diff --git a/BUILD b/BUILD index 42744b01..4f0cbc74 100644 --- a/BUILD +++ b/BUILD @@ -164,6 +164,7 @@ proto_library( "//envoy/extensions/filters/http/compressor/v3:pkg", "//envoy/extensions/filters/http/cors/v3:pkg", "//envoy/extensions/filters/http/csrf/v3:pkg", + "//envoy/extensions/filters/http/custom_response/v3:pkg", "//envoy/extensions/filters/http/decompressor/v3:pkg", "//envoy/extensions/filters/http/dynamic_forward_proxy/v3:pkg", "//envoy/extensions/filters/http/ext_authz/v3:pkg", @@ -230,6 +231,8 @@ proto_library( "//envoy/extensions/health_checkers/redis/v3:pkg", "//envoy/extensions/health_checkers/thrift/v3:pkg", "//envoy/extensions/http/cache/simple_http_cache/v3:pkg", + "//envoy/extensions/http/custom_response/local_response_policy/v3:pkg", + "//envoy/extensions/http/custom_response/redirect_policy/v3:pkg", "//envoy/extensions/http/header_formatters/preserve_case/v3:pkg", "//envoy/extensions/http/header_validators/envoy_default/v3:pkg", "//envoy/extensions/http/original_ip_detection/custom_header/v3:pkg", diff --git a/envoy/extensions/filters/http/custom_response/v3/BUILD b/envoy/extensions/filters/http/custom_response/v3/BUILD new file mode 100644 index 00000000..4e7598f9 --- /dev/null +++ b/envoy/extensions/filters/http/custom_response/v3/BUILD @@ -0,0 +1,13 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "@com_github_cncf_udpa//udpa/annotations:pkg", + "@com_github_cncf_udpa//xds/annotations/v3:pkg", + "@com_github_cncf_udpa//xds/type/matcher/v3:pkg", + ], +) diff --git a/envoy/extensions/filters/http/custom_response/v3/custom_response.proto b/envoy/extensions/filters/http/custom_response/v3/custom_response.proto new file mode 100644 index 00000000..0c9d2a83 --- /dev/null +++ b/envoy/extensions/filters/http/custom_response/v3/custom_response.proto @@ -0,0 +1,107 @@ +syntax = "proto3"; + +package envoy.extensions.filters.http.custom_response.v3; + +import "xds/annotations/v3/status.proto"; +import "xds/type/matcher/v3/matcher.proto"; + +import "udpa/annotations/status.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.filters.http.custom_response.v3"; +option java_outer_classname = "CustomResponseProto"; +option java_multiple_files = true; +option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/custom_response/v3;custom_responsev3"; +option (udpa.annotations.file_status).package_version_status = ACTIVE; +option (xds.annotations.v3.file_status).work_in_progress = true; + +// [#protodoc-title: Custom Response Filter] +// [#extension: envoy.filters.http.custom_response] + +// The Custom Response Filter allows for replacing upstream responses. + +// The filter configuration is a collection of custom response +// policies in a matcher tree. The configuration can be defined at the filter, +// virtual host or route level. The most specific configuration will apply. +message CustomResponse { + // Matcher to match against the original response to select a + // :ref:`Custom Response Policy ` + // that will override the original response. The matching is done by matching + // against :ref:`response header values` + // Example: + // + // .. validated-code-block:: yaml + // :type-name: xds.type.matcher.v3.Matcher + // + // matcher_list: + // matchers: + // # Apply a locally stored custom response to any 4xx response. + // - predicate: + // single_predicate: + // input: + // name: 4xx_response + // typed_config: + // "@type": type.googleapis.com/envoy.type.matcher.v3.HttpResponseStatusCodeClassMatchInput + // value_match: + // exact: "4xx" + // on_match: + // action: + // name: action + // typed_config: + // "@type": type.googleapis.com/envoy.extensions.filters.http.custom_response.v3.LocalResponsePolicy + // status_code: 499 + // body: + // inline_string: "not allowed" + // body_format: + // json_format: + // status: "%RESPONSE_CODE%" + // message: "%LOCAL_REPLY_BODY%" + // response_headers_to_add: + // - header: + // key: "foo" + // value: "x-bar" + // # Redirect to different upstream if the status code is one of 502, 503 or 504. + // - predicate: + // or_matcher: + // predicate: + // - single_predicate: + // input: + // name: "502_response" + // typed_config: + // "@type": type.googleapis.com/envoy.type.matcher.v3.HttpResponseStatusCodeMatchInput + // value_match: + // exact: "502" + // - single_predicate: + // input: + // name: "503_response" + // typed_config: + // "@type": type.googleapis.com/envoy.type.matcher.v3.HttpResponseStatusCodeMatchInput + // value_match: + // exact: "503" + // - single_predicate: + // input: + // name: "504_response" + // typed_config: + // "@type": type.googleapis.com/envoy.type.matcher.v3.HttpResponseStatusCodeMatchInput + // value_match: + // exact: "504" + // on_match: + // action: + // name: action + // typed_config: + // "@type": type.googleapis.com/envoy.extensions.filters.http.custom_response.v3.RedirectPolicy + // status_code: 299 + // uri: "https://foo.example/gateway_error" + // response_headers_to_add: + // - header: + // key: "foo2" + // value: "x-bar2" + // + // -- attention:: + // The first matched policy wins. Once the response is matched, matcher + // evaluations end. + // + // Refer to :ref:`Unified Matcher API ` + // documentation for more information on the matcher trees. + // [#extension-category: envoy.http.custom_response] + xds.type.matcher.v3.Matcher custom_response_matcher = 1; +} diff --git a/envoy/extensions/http/custom_response/local_response_policy/v3/BUILD b/envoy/extensions/http/custom_response/local_response_policy/v3/BUILD new file mode 100644 index 00000000..e9b556d6 --- /dev/null +++ b/envoy/extensions/http/custom_response/local_response_policy/v3/BUILD @@ -0,0 +1,13 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/config/core/v3:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + "@com_github_cncf_udpa//xds/annotations/v3:pkg", + ], +) diff --git a/envoy/extensions/http/custom_response/local_response_policy/v3/local_response_policy.proto b/envoy/extensions/http/custom_response/local_response_policy/v3/local_response_policy.proto new file mode 100644 index 00000000..deb13b0b --- /dev/null +++ b/envoy/extensions/http/custom_response/local_response_policy/v3/local_response_policy.proto @@ -0,0 +1,46 @@ +syntax = "proto3"; + +package envoy.extensions.http.custom_response.local_response_policy.v3; + +import "envoy/config/core/v3/base.proto"; +import "envoy/config/core/v3/substitution_format_string.proto"; + +import "google/protobuf/wrappers.proto"; + +import "xds/annotations/v3/status.proto"; + +import "udpa/annotations/status.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.http.custom_response.local_response_policy.v3"; +option java_outer_classname = "LocalResponsePolicyProto"; +option java_multiple_files = true; +option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/http/custom_response/local_response_policy/v3;local_response_policyv3"; +option (udpa.annotations.file_status).package_version_status = ACTIVE; +option (xds.annotations.v3.file_status).work_in_progress = true; + +// [#protodoc-title: Local Response Policy for Custom Response] +// [#extension: envoy.http.custom_response.local_response_policy] + +// Custom response policy to serve a locally stored response to the +// downstream. +message LocalResponsePolicy { + // Optional new local reply body text. It will be used + // in the `%LOCAL_REPLY_BODY%` command operator in the `body_format`. + config.core.v3.DataSource body = 1; + + // Optional body format to be used for this response. If `body_format` is not + // provided, and `body` is, the contents of `body` will be used to populate + // the body of the local reply without formatting. + config.core.v3.SubstitutionFormatString body_format = 2; + + // The new response status code if specified. + google.protobuf.UInt32Value status_code = 3 [(validate.rules).uint32 = {lt: 600 gte: 200}]; + + // HTTP headers to add to the response. This allows the + // response policy to append, to add or to override headers of + // the original response for local body, or the custom response from the + // remote body, before it is sent to a downstream client. + repeated config.core.v3.HeaderValueOption response_headers_to_add = 4 + [(validate.rules).repeated = {max_items: 1000}]; +} diff --git a/envoy/extensions/http/custom_response/redirect_policy/v3/BUILD b/envoy/extensions/http/custom_response/redirect_policy/v3/BUILD new file mode 100644 index 00000000..e9b556d6 --- /dev/null +++ b/envoy/extensions/http/custom_response/redirect_policy/v3/BUILD @@ -0,0 +1,13 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/config/core/v3:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + "@com_github_cncf_udpa//xds/annotations/v3:pkg", + ], +) diff --git a/envoy/extensions/http/custom_response/redirect_policy/v3/redirect_policy.proto b/envoy/extensions/http/custom_response/redirect_policy/v3/redirect_policy.proto new file mode 100644 index 00000000..15ff1a3a --- /dev/null +++ b/envoy/extensions/http/custom_response/redirect_policy/v3/redirect_policy.proto @@ -0,0 +1,73 @@ +syntax = "proto3"; + +package envoy.extensions.http.custom_response.redirect_policy.v3; + +import "envoy/config/core/v3/base.proto"; +import "envoy/config/core/v3/extension.proto"; + +import "google/protobuf/wrappers.proto"; + +import "xds/annotations/v3/status.proto"; + +import "udpa/annotations/status.