- + GlobalExternalProcessing allows envoys external processing filter + to be enabled for all virtual hosts. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object health: description: |- Health defines the endpoints Contour uses to serve health checks. @@ -6029,6 +6375,179 @@ spec: enableWebsockets: description: Enables websocket support for the route. type: boolean + externalProcessing: + description: ExternalProcessing override/disable the policy + to act on HTTP traffic for the specific route in a flexible + way. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object healthCheckPolicy: description: The health check policy for this route. properties: @@ -7599,6 +8118,179 @@ spec: - allowMethods - allowOrigin type: object + externalProcessing: + description: |- + ExternalProcessing defines a external processing filter and the policy + to act on HTTP traffic in a flexible way. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object fqdn: description: |- The fully qualified domain name of the root of the ingress tree diff --git a/examples/render/contour.yaml b/examples/render/contour.yaml index 37d07cbd3bd..7015b7be4b4 100644 --- a/examples/render/contour.yaml +++ b/examples/render/contour.yaml @@ -939,6 +939,179 @@ spec: type: boolean type: object type: object + globalExternalProcessing: + description: |- + GlobalExternalProcessing allows envoys external processing filter + to be enabled for all virtual hosts. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter which + allows an external service to act on HTTP traffic in a flexible + way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension resource + that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object health: description: |- Health defines the endpoints Contour uses to serve health checks. @@ -4741,6 +4914,179 @@ spec: type: boolean type: object type: object + globalExternalProcessing: + description: |- + GlobalExternalProcessing allows envoys external processing filter + to be enabled for all virtual hosts. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object health: description: |- Health defines the endpoints Contour uses to serve health checks. @@ -6213,6 +6559,179 @@ spec: enableWebsockets: description: Enables websocket support for the route. type: boolean + externalProcessing: + description: ExternalProcessing override/disable the policy + to act on HTTP traffic for the specific route in a flexible + way. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object healthCheckPolicy: description: The health check policy for this route. properties: @@ -7783,6 +8302,179 @@ spec: - allowMethods - allowOrigin type: object + externalProcessing: + description: |- + ExternalProcessing defines a external processing filter and the policy + to act on HTTP traffic in a flexible way. + properties: + disabled: + description: |- + When true, this field disables the external processor for the scope of the policy. + - for global: no external processing will be append to the filter chain + if both Disabled and Processor are set. use disabled. + type: boolean + processor: + description: Processor defines a external processing filter + which allows an external service to act on HTTP traffic + in a flexible way. + properties: + allowModeOverride: + description: |- + If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + If false, `mode_override` API in the response message will be ignored. + type: boolean + extensionRef: + description: ExtensionServiceRef specifies the extension + resource that will handle the client requests. + properties: + apiVersion: + description: |- + API version of the referent. + If this field is not specified, the default "projectcontour.io/v1alpha1" will be used + minLength: 1 + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + minLength: 1 + type: string + namespace: + description: |- + Namespace of the referent. + If this field is not specifies, the namespace of the resource that targets the referent will be used. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + minLength: 1 + type: string + type: object + failOpen: + description: |- + If FailOpen is true, the client request is forwarded to the upstream service + even if the server fails to respond. This field should not be + set in most cases. + type: boolean + mutationRules: + description: |- + MutationRules specifies what headers may be manipulated by a processing filter. + This set of rules makes it possible to control which modifications a filter may make. + for Overrides is must be nil + properties: + allowAllRouting: + description: |- + By default, certain headers that could affect processing of subsequent + filters or request routing cannot be modified. These headers are + ``host``, ``:authority``, ``:scheme``, and ``:method``. + Setting this parameter to true allows these headers to be modified as well. + type: boolean + allowEnvoy: + description: |- + If true, allow modification of envoy internal headers. By default, these + start with ``x-envoy`` but this may be overridden in the ``Bootstrap`` configuration. + Default is false. + type: boolean + disallowAll: + description: |- + If true, prevent modifications of all header values, regardless of any + other settings. A processing server may still override the ``:status`` + of an HTTP response using an ``ImmediateResponse`` message. + Default is false. + type: boolean + disallowIsError: + description: |- + If true, and if the rules in this list cause a header mutation to be + disallowed, then the filter using this configuration will terminate the + request with a 500 error. In addition, regardless of the setting of this + parameter, any attempt to set, add, or modify a disallowed header will + cause the ``rejected_header_mutations`` counter to be incremented. + Default is false. + type: boolean + disallowSystem: + description: |- + If true, prevent modification of any system header, defined as a header + that starts with a ``:`` character, regardless of any other settings. + A processing server may still override the ``:status`` of an HTTP response + using an ``ImmediateResponse`` message. + Default is false. + type: boolean + type: object + processingMode: + description: |- + ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + and how they are delivered. + properties: + requestBodyMode: + default: NONE + description: |- + How to handle the request body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + requestHeaderMode: + default: SEND + description: |- + How to handle the request header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + requestTrailerMode: + default: SKIP + description: |- + How to handle the request trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseBodyMode: + default: NONE + description: |- + How do handle the response body. + Default is "NONE". + enum: + - NONE + - STREAMED + - BUFFERED + - BUFFERED_PARTIAL + type: string + responseHeaderMode: + default: SEND + description: |- + How to handle the response header. + Default is "SEND". + enum: + - DEFAULT + - SEND + - SKIP + type: string + responseTrailerMode: + default: SKIP + description: |- + How to handle the response trailers. + Default is "SKIP". + enum: + - DEFAULT + - SEND + - SKIP + type: string + type: object + responseTimeout: + description: |- + ResponseTimeout sets how long the proxy should wait for responses. + Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + The string "infinity" is also a valid input and specifies no timeout. + pattern: ^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$ + type: string + type: object + type: object fqdn: description: |- The fully qualified domain