-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Config revamp #110
base: main
Are you sure you want to change the base?
Config revamp #110
Conversation
Signed-off-by: Guilherme Cassolato <guicassolato@gmail.com>
Signed-off-by: Guilherme Cassolato <guicassolato@gmail.com>
Signed-off-by: Guilherme Cassolato <guicassolato@gmail.com>
Signed-off-by: Guilherme Cassolato <guicassolato@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking good
Verification steps working |
Latest commit removes |
I'm still writing tests for conditional actions, and realise that we need a coordinated merge of this so potentially this should be reviewed/merged to a feature branch |
From What if there are many, which one has preference? |
I'm not tied to this change, and I can drop the commit. But I was working toward what we agreed in #108 where the data required to build the message was defined in the - routeRuleConditions:
hostnames:
- "*.foo.com"
- "users.bar.com"
matches:
- request.method == "GET"
- request.path.startsWith('/bar')
actions:
- conditions:
- "!['127.0.0.1', '192.168.1.1'].contains(source.ip)"
action:
service: limitador
data:
ip: source.ip
magic_RL_name: "'1'"
- conditions: []
action:
service: authorino
data:
authCfg: "'someIdentifier'" |
e093991
to
841520d
Compare
I've dropped that commit fwiw. I tend to agree that right now the purpose of the data and |
I agree with @eguzki. I don't like this change. Whether as The way it was before, we could technically have an action without any data, which makes sense to me since we have default data that comes from the type of action ( Anyway, I honestly liked more how it was before. Thanks for ditching the commit! |
Thanks both for the constructive feedback, will continue on tests for conditional actions |
Signed-off-by: Guilherme Cassolato <guicassolato@gmail.com>
Signed-off-by: Guilherme Cassolato <guicassolato@gmail.com>
Signed-off-by: Guilherme Cassolato <guicassolato@gmail.com>
Signed-off-by: Adam Cattermole <acatterm@redhat.com>
Rename conditions to matches - hoist all_of Signed-off-by: Adam Cattermole <acatterm@redhat.com>
Signed-off-by: Adam Cattermole <acatterm@redhat.com>
Signed-off-by: Adam Cattermole <acatterm@redhat.com>
Signed-off-by: Adam Cattermole <acatterm@redhat.com>
Signed-off-by: Adam Cattermole <acatterm@redhat.com>
Signed-off-by: Adam Cattermole <acatterm@redhat.com>
Signed-off-by: Adam Cattermole <acatterm@redhat.com>
2e97e38
to
a392f7d
Compare
Changes
This is moving towards a configuration based on the suggestion in #108.
Currently this is looking as follows:
I've separated all of the changes by commit to try make it easier to read the changes.
The primary change to non-config types is that we now have
actions.conditions
so we can conditionally perform an action - example provided in the envoy configuration that only calls the rate limiting service whenuser_id == 'alice'
:Port-forward envoy and watch the logs for all services:
Test unauthenticated does not get rate limited:
Bob is not rate limited (note no calls to limitador in logs):
Alice has 5 requests per 10 seconds:
Outstanding
scope
fromaction.data
(won't do)For a future PR:
routeRuleConditions.matches
andaction.conditions
fromPatternExpression
to CEL