From 6ff8028933a3fae9885a400e8b7213516f8dcc1b Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Fri, 29 Nov 2024 16:02:01 +0530 Subject: [PATCH 01/11] feat: support _meta.pre_function to execute custom logic before execution of each phase --- apisix/plugin.lua | 36 +++- apisix/plugins/example-plugin.lua | 8 + apisix/schema_def.lua | 8 +- t/admin/plugins.t | 4 +- t/misc/pre-function.t | 309 ++++++++++++++++++++++++++++++ 5 files changed, 358 insertions(+), 7 deletions(-) create mode 100644 t/misc/pre-function.t diff --git a/apisix/plugin.lua b/apisix/plugin.lua index dc22459aaf9d..7e3c2e460cf8 100644 --- a/apisix/plugin.lua +++ b/apisix/plugin.lua @@ -34,6 +34,7 @@ local type = type local local_plugins = core.table.new(32, 0) local tostring = tostring local error = error +local lua_load = load local is_http = ngx.config.subsystem == "http" local local_plugins_hash = core.table.new(0, 32) local stream_local_plugins = core.table.new(32, 0) @@ -49,6 +50,9 @@ local merged_stream_route = core.lrucache.new({ local expr_lrucache = core.lrucache.new({ ttl = 300, count = 512 }) +local meta_pre_func_load_lrucache = core.lrucache.new({ + ttl = 300, count = 512 +}) local local_conf local check_plugin_metadata @@ -901,10 +905,21 @@ local function check_single_plugin_schema(name, plugin_conf, schema_type, skip_d .. name .. " err: " .. err end - if plugin_conf._meta and plugin_conf._meta.filter then - ok, err = expr.new(plugin_conf._meta.filter) - if not ok then - return nil, "failed to validate the 'vars' expression: " .. err + if plugin_conf._meta then + if plugin_conf._meta.filter then + ok, err = expr.new(plugin_conf._meta.filter) + if not ok then + return nil, "failed to validate the 'vars' expression: " .. err + end + end + + if plugin_conf._meta.pre_function then + local pre_function, err = meta_pre_func_load_lrucache(plugin_conf._meta.pre_function, "", + lua_load, + plugin_conf._meta.pre_function, "meta pre_function") + if not pre_function then + return nil, "failed to load _meta.pre_function in plugin " .. name .. ": " .. err + end end end end @@ -1125,6 +1140,17 @@ function _M.stream_plugin_checker(item, in_cp) return true end +local function run_meta_pre_function(conf, api_ctx, name) + if conf._meta and conf._meta.pre_function then + local _, pre_function = pcall(meta_pre_func_load_lrucache(conf._meta.pre_function, "", + lua_load, + conf._meta.pre_function, "meta pre_function")) + local ok, err = pcall(pre_function, conf, api_ctx) + if not ok then + core.log.error("pre_function execution for plugin ", name, " failed: ", err) + end + end +end function _M.run_plugin(phase, plugins, api_ctx) local plugin_run = false @@ -1164,6 +1190,7 @@ function _M.run_plugin(phase, plugins, api_ctx) goto CONTINUE end + run_meta_pre_function(conf, api_ctx, plugins[i]["name"]) plugin_run = true api_ctx._plugin_name = plugins[i]["name"] local code, body = phase_func(conf, api_ctx) @@ -1202,6 +1229,7 @@ function _M.run_plugin(phase, plugins, api_ctx) local conf = plugins[i + 1] if phase_func and meta_filter(api_ctx, plugins[i]["name"], conf) then plugin_run = true + run_meta_pre_function(conf, api_ctx, plugins[i]["name"]) api_ctx._plugin_name = plugins[i]["name"] phase_func(conf, api_ctx) api_ctx._plugin_name = nil diff --git a/apisix/plugins/example-plugin.lua b/apisix/plugins/example-plugin.lua index 16086ddcd38e..767ccfae72a9 100644 --- a/apisix/plugins/example-plugin.lua +++ b/apisix/plugins/example-plugin.lua @@ -107,6 +107,10 @@ function _M.access(conf, ctx) return end +function _M.header_filter(conf, ctx) + core.log.warn("plugin header_filter phase, conf: ", core.json.encode(conf)) +end + function _M.body_filter(conf, ctx) core.log.warn("plugin body_filter phase, eof: ", ngx.arg[2], @@ -119,6 +123,10 @@ function _M.delayed_body_filter(conf, ctx) ", conf: ", core.json.encode(conf)) end +function _M.log(conf, ctx) + core.log.warn("plugin log phase, conf: ", core.json.encode(conf)) +end + local function hello() local args = ngx.req.get_uri_args() diff --git a/apisix/schema_def.lua b/apisix/schema_def.lua index b4241ff2d9f5..10ef831ae7e3 100644 --- a/apisix/schema_def.lua +++ b/apisix/schema_def.lua @@ -1027,7 +1027,13 @@ _M.plugin_injected_schema = { description = "filter determines whether the plugin ".. "needs to be executed at runtime", type = "array", - } + }, + pre_function = { + description = "function to be executed in each phase " .. + "before execution of plugins. The pre_function will have access " .. + "to two arguments: `conf` and `ctx`.", + type = "string", + }, } } } diff --git a/t/admin/plugins.t b/t/admin/plugins.t index 713d59d4cf41..6c574c2a4673 100644 --- a/t/admin/plugins.t +++ b/t/admin/plugins.t @@ -281,7 +281,7 @@ plugins: } } --- response_body eval -qr/\{"metadata_schema":\{"properties":\{"ikey":\{"minimum":0,"type":"number"\},"skey":\{"type":"string"\}\},"required":\["ikey","skey"\],"type":"object"\},"priority":0,"schema":\{"\$comment":"this is a mark for our injected plugin schema","properties":\{"_meta":\{"properties":\{"disable":\{"type":"boolean"\},"error_response":\{"oneOf":\[\{"type":"string"\},\{"type":"object"\}\]\},"filter":\{"description":"filter determines whether the plugin needs to be executed at runtime","type":"array"\},"priority":\{"description":"priority of plugins by customized order","type":"integer"\}\},"type":"object"\},"i":\{"minimum":0,"type":"number"\},"ip":\{"type":"string"\},"port":\{"type":"integer"\},"s":\{"type":"string"\},"t":\{"minItems":1,"type":"array"\}\},"required":\["i"\],"type":"object"\},"version":0.1\}/ +qr/\{"metadata_schema":\{"properties":\{"ikey":\{"minimum":0,"type":"number"\},"skey":\{"type":"string"\}\},"required":\["ikey","skey"\],"type":"object"\},"priority":0,"schema":\{"\$comment":"this is a mark for our injected plugin schema","properties":\{"_meta":\{"additionalProperties":false,"properties":\{"disable":\{"type":"boolean"\},"error_response":\{"oneOf":\[\{"type":"string"\},\{"type":"object"\}\]\},"filter":\{"description":"filter determines whether the plugin needs to be executed at runtime","type":"array"\},"pre_function":\{"description":"function to be executed in each phase before execution of plugins. The pre_function will have access to two arguments: `conf` and `ctx`.","type":"string"\},"priority":\{"description":"priority of plugins by customized order","type":"integer"\}\},"type":"object"\},"i":\{"minimum":0,"type":"number"\},"ip":\{"type":"string"\},"port":\{"type":"integer"\},"s":\{"type":"string"\},"t":\{"minItems":1,"type":"array"\}\},"required":\["i"\],"type":"object"\},"version":0.1\}/ @@ -382,7 +382,7 @@ qr/\{"encrypt_fields":\["password"\],"properties":\{"password":\{"type":"string" } } --- response_body -{"priority":1003,"schema":{"$comment":"this is a mark for our injected plugin schema","properties":{"_meta":{"properties":{"disable":{"type":"boolean"},"error_response":{"oneOf":[{"type":"string"},{"type":"object"}]},"filter":{"description":"filter determines whether the plugin needs to be executed at runtime","type":"array"},"priority":{"description":"priority of plugins by customized order","type":"integer"}},"type":"object"},"burst":{"minimum":0,"type":"integer"},"conn":{"exclusiveMinimum":0,"type":"integer"},"default_conn_delay":{"exclusiveMinimum":0,"type":"number"},"key":{"type":"string"},"key_type":{"default":"var","enum":["var","var_combination"],"type":"string"},"only_use_default_delay":{"default":false,"type":"boolean"}},"required":["conn","burst","default_conn_delay","key"],"type":"object"},"version":0.1} +{"priority":1003,"schema":{"$comment":"this is a mark for our injected plugin schema","properties":{"_meta":{"additionalProperties":false,"properties":{"disable":{"type":"boolean"},"error_response":{"oneOf":[{"type":"string"},{"type":"object"}]},"filter":{"description":"filter determines whether the plugin needs to be executed at runtime","type":"array"},"pre_function":{"description":"function to be executed in each phase before execution of plugins. The pre_function will have access to two arguments: `conf` and `ctx`.","type":"string"},"priority":{"description":"priority of plugins by customized order","type":"integer"}},"type":"object"},"burst":{"minimum":0,"type":"integer"},"conn":{"exclusiveMinimum":0,"type":"integer"},"default_conn_delay":{"exclusiveMinimum":0,"type":"number"},"key":{"type":"string"},"key_type":{"default":"var","enum":["var","var_combination"],"type":"string"},"only_use_default_delay":{"default":false,"type":"boolean"}},"required":["conn","burst","default_conn_delay","key"],"type":"object"},"version":0.1} diff --git a/t/misc/pre-function.t b/t/misc/pre-function.t new file mode 100644 index 000000000000..f303d6d5a460 --- /dev/null +++ b/t/misc/pre-function.t @@ -0,0 +1,309 @@ +use t::APISIX 'no_plan'; + +repeat_each(1); +no_long_string(); +no_root_location(); +log_level("info"); + +$ENV{TEST_NGINX_HTML_DIR} ||= html_dir(); + +add_block_preprocessor(sub { + my ($block) = @_; + + if (!$block->request) { + $block->set_value("request", "GET /t"); + } +}); + +run_tests; + +__DATA__ + +=== TEST 1: invalid pre_function +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local code, body = t('/apisix/admin/routes/1', + ngx.HTTP_PUT, + [[{ + "methods": ["GET"], + "plugins": { + "limit-count": { + "count": 2, + "time_window": 60, + "rejected_code": 503, + "key": "remote_addr", + "_meta": { + "pre_function": "not a function" + } + } + }, + "upstream": { + "nodes": { + "127.0.0.1:1980": 1 + }, + "type": "roundrobin" + }, + "uri": "/hello" + }]] + ) + + if code >= 300 then + ngx.status = code + end + ngx.print(body) + } + } +--- error_code: 400 +--- response_body +{"error_msg":"failed to load _meta.pre_function in plugin limit-count: [string \"meta pre_function\"]:1: unexpected symbol near 'not'"} + + + +=== TEST 2: attempt setting pre_function in _meta with a typo in `pre_function` +# this is to test the case where user (or CP) would attempt configuring pre_function +# using incorrect field name, this validation is achieved by setting `additionalProperties = false` +# in schema_def.lua +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local code, body = t('/apisix/admin/routes/1', + ngx.HTTP_PUT, + [[{ + "methods": ["GET"], + "plugins": { + "limit-count": { + "count": 2, + "time_window": 60, + "rejected_code": 503, + "key": "remote_addr", + "_meta": { + "prefunction": "not a function" + } + } + }, + "upstream": { + "nodes": { + "127.0.0.1:1980": 1 + }, + "type": "roundrobin" + }, + "uri": "/hello" + }]] + ) + + if code >= 300 then + ngx.status = code + end + ngx.print(body) + } + } +--- error_code: 400 +--- response_body +{"error_msg":"failed to check the configuration of plugin limit-count err: property \"_meta\" validation failed: additional properties forbidden, found prefunction"} + + + +=== TEST 3: pre_function with error in code +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local code, body = t('/apisix/admin/routes/1', + ngx.HTTP_PUT, + [[{ + "methods": ["GET"], + "plugins": { + "limit-count": { + "count": 2, + "time_window": 60, + "rejected_code": 503, + "key": "remote_addr", + "_meta": { + "pre_function": "return function() print(invalid.index) end" + } + } + }, + "upstream": { + "nodes": { + "127.0.0.1:1980": 1 + }, + "type": "roundrobin" + }, + "uri": "/hello" + }]] + ) + + if code >= 300 then + ngx.status = code + end + ngx.say(body) + } + } +--- error_code: 200 +--- response_body +passed + + + +=== TEST 4: sending request will execute erroneous code and print error log +--- request +GET /hello +--- error_log +pre_function execution for plugin limit-count failed: [string "meta pre_function"]:1: attempt to index global 'invalid' (a nil value), + + + +=== TEST 5: test pre_function sanity: correct function +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local code, body = t('/apisix/admin/routes/1', + ngx.HTTP_PUT, + [[{ + "methods": ["GET"], + "plugins": { + "limit-count": { + "count": 2, + "time_window": 60, + "rejected_code": 503, + "key": "remote_addr", + "_meta": { + "pre_function": "return function(conf, ctx) ngx.log(ngx.WARN, 'hello ', ngx.req.get_headers()[\"User-Agent\"]) end" + } + } + }, + "upstream": { + "nodes": { + "127.0.0.1:1980": 1 + }, + "type": "roundrobin" + }, + "uri": "/hello" + }]] + ) + + if code >= 300 then + ngx.status = code + end + ngx.say(body) + } + } +--- error_code: 200 +--- response_body +passed + + + +=== TEST 6: request +--- request +GET /hello +--- more_headers +User-Agent: test-nginx +--- error_log +hello test-nginx + + + +=== TEST 7: pre_function is executed in all phases +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local code, body = t('/apisix/admin/routes/1', + ngx.HTTP_PUT, + [[{ + "plugins": { + "example-plugin": { + "i": 11, + "_meta": { + "pre_function": "return function(conf, ctx) ngx.log(ngx.WARN, 'hello: ', ngx.get_phase()) end" + } + } + }, + "upstream": { + "nodes": { + "127.0.0.1:1980": 1 + }, + "type": "roundrobin" + }, + "uri": "/hello" + }]] + ) + + if code >= 300 then + ngx.status = code + end + ngx.say(body) + } + } +--- error_code: 200 +--- response_body +passed + + + +=== TEST 8: request +--- request +GET /hello +--- error_log +hello: access +hello: header_filter +hello: body_filter +hello: log + + + +=== TEST 9: test pre-function with proxy-rewrite, (rewrite phase) +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local