Feature/envoy1.22 fixes (#77)

* changes for envoy 1.22
in4it · Aug 30, 2022 · bd8f40e · bd8f40e
1 parent f60c9c1
commit bd8f40e
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 28 deletions.
diff --git a/pkg/envoy/jwtprovider.go b/pkg/envoy/jwtprovider.go
@@ -39,8 +39,12 @@ func (j *JwtProvider) getJwtRule(conditions Conditions, clusterName string, jwtP
 	if conditions.Hostname != "" {
 		hostnameHeaders = append(hostnameHeaders, &route.HeaderMatcher{
 			Name: ":authority",
-			HeaderMatchSpecifier: &route.HeaderMatcher_ExactMatch{
-				ExactMatch: conditions.Hostname,
+			HeaderMatchSpecifier: &route.HeaderMatcher_StringMatch{
+				StringMatch: &matcher.StringMatcher{
+					MatchPattern: &matcher.StringMatcher_Exact{
+						Exact: conditions.Hostname,
+					},
+				},
 			},
 		})
 	}
@@ -49,8 +53,12 @@ func (j *JwtProvider) getJwtRule(conditions Conditions, clusterName string, jwtP
 		for _, method := range conditions.Methods {
 			methodHeaders = append(methodHeaders, &route.HeaderMatcher{
 				Name: ":method",
-				HeaderMatchSpecifier: &route.HeaderMatcher_ExactMatch{
-					ExactMatch: method,
+				HeaderMatchSpecifier: &route.HeaderMatcher_StringMatch{
+					StringMatch: &matcher.StringMatcher{
+						MatchPattern: &matcher.StringMatcher_Exact{
+							Exact: method,
+						},
+					},
 				},
 			})
 		}
@@ -117,8 +125,8 @@ func (j *JwtProvider) getJwtRule(conditions Conditions, clusterName string, jwtP
 				Match: &route.RouteMatch{
 					PathSpecifier: &route.RouteMatch_SafeRegex{
 						SafeRegex: &matcher.RegexMatcher{
-							Regex:      conditions.Regex,
 							EngineType: &matcher.RegexMatcher_GoogleRe2{GoogleRe2: &matcher.RegexMatcher_GoogleRE2{}},
+							Regex:      conditions.Regex,
 						},
 					},
 					Headers: hostnameHeaders,
@@ -133,8 +141,8 @@ func (j *JwtProvider) getJwtRule(conditions Conditions, clusterName string, jwtP
 					Match: &route.RouteMatch{
 						PathSpecifier: &route.RouteMatch_SafeRegex{
 							SafeRegex: &matcher.RegexMatcher{
-								Regex:      conditions.Regex,
 								EngineType: &matcher.RegexMatcher_GoogleRe2{GoogleRe2: &matcher.RegexMatcher_GoogleRE2{}},
+								Regex:      conditions.Regex,
 							},
 						},
 						Headers: append(hostnameHeaders, methodHeader),

diff --git a/pkg/envoy/listener.go b/pkg/envoy/listener.go
@@ -11,6 +11,7 @@ import (
 	api "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3"
 	route "github.com/envoyproxy/go-control-plane/envoy/config/route/v3"
 	tracev3 "github.com/envoyproxy/go-control-plane/envoy/config/trace/v3"
+	router "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/router/v3"
 	hcm "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3"
 	tls "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3"
 	matcher "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3"
@@ -46,9 +47,16 @@ type Listener struct {
 
 func newListener() *Listener {
 	listener := &Listener{}
+	typedRouterConfig, err := anypb.New(&router.Router{})
+	if err != nil {
+		panic(err)
+	}
 	listener.httpFilter = []*hcm.HttpFilter{
 		{
 			Name: "envoy.filters.http.router",
+			ConfigType: &hcm.HttpFilter_TypedConfig{
+				TypedConfig: typedRouterConfig,
+			},
 		},
 	}
 	listener.accessLoggerConfig = []*alf.AccessLog{}
@@ -205,8 +213,8 @@ func (l *Listener) getVirtualHost(listenerName, hostname, targetHostname, target
 		if regexRewrite.Regex != "" {
 			envoyRegexRewrite = &matcher.RegexMatchAndSubstitute{
 				Pattern: &matcher.RegexMatcher{
-					EngineType: &matcher.RegexMatcher_GoogleRe2{},
 					Regex:      regexRewrite.Regex,
+					EngineType: &matcher.RegexMatcher_GoogleRe2{GoogleRe2: &matcher.RegexMatcher_GoogleRE2{}},
 				},
 				Substitution: regexRewrite.Substitution,
 			}
@@ -232,8 +240,12 @@ func (l *Listener) getVirtualHost(listenerName, hostname, targetHostname, target
 		for _, method := range methods {
 			headers = append(headers, &route.HeaderMatcher{
 				Name: ":method",
-				HeaderMatchSpecifier: &route.HeaderMatcher_ExactMatch{
-					ExactMatch: method,
+				HeaderMatchSpecifier: &route.HeaderMatcher_StringMatch{
+					StringMatch: &matcher.StringMatcher{
+						MatchPattern: &matcher.StringMatcher_Exact{
+							Exact: method,
+						},
+					},
 				},
 			})
 		}
@@ -291,8 +303,8 @@ func (l *Listener) getVirtualHost(listenerName, hostname, targetHostname, target
 				Match: &route.RouteMatch{
 					PathSpecifier: &route.RouteMatch_SafeRegex{
 						SafeRegex: &matcher.RegexMatcher{
-							Regex:      targetPrefix,
 							EngineType: &matcher.RegexMatcher_GoogleRe2{GoogleRe2: &matcher.RegexMatcher_GoogleRE2{}},
+							Regex:      targetPrefix,
 						},
 					},
 				},
@@ -304,8 +316,8 @@ func (l *Listener) getVirtualHost(listenerName, hostname, targetHostname, target
 					Match: &route.RouteMatch{
 						PathSpecifier: &route.RouteMatch_SafeRegex{
 							SafeRegex: &matcher.RegexMatcher{
-								Regex:      targetPrefix,
 								EngineType: &matcher.RegexMatcher_GoogleRe2{GoogleRe2: &matcher.RegexMatcher_GoogleRE2{}},
+								Regex:      targetPrefix,
 							},
 						},
 						Headers: []*route.HeaderMatcher{header},