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.http.custom_response.redirect_policy.v3"; +option java_outer_classname = "RedirectPolicyProto"; +option java_multiple_files = true; +option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/http/custom_response/redirect_policy/v3;redirect_policyv3"; +option (udpa.annotations.file_status).package_version_status = ACTIVE; +option (xds.annotations.v3.file_status).work_in_progress = true; + +// [#protodoc-title: Redirect Policy for Custom Response] +// [#extension: envoy.http.custom_response.redirect_policy] + +// Custom response policy to internally redirect the original response to a different +// upstream. +// [#next-free-field: 7] +message RedirectPolicy { + // [#comment: TODO(pradeepcrao): Add the ability to specify the full uri, or just host or + // path rewrite for the redirection in the same vein as + // config.route.v3.RedirectAction] + // The host that will serve the custom response. + // + // Example: + // + // .. code-block:: yaml + // + // uri: https://www.mydomain.com + // + string host = 1 [(validate.rules).string = {min_len: 1}]; + + // The path for the custom response. + // + // Example: + // + // .. code-block:: yaml + // + // path: /path/to/503_response.txt + // + string path = 2 [(validate.rules).string = {min_len: 1}]; + + // The new response status code if specified. This is used to override the + // status code of the response from the new upstream if it is not an error status. + google.protobuf.UInt32Value status_code = 3 [(validate.rules).uint32 = {lte: 999 gte: 100}]; + + // HTTP headers to add to the response. This allows the + // response policy to append, to add or to override headers of + // the original response for local body, or the custom response from the + // remote body, before it is sent to a downstream client. + // Note that these are not applied if the redirected response is an error + // response. + repeated config.core.v3.HeaderValueOption response_headers_to_add = 4 + [(validate.rules).repeated = {max_items: 1000}]; + + // HTTP headers to add to the request before it is internally redirected. + repeated config.core.v3.HeaderValueOption request_headers_to_add = 5 + [(validate.rules).repeated = {max_items: 1000}]; + + // Custom action to modify request headers before selection of the + // redirected route. + // [#comment: TODO(pradeepcrao) add an extension category.] + config.core.v3.TypedExtensionConfig modify_request_headers_action = 6; +} diff --git a/envoy/type/matcher/v3/status_code_input.proto b/envoy/type/matcher/v3/status_code_input.proto new file mode 100644 index 00000000..2242aea5 --- /dev/null +++ b/envoy/type/matcher/v3/status_code_input.proto @@ -0,0 +1,23 @@ +syntax = "proto3"; + +package envoy.type.matcher.v3; + +import "udpa/annotations/status.proto"; + +option java_package = "io.envoyproxy.envoy.type.matcher.v3"; +option java_outer_classname = "StatusCodeInputProto"; +option java_multiple_files = true; +option go_package = "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3;matcherv3"; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Common HTTP Inputs] + +// Match input indicates that matching should be done on the response status +// code. +message HttpResponseStatusCodeMatchInput { +} + +// Match input indicates that the matching should be done on the class of the +// response status code. For eg: 1xx, 2xx, 3xx, 4xx or 5xx. +message HttpResponseStatusCodeClassMatchInput { +} diff --git a/versioning/BUILD b/versioning/BUILD index a0a178b4..42fedd73 100644 --- a/versioning/BUILD +++ b/versioning/BUILD @@ -102,6 +102,7 @@ proto_library( "//envoy/extensions/filters/http/compressor/v3:pkg", "//envoy/extensions/filters/http/cors/v3:pkg", "//envoy/extensions/filters/http/csrf/v3:pkg", + "//envoy/extensions/filters/http/custom_response/v3:pkg", "//envoy/extensions/filters/http/decompressor/v3:pkg", "//envoy/extensions/filters/http/dynamic_forward_proxy/v3:pkg", "//envoy/extensions/filters/http/ext_authz/v3:pkg", @@ -168,6 +169,8 @@ proto_library( "//envoy/extensions/health_checkers/redis/v3:pkg", "//envoy/extensions/health_checkers/thrift/v3:pkg", "//envoy/extensions/http/cache/simple_http_cache/v3:pkg", + "//envoy/extensions/http/custom_response/local_response_policy/v3:pkg", + "//envoy/extensions/http/custom_response/redirect_policy/v3:pkg", "//envoy/extensions/http/header_formatters/preserve_case/v3:pkg", "//envoy/extensions/http/header_validators/envoy_default/v3:pkg", "//envoy/extensions/http/original_ip_detection/custom_header/v3:pkg",