name of the root of the ingress tree diff --git a/internal/dag/builder_test.go b/internal/dag/builder_test.go index 70f9ee3ed0f..6e3ba978360 100644 --- a/internal/dag/builder_test.go +++ b/internal/dag/builder_test.go @@ -15610,7 +15610,8 @@ func TestDefaultHeadersPolicies(t *testing.T) { }{ { name: "empty is fine", - }, { + }, + { name: "ingressv1: insert ingress w/ single unnamed backend", objs: []any{ i2V1, @@ -15649,7 +15650,8 @@ func TestDefaultHeadersPolicies(t *testing.T) { }, Remove: []string{"K-Nada"}, }, - }, { + }, + { name: "insert httpproxy referencing two backends", objs: []any{ proxyMultipleBackends, s1, s2, diff --git a/internal/dag/dag.go b/internal/dag/dag.go index 8ec08fea717..6e2a8e1d74f 100644 --- a/internal/dag/dag.go +++ b/internal/dag/dag.go @@ -27,6 +27,7 @@ import ( core_v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" + contour_v1 "github.com/projectcontour/contour/apis/projectcontour/v1" "github.com/projectcontour/contour/internal/status" "github.com/projectcontour/contour/internal/timeout" ) @@ -274,6 +275,24 @@ type InternalRedirectPolicy struct { DenyRepeatedRouteRedirect bool } +// Overrides that may be set on a per-route basis +type ExtProcOverrides struct { + // Set a different processing mode for this route than the default. + ProcessingMode *contour_v1.ProcessingMode + + // Set a different gRPC service for this route than the default. + ExtProcService *ExtensionCluster + ResponseTimeout *timeout.Setting +} + +type ExtProcPolicy struct { + // Disabled disable the filter for this particular vhost or route. + // If disabled is specified in multiple per-filter-configs, the most specific one will be used. + Disabled bool + + Overrides *ExtProcOverrides +} + // Route defines the properties of a route to a Cluster. type Route struct { // PathMatchCondition specifies a MatchCondition to match on the request path. @@ -370,6 +389,9 @@ type Route struct { // by IPFilterAllow. IPFilterRules []IPFilterRule + // + ExtProcPolicy *ExtProcPolicy + // Metadata fields that can be used for access logging. Kind string Namespace string @@ -812,6 +834,10 @@ type SecureVirtualHost struct { // the ExtAuthz filter. ExternalAuthorization *ExternalAuthorization + // ExtProc contains the configurations for enabling + // the ExtProc filters. + ExtProc *ExtProc + // JWTProviders specify how to verify JWTs. JWTProviders []JWTProvider } @@ -881,6 +907,35 @@ type ExternalAuthorization struct { AuthorizationServerWithRequestBody *AuthorizationServerBufferSettings } +type ExtProc struct { + // ExtProcService points to the extension that client + // requests are forwarded to for external processing. If nil, no + // external processing is enabled for this host. + ExtProcService *ExtensionCluster + + // ResponseTimeout sets how long the proxy should wait + // for external processor responses. + // This is the timeout for a specific request. + ResponseTimeout timeout.Setting + + // FailOpen sets whether external processing server + // failures should cause the client request to also fail. The + // only reason to set this to `true` is when you are migrating + // from internal to external authorization. + FailOpen bool + + // If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + // If false, `mode_override` API in the response message will be ignored. + AllowModeOverride bool + + // Specifies default options for how HTTP headers, trailers, and bodies are sent. + ProcessingMode *contour_v1.ProcessingMode + + // Rules that determine what modifications an external processing server may + // make to message headers. + MutationRules *contour_v1.HeaderMutationRules +} + // AuthorizationServerBufferSettings enables ExtAuthz filter to buffer client // request data and send it as part of authorization request type AuthorizationServerBufferSettings struct { diff --git a/internal/dag/httpproxy_processor.go b/internal/dag/httpproxy_processor.go index 083fd741353..eea23a1fe81 100644 --- a/internal/dag/httpproxy_processor.go +++ b/internal/dag/httpproxy_processor.go @@ -119,6 +119,9 @@ type HTTPProxyProcessor struct { // UpstreamTLS defines the TLS settings like min/max version // and cipher suites for upstream connections. UpstreamTLS *UpstreamTLS + + // GlobalExternalProcessing defines how requests/responses will be operatred + GlobalExternalProcessing *contour_v1.ExternalProcessing } // Run translates HTTPProxies into DAG objects and @@ -202,6 +205,12 @@ func (p *HTTPProxyProcessor) computeHTTPProxy(proxy *contour_v1.HTTPProxy) { return } + extProc := proxy.Spec.VirtualHost.ExternalProcessing + if proxy.Spec.VirtualHost.TLS == nil && extProc != nil && extProc.Processor != nil && len(extProc.Processor.ExtensionServiceRef.Name) > 0 { + validCond.AddError(contour_v1.ConditionTypeExtProcError, "VirtualHostExtProcNotPermitted", + "Spec.VirtualHost.ExternalProcessor.Processors[*].ExtensionServiceRef can only be defined for root HTTPProxies that terminate TLS") + return + } if len(proxy.Spec.VirtualHost.IPAllowFilterPolicy) > 0 && len(proxy.Spec.VirtualHost.IPDenyFilterPolicy) > 0 { validCond.AddError(contour_v1.ConditionTypeIPFilterError, "IncompatibleIPAddressFilters", "Spec.VirtualHost.IPAllowFilterPolicy and Spec.VirtualHost.IPDepnyFilterPolicy cannot both be defined.") @@ -289,6 +298,13 @@ func (p *HTTPProxyProcessor) computeHTTPProxy(proxy *contour_v1.HTTPProxy) { return } + // same as above + if tls.EnableFallbackCertificate && proxy.Spec.VirtualHost.ExtProcConfigured() { + validCond.AddError(contour_v1.ConditionTypeTLSError, "TLSIncompatibleFeatures", + "Spec.Virtualhost.TLS fallback & external processing are incompatible") + return + } + // If FallbackCertificate is enabled, but no cert passed, set error if tls.EnableFallbackCertificate { if p.FallbackCertificate == nil { @@ -372,6 +388,10 @@ func (p *HTTPProxyProcessor) computeHTTPProxy(proxy *contour_v1.HTTPProxy) { return } + if !p.computeSecureVirtualHostExtProc(validCond, proxy, svhost) { + return + } + providerNames := sets.NewString() for _, jwtProvider := range proxy.Spec.VirtualHost.JWTProviders { if providerNames.Has(jwtProvider.Name) { @@ -544,7 +564,15 @@ func (p *HTTPProxyProcessor) computeHTTPProxy(proxy *contour_v1.HTTPProxy) { } if p.GlobalExternalAuthorization != nil && !proxy.Spec.VirtualHost.DisableAuthorization() { - p.computeVirtualHostAuthorization(p.GlobalExternalAuthorization, validCond, proxy) + _ = p.computeVirtualHostAuthorization(p.GlobalExternalAuthorization, validCond, proxy) + } + + if p.GlobalExternalAuthorization != nil && !proxy.Spec.VirtualHost.DisableAuthorization() { + _ = p.computeVirtualHostAuthorization(p.GlobalExternalAuthorization, validCond, proxy) + } + + if p.GlobalExternalProcessing != nil && !proxy.Spec.VirtualHost.ExtProcDisabled() { + _ = p.computeVirtualHostExtProc(p.GlobalExternalProcessing.Processor, validCond, proxy) } insecure.IPFilterAllow, insecure.IPFilterRules, err = toIPFilterRules(proxy.Spec.VirtualHost.IPAllowFilterPolicy, proxy.Spec.VirtualHost.IPDenyFilterPolicy, validCond) @@ -875,6 +903,30 @@ func (p *HTTPProxyProcessor) computeRoutes( } } + // If the enclosing root proxy enabled external processing, + // enable it on the route and propagate defaults + // downwards. + if !rootProxy.Spec.VirtualHost.ExtProcDisabled() && route.ExternalProcessing != nil { + + // Take the default for enabling external processing + // from the virtual host. If this route has a + // policy, let that override. + var overrides *ExtProcOverrides + + disabled := route.ExternalProcessing.Disabled + if !disabled && route.ExternalProcessing.Processor != nil { + overrides = toExtProcOverrides(route.ExternalProcessing.Processor, validCond, proxy.Namespace, p.dag.GetExtensionCluster) + if