[ProtoApiScrubber] Fixing header and trailer propagation in field checker #42293
[ProtoApiScrubber] Fixing header and trailer propagation in field checker #42293adisuissa merged 31 commits intoenvoyproxy:mainfrom
Conversation
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: sumitkmr2 <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
sumitkmr2
changed the title
|
/retest |
|
@adisuissa I'm working on fixing the Envoy/Check failure. It's taking time as the tests pass but the envoy step fails. Request you to please review the code and test changes in the meantime. |
|
@sumitkmr2 gcc failure looks real (even if flaking) |
| FieldChecker(const ScrubberContext scrubber_context, | ||
| const Envoy::StreamInfo::StreamInfo* stream_info, const std::string& method_name, | ||
| const Envoy::StreamInfo::StreamInfo* stream_info, | ||
| const Http::RequestHeaderMap* request_headers, |
There was a problem hiding this comment.
OOC why is there a need to move between OptRef and pointers (for al the headers maps)?
There was a problem hiding this comment.
The use of pointers here was intended to handle the optional nature of the headers and trailers, as the matching_data_ setters require valid references (so I needed a way to check for existence before dereferencing). I used pointers as a mechanism for nullable checks.
However, I agree that passing OptRef directly is more idiomatic for Envoy and avoids converting between types. I have updated the constructor signature to accept OptRef instead of raw pointers.
| public: | ||
| // Validates whether the input type for the matcher is in the list of supported input types. | ||
| // Currently, only CEL input type (i.e., HttpAttributesCelMatchInput) is supported. | ||
| // ProtoApiScrubber filter supports all types of data inputs and hence, it returns |
There was a problem hiding this comment.
Interesting. So what will the behavior (during a request processing by the ProtoApiScrubber filter) be if the matcher type is DestinationIPInput?
There was a problem hiding this comment.
It would result in a no-match. This is documented nicely in matching API documentation but I couldn't find it as of now. Right now, I can only find this: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/matching/matching_api#inputs-and-matching-algorithms
I'll try to find the documentation which clearly stated that if you use response type inputs in the request flow, it would result in a no-match.
In essence, if someone is using matching API, we can be assured that they are aware of such nuances as it's clearly documented in envoy documentation.
| : scrubber_context_(scrubber_context), matching_data_(*stream_info), | ||
| method_name_(method_name), filter_config_ptr_(filter_config) {} | ||
| method_name_(method_name), filter_config_ptr_(filter_config) { | ||
| // Populate matching data with whatever is available. |
There was a problem hiding this comment.
FWIW, the design here seems a bit leaky (a single field checker for both request and response, but used differently for each). I guess that is ok for now, but if further divergence from behavior needs to be done for request/response, it may be best to divide the two paths to different classes.
There was a problem hiding this comment.
Yes, you are right. Although around 90-95% of the code is common for request and response, there's one part where they diverge. I'll keep that in mind in case that divergence becomes bigger but in principle, it would most probably not diverge as it's core job is to do scrubbing given a protobuf message. In case, the divergence becomes bigger, we might try to make it configurable instead.
Also, please note that it's not like request headers are only for request path, request headers can very well be utilized by response path.
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
sumitkmr2
left a comment
sumitkmr2
left a comment
There was a problem hiding this comment.
Addressed comments ,thanks!
| : scrubber_context_(scrubber_context), matching_data_(*stream_info), | ||
| method_name_(method_name), filter_config_ptr_(filter_config) {} | ||
| method_name_(method_name), filter_config_ptr_(filter_config) { | ||
| // Populate matching data with whatever is available. |
There was a problem hiding this comment.
Yes, you are right. Although around 90-95% of the code is common for request and response, there's one part where they diverge. I'll keep that in mind in case that divergence becomes bigger but in principle, it would most probably not diverge as it's core job is to do scrubbing given a protobuf message. In case, the divergence becomes bigger, we might try to make it configurable instead.
Also, please note that it's not like request headers are only for request path, request headers can very well be utilized by response path.
| public: | ||
| // Validates whether the input type for the matcher is in the list of supported input types. | ||
| // Currently, only CEL input type (i.e., HttpAttributesCelMatchInput) is supported. | ||
| // ProtoApiScrubber filter supports all types of data inputs and hence, it returns |
There was a problem hiding this comment.
It would result in a no-match. This is documented nicely in matching API documentation but I couldn't find it as of now. Right now, I can only find this: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/matching/matching_api#inputs-and-matching-algorithms
I'll try to find the documentation which clearly stated that if you use response type inputs in the request flow, it would result in a no-match.
In essence, if someone is using matching API, we can be assured that they are aware of such nuances as it's clearly documented in envoy documentation.
| FieldChecker(const ScrubberContext scrubber_context, | ||
| const Envoy::StreamInfo::StreamInfo* stream_info, const std::string& method_name, | ||
| const Envoy::StreamInfo::StreamInfo* stream_info, | ||
| const Http::RequestHeaderMap* request_headers, |
There was a problem hiding this comment.
The use of pointers here was intended to handle the optional nature of the headers and trailers, as the matching_data_ setters require valid references (so I needed a way to check for existence before dereferencing). I used pointers as a mechanism for nullable checks.
However, I agree that passing OptRef directly is more idiomatic for Envoy and avoids converting between types. I have updated the constructor signature to accept OptRef instead of raw pointers.
Signed-off-by: sumitkmr2 <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
Signed-off-by: Sumit Kumar <sumitkmr@google.com>
@phlax Yes, they were real failures caused by improper test cleanup. I've fixed those now. |
…cker (envoyproxy#42293) Signed-off-by: Sumit Kumar <sumitkmr@google.com> Signed-off-by: sumitkmr2 <sumitkmr@google.com> Signed-off-by: Xuyang Tao <taoxuy@google.com>
…cker (envoyproxy#42293) Signed-off-by: Sumit Kumar <sumitkmr@google.com> Signed-off-by: sumitkmr2 <sumitkmr@google.com> Signed-off-by: Gustavo <grnmeira@gmail.com>
3 participants
Commit Message: Fixing header and trailer propagation in field checker
Additional Description: The headers and trailers were not properly propagated to the field checker and hence, the match tree couldn't use these inputs. Rest of the envoy attributes (https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes) are automatically available for matching and hence, additional plumbing is not required.
Risk Level: None
Testing: UTs and ITs added.
Docs Changes: None.
Release Notes: None.
Platform Specific Features: None.
[Optional Runtime guard:]
[Optional Fixes #Issue]
[Optional Fixes commit #PR or SHA]
[Optional Deprecated:]
[Optional API Considerations:]