Skip to content
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions source/common/config/BUILD
Original file line number Diff line number Diff line change
Expand Up @@ -93,10 +93,13 @@ envoy_cc_library(
"envoy_filter_http_buffer",
"envoy_filter_http_fault",
"envoy_filter_http_health_check",
"envoy_filter_http_rate_limit",
"envoy_filter_http_router",
"envoy_filter_network_mongo_proxy",
"envoy_filter_network_redis_proxy",
"envoy_filter_network_tcp_proxy",
"envoy_filter_network_rate_limit",
"envoy_filter_network_client_ssl_auth",
],
deps = [
":address_json_lib",
Expand Down
324 changes: 183 additions & 141 deletions source/common/config/filter_json.cc

Large diffs are not rendered by default.

113 changes: 72 additions & 41 deletions source/common/config/filter_json.h
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,12 @@
#include "api/filter/http/buffer.pb.h"
#include "api/filter/http/fault.pb.h"
#include "api/filter/http/health_check.pb.h"
#include "api/filter/http/rate_limit.pb.h"
#include "api/filter/http/router.pb.h"
#include "api/filter/network/client_ssl_auth.pb.h"
#include "api/filter/network/http_connection_manager.pb.h"
#include "api/filter/network/mongo_proxy.pb.h"
#include "api/filter/network/rate_limit.pb.h"
#include "api/filter/network/redis_proxy.pb.h"
#include "api/filter/network/tcp_proxy.pb.h"

Expand All @@ -19,92 +22,120 @@ class FilterJson {
/**
* Translate a v1 JSON access log filter object to v2
* envoy::api::v2::filter::accesslog::AccessLogFilter.
* @param json_access_log_filter source v1 JSON access log object.
* @param access_log_filter destination v2 envoy::api::v2::filter::accesslog::AccessLog.
* @param json_config source v1 JSON access log object.
* @param proto_config destination v2 envoy::api::v2::filter::accesslog::AccessLog.
*/
static void
translateAccessLogFilter(const Json::Object& json_access_log_filter,
envoy::api::v2::filter::accesslog::AccessLogFilter& access_log_filter);
translateAccessLogFilter(const Json::Object& json_config,
envoy::api::v2::filter::accesslog::AccessLogFilter& proto_config);

/**
* Translate a v1 JSON access log object to v2 envoy::api::v2::filter::accesslog::AccessLog.
* @param json_access_log source v1 JSON access log object.
* @param access_log destination v2 envoy::api::v2::filter::accesslog::AccessLog.
* @param json_config source v1 JSON access log object.
* @param proto_config destination v2 envoy::api::v2::filter::accesslog::AccessLog.
*/
static void translateAccessLog(const Json::Object& json_access_log,
envoy::api::v2::filter::accesslog::AccessLog& access_log);
static void translateAccessLog(const Json::Object& json_config,
envoy::api::v2::filter::accesslog::AccessLog& proto_config);

/**
* Translate a v1 JSON HTTP connection manager object to v2
* envoy::api::v2::filter::network::HttpConnectionManager.
* @param json_http_connection_manager source v1 JSON HTTP connection manager object.
* @param http_connection_manager destination v2
* @param json_config source v1 JSON HTTP connection manager object.
* @param proto_config destination v2
* envoy::api::v2::filter::network::HttpConnectionManager.
*/
static void translateHttpConnectionManager(
const Json::Object& json_http_connection_manager,
envoy::api::v2::filter::network::HttpConnectionManager& http_connection_manager);
const Json::Object& json_config,
envoy::api::v2::filter::network::HttpConnectionManager& proto_config);

/**
* Translate a v1 JSON Redis proxy object to v2 envoy::api::v2::filter::network::RedisProxy.
* @param json_redis_proxy source v1 JSON HTTP connection manager object.
* @param redis_proxy destination v2
* @param json_config source v1 JSON HTTP connection manager object.
* @param proto_config destination v2
* envoy::api::v2::filter::network::RedisProxy.
*/
static void translateRedisProxy(const Json::Object& json_redis_proxy,
envoy::api::v2::filter::network::RedisProxy& redis_proxy);
static void translateRedisProxy(const Json::Object& json_config,
envoy::api::v2::filter::network::RedisProxy& proto_config);

