improvement: prevent filter being added twice from any enovy extension (#16112)

* improvement: prevent filter being added twice from any enovy extension

* break if error != nil

* update test
pull/16124/head
cskh 2023-01-31 11:49:45 -05:00 committed by GitHub
parent 9db5b7d896
commit f6da81c9d0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 44 additions and 0 deletions

View File

@ -169,10 +169,13 @@ func (b BasicEnvoyExtender) patchTerminatingGatewayListener(config *RuntimeConfi
if err != nil {
resultErr = multierror.Append(resultErr, fmt.Errorf("error patching listener filter: %w", err))
filters = append(filters, filter)
continue
}
if ok {
filters = append(filters, newFilter)
patched = true
} else {
filters = append(filters, filter)
}
}
filterChain.Filters = filters
@ -215,11 +218,14 @@ func (b BasicEnvoyExtender) patchConnectProxyListener(config *RuntimeConfig, l *
if err != nil {
resultErr = multierror.Append(resultErr, fmt.Errorf("error patching listener filter: %w", err))
filters = append(filters, filter)
continue
}
if ok {
filters = append(filters, newFilter)
patched = true
} else {
filters = append(filters, filter)
}
}
filterChain.Filters = filters
@ -247,11 +253,14 @@ func (b BasicEnvoyExtender) patchTProxyListener(config *RuntimeConfig, l *envoy_
if err != nil {
resultErr = multierror.Append(resultErr, fmt.Errorf("error patching listener filter: %w", err))
filters = append(filters, filter)
continue
}
if ok {
filters = append(filters, newFilter)
patched = true
} else {
filters = append(filters, filter)
}
}
filterChain.Filters = filters

View File

@ -27,6 +27,31 @@ end
]
'
upsert_config_entry primary '
Kind = "service-defaults"
Name = "s1"
Protocol = "tcp"
EnvoyExtensions = [
{
Name = "builtin/lua",
Arguments = {
ProxyType = "connect-proxy"
Listener = "inbound"
Script = <<-EOF
function envoy_on_request(request_handle)
meta = request_handle:streamInfo():dynamicMetadata()
m = meta:get("consul")
request_handle:headers():add("x-consul-service", m["service"])
request_handle:headers():add("x-consul-namespace", m["namespace"])
request_handle:headers():add("x-consul-datacenter", m["datacenter"])
request_handle:headers():add("x-consul-trust-domain", m["trust-domain"])
end
EOF
}
}
]
'
register_services primary
gen_envoy_bootstrap s1 19000 primary

View File

@ -37,3 +37,13 @@ load helpers
echo "$output" | grep -E "X-Consul-Namespace: default"
echo "$output" | grep -E "X-Consul-Trust-Domain: (\w+-){4}\w+.consul"
}
@test "s1(tcp) proxy should not be changed by lua extension" {
TCP_FILTERS=$(get_envoy_listener_filters localhost:19000)
PUB=$(echo "$TCP_FILTERS" | grep -E "^public_listener:" | cut -f 2 -d ' ')
echo "TCP_FILTERS = $TCP_FILTERS"
echo "PUB = $PUB"
[ "$PUB" = "envoy.filters.network.rbac,envoy.filters.network.tcp_proxy" ]
}