overrides == nil { + return nil + } + } + + r.ExtProcPolicy = &ExtProcPolicy{ + Overrides: overrides, + Disabled: disabled, + } + } + if len(route.GetPrefixReplacements()) > 0 { if !r.HasPathPrefix() { validCond.AddError(contour_v1.ConditionTypePrefixReplaceError, "MustHavePrefix", @@ -1103,6 +1155,37 @@ func (p *HTTPProxyProcessor) computeRoutes( return routes } +func toExtProcOverrides( + override *contour_v1.ExternalProcessor, + validCond *contour_v1.DetailedCondition, + defaultNamespace string, + extClusterGetter func(name string) *ExtensionCluster, +) *ExtProcOverrides { + ok, extSvc := validateExtensionService( + defaultExtensionRef(override.ExtensionServiceRef), + validCond, + defaultNamespace, + contour_v1.ConditionTypeExtProcError, + extClusterGetter) + if !ok { + return nil + } + ok, respTimeout := determineExtensionServiceTimeout( + contour_v1.ConditionTypeExtProcError, + override.ResponseTimeout, + validCond, + extSvc) + if !ok { + return nil + } + + return &ExtProcOverrides{ + ProcessingMode: override.ProcessingMode, + ExtProcService: extSvc, + ResponseTimeout: respTimeout, + } +} + // toIPFilterRules converts ip filter settings from the api into the // dag representation func toIPFilterRules(allowPolicy, denyPolicy []contour_v1.IPFilterPolicy, validCond *contour_v1.DetailedCondition) (allow bool, filters []IPFilterRule, err error) { @@ -1282,7 +1365,6 @@ func (p *HTTPProxyProcessor) processHTTPProxyTCPProxy(validCond *contour_v1.Deta } if dest.Spec.VirtualHost != nil { - validCond.AddErrorf(contour_v1.ConditionTypeTCPProxyIncludeError, "RootIncludesRoot", "root httpproxy cannot include another root httpproxy (%s/%s)", dest.Namespace, dest.Name) return false @@ -1367,23 +1449,28 @@ func (p *HTTPProxyProcessor) rootAllowed(namespace string) bool { return false } -func (p *HTTPProxyProcessor) computeVirtualHostAuthorization(auth *contour_v1.AuthorizationServer, validCond *contour_v1.DetailedCondition, httpproxy *contour_v1.HTTPProxy) *ExternalAuthorization { - ok, ext := validateExternalAuthExtensionService(defaultExtensionRef(auth.ExtensionServiceRef), +func (p *HTTPProxyProcessor) computeVirtualHostAuthorization( + auth *contour_v1.AuthorizationServer, + validCond *contour_v1.DetailedCondition, + httpproxy *contour_v1.HTTPProxy, +) *ExternalAuthorization { + ok, extSvc := validateExtensionService( + defaultExtensionRef(auth.ExtensionServiceRef), validCond, - httpproxy, - p.dag.GetExtensionCluster, - ) + httpproxy.Namespace, + contour_v1.ConditionTypeAuthError, + p.dag.GetExtensionCluster) if !ok { return nil } - ok, respTimeout := determineExternalAuthTimeout(auth.ResponseTimeout, validCond, ext) + ok, respTimeout := determineExtensionServiceTimeout(contour_v1.ConditionTypeAuthError, auth.ResponseTimeout, validCond, extSvc) if !ok { return nil } - globalExternalAuthorization := &ExternalAuthorization{ - AuthorizationService: ext, + extAuth := &ExternalAuthorization{ + AuthorizationService: extSvc, AuthorizationFailOpen: auth.FailOpen, AuthorizationResponseTimeout: *respTimeout, } @@ -1393,43 +1480,104 @@ func (p *HTTPProxyProcessor) computeVirtualHostAuthorization(auth *contour_v1.Au if auth.WithRequestBody.MaxRequestBytes != 0 { maxRequestBytes = auth.WithRequestBody.MaxRequestBytes } - globalExternalAuthorization.AuthorizationServerWithRequestBody = &AuthorizationServerBufferSettings{ + extAuth.AuthorizationServerWithRequestBody = &AuthorizationServerBufferSettings{ MaxRequestBytes: maxRequestBytes, AllowPartialMessage: auth.WithRequestBody.AllowPartialMessage, PackAsBytes: auth.WithRequestBody.PackAsBytes, } } - return globalExternalAuthorization + return extAuth } -func validateExternalAuthExtensionService(ref contour_v1.ExtensionServiceReference, validCond *contour_v1.DetailedCondition, httpproxy *contour_v1.HTTPProxy, getExtensionCluster func(name string) *ExtensionCluster) (bool, *ExtensionCluster) { +func (p *HTTPProxyProcessor) computeVirtualHostExtProc( + extProc *contour_v1.ExternalProcessor, + validCond *contour_v1.DetailedCondition, + httpproxy *contour_v1.HTTPProxy, +) *ExtProc { + ok, extSvc := validateExtensionService( + defaultExtensionRef(extProc.ExtensionServiceRef), + validCond, + httpproxy.Namespace, + contour_v1.ConditionTypeExtProcError, + p.dag.GetExtensionCluster) + if !ok { + return nil + } + ok, respTimeout := determineExtensionServiceTimeout(contour_v1.ConditionTypeExtProcError, extProc.ResponseTimeout, validCond, extSvc) + if !ok { + return nil + } + + return &ExtProc{ + ExtProcService: extSvc, + ResponseTimeout: *respTimeout, + FailOpen: extProc.FailOpen, + AllowModeOverride: extProc.AllowModeOverride, + ProcessingMode: extProc.ProcessingMode, + MutationRules: extProc.MutationRules, + } +} + +const ( + versionErorrFormat = "%s specifies an unsupported resource version %q" + extSvcNotFound = "%s extension service %q not found" +) + +func validateExtensionService( + ref contour_v1.ExtensionServiceReference, + validCond *contour_v1.DetailedCondition, + defaultNamespace string, + errorType string, + extClusterGetter func(name string) *ExtensionCluster, +) (bool, *ExtensionCluster) { if ref.APIVersion != contour_v1alpha1.GroupVersion.String() { - validCond.AddErrorf(contour_v1.ConditionTypeAuthError, "AuthBadResourceVersion", - "Spec.Virtualhost.Authorization.extensionRef specifies an unsupported resource version %q", ref.APIVersion) + reason := "AuthBadResourceVersion" + field := "Spec.Virtualhost.Authorization.extensionRef" + + if errorType == contour_v1.ConditionTypeExtProcError { + reason = "ExtProcBadResourceVersion" + field = "Spec.VirtualHost.ExternalProcessor.Processors[*].ExtensionServiceRef" + } + validCond.AddErrorf(errorType, reason, versionErorrFormat, field, ref.APIVersion) return false, nil } // Lookup the extension service reference. extensionName := types.NamespacedName{ Name: ref.Name, - Namespace: stringOrDefault(ref.Namespace, httpproxy.Namespace), + Namespace: stringOrDefault(ref.Namespace, defaultNamespace), } - ext := getExtensionCluster(ExtensionClusterName(extensionName)) + ext := extClusterGetter(ExtensionClusterName(extensionName)) if ext == nil { - validCond.AddErrorf(contour_v1.ConditionTypeAuthError, "ExtensionServiceNotFound", - "Spec.Virtualhost.Authorization.ServiceRef extension service %q not found", extensionName) + field := "Spec.Virtualhost.Authorization.ServiceRef" + if errorType == contour_v1.ConditionTypeExtProcError { + field = "Spec.VirtualHost.ExternalProcessor.Processors[*].ExtensionServiceRef" + } + validCond.AddErrorf(errorType, "ExtensionServiceNotFound", extSvcNotFound, field, extensionName) return false, ext } - return true, ext } -func determineExternalAuthTimeout(responseTimeout string, validCond *contour_v1.DetailedCondition, ext *ExtensionCluster) (bool, *timeout.Setting) { - tout, err := timeout.Parse(responseTimeout) +const extSvcRespTimeoutFormat = "%s is invalid: %s" + +func determineExtensionServiceTimeout( + errorType string, + respTimeout string, + validCond *contour_v1.DetailedCondition, + ext *ExtensionCluster, +) (bool, *timeout.Setting) { + tout, err := timeout.Parse(respTimeout) if err != nil { - validCond.AddErrorf(contour_v1.ConditionTypeAuthError, "AuthResponseTimeoutInvalid", - "Spec.Virtualhost.Authorization.ResponseTimeout is invalid: %s", err) + reason := "AuthResponseTimeoutInvalid" + field := "Spec.Virtualhost.Authorization.ResponseTimeout" + + if errorType != contour_v1.ConditionTypeAuthError { + reason = "ExtProcResponseTimeoutInvalid" + field = "Spec.VirtualHost.ExternalProcessor.Processors[*].ResponseTimeout" + } + validCond.AddErrorf(errorType, reason, extSvcRespTimeoutFormat, field, err) return