/**
* Translate a v1 JSON Mongo proxy object to v2 envoy::api::v2::filter::network::MongoProxy.
* @param json_mongo_proxy source v1 JSON HTTP connection manager object.
* @param mongo_proxy destination v2
* @param json_config source v1 JSON HTTP connection manager object.
* @param proto_config destination v2
* envoy::api::v2::filter::network::MongoProxy.
*/
static void translateMongoProxy(const Json::Object& json_mongo_proxy,
envoy::api::v2::filter::network::MongoProxy& mongo_proxy);
static void translateMongoProxy(const Json::Object& json_config,
envoy::api::v2::filter::network::MongoProxy& proto_config);

/**
* Translate a v1 JSON Fault filter object to v2 envoy::api::v2::filter::http::HTTPFault.
* @param json_fault source v1 JSON HTTP Fault Filter object.
* @param fault destination v2
* @param json_config source v1 JSON HTTP Fault Filter object.
* @param proto_config destination v2
* envoy::api::v2::filter::http::HTTPFault.
*/
static void translateFaultFilter(const Json::Object& json_fault,
envoy::api::v2::filter::http::HTTPFault& fault);
static void translateFaultFilter(const Json::Object& json_config,
envoy::api::v2::filter::http::HTTPFault& proto_config);

/**
* Translate a v1 JSON Health Check filter object to v2 envoy::api::v2::filter::http::HealthCheck.
* @param config source v1 JSON Health Check Filter object.
* @param health_check destination v2
* @param json_config source v1 JSON Health Check Filter object.
* @param proto_config destination v2
* envoy::api::v2::filter::http::HealthCheck.
*/
static void translateHealthCheckFilter(const Json::Object& config,
envoy::api::v2::filter::http::HealthCheck& health_check);
static void translateHealthCheckFilter(const Json::Object& json_config,
envoy::api::v2::filter::http::HealthCheck& proto_config);

/*
/**
* Translate a v1 JSON Router object to v2 envoy::api::v2::filter::http::Router.
* @param json_router source v1 JSON HTTP router object.
* @param router destination v2 envoy::api::v2::filter::http::Router.
* @param json_config source v1 JSON HTTP router object.
* @param proto_config destination v2 envoy::api::v2::filter::http::Router.
*/
static void translateRouter(const Json::Object& json_router,
envoy::api::v2::filter::http::Router& router);
static void translateRouter(const Json::Object& json_config,
envoy::api::v2::filter::http::Router& proto_config);

/**
* Translate a v1 JSON Buffer filter object to v2 envoy::api::v2::filter::http::Buffer.
* @param json_buffer source v1 JSON HTTP Buffer Filter object.
* @param buffer destination v2
* @param json_config source v1 JSON HTTP Buffer Filter object.
* @param proto_config destination v2
* envoy::api::v2::filter::http::Buffer.
*/
static void translateBufferFilter(const Json::Object& json_buffer,
envoy::api::v2::filter::http::Buffer& buffer);
static void translateBufferFilter(const Json::Object& json_config,
envoy::api::v2::filter::http::Buffer& proto_config);

/**
* Translate a v1 JSON TCP proxy filter object to a v2 envoy::api::v2::filter::network::TcpProxy.
* @param json_tcp_proxy source v1 JSON TCP proxy object.
* @param tcp_proxy destination v2 envoy::api::v2::filter::network::TcpProxy.
* @param json_config source v1 JSON TCP proxy object.
* @param proto_config destination v2 envoy::api::v2::filter::network::TcpProxy.
*/
static void translateTcpProxy(const Json::Object& json_config,
envoy::api::v2::filter::network::TcpProxy& proto_config);

