feat(lua): allow setting response body when the upstream response body is empty#14486
feat(lua): allow setting response body when the upstream response body is empty#14486mattklein123 merged 13 commits intoenvoyproxy:masterfrom
Conversation
…y is empty Close envoyproxy#14226. Signed-off-by: spacewander <spacewanderlzx@gmail.com>
|
Can you merge master? Thanks! |
dio
left a comment
There was a problem hiding this comment.
The approach seems OK. A nit and a request for refactoring the test helper.
| end | ||
| )EOF"; | ||
|
|
||
| testRewriteResponseWithoutUpstreamBody(FILTER_AND_CODE); |
There was a problem hiding this comment.
While you're here, can we refactor this a bit to have e.g. expectResponseBodyRewrite(), parameterized with the body from upstream (this can be empty or filled (buffered)) and the expected rewritten body?
So we can reuse this to test both cases.
Thank you!
Signed-off-by: spacewander <spacewanderlzx@gmail.com>
Signed-off-by: spacewander <spacewanderlzx@gmail.com>
Signed-off-by: spacewander <spacewanderlzx@gmail.com>
|
Thanks, @spacewander, could you merge main? Probably it will help to remedy: /wait |
Signed-off-by: spacewander <spacewanderlzx@gmail.com>
|
Interesting since "master" has that 95.3% coverage for |
Signed-off-by: spacewander <spacewanderlzx@gmail.com>
|
@dio |
|
Since this https://github.com/envoyproxy/envoy/pull/14528/files is merged. I think we can do another main branch merging. Sorry for the hassle. |
Signed-off-by: spacewander <spacewanderlzx@gmail.com>
|
@dio |
mattklein123
left a comment
There was a problem hiding this comment.
Thanks for working on this. A question on overall design to get started. Thank you!
/wait
| * jwt_authn filter: added support of Jwt time constraint verification with a clock skew (default to 60 seconds) and added a filter config field :ref:`clock_skew_seconds <envoy_v3_api_field_extensions.filters.http.jwt_authn.v3.JwtProvider.clock_skew_seconds>` to configure it. | ||
| * kill_request: enable a way to configure kill header name in KillRequest proto. | ||
| * listener: injection of the :ref:`TLS inspector <config_listener_filters_tls_inspector>` has been disabled by default. This feature is controlled by the runtime guard `envoy.reloadable_features.disable_tls_inspector_injection`. | ||
| * lua: always return a :ref:`buffer object <config_http_filters_lua_buffer_wrapper>` even the body is empty. This feature is controlled by the runtime guard `envoy.reloadable_features.lua_always_wrap_body`. |
There was a problem hiding this comment.
| * lua: always return a :ref:`buffer object <config_http_filters_lua_buffer_wrapper>` even the body is empty. This feature is controlled by the runtime guard `envoy.reloadable_features.lua_always_wrap_body`. | |
| * lua: always return a :ref:`buffer object <config_http_filters_lua_buffer_wrapper>` even if the body is empty. This feature is controlled by the runtime guard `envoy.reloadable_features.lua_always_wrap_body` and defaults to enabled. |
| request_handle:logTrace(request_handle:headers():get(":path")) | ||
|
|
||
| if request_handle:body() ~= nil then | ||
| if request_handle:body():length() ~= 0 then |
There was a problem hiding this comment.
I'm a little worried about this change breaking scripts, but I'm not sure how likely that is. I guess with a runtime guard we can see how it goes? The alternative would be to allow body() to take an optional boolean which enables the behavior? This could default to the existing behavior? I think I'm probably leaning towards that now that I think about it? @dio WDYT?
There was a problem hiding this comment.
Yes, this PR introduces a new runtime feature flag (and tested in integration test).
But yeah, thinking it again, to have a cleaner approach: seems like bool (or enum (Envoy.ALWAYS_WRAP_BODY)? for syntactic sugar, similar to this PR) or a new API (e.g. wrappedBody(), this new API always has a non-nil "buffer").
-- with bool.
response_handle:body(true):setBytes("ok")
-- with "enum".
response_handle:body(Envoy.ALWAYS_WRAP_BODY):setBytes("ok")
-- with new API.
response_handle:wrappedBody():setBytes("ok")There was a problem hiding this comment.
I will vote for the first one, because:
- argument is enough to distinguish them, not need to add an extra method
- there is only "always wrap body" and "not always wrap body", so a boolean is enough.
There was a problem hiding this comment.
SG. The reason for offering new API is for readability in the Lua code.
mattklein123
left a comment
There was a problem hiding this comment.
Thanks this looks good. Can you check CI also?
/wait
| int StreamHandleWrapper::luaBody(lua_State* state) { | ||
| ASSERT(state_ == State::Running); | ||
|
|
||
| int always_wrap_body = 0; |
Signed-off-by: spacewander <spacewanderlzx@gmail.com>
|
@mattklein123 |
mattklein123
left a comment
There was a problem hiding this comment.
Thanks LGTM at a high level with some test comments.
/wait
| } | ||
|
|
||
| // Rewrite response buffer, without original upstream response body | ||
| // and always warp body. |
There was a problem hiding this comment.
| // and always warp body. | |
| // and always wrap body. |
| inline_code: | | ||
| function envoy_on_response(response_handle) | ||
| if response_handle:body(false) then | ||
| local content_length = response_handle:body():setBytes("ok") |
There was a problem hiding this comment.
I'm confused. Shouldn't this end up returning nil and the script should crash? Shouldn't we be verifying nil here instead?
There was a problem hiding this comment.
The response_handle:body(false) always returns nil so this branch is skipped. It is just a mirror of the previous test but with the false given.
There was a problem hiding this comment.
Ah sorry, I missed that. OK LGTM modulo the typo.
* master: (48 commits) Resolve 14506, avoid libidn2 for our curl dependency (envoyproxy#14601) fix new/free mismatch in Mainthread utility (envoyproxy#14596) opencensus: deprecate Zipkin configuration. (envoyproxy#14576) upstream: clean up code location (envoyproxy#14580) configuration impl: add cast for ios compilation (envoyproxy#14590) buffer impl: add cast for android compilation (envoyproxy#14589) ratelimit: add dynamic metadata to ratelimit response (envoyproxy#14508) tcp_proxy: wait for CONNECT response before start streaming data (envoyproxy#14317) stream info: cleanup address handling (envoyproxy#14432) [deps] update upb to latest commit (envoyproxy#14582) Add utility to check whether the execution is in main thread. (envoyproxy#14457) listener: undeprecate bind_to_port (envoyproxy#14480) Fix data race in overload integration test (envoyproxy#14586) deps: update PGV (envoyproxy#14571) dependencies: update cve_scan.py for some libcurl 7.74.0 false positives. (envoyproxy#14572) Network::Connection: Add L4 crash dumping support (envoyproxy#14509) ssl: remember stat names for configured ciphers. (envoyproxy#14534) formatter: add custom date formatting to downstream cert start and end dates (envoyproxy#14502) feat(lua): allow setting response body when the upstream response body is empty (envoyproxy#14486) Generalize the gRPC access logger base classes (envoyproxy#14469) ... Signed-off-by: Michael Puncel <mpuncel@squareup.com>
Commit Message: allow setting response body when the upstream response body is empty
Additional Description:
Risk Level: Medium
Testing: unit and integration tests
Docs Changes: TBA
Release Notes: Lua
body()will no longer return nil when the response body is empty. Can be changed via runtime flag.Platform Specific Features: N/A
Fixes #14226
Signed-off-by: spacewander spacewanderlzx@gmail.com