feat: added option to specify resources on the OIDC security policy#3030
Merged
arkodg merged 4 commits intoenvoyproxy:mainfrom Mar 28, 2024
Merged
feat: added option to specify resources on the OIDC security policy#3030arkodg merged 4 commits intoenvoyproxy:mainfrom
arkodg merged 4 commits intoenvoyproxy:mainfrom
Conversation
Signed-off-by: jaynis <[email protected]>
jaynis
changed the title
Contributor
|
hey @jaynis suggest creating an issue first, sharing the use case |
Contributor
Author
|
Sure I can do that but this PR just extends the functionality of the gateway to a feature which envoy itself already has and which therefore can be assumed to have valid use cases I would say 😃 . |
cnvergence
approved these changes
Mar 27, 2024
zhaohuabing
approved these changes
Mar 27, 2024
Member
zhaohuabing
left a comment
zhaohuabing
left a comment
There was a problem hiding this comment.
Thanks for adding this useful feature!
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #3030 +/- ##
=======================================
Coverage 64.50% 64.51%
=======================================
Files 121 121
Lines 21381 21388 +7
=======================================
+ Hits 13792 13798 +6
- Misses 6718 6720 +2
+ Partials 871 870 -1 ☔ View full report in Codecov by Sentry. |
Member
|
/retest |
yaelSchechter
pushed a commit
to yaelSchechter/envoy-gateway
that referenced
this pull request
Mar 28, 2024
…nvoyproxy#3030) added option to specify resources on the OIDC filter Signed-off-by: jaynis <[email protected]> Co-authored-by: Huabing Zhao <[email protected]> Signed-off-by: Yael Shechter <[email protected]>
arkodg
added a commit
that referenced
this pull request
Mar 28, 2024
* build(deps): bump github.com/prometheus/common from 0.50.0 to 0.51.1 (#3010) Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.50.0 to 0.51.1. - [Release notes](https://github.com/prometheus/common/releases) - [Commits](prometheus/common@v0.50.0...v0.51.1) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Huabing Zhao <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * docs: fix squash link (#3013) Signed-off-by: zirain <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * api: support IdleTimeout in clientTrafficPolicy Signed-off-by: Yael Shechter <[email protected]> * build(deps): bump fortio.org/fortio from 1.63.4 to 1.63.5 (#3011) Bumps [fortio.org/fortio](https://github.com/fortio/fortio) from 1.63.4 to 1.63.5. - [Release notes](https://github.com/fortio/fortio/releases) - [Commits](fortio/fortio@v1.63.4...v1.63.5) --- updated-dependencies: - dependency-name: fortio.org/fortio dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Huabing Zhao <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * ci: trigger docs action (#3017) Signed-off-by: zirain <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * ci: fix cherrypick permission (#2985) Signed-off-by: zirain <[email protected]> Co-authored-by: Huabing Zhao <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * fix: set path prefix for http ext auth service (#3018) Signed-off-by: huabing zhao <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * feat: add Chinese language support for doc site (#2532) * Add Chinese support for doc site Signed-off-by: Wilson Wu <[email protected]> * Add zh i18n for menus Signed-off-by: Wilson Wu <[email protected]> * Add zh content placeholders Signed-off-by: Wilson Wu <[email protected]> * Fix about zh page Signed-off-by: Wilson Wu <[email protected]> * Apply suggestions from code review Co-authored-by: Huabing Zhao <[email protected]> Signed-off-by: Wilson Wu <[email protected]> * docs: `%s/Application/API/g` (#2929) Signed-off-by: Wilson Wu <[email protected]> * remove old version for zh content Signed-off-by: Wilson Wu <[email protected]> * Update the latest version link Signed-off-by: Wilson Wu <[email protected]> * Fix default content dir Signed-off-by: Wilson Wu <[email protected]> * Translate landing page and fix broken link Signed-off-by: Wilson Wu <[email protected]> * Fix broken link Signed-off-by: Wilson Wu <[email protected]> * Add a contribution page Signed-off-by: Wilson Wu <[email protected]> --------- Signed-off-by: Wilson Wu <[email protected]> Co-authored-by: Huabing Zhao <[email protected]> Co-authored-by: Arko Dasgupta <[email protected]> Co-authored-by: zirain <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * feat(translator): implement connection limit (#2952) * implement connection limit Signed-off-by: Guy Daich <[email protected]> * fix lint Signed-off-by: Guy Daich <[email protected]> * fix lint 2 Signed-off-by: Guy Daich <[email protected]> * fix ir, coverage Signed-off-by: Guy Daich <[email protected]> * fix lint 3 Signed-off-by: Guy Daich <[email protected]> * open more connection in e2e Signed-off-by: Guy Daich <[email protected]> * fix error type Signed-off-by: Guy Daich <[email protected]> * add additional connections