false, nil } @@ -1440,20 +1588,44 @@ func determineExternalAuthTimeout(responseTimeout string, validCond *contour_v1. return true, &tout } +func (p *HTTPProxyProcessor) computeSecureVirtualHostExtProc( + validCond *contour_v1.DetailedCondition, + httpproxy *contour_v1.HTTPProxy, + svhost *SecureVirtualHost, +) bool { + if !httpproxy.Spec.VirtualHost.ExtProcDisabled() { + var ( + ep *ExtProc + computed bool + ) + if httpproxy.Spec.VirtualHost.ExtProcConfigured() { + computed = true + ep = p.computeVirtualHostExtProc(httpproxy.Spec.VirtualHost.ExternalProcessing.Processor, validCond, httpproxy) + } else if p.GlobalExternalProcessing != nil && p.GlobalExternalProcessing.Processor != nil { + computed = true + ep = p.computeVirtualHostExtProc(p.GlobalExternalProcessing.Processor, validCond, httpproxy) + } + if computed && ep == nil { + return false + } + svhost.ExtProc = ep + } + return true +} + func (p *HTTPProxyProcessor) computeSecureVirtualHostAuthorization(validCond *contour_v1.DetailedCondition, httpproxy *contour_v1.HTTPProxy, svhost *SecureVirtualHost) bool { if httpproxy.Spec.VirtualHost.AuthorizationConfigured() && !httpproxy.Spec.VirtualHost.DisableAuthorization() { authorization := p.computeVirtualHostAuthorization(httpproxy.Spec.VirtualHost.Authorization, validCond, httpproxy) if authorization == nil { return false } - svhost.ExternalAuthorization = authorization + } else if p.GlobalExternalAuthorization != nil && !httpproxy.Spec.VirtualHost.DisableAuthorization() { globalAuthorization := p.computeVirtualHostAuthorization(p.GlobalExternalAuthorization, validCond, httpproxy) if globalAuthorization == nil { return false } - svhost.ExternalAuthorization = globalAuthorization } diff --git a/internal/dag/httpproxy_processor_test.go b/internal/dag/httpproxy_processor_test.go index d1f30a17c82..1fb12fc4013 100644 --- a/internal/dag/httpproxy_processor_test.go +++ b/internal/dag/httpproxy_processor_test.go @@ -803,7 +803,7 @@ func TestValidateExternalAuthExtensionService(t *testing.T) { for name, tc := range tests { t.Run(name, func(t *testing.T) { validCond := &contour_v1.DetailedCondition{} - gotBool, got := validateExternalAuthExtensionService(tc.ref, validCond, tc.httpproxy, tc.getExtensionCluster) + gotBool, got := validateExtensionService(tc.ref, validCond, tc.httpproxy.Namespace, contour_v1.ConditionTypeAuthError, tc.getExtensionCluster) require.Equal(t, tc.want, got) require.Equal(t, tc.wantBool, gotBool) require.Equal(t, tc.wantValidCond, validCond) @@ -866,7 +866,7 @@ func TestDetermineExternalAuthTimeout(t *testing.T) { for name, tc := range tests { t.Run(name, func(t *testing.T) { validCond := &contour_v1.DetailedCondition{} - gotBool, got := determineExternalAuthTimeout(tc.responseTimeout, validCond, tc.ext) + gotBool, got := determineExtensionServiceTimeout(contour_v1.ConditionTypeAuthError, tc.responseTimeout, validCond, tc.ext) require.Equal(t, tc.want, got) require.Equal(t, tc.wantBool, gotBool) require.Equal(t, tc.wantValidCond, validCond) diff --git a/internal/envoy/v3/listener.go b/internal/envoy/v3/listener.go index 5d1f2c233ce..8b8a1e9d2e3 100644 --- a/internal/envoy/v3/listener.go +++ b/internal/envoy/v3/listener.go @@ -21,12 +21,14 @@ import ( "time" envoy_config_accesslog_v3 "github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3" + envoy_mutation_rules_v3 "github.com/envoyproxy/go-control-plane/envoy/config/common/mutation_rules/v3" envoy_config_core_v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3" envoy_config_listener_v3 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3" envoy_compression_gzip_compressor_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/compression/gzip/compressor/v3" envoy_filter_http_compressor_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/compressor/v3" envoy_filter_http_cors_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/cors/v3" envoy_filter_http_ext_authz_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/ext_authz/v3" + envoy_filter_http_ext_proc_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/ext_proc/v3" envoy_filter_http_grpc_stats_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/grpc_stats/v3" envoy_filter_http_grpc_web_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/grpc_web/v3" envoy_filter_http_jwt_authn_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/jwt_authn/v3" @@ -44,6 +46,7 @@ import ( "google.golang.org/protobuf/types/known/durationpb" "google.golang.org/protobuf/types/known/wrapperspb" + contour_v1 "github.com/projectcontour/contour/apis/projectcontour/v1" contour_v1alpha1 "github.com/projectcontour/contour/apis/projectcontour/v1alpha1" "github.com/projectcontour/contour/internal/dag" "github.com/projectcontour/contour/internal/envoy" @@ -160,11 +163,13 @@ const ( GlobalRateLimitFilterName string = "envoy.filters.http.ratelimit" RBACFilterName string = "envoy.filters.http.rbac" ExtAuthzFilterName string = "envoy.filters.http.ext_authz" + ExtProcFilterName string = "envoy.filters.http.ext_proc" JWTAuthnFilterName string = "envoy.filters.http.jwt_authn" LuaFilterName string = "envoy.filters.http.lua" CompressorFilterName string = "envoy.filters.http.compressor" GRPCWebFilterName string = "envoy.filters.http.grpc_web" GRPCStatsFilterName string = "envoy.filters.http.grpc_stats" + RouterFilterName string = "router" ) type httpConnectionManagerBuilder struct { @@ -402,7 +407,7 @@ func (b *httpConnectionManagerBuilder) DefaultFilters() *httpConnectionManagerBu // AddFilter appends f to the list of filters for this HTTPConnectionManager. f // may be nil, in which case it is ignored. Note that Router filters -// (filters with TypeUrl `type.googleapis.com/envoy.extensions.filters.http.router.v3.Router`) +// (filters with TypeUrl `type.googleapis.com/envoy.extensions.filters.envoy_filter_network_http_connection_manager_v3.router.v3.Router`) // are specially treated. There may only be one of these filters, and it must be the last. // AddFilter will ensure that the router filter, if present, is last, and will panic // if a second Router is added when one is already present. @@ -463,7 +468,7 @@ func (b *httpConnectionManagerBuilder) Validate() error { // If the router filter is not the last, the listener will be rejected by Envoy. // More specifically, the last filter must be a terminating filter. The only one // of these used by Contour is the router filter, which is set as the one - // with typeUrl `type.googleapis.com/envoy.extensions.filters.http.router.v3.Router`, + // with typeUrl `type.googleapis.com/envoy.extensions.filters.envoy_filter_network_http_connection_manager_v3.router.v3.Router`, // which in this case is the one of type Router. lastIndex := len(b.filters) - 1 if !b.filters[lastIndex].GetTypedConfig().MessageIs(&envoy_filter_http_router_v3.Router{}) { @@ -788,6 +793,71 @@ end } } +func makeProcessMode(mode *contour_v1.ProcessingMode) *envoy_filter_http_ext_proc_v3.ProcessingMode { + reqHeaderMode := envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode_value[string(mode.RequestHeaderMode)] + respHeaderMode := envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode_value[string(mode.ResponseHeaderMode)] + + reqBodyMode := envoy_filter_http_ext_proc_v3.ProcessingMode_BodySendMode_value[string(mode.RequestBodyMode)] + respBodyMode := envoy_filter_http_ext_proc_v3.ProcessingMode_BodySendMode_value[string(mode.ResponseBodyMode)] + + reqTrailerMode := envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode_value[string(mode.RequestHeaderMode)] + respTrailerMode := envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode_value[string(mode.ResponseHeaderMode)] + + return &envoy_filter_http_ext_proc_v3.ProcessingMode{ + RequestHeaderMode: envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode(reqHeaderMode), + ResponseHeaderMode: envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode(respHeaderMode), + RequestBodyMode: envoy_filter_http_ext_proc_v3.ProcessingMode_BodySendMode(reqBodyMode), + ResponseBodyMode: envoy_filter_http_ext_proc_v3.ProcessingMode_BodySendMode(respBodyMode), + RequestTrailerMode: envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode(reqTrailerMode), + ResponseTrailerMode: envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode(respTrailerMode), + } +} + +// FilterExtProc returns an `ext_proc` filter configured with the +// requested parameters. +func FilterExtProc(extProc *dag.ExtProc) *envoy_filter_network_http_connection_manager_v3.HttpFilter { + if extProc == nil { + return nil + } + if extProc.ProcessingMode == nil { + extProc.ProcessingMode = &contour_v1.ProcessingMode{ + RequestHeaderMode: contour_v1.ProcessingModeSend, + ResponseHeaderMode: contour_v1.ProcessingModeSend, + RequestBodyMode: contour_v1.ProcessingModeNone, + ResponseBodyMode: contour_v1.ProcessingModeNone, + RequestTrailerMode: contour_v1.ProcessingModeSkip, + ResponseTrailerMode: contour_v1.ProcessingModeSkip, + } + } + if extProc.MutationRules == nil { + extProc.MutationRules = &contour_v1.HeaderMutationRules{} + } + + extProcConfig := envoy_filter_http_ext_proc_v3.ExternalProcessor{ + GrpcService: GrpcService(extProc.ExtProcService.Name, extProc.ExtProcService.SNI, extProc.ResponseTimeout), + FailureModeAllow: extProc.FailOpen, + ProcessingMode: makeProcessMode(extProc.ProcessingMode), + MessageTimeout: envoy.Timeout(extProc.ResponseTimeout), + MaxMessageTimeout: envoy.Timeout(extProc.ResponseTimeout), + DisableClearRouteCache: false, + AllowModeOverride: extProc.AllowModeOverride, + MutationRules: &envoy_mutation_rules_v3.HeaderMutationRules{ + AllowAllRouting: &wrapperspb.BoolValue{Value: extProc.MutationRules.AllowAllRouting}, + AllowEnvoy: &wrapperspb.BoolValue{Value: extProc.MutationRules.AllowEnvoy}, + DisallowSystem: &wrapperspb.BoolValue{Value: extProc.MutationRules.DisallowSystem}, + DisallowAll: &wrapperspb.BoolValue{Value: extProc.MutationRules.DisallowAll}, + DisallowIsError: &wrapperspb.BoolValue{Value: extProc.MutationRules.DisallowIsError}, + }, + } + + return &envoy_filter_network_http_connection_manager_v3.HttpFilter{ + Name: ExtProcFilterName, + ConfigType: &envoy_filter_network_http_connection_manager_v3.HttpFilter_TypedConfig{ + TypedConfig: protobuf.MustMarshalAny(&extProcConfig), + }, + } +} + // FilterExternalAuthz returns an `ext_authz` filter configured with the // requested parameters. func FilterExternalAuthz(externalAuthorization *dag.ExternalAuthorization) *envoy_filter_network_http_connection_manager_v3.HttpFilter { diff --git a/internal/envoy/v3/route.go b/internal/envoy/v3/route.go index 0dc875082c6..b553edacb54 100644 --- a/internal/envoy/v3/route.go +++ b/internal/envoy/v3/route.go @@ -26,6 +26,7 @@ import ( envoy_config_route_v3 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3" envoy_filter_http_cors_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/cors/v3" envoy_filter_http_ext_authz_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/ext_authz/v3" + envoy_filter_http_ext_proc_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/ext_proc/v3" envoy_filter_http_jwt_authn_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/jwt_authn/v3" envoy_filter_http_lua_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/lua/v3" envoy_filter_http_rbac_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/rbac/v3" @@ -165,6 +166,16 @@ func buildRoute(dagRoute *dag.Route, vhostName string, secure bool) *envoy_confi route.TypedPerFilterConfig[ExtAuthzFilterName] = routeAuthzContext(dagRoute.AuthContext) } + // Apply per-route external processing policy modifications. + // if both disabled & overrides has been set, use disabled do + if dagRoute.ExtProcPolicy != nil { + if dagRoute.ExtProcPolicy.Disabled { + route.TypedPerFilterConfig[ExtProcFilterName] = routeExtProcDisabled() + } else if dagRoute.ExtProcPolicy.Overrides != nil { + route.TypedPerFilterConfig[ExtProcFilterName] = routeExtProcOverrides(dagRoute.ExtProcPolicy.Overrides) + } + } + // If JWT verification is enabled, add per-route filter // config referencing a requirement in the main filter // config. @@ -190,6 +201,48 @@ func buildRoute(dagRoute *dag.Route, vhostName string, secure bool) *envoy_confi return route } +// routeExtProcDisabled returns a per-route config to disable extProc for this particular vhost or route. +func routeExtProcDisabled() *anypb.Any { + return protobuf.MustMarshalAny( + &envoy_filter_http_ext_proc_v3.ExtProcPerRoute{ + Override: &envoy_filter_http_ext_proc_v3.ExtProcPerRoute_Disabled{ + Disabled: true, + }, + }, + ) +} + +func routeExtProcOverrides(overrides *dag.ExtProcOverrides) *anypb.Any { + reqHeaderMode := envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode_value[string(overrides.ProcessingMode.RequestHeaderMode)] + respHeaderMode := envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode_value[string(overrides.ProcessingMode.ResponseHeaderMode)] + + reqBodyMode := envoy_filter_http_ext_proc_v3.ProcessingMode_BodySendMode_value[string(overrides.ProcessingMode.RequestBodyMode)] + respBodyMode := envoy_filter_http_ext_proc_v3.ProcessingMode_BodySendMode_value[string(overrides.ProcessingMode.ResponseBodyMode)] + + reqTrailerMode := envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode_value[string(overrides.ProcessingMode.RequestHeaderMode)] + respTrailerMode := envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode_value[string(overrides.ProcessingMode.ResponseHeaderMode)] + + pm := &envoy_filter_http_ext_proc_v3.ProcessingMode{ + RequestHeaderMode: envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode(reqHeaderMode), + ResponseHeaderMode: envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode(respHeaderMode), + RequestBodyMode: envoy_filter_http_ext_proc_v3.ProcessingMode_BodySendMode(reqBodyMode), + ResponseBodyMode: envoy_filter_http_ext_proc_v3.ProcessingMode_BodySendMode(respBodyMode), + RequestTrailerMode: envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode(reqTrailerMode), + ResponseTrailerMode: envoy_filter_http_ext_proc_v3.ProcessingMode_HeaderSendMode(respTrailerMode), + } + + return protobuf.MustMarshalAny( + &envoy_filter_http_ext_proc_v3.ExtProcPerRoute{ + Override: &envoy_filter_http_ext_proc_v3.ExtProcPerRoute_Overrides{ + Overrides: &envoy_filter_http_ext_proc_v3.ExtProcOverrides{ + ProcessingMode: pm, + GrpcService: GrpcService(overrides.ExtProcService.Name, overrides.ExtProcService.SNI, *overrides.ResponseTimeout), + }, + }, + }, + ) +} + // routeAuthzDisabled returns a per-route config to disable authorization. func routeAuthzDisabled() *anypb.Any { return protobuf.MustMarshalAny( diff --git a/internal/fixture/httpproxy.go b/internal/fixture/httpproxy.go index 4f392e4de20..2036d6448ee 100644 --- a/internal/fixture/httpproxy.go +++ b/internal/fixture/httpproxy.go @@ -89,3 +89,9 @@ func (b *ProxyBuilder) WithAuthServer(auth contour_v1.AuthorizationServer) *Prox b.Spec.VirtualHost.Authorization = &auth return b } + +func (b *ProxyBuilder) WithExternalProcessing(extProc *contour_v1.ExternalProcessing) *ProxyBuilder { + b.ensureTLS() + b.Spec.VirtualHost.ExternalProcessing = extProc + return b +} diff --git a/internal/sorter/sorter.go b/internal/sorter/sorter.go index fb400a43895..482581f797e 100644 --- a/internal/sorter/sorter.go +++ b/internal/sorter/sorter.go @@ -472,6 +472,7 @@ func For(v any) sort.Interface { return listenerSorter(v) case []*envoy_config_listener_v3.FilterChain: return filterChainSorter(v) + default: return nil } diff --git a/internal/xdscache/v3/listener.go b/internal/xdscache/v3/listener.go index 6176fdcaad0..b4f34639c1e 100644 --- a/internal/xdscache/v3/listener.go +++ b/internal/xdscache/v3/listener.go @@ -25,6 +25,7 @@ import ( "google.golang.org/protobuf/proto" "k8s.io/apimachinery/pkg/types" + contour_v1 "github.com/projectcontour/contour/apis/projectcontour/v1" contour_v1alpha1 "github.com/projectcontour/contour/apis/projectcontour/v1alpha1" "github.com/projectcontour/contour/internal/contour" "github.com/projectcontour/contour/internal/contourconfig" @@ -140,10 +141,14 @@ type ListenerConfig struct { // used. RateLimitConfig *RateLimitConfig - // GlobalExternalAuthConfig optionally configures the global external authorization Service to be + // GlobalExternalAuthConfig optionally configures the global external authz Services to be // used. GlobalExternalAuthConfig *GlobalExternalAuthConfig + // GlobalExtProcConfig optionally configures the global external processing service to be + // used. + GlobalExtProcConfig *GlobalExtProcConfig + // TracingConfig optionally configures the tracing collector Service to be // used. TracingConfig *TracingConfig @@ -201,6 +206,15 @@ type GlobalExternalAuthConfig struct { WithRequestBody *dag.AuthorizationServerBufferSettings } +type GlobalExtProcConfig struct { + ExtensionServiceConfig + FailOpen bool + + AllowModeOverride bool + ProcessingMode *contour_v1.ProcessingMode + MutationRules *contour_v1.HeaderMutationRules +} + // httpAccessLog returns the access log for the HTTP (non TLS) // listener or DEFAULT_HTTP_ACCESS_LOG if not configured. func (lvc *ListenerConfig) httpAccessLog() string { @@ -414,6 +428,7 @@ func (c *ListenerCache) OnChange(root *dag.DAG) { Tracing(envoy_v3.TracingConfig(envoyTracingConfig(cfg.TracingConfig))). AddFilter(envoy_v3.GlobalRateLimitFilter(envoyGlobalRateLimitConfig(cfg.RateLimitConfig))). EnableWebsockets(listener.EnableWebsockets). + AddFilter(envoy_v3.FilterExtProc(toExtProc(cfg.GlobalExtProcConfig))). Get() listeners[listener.Name] = envoy_v3.Listener( @@ -489,6 +504,7 @@ func (c *ListenerCache) OnChange(root *dag.DAG) { MaxRequestsPerConnection(cfg.MaxRequestsPerConnection). HTTP2MaxConcurrentStreams(cfg.HTTP2MaxConcurrentStreams). EnableWebsockets(listener.EnableWebsockets). + AddFilter(envoy_v3.FilterExtProc(vh.ExtProc)). Get() filters = envoy_v3.Filters(cm) @@ -570,6 +586,7 @@ func (c *ListenerCache) OnChange(root *dag.DAG) { MaxRequestsPerConnection(cfg.MaxRequestsPerConnection). HTTP2MaxConcurrentStreams(cfg.HTTP2MaxConcurrentStreams). EnableWebsockets(listener.EnableWebsockets). + AddFilter(envoy_v3.FilterExtProc(toExtProc(cfg.GlobalExtProcConfig))). Get() // Default filter chain @@ -621,6 +638,24 @@ func httpGlobalExternalAuthConfig(config *GlobalExternalAuthConfig) *envoy_filte }) } +func toExtProc(p *GlobalExtProcConfig) *dag.ExtProc { + if p == nil { + return nil + } + + return &dag.ExtProc{ + ExtProcService: &dag.ExtensionCluster{ + Name: dag.ExtensionClusterName(p.ExtensionServiceConfig.ExtensionService), + SNI: p.ExtensionServiceConfig.SNI, + }, + FailOpen: p.FailOpen, + ResponseTimeout: p.ExtensionServiceConfig.Timeout, + ProcessingMode: p.ProcessingMode, + MutationRules: p.MutationRules, + AllowModeOverride: p.AllowModeOverride, + } +} + func envoyGlobalRateLimitConfig(config *RateLimitConfig) *envoy_v3.GlobalRateLimitConfig { if config == nil { return nil diff --git a/pkg/config/parameters.go b/pkg/config/parameters.go index 04931c8d349..5fa7e97d01f 100644 --- a/pkg/config/parameters.go +++ b/pkg/config/parameters.go @@ -714,6 +714,9 @@ type Parameters struct { // from k8s endpoint slices. defaults to true, // if false then reading endpoint data from the k8s endpoints. FeatureFlags []string `yaml:"featureFlags,omitempty"` + + // GlobalExternalProcessing optionally holds properties of the global external processing configurations. + GlobalExternalProcessing *GlobalExternalProcessing `yaml:"globalExternalProcessing,omitempty"` } // Tracing defines properties for exporting trace data to OpenTelemetry. @@ -822,6 +825,66 @@ type GlobalAuthorizationPolicy struct { Context map[string]string `yaml:"context,omitempty"` } +// ExternalProcessor defines the envoy External Processing filter which allows an external service to act on HTTP traffic in a flexible way +// The external server must implement the v3 Envoy external processing GRPC protocol +// (https://www.envoyproxy.io/docs/envoy/v1.27.0/api-v3/extensions/filters/http/ext_proc/v3/ext_proc.proto). +type ExternalProcessor struct { + // ExtensionService identifies the extension service defining the RLS, + // formatted as /. + ExtensionService string `yaml:"extensionService,omitempty"` + + // ResponseTimeout sets how long the proxy should wait for responses. + // Timeout durations are expressed in the Go [Duration format](https://godoc.org/time#ParseDuration). + // Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + // The string "infinity" is also a valid input and specifies no timeout. + // + // +optional + // +kubebuilder:validation:Pattern=`^(((\d*(\.\d*)?h)|(\d*(\.\d*)?m)|(\d*(\.\d*)?s)|(\d*(\.\d*)?ms)|(\d*(\.\d*)?us)|(\d*(\.\d*)?µs)|(\d*(\.\d*)?ns))+|infinity|infinite)$` + ResponseTimeout string `yaml:"responseTimeout,omitempty"` + + // If FailOpen is true, the client request is forwarded to the upstream service + // even if the server fails to respond. This field should not be + // set in most cases. + // + // +optional + FailOpen bool `yaml:"failOpen,omitempty"` + + // ProcessingMode describes which parts of an HTTP request and response are sent to a remote server + // and how they are delivered. + // + // +optional + ProcessingMode *contour_v1.ProcessingMode `yaml:"processingMode,omitempty"` + + // MutationRules specifies what headers may be manipulated by a processing filter. + // This set of rules makes it possible to control which modifications a filter may make. + // + // for Overrides is must be nil + // + // +optional + MutationRules *contour_v1.HeaderMutationRules `yaml:"mutationRules,omitempty"` + + // If true, the filter config processingMode can be overridden by the response message from the external processing server `mode_override``. + // If false, `mode_override` API in the response message will be ignored. + // + // +optional + AllowModeOverride bool `yaml:"allowModeOverride,omitempty"` +} + +// The External Processing filter allows an external service to act on HTTP traffic in a flexible way +// The external server must implement the v3 Envoy +// external processing GRPC protocol (https://www.envoyproxy.io/docs/envoy/v1.27.0/api-v3/extensions/filters/http/ext_proc/v3/ext_proc.proto). +type GlobalExternalProcessing struct { + // Processor configures the global external processing + // + // +optional + Processor *ExternalProcessor `yaml:"processor,omitempty"` + + // If Disabled is true, no external processing will be append to the filter chain + // + // +optional + Disabled bool `yaml:"disabled,omitempty"` +} + // RateLimitService defines properties of a global Rate Limit Service. type RateLimitService struct { // ExtensionService identifies the extension service defining the RLS, diff --git a/site/content/docs/main/config/api-reference.html b/site/content/docs/main/config/api-reference.html index 57bc87795fd..ba81a28f369 100644 --- a/site/content/docs/main/config/api-reference.html +++ b/site/content/docs/main/config/api-reference.html @@ -482,6 +482,41 @@