code, body = t('/apisix/admin/routes/1', + ngx.HTTP_PUT, + [[{ + "plugins": { + "proxy-rewrite": { + "uri": "/uri", + "headers": { + "x-api": "$example_var_name" + }, + "_meta": { + "pre_function": "return function(conf, ctx) local core = require \"apisix.core\" core.ctx.register_var(\"example_var_name\", function(ctx) return \"example_var_value\" end) end" + } + } + }, + "upstream": { + "nodes": { + "127.0.0.1:1980": 1 + }, + "type": "roundrobin" + }, + "uri": "/hello" + }]] + ) + + if code >= 300 then + ngx.status = code + end + ngx.say(body) + } + } +--- request +GET /t +--- response_body +passed + + + +=== TEST 10: hit route(header supports nginx variables) +--- request +GET /hello +--- response_body +uri: /uri +host: localhost +x-api: example_var_value +x-real-ip: 127.0.0.1 From 0005be21b63b6bf01e6fa994fea0f76654877835 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Fri, 29 Nov 2024 16:04:48 +0530 Subject: [PATCH 02/11] add license --- t/misc/pre-function.t | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/t/misc/pre-function.t b/t/misc/pre-function.t index f303d6d5a460..316c93ccbd8c 100644 --- a/t/misc/pre-function.t +++ b/t/misc/pre-function.t @@ -1,3 +1,19 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# use t::APISIX 'no_plan'; repeat_each(1); From bd1bb5d0cc28cefa0a9145c5b09e440e66310a34 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Tue, 3 Dec 2024 13:40:20 +0530 Subject: [PATCH 03/11] fix lint --- apisix/plugin.lua | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/apisix/plugin.lua b/apisix/plugin.lua index 7e3c2e460cf8..0aacfd892d52 100644 --- a/apisix/plugin.lua +++ b/apisix/plugin.lua @@ -914,11 +914,13 @@ local function check_single_plugin_schema(name, plugin_conf, schema_type, skip_d end if plugin_conf._meta.pre_function then - local pre_function, err = meta_pre_func_load_lrucache(plugin_conf._meta.pre_function, "", + local pre_function, err = meta_pre_func_load_lrucache(plugin_conf._meta.pre_function + , "", lua_load, plugin_conf._meta.pre_function, "meta pre_function") if not pre_function then - return nil, "failed to load _meta.pre_function in plugin " .. name .. ": " .. err + return nil, "failed to load _meta.pre_function in plugin " .. name .. ": " + .. err end end end From 696430d16a50042194c7fdb6e13cd474b8c0e7e4 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Mon, 16 Dec 2024 13:58:52 +0530 Subject: [PATCH 04/11] fix lint and test --- apisix/plugin.lua | 10 +++++----- apisix/schema_def.lua | 3 ++- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/apisix/plugin.lua b/apisix/plugin.lua index 0aacfd892d52..11e38218b98b 100644 --- a/apisix/plugin.lua +++ b/apisix/plugin.lua @@ -34,7 +34,7 @@ local type = type local local_plugins = core.table.new(32, 0) local tostring = tostring local error = error -local lua_load = load +local load = load local is_http = ngx.config.subsystem == "http" local local_plugins_hash = core.table.new(0, 32) local stream_local_plugins = core.table.new(32, 0) @@ -193,7 +193,7 @@ local function load_plugin(name, plugins_list, plugin_type) end -local function load(plugin_names, wasm_plugin_names) +local function plugin_load(plugin_names, wasm_plugin_names) local processed = {} for _, name in ipairs(plugin_names) do if processed[name] == nil then @@ -346,7 +346,7 @@ function _M.load(config) wasm_plugin_names = local_conf.wasm.plugins end - local ok, err = load(http_plugin_names, wasm_plugin_names) + local ok, err = plugin_load(http_plugin_names, wasm_plugin_names) if not ok then core.log.error("failed to load plugins: ", err) end @@ -916,7 +916,7 @@ local function check_single_plugin_schema(name, plugin_conf, schema_type, skip_d if plugin_conf._meta.pre_function then local pre_function, err = meta_pre_func_load_lrucache(plugin_conf._meta.pre_function , "", - lua_load, + load, plugin_conf._meta.pre_function, "meta pre_function") if not pre_function then return nil, "failed to load _meta.pre_function in plugin " .. name .. ": " @@ -1145,7 +1145,7 @@ end local function run_meta_pre_function(conf, api_ctx, name) if conf._meta and conf._meta.pre_function then local _, pre_function = pcall(meta_pre_func_load_lrucache(conf._meta.pre_function, "", - lua_load, + load, conf._meta.pre_function, "meta pre_function")) local ok, err = pcall(pre_function, conf, api_ctx) if not ok then diff --git a/apisix/schema_def.lua b/apisix/schema_def.lua index 10ef831ae7e3..a19f3fac7235 100644 --- a/apisix/schema_def.lua +++ b/apisix/schema_def.lua @@ -1034,7 +1034,8 @@ _M.plugin_injected_schema = { "to two arguments: `conf` and `ctx`.", type = "string", }, - } + }, + additionalProperties = false, } } From 37d32016ae73057150fa7ca1984595a6ff44e689 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 18 Dec 2024 12:22:26 +0530 Subject: [PATCH 05/11] fix lint --- apisix/plugin.lua | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/apisix/plugin.lua b/apisix/plugin.lua index 11e38218b98b..6d83c52d0af6 100644 --- a/apisix/plugin.lua +++ b/apisix/plugin.lua @@ -34,7 +34,9 @@ local type = type local local_plugins = core.table.new(32, 0) local tostring = tostring local error = error -local load = load +-- make linter happy to avoid error: getting the Lua global "load" +-- luacheck: ignore +local lua_load = load local is_http = ngx.config.subsystem == "http" local local_plugins_hash = core.table.new(0, 32) local stream_local_plugins = core.table.new(32, 0) @@ -193,7 +195,7 @@ local function load_plugin(name, plugins_list, plugin_type) end -local function plugin_load(plugin_names, wasm_plugin_names) +local function load(plugin_names, wasm_plugin_names) local processed = {} for _, name in ipairs(plugin_names) do if processed[name] == nil then @@ -346,7 +348,7 @@ function _M.load(config) wasm_plugin_names = local_conf.wasm.plugins end - local ok, err = plugin_load(http_plugin_names, wasm_plugin_names) + local ok, err = load(http_plugin_names, wasm_plugin_names) if not ok then core.log.error("failed to load plugins: ", err) end @@ -916,7 +918,7 @@ local function check_single_plugin_schema(name, plugin_conf, schema_type, skip_d if plugin_conf._meta.pre_function then local pre_function, err = meta_pre_func_load_lrucache(plugin_conf._meta.pre_function , "", - load, + lua_load, plugin_conf._meta.pre_function, "meta pre_function") if not pre_function then return nil, "failed to load _meta.pre_function in plugin " .. name .. ": " @@ -1145,7 +1147,7 @@ end local function run_meta_pre_function(conf, api_ctx, name) if conf._meta and conf._meta.pre_function then local _, pre_function = pcall(meta_pre_func_load_lrucache(conf._meta.pre_function, "", - load, + lua_load, conf._meta.pre_function, "meta pre_function")) local ok, err = pcall(pre_function, conf, api_ctx) if not ok then From 2305346c11d6a33185dff2598236b9463e9e022f Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 18 Dec 2024 12:25:46 +0530 Subject: [PATCH 06/11] fix lint --- apisix/plugin.