Signed-off-by: Guy Daich <[email protected]> * make limit value required Signed-off-by: Guy Daich <[email protected]> * add error-flow unit test Signed-off-by: Guy Daich <[email protected]> * fix lint 4 Signed-off-by: Guy Daich <[email protected]> * assert policy accepted in test Signed-off-by: Guy Daich <[email protected]> * rename limit => connectionLimit Signed-off-by: Guy Daich <[email protected]> --------- Signed-off-by: Guy Daich <[email protected]> Co-authored-by: zirain <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * docs: remove 0.1.0 from linkinator ignore list (#3015) Signed-off-by: yuluo <[email protected]> Co-authored-by: zirain <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * disable connection limit test (#3025) Signed-off-by: huabing zhao <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * fix: use correct connection limit attribute name in e2e, docs (#3028) fix attribute name Signed-off-by: Guy Daich <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * docs: document patches in envoy proxy (#3027) * docs: document patches in envoy proxy Signed-off-by: Yael Shechter <[email protected]> * fix linting issue Signed-off-by: Yael Shechter <[email protected]> * fix pr comment Signed-off-by: Yael Shechter <[email protected]> --------- Signed-off-by: Yael Shechter <[email protected]> * feat(policy): Adding BTP support for UDP/TCPRoute (#3004) * Adding BTP support for UDP/TCP Routes Signed-off-by: Alexander Volchok <[email protected]> * fixining lint Signed-off-by: Alexander Volchok <[email protected]> * fix IdleTime check Signed-off-by: Alexander Volchok <[email protected]> * adding missing generates Signed-off-by: Alexander Volchok <[email protected]> * fixing code review comments Signed-off-by: Alexander Volchok <[email protected]> * incresing code coverage Signed-off-by: Alexander Volchok <[email protected]> --------- Signed-off-by: Alexander Volchok <[email protected]> Co-authored-by: zirain <[email protected]> Co-authored-by: Huabing Zhao <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * fix: add missing http filters to the http filter chain (#2970) * fix: add missing http filters to the http filter chain Signed-off-by: huabing zhao <[email protected]> * refactor Signed-off-by: huabing zhao <[email protected]> * fix lint Signed-off-by: huabing zhao <[email protected]> * add comments Signed-off-by: huabing zhao <[email protected]> * remove refactor Signed-off-by: huabing zhao <[email protected]> * remove refactor Signed-off-by: huabing zhao <[email protected]> * fix gen Signed-off-by: huabing zhao <[email protected]> * fix lint Signed-off-by: Huabing Zhao <[email protected]> --------- Signed-off-by: huabing zhao <[email protected]> Signed-off-by: Huabing Zhao <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * fix pr comment Signed-off-by: Yael Shechter <[email protected]> * ci: grant pull-requests permission to cherrypick action (#3039) Signed-off-by: zirain <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * Update ADOPTERS.md for Airspace Link (#3045) Signed-off-by: Fabrice Aneche <[email protected]> Co-authored-by: zirain <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * feat: added option to specify resources on the OIDC security policy (#3030) added option to specify resources on the OIDC filter Signed-off-by: jaynis <[email protected]> Co-authored-by: Huabing Zhao <[email protected]> Signed-off-by: Yael Shechter <[email protected]> * run make commands Signed-off-by: Yael Shechter <[email protected]> * fix: allow websockets in url rewrite (#3022) allow websockets in url rewrite Signed-off-by: Jesse Haka <[email protected]> Co-authored-by: zirain <[email protected]> Signed-off-by: Yael Shechter <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: Yael Shechter <[email protected]> Signed-off-by: zirain <[email protected]> Signed-off-by: huabing zhao <[email protected]> Signed-off-by: Wilson Wu <[email protected]> Signed-off-by: Guy Daich <[email protected]> Signed-off-by: yuluo <[email protected]> Signed-off-by: Alexander Volchok <[email protected]> Signed-off-by: Huabing Zhao <[email protected]> Signed-off-by: Fabrice Aneche <[email protected]> Signed-off-by: jaynis <[email protected]> Signed-off-by: Jesse Haka <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Huabing Zhao <[email protected]> Co-authored-by: zirain <[email protected]> Co-authored-by: Wilson Wu <[email protected]> Co-authored-by: Arko Dasgupta <[email protected]> Co-authored-by: Guy Daich <[email protected]> Co-authored-by: YuLuo <[email protected]> Co-authored-by: Alex Volchok <[email protected]> Co-authored-by: Fabrice Aneche <[email protected]> Co-authored-by: jaynis <[email protected]> Co-authored-by: Jesse Haka <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds the option to specify resources on the OIDC security policy in order to request them in the OIDC authorization request.
resolves #3036