/**
* Translate a v1 JSON TCP Rate Limit filter object to v2
* envoy::api::v2::filter::network::RateLimit.
* @param json_config source v1 JSON Tcp Rate Limit Filter object.
* @param proto_config destination v2 envoy::api::v2::filter::network::RateLimit.
*/
static void translateTcpProxy(const Json::Object& json_tcp_proxy,
envoy::api::v2::filter::network::TcpProxy& tcp_proxy);
static void translateTcpRateLimitFilter(const Json::Object& json_config,
envoy::api::v2::filter::network::RateLimit& proto_config);

/**
* Translate a v1 JSON HTTP Rate Limit filter object to v2
* envoy::api::v2::filter::http::RateLimit.
* @param json_config source v1 JSON Http Rate Limit Filter object.
* @param proto_config destination v2 envoy::api::v2::filter::http::RateLimit.
*/
static void translateHttpRateLimitFilter(const Json::Object& json_config,
envoy::api::v2::filter::http::RateLimit& proto_config);

/**
* Translate a v1 JSON Client SSL Auth filter object to v2
* envoy::api::v2::filter::network::ClientSSLAuth.
* @param json_config source v1 JSON Client SSL Auth Filter object.
* @param proto_config destination v2 envoy::api::v2::filter::network::ClientSSLAuth.
*/
static void
translateClientSslAuthFilter(const Json::Object& json_config,
envoy::api::v2::filter::network::ClientSSLAuth& proto_config);
};

} // namespace Config
Expand Down
3 changes: 1 addition & 2 deletions source/common/filter/BUILD
Original file line number Diff line number Diff line change
Expand Up @@ -25,14 +25,13 @@ envoy_cc_library(
name = "ratelimit_lib",
srcs = ["ratelimit.cc"],
hdrs = ["ratelimit.h"],
external_deps = ["envoy_filter_network_rate_limit"],
deps = [
"//include/envoy/network:connection_interface",
"//include/envoy/network:filter_interface",
"//include/envoy/ratelimit:ratelimit_interface",
"//include/envoy/runtime:runtime_interface",
"//include/envoy/stats:stats_macros",
"//source/common/json:config_schemas_lib",
"//source/common/json:json_loader_lib",
"//source/common/tracing:http_tracer_lib",
],
)
Expand Down
1 change: 1 addition & 0 deletions source/common/filter/auth/BUILD
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ envoy_cc_library(
name = "client_ssl_lib",
srcs = ["client_ssl.cc"],
hdrs = ["client_ssl.h"],
external_deps = ["envoy_filter_network_client_ssl_auth"],
deps = [
"//include/envoy/network:connection_interface",
"//include/envoy/network:filter_interface",
Expand Down
25 changes: 12 additions & 13 deletions source/common/filter/auth/client_ssl.cc
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@
#include "common/http/headers.h"
#include "common/http/message_impl.h"
#include "common/http/utility.h"
#include "common/json/config_schemas.h"
#include "common/network/utility.h"

#include "fmt/format.h"
Expand All @@ -21,15 +20,14 @@ namespace Filter {
namespace Auth {
namespace ClientSsl {

Config::Config(const Json::Object& config, ThreadLocal::SlotAllocator& tls,
Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher, Stats::Scope& scope,
Runtime::RandomGenerator& random)
: RestApiFetcher(cm, config.getString("auth_api_cluster"), dispatcher, random,
std::chrono::milliseconds(config.getInteger("refresh_delay_ms", 60000))),
tls_(tls.allocateSlot()), ip_white_list_(config, "ip_white_list"),
stats_(generateStats(scope, config.getString("stat_prefix"))) {

config.validateSchema(Json::Schema::CLIENT_SSL_NETWORK_FILTER_SCHEMA);
Config::Config(const envoy::api::v2::filter::network::ClientSSLAuth& config,
ThreadLocal::SlotAllocator& tls, Upstream::ClusterManager& cm,
Event::Dispatcher& dispatcher, Stats::Scope& scope, Runtime::RandomGenerator& random)
: RestApiFetcher(
cm, config.auth_api_cluster(), dispatcher, random,
std::chrono::milliseconds(PROTOBUF_GET_MS_OR_DEFAULT(config, refresh_delay, 60000))),
tls_(tls.allocateSlot()), ip_white_list_(config.ip_white_list()),
stats_(generateStats(scope, config.stat_prefix())) {

if (!cm.get(remote_cluster_name_)) {
throw EnvoyException(
Expand All @@ -41,9 +39,10 @@ Config::Config(const Json::Object& config, ThreadLocal::SlotAllocator& tls,
[empty](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { return empty; });
}