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apisix/plugin.lua b/apisix/plugin.lua index 6d83c52d0af6..77a365a42b62 100644 --- a/apisix/plugin.lua +++ b/apisix/plugin.lua @@ -35,7 +35,7 @@ local local_plugins = core.table.new(32, 0) local tostring = tostring local error = error -- make linter happy to avoid error: getting the Lua global "load" --- luacheck: ignore +-- luacheck: global local lua_load = load local is_http = ngx.config.subsystem == "http" local local_plugins_hash = core.table.new(0, 32) From 7b5af3a30023a29ca9fca92aeca59283e70ba789 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 18 Dec 2024 12:34:11 +0530 Subject: [PATCH 07/11] fix lint --- apisix/plugin.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apisix/plugin.lua b/apisix/plugin.lua index 77a365a42b62..6d83c52d0af6 100644 --- a/apisix/plugin.lua +++ b/apisix/plugin.lua @@ -35,7 +35,7 @@ local local_plugins = core.table.new(32, 0) local tostring = tostring local error = error -- make linter happy to avoid error: getting the Lua global "load" --- luacheck: global +-- luacheck: ignore local lua_load = load local is_http = ngx.config.subsystem == "http" local local_plugins_hash = core.table.new(0, 32) From e652c63376104e3cd71ba886b0b4a1e08b1fc3ac Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Wed, 18 Dec 2024 12:48:23 +0530 Subject: [PATCH 08/11] use luacheck: globals load --- apisix/plugin.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apisix/plugin.lua b/apisix/plugin.lua index 6d83c52d0af6..e2f93b5a44f3 100644 --- a/apisix/plugin.lua +++ b/apisix/plugin.lua @@ -35,7 +35,7 @@ local local_plugins = core.table.new(32, 0) local tostring = tostring local error = error -- make linter happy to avoid error: getting the Lua global "load" --- luacheck: ignore +-- luacheck: globals load, ignore lua_load local lua_load = load local is_http = ngx.config.subsystem == "http" local local_plugins_hash = core.table.new(0, 32) From 783bbf5b1b96f521ab256f91cad819e1c46e108f Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Tue, 24 Dec 2024 12:54:41 +0530 Subject: [PATCH 09/11] add load in lj-relang --- .gitignore | 1 - utils/lj-releng | 213 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 213 insertions(+), 1 deletion(-) create mode 100755 utils/lj-releng diff --git a/.gitignore b/.gitignore index 94669c34502a..549d9384a541 100644 --- a/.gitignore +++ b/.gitignore @@ -56,7 +56,6 @@ uwsgi_temp proxy_temp fastcgi_temp client_body_temp -utils/lj-releng utils/reindex *.etcd/ t/lib/dubbo*/**/target/ diff --git a/utils/lj-releng b/utils/lj-releng new file mode 100755 index 000000000000..bd75fce4e707 --- /dev/null +++ b/utils/lj-releng @@ -0,0 +1,213 @@ +#!/usr/bin/env perl + +use strict; +use warnings; + +use Getopt::Std; + +my (@luas, @tests); + +my $hits = 0; +my $RED = "\033[1;31m"; +my $NC = "\033[0m"; # No Color + +my %opts; +getopts('Lse', \%opts) or die "Usage: lj-releng [-L] [-s] [-e] [files]\n"; + +my $silent = $opts{s}; +my $stop_on_error = $opts{e}; +my $no_long_line_check = $opts{L}; + +my $check_lua_ver = "luajit -v | awk '{print\$2}'| grep 2.1"; +my $output = `$check_lua_ver`; +if ($output eq '') { + die "ERROR: lj-releng ONLY supports LuaJIT 2.1!\n"; +} + +if ($#ARGV != -1) { + @luas = @ARGV; + +} else { + @luas = split /\n/, `find . -name '*.lua'`; + if (-d 't') { + @tests = map glob, qw{ t/*.t t/*/*.t t/*/*/*.t }; + } +} + +for my $f (sort @luas) { + process_file($f); +} + +for my $t (@tests) { + blank(qq{grep -H -n --color -E '\\--- ?(ONLY|LAST)' $t}); +} + +if ($hits) { + exit 1; +} + +# p: prints a string to STDOUT appending \n +# w: prints a string to STDERR appending \n +# Both respect the $silent value +sub p { print "$_[0]\n" if (!$silent) } +sub w { warn "$_[0]\n" if (!$silent) } + +# blank: runs a command and looks at the output. If the output is not +# blank it is printed (and the program dies if stop_on_error is 1) +sub blank { + my ($command) = @_; + if ($stop_on_error) { + my $output = `$command`; + if ($output ne '') { + die $output; + } + } else { + system($command); + } +} + +my $version; +sub process_file { + my $file = shift; + # Check the sanity of each .lua file + open my $in, $file or + die "ERROR: Can't open $file for reading: $!\n"; + my $found_ver; + while (<$in>) { + my ($ver, $skipping); + if (/(?x) (?:_VERSION|version) \s* = .*? ([\d\.]*\d+) (.*? SKIP)?/) { + my $orig_ver = $ver = $1; + $found_ver = 1; + $skipping = $2; + $ver =~ s{^(\d+)\.(\d{3})(\d{3})$}{join '.', int($1), int($2), int($3)}e; + print("$file: $orig_ver ($ver)\n"); + last; + + } elsif (/(?x) (?:_VERSION|version) \s* = \s* ([a-zA-Z_]\S*)/) { + print("$file: $1\n"); + $found_ver = 1; + last; + } + + if ($ver and $version and !$skipping) { + if ($version ne $ver) { + die "$file: $ver != $version\n"; + } + } elsif ($ver and !$version) { + $version = $ver; + } + } + # if (!$found_ver) { + # w("WARNING: No \"_VERSION\" or \"version\" field found in `$file`."); + # } + close $in; + + #p("Checking use of Lua global variables in file $file..."); + #p("op no. line opcode args ; code"); + my $cmd = "luajit -bL $file"; + open $in, "$cmd|" + or die "cannot open output pipe for \"$cmd\": $!"; + my @sections; + my $sec; + while (<$in>) { + + #warn "line: $_"; + + if (/^-- BYTECODE -- \S.*?:(\d+)-\d+$/) { + my $def_line = $1; + #warn "$file: $line"; + if (defined $sec) { + push @sections, $sec; + + } + $sec = { + def_line => $def_line, + gsets => [], + ggets => [], + }; + next; + } + + if (/^ \d+ \s+ \[ (\d+) \] \s+ (?: \W+ \s+ )? G([GS])ET \s+ .*? ; \s+ \"([^"]+)" $/x) { + my ($line, $op, $name) = ($1, $2, $3); + + #warn "found: $line $op $name"; + if ($op eq 'S') { + push @{ $sec->{gsets} }, [$line, $name]; + } else { + push @{ $sec->{ggets} }, [$line, $name]; + } + + next; + } + + if (/^ \d+ \s+ \[ \d+ \] \s+ (G[GS]ET) \s+ $/x) { + die "bad $1 instruction: $_"; + } + } + close $in; + + if (defined $sec) { + push @sections, $sec; + } + + my $last_idx = $#sections; + my $i = 0; + for my $sec (@sections) { + my $def_line = $sec->{def_line}; + + my $gsets = $sec->{gsets}; + my $ggets = $sec->{ggets}; + + for my $gset (@$gsets) { + $hits++; + my ($line, $name) = @$gset; + warn "${RED}ERROR${NC}: $file: line $line: setting the Lua global ", + "\"$name\"\n"; + } + + if ($i == $last_idx) { + # being the top-level chunk + + for my $gget (@$ggets) { + my ($line, $name) = @$gget; + + if ($name =~ /^ (?: require|type|tostring|error|ngx|ndk|jit + |setmetatable|getmetatable|string|table|io + |os|print|tonumber|math|pcall|xpcall|unpack + |pairs|ipairs|assert|module|package + |coroutine|[gs]etfenv|next|rawget|rawset + |loadstring|dofile|collectgarbage|load + |rawlen|select|arg|bit|debug|ngx|ndk|newproxy)$/x) + { + next; + } + + $hits++; + warn "${RED}ERROR${NC}: $file: line $line: getting the Lua ", + "global \"$name\"\n"; + } + + next; + } + + for my $gget (@$ggets) { + $hits++; + my ($line, $name) = @$gget; + warn "${RED}ERROR${NC}: $file: line $line: getting the Lua ", + "global \"$name\"\n"; + } + + } continue { + $i++; + } + + if ($stop_on_error && $hits > 0) { + exit 1 + } + + unless ($no_long_line_check) { + p("Checking line length exceeding 100..."); + blank("grep -H -n -E --color '.