internal/contour: Add Support for custom headers on HTTPProxy level #5586
Conversation
deveshk0
requested review from
tsaarni and
stevesloka
and removed request for
a team
|
Hi @deveshk0! Welcome to our community and thank you for opening your first Pull Request. Someone will review it soon. Thank you for committing to making Contour better. You can also join us on our mailing list and in our channel in the Kubernetes Slack Workspace |
|
The Contour project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to the #contour channel in the Kubernetes Slack |
github-actions
bot
added
the
lifecycle/stale
|
can some please have a look into this? |
github-actions
bot
removed
the
lifecycle/stale
|
The Contour project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to the #contour channel in the Kubernetes Slack |
github-actions
bot
added
the
lifecycle/stale
|
is this planned for next release? |
github-actions
bot
removed
the
lifecycle/stale
|
The Contour project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to the #contour channel in the Kubernetes Slack |
github-actions
bot
added
the
lifecycle/stale
skriss
added
release-note/minor
internal/dag/httpproxy_processor.go
Outdated
| ) | ||
| requestHeadersPolicyDefined := false | ||
| responseHeadersPolicyDefined := false | ||
| if proxy.Spec.VirtualHost.RequestHeadersPolicy != nil { |
There was a problem hiding this comment.
I think we will want to reuse the existing logic we have for processing these HeaderPolicies - in particular e.g. headersPolicyRoute. That function has some better validation and also handles parsing dynamic header values (see https://projectcontour.io/docs/1.26/config/request-rewriting/#dynamic-header-values), which I think we should support for vhost header policies as well. We'd want to pass false as the second argument since we won't support rewriting the Host header for vhosts.
There was a problem hiding this comment.
Please also follow the instructions in https://github.com/projectcontour/contour/actions/runs/6410166216/job/17403616430?pr=5586 to add a changelog describing the change for users.
|
@skriss Thanks for the review I will update to suggested changes. |
|
The Contour project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to the #contour channel in the Kubernetes Slack |
github-actions
bot
added
the
lifecycle/stale
|
The Contour project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to the #contour channel in the Kubernetes Slack |
|
@skriss Can you please open this? I will finish it this week |
done |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #5586 +/- ##
==========================================
- Coverage 81.56% 81.31% -0.26%
==========================================
Files 133 133
Lines 15801 15797 -4
==========================================
- Hits 12888 12845 -43
- Misses 2617 2656 +39
Partials 296 296
|
|
LGTM. thanks. |
|
The Contour project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to the #contour channel in the Kubernetes Slack |
github-actions
bot
added
the
lifecycle/stale
|
not stale |
There was a problem hiding this comment.
For full test coverage over the precedence rules of setting header policies in different places on an HTTPRoute I think we should probably add an integration/featuretests test which should also serve as a kind of documentation for how the precedence works. A test for this would:
- live in
internal/featuretests/headerpolicy_test.go - configure an HTTPProxy with header policies at all levels (global, virtualhost, route, service) for the same Header name with different values
- expect the Route/Cluster/etc are configured as expected
| } | ||
|
|
||
| requestHeadersPolicy, err := headersPolicyRoute(proxy.Spec.VirtualHost.RequestHeadersPolicy, false, dynamicHeaders) | ||
| if err != nil { |
There was a problem hiding this comment.
lets add some negative test cases for if validation fails on virtualhost specified header policies
There was a problem hiding this comment.
this can go alongside the other test added in builder_test.go
apis/projectcontour/v1/httpproxy.go
Outdated
| @@ -327,6 +327,24 @@ type VirtualHost struct { | |||
| // +optional | |||
| JWTProviders []JWTProvider `json:"jwtProviders,omitempty"` | |||
|
|
|||
| // The policy for managing request headers during proxying. | |||
| // Headers are appended to requests in the following order, | |||
| // weighted cluster level headers, | |||
There was a problem hiding this comment.
nit: let's maybe not use "weighted cluster" just since that is an explicitly Envoy rather than Contour-specific term, we can use Service instead I think
| vh: &dag.VirtualHost{ | ||
| Name: "example.com", | ||
| RequestHeadersPolicy: &dag.HeadersPolicy{ | ||
| Set: map[string]string{ |
There was a problem hiding this comment.
We're only testing Set and Remove here though the implementation also includes supporting the Add operation for headers. Technically the HTTPProxy API does not have an Add mechanism so we could either omit it in the implementation or just leave it but make sure it is tested here
There was a problem hiding this comment.
Added test cases for Add case also
github-actions
bot
removed
the
lifecycle/stale
|
Thanks, @sunjayBhatia for the review I will add the requested changes. |
|
The Contour project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to the #contour channel in the Kubernetes Slack |
github-actions
bot
added
the
lifecycle/stale
|
/ remove-lifecycle-stale |
github-actions
bot
removed
the
lifecycle/stale
deveshk0
force-pushed
the
main
branch
2 times, most recently
from
6b4ed1f to
27739ff
Compare
|
The Contour project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to the #contour channel in the Kubernetes Slack |
github-actions
bot
added
lifecycle/stale
Introduces support for request and repsonse headers on http proxy level Fixes: projectcontour#5576 Signed-off-by: Devesh Kumar <vrshu112@gmail.com>
|
The Contour project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to the #contour channel in the Kubernetes Slack |
github-actions
bot
added
lifecycle/stale
|
The Contour project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to the #contour channel in the Kubernetes Slack |
github-actions
bot
added
the
lifecycle/stale
|
The Contour project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to the #contour channel in the Kubernetes Slack |
Introduces support for request and repsonse headers on http proxy level
Fixes: #5576