ConfigSharedPtr Config::create(const Json::Object& config, ThreadLocal::SlotAllocator& tls,
Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher,
Stats::Scope& scope, Runtime::RandomGenerator& random) {
ConfigSharedPtr Config::create(const envoy::api::v2::filter::network::ClientSSLAuth& config,
ThreadLocal::SlotAllocator& tls, Upstream::ClusterManager& cm,
Event::Dispatcher& dispatcher, Stats::Scope& scope,
Runtime::RandomGenerator& random) {
ConfigSharedPtr new_config(new Config(config, tls, cm, dispatcher, scope, random));
new_config->initialize();
return new_config;
Expand Down
14 changes: 9 additions & 5 deletions source/common/filter/auth/client_ssl.h
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,11 @@
#include "envoy/upstream/cluster_manager.h"

#include "common/http/rest_api_fetcher.h"
#include "common/json/json_loader.h"
#include "common/network/cidr_range.h"
#include "common/network/utility.h"
#include "common/protobuf/utility.h"

#include "api/filter/network/client_ssl_auth.pb.h"

namespace Envoy {
namespace Filter {
Expand Down Expand Up @@ -73,16 +75,18 @@ typedef std::shared_ptr<Config> ConfigSharedPtr;
*/
class Config : public Http::RestApiFetcher {
public:
static ConfigSharedPtr create(const Json::Object& config, ThreadLocal::SlotAllocator& tls,
Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher,
Stats::Scope& scope, Runtime::RandomGenerator& random);
static ConfigSharedPtr create(const envoy::api::v2::filter::network::ClientSSLAuth& config,
ThreadLocal::SlotAllocator& tls, Upstream::ClusterManager& cm,
Event::Dispatcher& dispatcher, Stats::Scope& scope,
Runtime::RandomGenerator& random);

const AllowedPrincipals& allowedPrincipals();
const Network::Address::IpList& ipWhiteList() { return ip_white_list_; }
GlobalStats& stats() { return stats_; }

private:
Config(const Json::Object& config, ThreadLocal::SlotAllocator& tls, Upstream::ClusterManager& cm,
Config(const envoy::api::v2::filter::network::ClientSSLAuth& config,
ThreadLocal::SlotAllocator& tls, Upstream::ClusterManager& cm,
Event::Dispatcher& dispatcher, Stats::Scope& scope, Runtime::RandomGenerator& random);

static GlobalStats generateStats(Stats::Scope& scope, const std::string& prefix);
Expand Down
16 changes: 7 additions & 9 deletions source/common/filter/ratelimit.cc
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@
#include <cstdint>
#include <string>

#include "common/json/config_schemas.h"
#include "common/tracing/http_tracer_impl.h"

#include "fmt/format.h"
Expand All @@ -12,16 +11,15 @@ namespace Envoy {
namespace RateLimit {
namespace TcpFilter {

Config::Config(const Json::Object& config, Stats::Scope& scope, Runtime::Loader& runtime)
: domain_(config.getString("domain")),
stats_(generateStats(config.getString("stat_prefix"), scope)), runtime_(runtime) {
Config::Config(const envoy::api::v2::filter::network::RateLimit& config, Stats::Scope& scope,
Runtime::Loader& runtime)
: domain_(config.domain()), stats_(generateStats(config.stat_prefix(), scope)),
runtime_(runtime) {

config.validateSchema(Json::Schema::RATELIMIT_NETWORK_FILTER_SCHEMA);