{101}' $file | awk '{ print \"ERROR:\" \$0 }'"); + } +} From 4174c6b5481234a8829f19b381bce5cbc9f1a29c Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Tue, 24 Dec 2024 12:56:30 +0530 Subject: [PATCH 10/11] add license --- utils/lj-releng | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/utils/lj-releng b/utils/lj-releng index bd75fce4e707..cd46a3e0ea92 100755 --- a/utils/lj-releng +++ b/utils/lj-releng @@ -1,5 +1,20 @@ #!/usr/bin/env perl - +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# use strict; use warnings; From 1b232189add29f2b33095ea717bb278e9fd983c5 Mon Sep 17 00:00:00 2001 From: Ashish Tiwari Date: Fri, 17 Jan 2025 14:13:04 +0530 Subject: [PATCH 11/11] merge Signed-off-by: Ashish Tiwari --- diff_report.md | 134 ------- diffs/diff_ai-proxy.lua.diff | 8 - diffs/diff_ai.lua.diff | 16 - diffs/diff_attach-consumer-label.lua.diff | 28 -- diffs/diff_basic-auth.lua.diff | 82 ---- diffs/diff_body-transformer.lua.diff | 65 --- diffs/diff_brotli.lua.diff | 249 ------------ diffs/diff_chaitin-waf.lua.diff | 374 ------------------ diffs/diff_client-control.lua.diff | 6 - diffs/diff_consumer-restriction.lua.diff | 6 - diffs/diff_error-log-logger.lua.diff | 2 - diffs/diff_example-plugin.lua.diff | 29 -- diffs/diff_exporter.lua.diff | 321 --------------- diffs/diff_file-logger.lua.diff | 21 - diffs/diff_gm.lua.diff | 4 - diffs/diff_gzip.lua.diff | 4 - diffs/diff_helper.lua.diff | 6 - diffs/diff_hmac-auth.lua.diff | 96 ----- diffs/diff_http-dubbo.lua.diff | 263 ------------ diffs/diff_init.lua.diff | 37 -- diffs/diff_jwe-decrypt.lua.diff | 280 ------------- diffs/diff_jwt-auth.lua.diff | 368 ----------------- diffs/diff_kafka-logger.lua.diff | 21 - diffs/diff_key-auth.lua.diff | 61 --- diffs/diff_ldap-auth.lua.diff | 20 - diffs/diff_limit-conn-redis-cluster.lua.diff | 79 ---- diffs/diff_limit-conn-redis.lua.diff | 86 ---- diffs/diff_limit-conn.lua.diff | 45 --- diffs/diff_limit-count-local.lua.diff | 7 - diffs/diff_limit-count-redis-cluster.lua.diff | 75 ---- diffs/diff_limit-count-redis.lua.diff | 84 ---- diffs/diff_limit-count.lua.diff | 27 -- diffs/diff_limit-req-redis-cluster.lua.diff | 51 --- diffs/diff_limit-req-redis.lua.diff | 55 --- diffs/diff_limit-req.lua.diff | 75 ---- diffs/diff_log-rotate.lua.diff | 83 ---- diffs/diff_memory.lua.diff | 22 -- diffs/diff_memory_handler.lua.diff | 17 - diffs/diff_mocking.lua.diff | 2 - diffs/diff_multi-auth.lua.diff | 51 --- diffs/diff_node-status.lua.diff | 4 - diffs/diff_ocsp-stapling.lua.diff | 221 ----------- diffs/diff_opa.lua.diff | 2 - diffs/diff_openai.lua.diff | 34 -- diffs/diff_openid-connect.lua.diff | 107 ----- diffs/diff_opentelemetry.lua.diff | 123 ------ diffs/diff_openwhisk.lua.diff | 4 - diffs/diff_proxy-control.lua.diff | 4 - diffs/diff_proxy-mirror.lua.diff | 26 -- diffs/diff_proxy-rewrite.lua.diff | 105 ----- diffs/diff_real-ip.lua.diff | 8 - diffs/diff_request-id.lua.diff | 206 ---------- diffs/diff_response-rewrite.lua.diff | 24 -- diffs/diff_skywalking-logger.lua.diff | 4 - diffs/diff_skywalking.lua.diff | 57 --- diffs/diff_sls-logger.lua.diff | 10 - diffs/diff_traffic-split.lua.diff | 23 -- diffs/diff_ua-restriction.lua.diff | 8 - diffs/diff_util.lua.diff | 82 ---- diffs/diff_workflow.lua.diff | 58 --- diffs/diff_zipkin.lua.diff | 32 -- ee-apisix-diff-reporter | 132 ------- 62 files changed, 4534 deletions(-) delete mode 100644 diff_report.md delete mode 100644 diffs/diff_ai-proxy.lua.diff delete mode 100644 diffs/diff_ai.lua.diff delete mode 100644 diffs/diff_attach-consumer-label.lua.diff delete mode 100644 diffs/diff_basic-auth.lua.diff delete mode 100644 diffs/diff_body-transformer.lua.diff delete mode 100644 diffs/diff_brotli.lua.diff delete mode 100644 diffs/diff_chaitin-waf.lua.diff delete mode 100644 diffs/diff_client-control.lua.diff delete mode 100644 diffs/diff_consumer-restriction.lua.diff delete mode 100644 diffs/diff_error-log-logger.lua.diff delete mode 100644 diffs/diff_example-plugin.lua.diff delete mode 100644 diffs/diff_exporter.lua.diff delete mode 100644 diffs/diff_file-logger.lua.diff delete mode 100644 diffs/diff_gm.lua.diff delete mode 100644 diffs/diff_gzip.lua.diff delete mode 100644 diffs/diff_helper.lua.diff delete mode 100644 diffs/diff_hmac-auth.lua.diff delete mode 100644 diffs/diff_http-dubbo.lua.diff delete mode 100644 diffs/diff_init.lua.diff delete mode 100644 diffs/diff_jwe-decrypt.lua.diff delete mode 100644 diffs/diff_jwt-auth.lua.diff delete mode 100644 diffs/diff_kafka-logger.lua.diff delete mode 100644 diffs/diff_key-auth.lua.diff delete mode 100644 diffs/diff_ldap-auth.lua.diff delete mode 100644 diffs/diff_limit-conn-redis-cluster.lua.diff delete mode 100644 diffs/diff_limit-conn-redis.lua.diff delete mode 100644 diffs/diff_limit-conn.lua.diff delete mode 100644 diffs/diff_limit-count-local.lua.diff delete mode 100644 diffs/diff_limit-count-redis-cluster.lua.diff delete mode 100644 diffs/diff_limit-count-redis.lua.diff delete mode 100644 diffs/diff_limit-count.lua.diff delete mode 100644 diffs/diff_limit-req-redis-cluster.lua.diff delete mode 100644 diffs/diff_limit-req-redis.lua.diff delete mode 100644 diffs/diff_limit-req.lua.diff delete mode 100644 diffs/diff_log-rotate.lua.diff delete mode 100644 diffs/diff_memory.lua.diff delete mode 100644 diffs/diff_memory_handler.lua.diff delete mode 100644 diffs/diff_mocking.lua.diff delete mode 100644 diffs/diff_multi-auth.lua.diff delete mode 100644 diffs/diff_node-status.lua.diff delete mode 100644 diffs/diff_ocsp-stapling.lua.diff delete mode 100644 diffs/diff_opa.lua.diff delete mode 100644 diffs/diff_openai.lua.diff delete mode 100644 diffs/diff_openid-connect.lua.diff delete mode 100644 diffs/diff_opentelemetry.lua.diff delete mode 100644 diffs/diff_openwhisk.lua.diff delete mode 100644 diffs/diff_proxy-control.lua.diff delete mode 100644 diffs/diff_proxy-mirror.lua.diff delete mode 100644 diffs/diff_proxy-rewrite.lua.diff delete mode 