AuthorizationSer +

BodySendMode +(string alias)

+

+(Appears on: +ProcessingMode) +

+

+

BodySendMode control how the request and response bodies are handled

+

+ + + + + + + + + + + + + + + + +
ValueDescription

"BUFFERED"

Buffer the message body in memory and send the entire body at once. +If the body exceeds the configured buffer limit, then the +downstream system will receive an error.

+

"BUFFERED_PARTIAL"

Buffer the message body in memory and send the entire body in one +chunk. If the body exceeds the configured buffer limit, then the body contents +up to the buffer limit will be sent.

+

"NONE"

Do not send the body at all. This is the default.

+

"STREAMED"

Stream the body to the server in pieces as they arrive at the +proxy.

+

CORSHeaderValue (string alias)

@@ -1119,7 +1154,8 @@

ExtensionServiceReferenc

(Appears on: -AuthorizationServer) +AuthorizationServer, +ExternalProcessor)

ExtensionServiceReference names an ExtensionService resource.

@@ -1176,6 +1212,171 @@

ExtensionServiceReferenc +

ExternalProcessing +

+

+(Appears on: +Route, +VirtualHost, +ContourConfigurationSpec) +

+

+

ExternalProcessing defines a external processing filter and the policy to act on HTTP traffic in a flexible way.

+

+ + + + + + + + + + + + + + + + + +
FieldDescription
+processor +
+ + +ExternalProcessor + + +		 +(Optional) +

Processor defines a external processing filter which allows an external service to act on HTTP traffic in a flexible way.

+
+disabled +
+ +bool + +		 +(Optional) +

When true, this field disables the external processor for the scope of the policy. +- for global: no external processing will be append to the filter chain

+

if both Disabled and Processor are set. use disabled.

+
+

ExternalProcessor +

+

+(Appears on: +ExternalProcessing) +

+

+

ExternalProcessor defines the envoy External Processing filter which allows an external service to act on HTTP traffic in a flexible way +The external server must implement the v3 Envoy external processing GRPC protocol +(https://www.envoyproxy.io/docs/envoy/v1.27.0/api-v3/extensions/filters/http/ext_proc/v3/ext_proc.proto).