for (const Json::ObjectSharedPtr& descriptor : config.getObjectArray("descriptors")) {
for (const auto& descriptor : config.descriptors()) {
Descriptor new_descriptor;
for (const Json::ObjectSharedPtr& entry : descriptor->asObjectArray()) {
new_descriptor.entries_.push_back({entry->getString("key"), entry->getString("value")});
for (const auto& entry : descriptor.entries()) {
new_descriptor.entries_.push_back({entry.key(), entry.value()});
}
descriptors_.push_back(new_descriptor);
}
Expand Down
5 changes: 3 additions & 2 deletions source/common/filter/ratelimit.h
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
#include "envoy/runtime/runtime.h"
#include "envoy/stats/stats_macros.h"

#include "common/json/json_loader.h"
#include "api/filter/network/rate_limit.pb.h"

namespace Envoy {
namespace RateLimit {
Expand Down Expand Up @@ -42,7 +42,8 @@ struct InstanceStats {
*/
class Config {
public:
Config(const Json::Object& config, Stats::Scope& scope, Runtime::Loader& runtime);
Config(const envoy::api::v2::filter::network::RateLimit& config, Stats::Scope& scope,
Runtime::Loader& runtime);
const std::string& domain() { return domain_; }
const std::vector<Descriptor>& descriptors() { return descriptors_; }
Runtime::Loader& runtime() { return runtime_; }
Expand Down
1 change: 1 addition & 0 deletions source/common/http/filter/BUILD
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,7 @@ envoy_cc_library(
envoy_cc_library(
name = "ratelimit_includes",
hdrs = ["ratelimit.h"],
external_deps = ["envoy_filter_http_rate_limit"],
deps = [
"//include/envoy/http:filter_interface",
"//include/envoy/local_info:local_info_interface",
Expand Down
19 changes: 9 additions & 10 deletions source/common/http/filter/ratelimit.h
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,8 @@

#include "common/common/assert.h"
#include "common/http/header_map_impl.h"
#include "common/json/config_schemas.h"
#include "common/json/json_loader.h"
#include "common/json/json_validator.h"

#include "api/filter/http/rate_limit.pb.h"

namespace Envoy {
namespace Http {
Expand All @@ -29,14 +28,14 @@ enum class FilterRequestType { Internal, External, Both };
/**
* Global configuration for the HTTP rate limit filter.
*/
class FilterConfig : Json::Validator {
class FilterConfig {
public:
FilterConfig(const Json::Object& config, const LocalInfo::LocalInfo& local_info,
Stats::Scope& scope, Runtime::Loader& runtime, Upstream::ClusterManager& cm)
: Json::Validator(config, Json::Schema::RATE_LIMIT_HTTP_FILTER_SCHEMA),
domain_(config.getString("domain")),
stage_(static_cast<uint64_t>(config.getInteger("stage", 0))),
request_type_(stringToType(config.getString("request_type", "both"))),
FilterConfig(const envoy::api::v2::filter::http::RateLimit& config,
const LocalInfo::LocalInfo& local_info, Stats::Scope& scope,
Runtime::Loader& runtime, Upstream::ClusterManager& cm)
: domain_(config.domain()), stage_(static_cast<uint64_t>(config.stage())),
request_type_(config.request_type().empty() ? stringToType("both")
: stringToType(config.request_type())),
local_info_(local_info), scope_(scope), runtime_(runtime), cm_(cm) {}

const std::string& domain() const { return domain_; }
Expand Down
2 changes: 2 additions & 0 deletions source/server/config/http/BUILD
Original file line number Diff line number Diff line change
Expand Up @@ -157,9 +157,11 @@ envoy_cc_library(
deps = [
"//include/envoy/registry",
"//include/envoy/server:filter_config_interface",
"//source/common/config:filter_json_lib",
"//source/common/config:well_known_names",
"//source/common/http/filter:ratelimit_includes",
"//source/common/http/filter:ratelimit_lib",
"//source/common/protobuf:utility_lib",
],
)

Expand Down
Loading