diff --git a/pkg/envoy/listener_test.go b/pkg/envoy/listener_test.go
@@ -769,7 +769,7 @@ func validateAttributes(manager *hcm.HttpConnectionManager, params ListenerParam
 					if len(params.Conditions.Methods) > 0 {
 						for _, v1 := range r.Match.Headers {
 							for _, v2 := range params.Conditions.Methods {
-								if v1.GetName() == ":method" && v1.GetExactMatch() == v2 {
+								if v1.GetName() == ":method" && v1.GetStringMatch().GetExact() == v2 {
 									methodsFound[v2] = true
 								}
 							}
@@ -836,7 +836,7 @@ func validateMethods(headers []*route.HeaderMatcher, methods []string) bool {
 	methodsInHeader := []string{}
 	for _, v := range headers {
 		if v.Name == ":method" {
-			methodsInHeader = append(methodsInHeader, v.GetExactMatch())
+			methodsInHeader = append(methodsInHeader, v.GetStringMatch().GetExact())
 		}
 	}
 	sort.Strings(methodsInHeader)
@@ -954,14 +954,14 @@ func validateJWT(manager *hcm.HttpConnectionManager, params ListenerParams) erro
 			}
 			if prefixFound || pathFound || regexFound {
 				for _, header := range rule.Match.Headers {
-					if header.Name == ":authority" && header.HeaderMatchSpecifier.(*route.HeaderMatcher_ExactMatch).ExactMatch == params.Conditions.Hostname {
+					if header.Name == ":authority" && header.HeaderMatchSpecifier.(*route.HeaderMatcher_StringMatch).StringMatch.GetExact() == params.Conditions.Hostname {
 						domainFound = true
 					}
 				}
 				if len(params.Conditions.Methods) > 0 {
 					for _, v1 := range rule.Match.Headers {
 						for _, v2 := range params.Conditions.Methods {
-							if v1.GetName() == ":method" && v1.GetExactMatch() == v2 {
+							if v1.GetName() == ":method" && v1.GetStringMatch().GetExact() == v2 {
 								methodsFound[v2] = true
 							}
 						}

diff --git a/pkg/envoy/listener_utils.go b/pkg/envoy/listener_utils.go
@@ -230,7 +230,7 @@ func cmpMatch(a *route.RouteMatch, b *route.RouteMatch) bool {
 			return false
 		}
 
-		if aa.HeaderMatchSpecifier.(*route.HeaderMatcher_ExactMatch).ExactMatch != bb.HeaderMatchSpecifier.(*route.HeaderMatcher_ExactMatch).ExactMatch {
+		if aa.HeaderMatchSpecifier.(*route.HeaderMatcher_StringMatch).StringMatch.GetExact() != bb.HeaderMatchSpecifier.(*route.HeaderMatcher_StringMatch).StringMatch.GetExact() {
 			logger.Tracef("cmpMatch: mismatch in header value ")
 			return false
 		}
@@ -247,28 +247,24 @@ func headerMatchEqual(a, b *route.HeaderMatcher) bool {
 	if a.GetName() != b.GetName() {
 		return false
 	}
-	if a.GetExactMatch() != b.GetExactMatch() {
+	aStringMatch := a.GetStringMatch()
+	bStringMatch := b.GetStringMatch()
+	if aStringMatch.GetExact() != bStringMatch.GetExact() {
 		return false
 	}
-	if a.GetInvertMatch() != b.GetInvertMatch() {
+	if aStringMatch.IgnoreCase != bStringMatch.IgnoreCase {
 		return false
 	}
-	if a.GetPrefixMatch() != b.GetPrefixMatch() {
+	if aStringMatch.GetPrefix() != bStringMatch.GetPrefix() {
 		return false
 	}
-	if a.GetRangeMatch() != b.GetRangeMatch() {
+	if aStringMatch.GetSuffix() != bStringMatch.GetSuffix() {
 		return false
 	}
-	if a.GetSafeRegexMatch().GetRegex() != b.GetSafeRegexMatch().GetRegex() {
+	if aStringMatch.GetContains() != bStringMatch.GetContains() {
 		return false
 	}
-	if a.GetPresentMatch() != b.GetPresentMatch() {
-		return false
-	}
-	if a.GetSafeRegexMatch() != b.GetSafeRegexMatch() {
-		return false
-	}
-	if a.GetSuffixMatch() != b.GetSuffixMatch() {
+	if aStringMatch.GetSafeRegex().GetRegex() != bStringMatch.GetSafeRegex().GetRegex() {
 		return false
 	}
 	return true