+

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
FieldDescription
+extensionRef +
+ + +ExtensionServiceReference + + +		 +(Optional) +

ExtensionServiceRef specifies the extension resource that will handle the client requests.

+
+responseTimeout +
+ +string + +		 +(Optional) +

ResponseTimeout sets how long the proxy should wait for responses. +Timeout durations are expressed in the Go Duration format. +Valid time units are “ns”, “us” (or “µs”), “ms”, “s”, “m”, “h”. +The string “infinity” is also a valid input and specifies no timeout.

+
+failOpen +
+ +bool + +		 +(Optional) +

If FailOpen is true, the client request is forwarded to the upstream service +even if the server fails to respond. This field should not be +set in most cases.

+
+processingMode +
+ + +ProcessingMode + + +		 +(Optional) +

ProcessingMode describes which parts of an HTTP request and response are sent to a remote server +and how they are delivered.

+
+mutationRules +
+ + +HeaderMutationRules + + +		 +(Optional) +

MutationRules specifies what headers may be manipulated by a processing filter. +This set of rules makes it possible to control which modifications a filter may make.

+

for Overrides is must be nil

+
+allowModeOverride +
+ +bool + +		 +(Optional) +

If true, the filter config processingMode can be overridden by the response message from the external processing server mode_override. +If false,mode_override` API in the response message will be ignored.

+

Feature (string alias)

@@ -2052,6 +2253,137 @@

HeaderMatchCondition +

HeaderMutationRules +

+

+(Appears on: +ExternalProcessor) +

+

+

HeaderMutationRules specifies what headers may be manipulated by a processing filter. +This set of rules makes it possible to control which modifications a filter may make.

+

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
FieldDescription
+allowAllRouting +
+ +bool + +		 +(Optional) +

By default, certain headers that could affect processing of subsequent +filters or request routing cannot be modified. These headers are +host, :authority, :scheme, and :method. +Setting this parameter to true allows these headers to be modified as well.

+
+allowEnvoy +
+ +bool + +		 +(Optional) +

If true, allow modification of envoy internal headers. By default, these +start with x-envoy but this may be overridden in the Bootstrap configuration. +Default is false.

+
+disallowSystem +
+ +bool + +		 +(Optional) +

If true, prevent modification of any system header, defined as a header +that starts with a : character, regardless of any other settings. +A processing server may still override the :status of an HTTP response +using an ImmediateResponse message. +Default is false.

+
+disallowAll +
+ +bool + +		 +(Optional) +

If true, prevent modifications of all header values, regardless of any +other settings. A processing server may still override the :status +of an HTTP response using an ImmediateResponse message. +Default is false.

+
+disallowIsError +
+ +bool + +		 +(Optional) +

If true, and if the rules in this list cause a header mutation to be +disallowed, then the filter using this configuration will terminate the +request with a 500 error. In addition, regardless of the setting of this +parameter, any attempt to set, add, or modify a disallowed header will +cause the rejected_header_mutations counter to be incremented. +Default is false.

+
+

HeaderSendMode +(string alias)

+

+(Appears on: +ProcessingMode) +

+

+

HeaderSendMode control how headers and trailers are handled.

+

+ + + + + + + + + + + + + + +
ValueDescription

"DEFAULT"

The default HeaderSendMode depends on which part of the message is being +processed. By default, request and response headers are sent, +while trailers are skipped.

+

"SEND"

Send the header or trailer.

+

"SKIP"

Do not send the header or trailer.

+

HeaderValue

@@ -2743,6 +3075,122 @@

PathRewritePolicy +

ProcessingMode +

+

+(Appears on: +ExternalProcessor) +

+

+

ProcessingMode describes which parts of an HTTP request and response are sent to a remote server +and how they are delivered.

+

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
FieldDescription
+requestHeaderMode +
+ + +HeaderSendMode + + +		 +(Optional) +

How to handle the request header. +Default is “SEND”.

+
+responseHeaderMode +
+ + +HeaderSendMode + + +		 +(Optional) +

How to handle the response header. +Default is “SEND”.

+
+requestBodyMode +
+ + +BodySendMode + + +		 +(Optional) +

How to handle the request body. +Default is “NONE”.

+
+responseBodyMode +
+ + +BodySendMode + + +		 +(Optional) +

How do handle the response body. +Default is “NONE”.

+
+requestTrailerMode +
+ + +HeaderSendMode + + +		 +(Optional) +

How to handle the request trailers. +Default is “SKIP”.

+
+responseTrailerMode +
+ + +HeaderSendMode + + +		 +(Optional) +

How to handle the response trailers. +Default is “SKIP”.

+

QueryParameterHashOptions

@@ -3886,6 +4334,21 @@

Route The rules defined here override any rules set on the root HTTPProxy.

+ + +externalProcessing +
+ + +ExternalProcessing + + + + +(Optional) +

ExternalProcessing override/disable the policy to act on HTTP traffic for the specific route in a flexible way.

+ +

Service @@ -4904,6 +5367,22 @@

VirtualHost The rules defined here may be overridden in a Route.

+ + +externalProcessing +
+ + +ExternalProcessing + + + + +(Optional) +

ExternalProcessing defines a external processing filter and the policy +to act on HTTP traffic in a flexible way.

+ +
@@ -5196,6 +5675,22 @@

ContourConfiguration If false then reads endpoint data from the k8s endpoints.

+ + +globalExternalProcessing +
+ + +ExternalProcessing + + + + +(Optional) +

GlobalExternalProcessing allows envoys external processing filter +to be enabled for all virtual hosts.

+ + @@ -6089,6 +6584,22 @@

ContourConfiguratio If false then reads endpoint data from the k8s endpoints.

+ + +globalExternalProcessing +
+ + +ExternalProcessing + + + + +(Optional) +

GlobalExternalProcessing allows envoys external processing filter +to be enabled for all virtual hosts.

+ +

ContourConfigurationStatus diff --git a/site/content/resources/compatibility-matrix.md b/site/content/resources/compatibility-matrix.md index e431f8fe5d3..34dab7e09a6 100644 --- a/site/content/resources/compatibility-matrix.md +++ b/site/content/resources/compatibility-matrix.md @@ -121,7 +121,8 @@ If you are providing your own Envoy it must be compiled with the following exten - envoy.filters.http.health_check - envoy.filters.http.lua - envoy.filters.http.router - + - envoy.filters.http.ext_proc + - Listener filters - envoy.filters.listener.http_inspector - envoy.filters.listener.original_dst diff --git a/test/e2e/deployment.go b/test/e2e/deployment.go index 6fc95eec9a5..afb86e7651b 100644 --- a/test/e2e/deployment.go +++ b/test/e2e/deployment.go @@ -113,6 +113,9 @@ type Deployment struct { GlobalExtAuthDeployment *apps_v1.Deployment GlobalExtAuthService *core_v1.Service GlobalExtAuthExtensionService *contour_v1alpha1.ExtensionService + + // TODO: lewgun + GlobalExtProcExtensionService *contour_v1alpha1.ExtensionService } // UnmarshalResources unmarshals resources from rendered Contour manifest in