100644 diffs/diff_real-ip.lua.diff delete mode 100644 diffs/diff_request-id.lua.diff delete mode 100644 diffs/diff_response-rewrite.lua.diff delete mode 100644 diffs/diff_skywalking-logger.lua.diff delete mode 100644 diffs/diff_skywalking.lua.diff delete mode 100644 diffs/diff_sls-logger.lua.diff delete mode 100644 diffs/diff_traffic-split.lua.diff delete mode 100644 diffs/diff_ua-restriction.lua.diff delete mode 100644 diffs/diff_util.lua.diff delete mode 100644 diffs/diff_workflow.lua.diff delete mode 100644 diffs/diff_zipkin.lua.diff delete mode 100755 ee-apisix-diff-reporter diff --git a/diff_report.md b/diff_report.md deleted file mode 100644 index b1d92d4c5e8e..000000000000 --- a/diff_report.md +++ /dev/null @@ -1,134 +0,0 @@ -# Diff Report -## Files compared between apisix and api7-ee-3-gateway. -| Filepath | Diff | Related PRs | -|----------|------|-------------| -| ./apisix/plugins/elasticsearch-logger.lua | No diff πŸ’― | - | -| ./apisix/plugins/serverless-post-function.lua | No diff πŸ’― | - | -| ./apisix/plugins/loki-logger.lua | No diff πŸ’― | - | -| ./apisix/plugins/authz-keycloak.lua | No diff πŸ’― | - | -| ./apisix/plugins/ext-plugin-post-resp.lua | No diff πŸ’― | - | -| ./apisix/plugins/file-logger.lua | Diff found and saved to diffs/diff_file-logger.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/file-logger.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/file-logger.lua | -| ./apisix/plugins/degraphql.lua | No diff πŸ’― | - | -| ./apisix/plugins/brotli.lua | Diff found and saved to diffs/diff_brotli.lua.diff βœ… | github.com/apache/apisix/pull/10515, github.com/apache/apisix/pull/10740, github.com/apache/apisix/pull/11087 | -| ./apisix/plugins/ai-proxy.lua | Diff found and saved to diffs/diff_ai-proxy.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/ai-proxy.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/ai-proxy.lua | -| ./apisix/plugins/tcp-logger.lua | No diff πŸ’― | - | -| ./apisix/plugins/openid-connect.lua | Diff found and saved to diffs/diff_openid-connect.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/openid-connect.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/openid-connect.lua | -| ./apisix/plugins/jwe-decrypt.lua | Diff found and saved to diffs/diff_jwe-decrypt.lua.diff βœ… | github.com/apache/apisix/pull/10252, github.com/apache/apisix/pull/10843, github.com/apache/apisix/pull/10928, github.com/apache/apisix/pull/11095 | -| ./apisix/plugins/syslog/init.lua | No diff πŸ’― | - | -| ./apisix/plugins/prometheus.lua | No diff πŸ’― | - | -| ./apisix/plugins/ext-plugin/init.lua | Diff found and saved to diffs/diff_init.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/ext-plugin/init.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/ext-plugin/init.lua | -| ./apisix/plugins/ext-plugin/helper.lua | No diff πŸ’― | - | -| ./apisix/plugins/client-control.lua | Diff found and saved to diffs/diff_client-control.lua.diff βœ… | github.com/apache/apisix/pull/10522, github.com/apache/apisix/pull/10635 | -| ./apisix/plugins/ai-prompt-decorator.lua | No diff πŸ’― | - | -| ./apisix/plugins/ua-restriction.lua | Diff found and saved to diffs/diff_ua-restriction.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/ua-restriction.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/ua-restriction.lua | -| ./apisix/plugins/proxy-mirror.lua | Diff found and saved to diffs/diff_proxy-mirror.lua.diff βœ… | github.com/apache/apisix/pull/9388 | -| ./apisix/plugins/rocketmq-logger.lua | No diff πŸ’― | - | -| ./apisix/plugins/proxy-cache/init.lua | Diff found and saved to diffs/diff_init.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/proxy-cache/init.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/proxy-cache/init.lua | -| ./apisix/plugins/proxy-cache/disk_handler.lua | No diff πŸ’― | - | -| ./apisix/plugins/proxy-cache/util.lua | No diff πŸ’― | - | -| ./apisix/plugins/proxy-cache/memory.lua | Diff found and saved to diffs/diff_memory.lua.diff βœ… | github.com/apache/apisix/pull/10138, github.com/apache/apisix/pull/11048 | -| ./apisix/plugins/proxy-cache/memory_handler.lua | Diff found and saved to diffs/diff_memory_handler.lua.diff βœ… | github.com/apache/apisix/pull/11048 | -| ./apisix/plugins/openfunction.lua | No diff πŸ’― | - | -| ./apisix/plugins/serverless/init.lua | No diff πŸ’― | - | -| ./apisix/plugins/serverless/generic-upstream.lua | No diff πŸ’― | - | -| ./apisix/plugins/multi-auth.lua | Diff found and saved to diffs/diff_multi-auth.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/multi-auth.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/multi-auth.lua | -| ./apisix/plugins/body-transformer.lua | Diff found and saved to diffs/diff_body-transformer.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/body-transformer.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/body-transformer.lua | -| ./apisix/plugins/basic-auth.lua | Diff found and saved to diffs/diff_basic-auth.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/basic-auth.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/basic-auth.lua | -| ./apisix/plugins/public-api.lua | No diff πŸ’― | - | -| ./apisix/plugins/error-log-logger.lua | Diff found and saved to diffs/diff_error-log-logger.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/error-log-logger.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/error-log-logger.lua | -| ./apisix/plugins/ext-plugin-pre-req.lua | No diff πŸ’― | - | -| ./apisix/plugins/key-auth.lua | Diff found and saved to diffs/diff_key-auth.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/key-auth.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/key-auth.lua | -| ./apisix/plugins/tencent-cloud-cls/cls-sdk.lua | No diff πŸ’― | - | -| ./apisix/plugins/http-dubbo.lua | Diff found and saved to diffs/diff_http-dubbo.lua.diff βœ… | github.com/apache/apisix/pull/10703 | -| ./apisix/plugins/ext-plugin-post-req.lua | No diff πŸ’― | - | -| ./apisix/plugins/limit-count/init.lua | Diff found and saved to diffs/diff_init.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/limit-count/init.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/limit-count/init.lua | -| ./apisix/plugins/limit-count/limit-count-redis.lua | Diff found and saved to diffs/diff_limit-count-redis.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/limit-count/limit-count-redis.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/limit-count/limit-count-redis.lua | -| ./apisix/plugins/limit-count/limit-count-local.lua | Diff found and saved to diffs/diff_limit-count-local.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/limit-count/limit-count-local.