Implement sigv4a signing in aws_request_signing extension by nbaws · Pull Request #31336 · envoyproxy/envoy

nbaws · 2023-12-13T12:03:46Z

Commit Message: Implement sigv4a signing in aws_request_signing extension
Additional Description: See #31000 for proposal
Risk Level: Low
Testing: Unit
Docs Changes: API Proto
Release Notes: N/A
Platform Specific Features:
[Optional Runtime guard:]
[Optional Fixes #Issue] #31000
[Optional Fixes commit #PR or SHA]
[Optional Deprecated:]
[Optional API Considerations:]

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

repokitteh-read-only · 2023-12-13T12:03:56Z

CC @envoyproxy/api-shepherds: Your approval is needed for changes made to (api/envoy/|docs/root/api-docs/).
envoyproxy/api-shepherds assignee is @wbpcode
CC @envoyproxy/api-watchers: FYI only for changes made to (api/envoy/|docs/root/api-docs/).

🐱

Caused by: #31336 was opened by nbaws.

see: more, trace.

nbaws · 2023-12-13T12:04:22Z

/assign @suniltheta

repokitteh-read-only · 2023-12-13T12:04:27Z

nbaws is not allowed to assign users.

🐱

Caused by: a #31336 (comment) was created by @nbaws.

see: more, trace.

suniltheta · 2023-12-13T18:29:49Z

/assign @suniltheta

suniltheta

Initial set of review with just skimming the changes.

Missing release notes update on changelogs/current.yaml
Run CI script format is failing with spell check. See if you can fix those by running ./tools/local_fix_format.sh while the diffs are not yet committed.

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

nbaws · 2023-12-24T22:51:58Z

Thanks for your great contribution. Some comments are added to the API or code style, but not to the new logic.

I think this require review from @mattklein123 because I have no background knowledge about the aws signing.

thank you for your feedback!

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

wbpcode

Only two nit comments to the API, then the API looks good to me.

(Thanks for you in timely update, and sorry for my delay.)

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

mattklein123

LGTM with small nit, thanks.

/wait

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

wbpcode · 2024-01-03T05:40:28Z

/lgtm api

nbaws and others added 7 commits December 12, 2023 03:14

first commit

1a2eff7

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

refactor signer classes

72d2cf5

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

format fix

238bbe0

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

additional formattiong

93ca432

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

additional formattiong

5f89399

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

additional formattiong

8d01fa7

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

Merge branch 'envoyproxy:main' into sigv4a_redo

0bda756

nbaws requested a review from mattklein123 as a code owner December 13, 2023 12:03

repokitteh-read-only Bot added the api label Dec 13, 2023

repokitteh-read-only Bot assigned wbpcode Dec 13, 2023

repokitteh-read-only Bot assigned suniltheta Dec 13, 2023

suniltheta reviewed Dec 13, 2023

View reviewed changes

nbaws changed the title ~~Sigv4a redo~~ Implement sigv4a signing in aws_request_signing extension Dec 15, 2023

nbaws and others added 13 commits December 15, 2023 17:16

Merge branch 'envoyproxy:main' into sigv4a_redo

c0d176e

address feedback

081faa0

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

trailing spaces

1680808

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

format fix

5c5a3f1

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

reverting invalid changes

c68a272

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

uint fix for windows build

61f2edd

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

remove elf dependency

45bfab6

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

spelling

58e4b19

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

spelling

90bf1e3

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

fix changelog

6beecdc

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

change volatile computation

ff9d93a

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

additional volatile fix

a6d8371

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

Merge branch 'envoyproxy:main' into sigv4a_redo

756c08d

nbaws and others added 4 commits December 22, 2023 22:39

Merge branch 'envoyproxy:main' into sigv4a_redo

e52ec0c

address review feedback

3fe007e

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

update to include explicit region_set

a35468b

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

add additional test

040264b

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

wbpcode reviewed Dec 27, 2023

View reviewed changes

Comment thread api/envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.proto Outdated

Comment thread api/envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.proto

Comment thread source/extensions/common/aws/signer_base_impl.cc Outdated

nbaws and others added 4 commits December 27, 2023 11:46

revert to previous proto

4becaaf

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

fix tests

d42afcf

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

Merge branch 'envoyproxy:main' into sigv4a_redo

6ddf435

update documentation, revert proto to region required

10277e7

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

suniltheta reviewed Dec 29, 2023

View reviewed changes

Comment thread source/extensions/common/aws/sigv4_signer_impl.h Outdated

Comment thread docs/root/configuration/http/http_filters/_include/aws-request-signing-filter-sigv4a.yaml Outdated

nbaws added 2 commits December 30, 2023 11:23

address feedback

71936f0

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

todo for lambda filter

9cd6b60

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

wbpcode reviewed Dec 30, 2023

View reviewed changes

Comment thread api/envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.proto Outdated

wbpcode reviewed Dec 30, 2023

View reviewed changes

Comment thread api/envoy/extensions/filters/http/aws_request_signing/v3/aws_request_signing.proto Outdated

wbpcode reviewed Dec 30, 2023

View reviewed changes

address feedback

8540d5e

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

suniltheta reviewed Dec 31, 2023

View reviewed changes

Comment thread source/extensions/filters/http/aws_request_signing/config.cc Outdated

address feedback

b55cc66

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

suniltheta approved these changes Jan 1, 2024

View reviewed changes

mattklein123 requested changes Jan 2, 2024

View reviewed changes

Comment thread source/extensions/common/aws/BUILD Outdated

Comment thread source/extensions/common/aws/sigv4a_key_derivation.cc

repokitteh-read-only Bot added the waiting label Jan 2, 2024

address BUILD feedback

b62dcb0

Signed-off-by: Nigel Brittain <nbaws@amazon.com>

repokitteh-read-only Bot removed the waiting label Jan 3, 2024

repokitteh-read-only Bot removed the api label Jan 3, 2024

mattklein123 approved these changes Jan 3, 2024

View reviewed changes

mattklein123 merged commit 48ced96 into envoyproxy:main Jan 3, 2024

nbaws mentioned this pull request Jun 3, 2024

aws: sts and webidentity fix for sigv4a edge case #34466

Merged

Conversation

nbaws commented Dec 13, 2023

Uh oh!

repokitteh-read-only Bot commented Dec 13, 2023

Uh oh!

nbaws commented Dec 13, 2023

Uh oh!

repokitteh-read-only Bot commented Dec 13, 2023

Uh oh!

suniltheta commented Dec 13, 2023

Uh oh!

suniltheta left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

nbaws commented Dec 24, 2023

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

wbpcode left a comment • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

mattklein123 left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

wbpcode commented Jan 3, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

wbpcode left a comment •

edited

Loading