test, oauth2: Make sure config test runs field validation#13496
Merged
mattklein123 merged 12 commits intoenvoyproxy:masterfrom Oct 16, 2020
dio:oauth2-config
Merged
test, oauth2: Make sure config test runs field validation#13496mattklein123 merged 12 commits intoenvoyproxy:masterfrom dio:oauth2-config
mattklein123 merged 12 commits intoenvoyproxy:masterfrom
dio:oauth2-config
Conversation
This makes sure config tests for oauth2 filter checks fields
validations. This also handles nullptr values for token_secret and
hmac_secret fields due to misconfigurations (for example: token_secret:
{}). Example config in the docs is also updated.
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
snowp
suggested changes
Oct 12, 2020
Contributor
snowp
left a comment
snowp
left a comment
There was a problem hiding this comment.
Thanks! Just a few comments
| const std::string AwsLambda = "envoy.filters.http.aws_lambda"; | ||
| // OAuth filter | ||
| const std::string OAuth = "envoy.filters.http.oauth"; | ||
| const std::string OAuth = "envoy.filters.http.oauth2"; |
Contributor
There was a problem hiding this comment.
Is this safe to change? I think we prefer to use the proto type to identify the filter to create, so I think yes?
Member
Author
There was a problem hiding this comment.
Yes. This is for consistency since we print the name of extensions at startup, i.e. [info][main] [external/envoy/source/server/server.cc:309]: envoy.filters.http: ...
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
Member
Author
|
@snowp I think have updated the patch following your comments. Please help to take a look. Thank you! |
Member
Author
|
My bad. One of the tests was failed since missing secret names. |
Contributor
|
/retest |
|
Retrying Azure Pipelines, to retry CircleCI checks, use |
mpuncel
added a commit
to mpuncel/envoy
that referenced
this pull request
Oct 17, 2020
* master: (22 commits) delay health checks until transport socket secrets are ready. (envoyproxy#13516) test, oauth2: Make sure config test runs field validation (envoyproxy#13496) [http] swap codec implementations to default new (envoyproxy#13579) wasm: update proxy-wasm-cpp-host (envoyproxy#13606) postgres: do not copy and linearize received data when it is not going to be used (envoyproxy#13393) configs: Update configs v2 -> v3 (envoyproxy#13562) http2: Remove RELEASE_ASSERTs in sendPendingFrames() error handling (envoyproxy#13546) dependencies: track untracked implied dependencies, wrapup dashboard. (envoyproxy#13571) listener: add match all filter chain (envoyproxy#13449) fix mistakes in docstrings (envoyproxy#13603) ratelimit: add route entry metadata to ratelimit actions (envoyproxy#13269) cluster manager: avoid immediate activation for dynamic inserted cluster when initialize (envoyproxy#12783) ext_authz: Avoid calling check multiple times (envoyproxy#13288) docs: Unexclude remaining configs from validation (envoyproxy#13534) build: update rules_rust to allow Rustc in RBE (envoyproxy#13595) docs: Update sphinxext.rediraffe (envoyproxy#13589) Deprecate moonjit support on Windows before beta (envoyproxy#13541) dependencies: bump LuaJIT to 2.1 branch HEAD @ e9af1ab. (envoyproxy#13474) docs: add TLS stats to cluster stats doc (envoyproxy#13561) ci: stop building alpine-debug images in favor of ubuntu-based debug image (envoyproxy#13598) ... Signed-off-by: Michael Puncel <mpuncel@squareup.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Commit Message: This makes sure config tests for oauth2 filter checks field validations. This also handles possible
nullptrvalues fortoken_secretandhmac_secretfields due to misconfigurations (for example:token_secret: {}). The example config in the docs is also updated.Risk Level: Low
Testing: Updated
Docs Changes: Updated example config
Release Notes: N/A
Fixes #13023
Signed-off-by: Dhi Aurrahman dio@tetrate.io