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/limit-count/limit-count-local.lua | -| ./apisix/plugins/limit-count/limit-count-redis-cluster.lua | Diff found and saved to diffs/diff_limit-count-redis-cluster.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/limit-count/limit-count-redis-cluster.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/limit-count/limit-count-redis-cluster.lua | -| ./apisix/plugins/mocking.lua | Diff found and saved to diffs/diff_mocking.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/mocking.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/mocking.lua | -| ./apisix/plugins/ip-restriction.lua | No diff πŸ’― | - | -| ./apisix/plugins/skywalking-logger.lua | Diff found and saved to diffs/diff_skywalking-logger.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/skywalking-logger.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/skywalking-logger.lua | -| ./apisix/plugins/limit-conn.lua | Diff found and saved to diffs/diff_limit-conn.lua.diff βœ… | github.com/apache/apisix/pull/10866 | -| ./apisix/plugins/echo.lua | No diff πŸ’― | - | -| ./apisix/plugins/limit-req/limit-req-redis.lua | Diff found and saved to diffs/diff_limit-req-redis.lua.diff βœ… | github.com/apache/apisix/pull/10874 | -| ./apisix/plugins/limit-req/limit-req-redis-cluster.lua | Diff found and saved to diffs/diff_limit-req-redis-cluster.lua.diff βœ… | github.com/apache/apisix/pull/10874 | -| ./apisix/plugins/limit-req/util.lua | Diff found and saved to diffs/diff_util.lua.diff βœ… | github.com/apache/apisix/pull/10874 | -| ./apisix/plugins/inspect.lua | No diff πŸ’― | - | -| ./apisix/plugins/loggly.lua | No diff πŸ’― | - | -| ./apisix/plugins/csrf.lua | No diff πŸ’― | - | -| ./apisix/plugins/authz-casbin.lua | No diff πŸ’― | - | -| ./apisix/plugins/opentelemetry.lua | Diff found and saved to diffs/diff_opentelemetry.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/opentelemetry.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/opentelemetry.lua | -| ./apisix/plugins/skywalking.lua | Diff found and saved to diffs/diff_skywalking.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/skywalking.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/skywalking.lua | -| ./apisix/plugins/gm.lua | Diff found and saved to diffs/diff_gm.lua.diff βœ… | github.com/apache/apisix/pull/10522 | -| ./apisix/plugins/hmac-auth.lua | Diff found and saved to diffs/diff_hmac-auth.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/hmac-auth.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/hmac-auth.lua | -| ./apisix/plugins/limit-req.lua | Diff found and saved to diffs/diff_limit-req.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/limit-req.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/limit-req.lua | -| ./apisix/plugins/sls-logger.lua | Diff found and saved to diffs/diff_sls-logger.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/sls-logger.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/sls-logger.lua | -| ./apisix/plugins/authz-casdoor.lua | No diff πŸ’― | - | -| ./apisix/plugins/zipkin/codec.lua | No diff πŸ’― | - | -| ./apisix/plugins/zipkin/random_sampler.lua | No diff πŸ’― | - | -| ./apisix/plugins/zipkin/reporter.lua | No diff πŸ’― | - | -| ./apisix/plugins/server-info.lua | No diff πŸ’― | - | -| ./apisix/plugins/ocsp-stapling.lua | Diff found and saved to diffs/diff_ocsp-stapling.lua.diff βœ… | github.com/apache/apisix/pull/10817 | -| ./apisix/plugins/uri-blocker.lua | No diff πŸ’― | - | -| ./apisix/plugins/syslog.lua | No diff πŸ’― | - | -| ./apisix/plugins/attach-consumer-label.lua | Diff found and saved to diffs/diff_attach-consumer-label.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/attach-consumer-label.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/attach-consumer-label.lua | -| ./apisix/plugins/request-validation.lua | No diff πŸ’― | - | -| ./apisix/plugins/traffic-split.lua | Diff found and saved to diffs/diff_traffic-split.lua.diff βœ… | github.com/apache/apisix/pull/10008, github.com/apache/apisix/pull/9115, github.com/apache/apisix/pull/9332 | -| ./apisix/plugins/ai-proxy/drivers/openai.lua | Diff found and saved to diffs/diff_openai.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/ai-proxy/drivers/openai.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/ai-proxy/drivers/openai.lua | -| ./apisix/plugins/ai-proxy/schema.lua | No diff πŸ’― | - | -| ./apisix/plugins/gzip.lua | Diff found and saved to diffs/diff_gzip.lua.diff βœ… | github.com/apache/apisix/pull/10522 | -| ./apisix/plugins/fault-injection.lua | No diff πŸ’― | - | -| ./apisix/plugins/grpc-web.lua | No diff πŸ’― | - | -| ./apisix/plugins/http-logger.lua | No diff πŸ’― | - | -| ./apisix/plugins/batch-requests.lua | No diff πŸ’― | - | -| ./apisix/plugins/opa/helper.lua | Diff found and saved to diffs/diff_helper.lua.diff βœ… | github.com/apache/apisix/pull/10552 | -| ./apisix/plugins/grpc-transcode/response.lua | No diff πŸ’― | - | -| ./apisix/plugins/grpc-transcode/request.lua | No diff πŸ’― | - | -| ./apisix/plugins/grpc-transcode/proto.lua | No diff πŸ’― | - | -| ./apisix/plugins/grpc-transcode/util.lua | No diff πŸ’― | - | -| ./apisix/plugins/zipkin.lua | Diff found and saved to diffs/diff_zipkin.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/zipkin.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/zipkin.lua | -| ./apisix/plugins/forward-auth.lua | No diff πŸ’― | - | -| ./apisix/plugins/node-status.lua | Diff found and saved to diffs/diff_node-status.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/node-status.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/node-status.lua | -| ./apisix/plugins/clickhouse-logger.lua | No diff πŸ’― | - | -| ./apisix/plugins/example-plugin.lua | Diff found and saved to diffs/diff_example-plugin.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/example-plugin.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/example-plugin.lua | -| ./apisix/plugins/datadog.lua | No diff πŸ’― | - | -| ./apisix/plugins/azure-functions.lua | No diff πŸ’― | - | -| ./apisix/plugins/aws-lambda.lua | No diff πŸ’― | - | -| ./apisix/plugins/cas-auth.lua | No diff πŸ’― | - | -| ./apisix/plugins/real-ip.lua | Diff found and saved to diffs/diff_real-ip.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/real-ip.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/real-ip.lua | -| ./apisix/plugins/prometheus/exporter.lua | Diff found and saved to diffs/diff_exporter.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/prometheus/exporter.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/prometheus/exporter.lua | -| ./apisix/plugins/kafka-logger.lua | Diff found and saved to diffs/diff_kafka-logger.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/kafka-logger.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/kafka-logger.lua | -| ./apisix/plugins/redirect.lua | No diff πŸ’― | - | -| ./apisix/plugins/consumer-restriction.lua | Diff found and saved to diffs/diff_consumer-restriction.lua.diff βœ… | github.com/apache/apisix/pull/9778 | -| ./apisix/plugins/grpc-transcode.lua | No diff πŸ’― | - | -| ./apisix/plugins/google-cloud-logging.lua | No diff πŸ’― | - | -| ./apisix/plugins/request-id.lua | Diff found and saved to diffs/diff_request-id.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/request-id.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/request-id.lua | -| ./apisix/plugins/ai-prompt-template.lua | No diff πŸ’― | - | -| ./apisix/plugins/serverless-pre-function.lua | No diff πŸ’― | - | -| ./apisix/plugins/kafka-proxy.lua | No diff πŸ’― | - | -| ./apisix/plugins/ldap-auth.lua | Diff found and saved to diffs/diff_ldap-auth.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/ldap-auth.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/ldap-auth.lua | -| ./apisix/plugins/ip-restriction/init.lua | No diff πŸ’― | - | -| ./apisix/plugins/dubbo-proxy.lua | No diff πŸ’― | - | -| ./apisix/plugins/log-rotate.lua | Diff found and saved to diffs/diff_log-rotate.lua.diff βœ… | github.com/apache/apisix/pull/8358, github.com/apache/apisix/pull/8620, github.com/apache/apisix/pull/9749, github.com/apache/apisix/pull/9984 | -| ./apisix/plugins/ai.lua | Diff found and saved to diffs/diff_ai.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/ai.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/ai.lua | -| ./apisix/plugins/limit-count.lua | Diff found and saved to diffs/diff_limit-count.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/limit-count.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/limit-count.lua | -| ./apisix/plugins/workflow.lua | Diff found and saved to diffs/diff_workflow.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/workflow.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/workflow.lua | -| ./apisix/plugins/opa.lua | Diff found and saved to diffs/diff_opa.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/opa.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/opa.lua | -| ./apisix/plugins/cors.lua | No diff πŸ’― | - | -| ./apisix/plugins/openwhisk.lua | Diff found and saved to diffs/diff_openwhisk.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/openwhisk.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/openwhisk.lua | -| ./apisix/plugins/jwt-auth.lua | Diff found and saved to diffs/diff_jwt-auth.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/jwt-auth.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/jwt-auth.lua | -| ./apisix/plugins/chaitin-waf.lua | Diff found and saved to diffs/diff_chaitin-waf.lua.diff βœ… | github.com/apache/apisix/pull/10161, github.com/apache/apisix/pull/9838 | -| ./apisix/plugins/proxy-control.lua | Diff found and saved to diffs/diff_proxy-control.lua.diff βœ… | github.com/apache/apisix/pull/10522 | -| ./apisix/plugins/response-rewrite.lua | Diff found and saved to diffs/diff_response-rewrite.lua.diff βœ… | github.com/apache/apisix/pull/10637, github.com/apache/apisix/pull/10733, github.com/apache/apisix/pull/10884, github.com/apache/apisix/pull/9372 | -| ./apisix/plugins/tencent-cloud-cls.lua | No diff πŸ’― | - | -| ./apisix/plugins/proxy-rewrite.lua | Diff found and saved to diffs/diff_proxy-rewrite.lua.diff βœ… | github.com/apache/apisix/pull/10619, github.com/apache/apisix/pull/8824, github.com/apache/apisix/pull/9112, github.com/apache/apisix/pull/9194, github.com/apache/apisix/pull/9309, github.com/apache/apisix/pull/9813 | -| ./apisix/plugins/splunk-hec-logging.lua | No diff πŸ’― | - | -| ./apisix/plugins/wolf-rbac.lua | No diff πŸ’― | - | -| ./apisix/plugins/google-cloud-logging/oauth.lua | No diff πŸ’― | - | -| ./apisix/plugins/limit-conn/init.lua | Diff found and saved to diffs/diff_init.lua.diff βœ… | Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/./apisix/plugins/limit-conn/init.lua https://github.com/api7/api7-ee-3-gateway/commits/main/./apisix/plugins/limit-conn/init.lua | -| ./apisix/plugins/limit-conn/limit-conn-redis-cluster.lua | Diff found and saved to diffs/diff_limit-conn-redis-cluster.lua.diff βœ… | github.com/apache/apisix/pull/10866 | -| ./apisix/plugins/limit-conn/limit-conn-redis.lua | Diff found and saved to diffs/diff_limit-conn-redis.lua.diff βœ… | github.com/apache/apisix/pull/10866 | -| ./apisix/plugins/limit-conn/util.lua | Diff found and saved to diffs/diff_util.lua.diff βœ… | github.com/apache/apisix/pull/10866 | -| ./apisix/plugins/udp-logger.lua | No diff πŸ’― | - | -| ./apisix/plugins/api-breaker.lua | No diff πŸ’― | - | -| ./apisix/plugins/referer-restriction.lua | No diff πŸ’― | - | diff --git a/diffs/diff_ai-proxy.lua.diff b/diffs/diff_ai-proxy.lua.diff deleted file mode 100644 index be625bc4761a..000000000000 --- a/diffs/diff_ai-proxy.lua.diff +++ /dev/null @@ -1,8 +0,0 @@ -30c30 -< priority = 997, ---- -> priority = 999, -32c32 -< schema = schema.plugin_schema, ---- -> schema = schema, diff --git a/diffs/diff_ai.lua.diff b/diffs/diff_ai.lua.diff deleted file mode 100644 index 27a6cc7f474f..000000000000 --- a/diffs/diff_ai.lua.diff +++ /dev/null @@ -1,16 +0,0 @@ -20a21 -> local get_global_rules = require("apisix.global_rules").global_rules -71,73c72 -< return core.table.deepcopy(api_ctx, { -< shallows = { "self.matched_route.value.upstream.parent" } -< }) ---- -> return core.table.deepcopy(api_ctx) -167a167 -> -233,234c233,234 -< local global_rules_flag = router.global_rules and router.global_rules.values -< and #router.global_rules.values ~= 0 ---- -> local global_rules, _ = get_global_rules() -> local global_rules_flag = global_rules and #global_rules ~= 0 diff --git a/diffs/diff_attach-consumer-label.lua.diff b/diffs/diff_attach-consumer-label.lua.diff deleted file mode 100644 index 38d3f16973bf..000000000000 --- a/diffs/diff_attach-consumer-label.lua.diff +++ /dev/null @@ -1,28 +0,0 @@ -0a1,17 -> -- -> -- Licensed to the Apache Software Foundation (ASF) under one or more -> -- contributor license agreements. See the NOTICE file distributed with -> -- this work for additional information regarding copyright ownership. -> -- The ASF licenses this file to You under the Apache License, Version 2.0 -> -- (the "License"); you may not use this file except in compliance with -> -- the License. You may obtain a copy of the License at -> -- -> -- http://www.apache.org/licenses/LICENSE-2.0 -> -- -> -- Unless required by applicable law or agreed to in writing, software -> -- distributed under the License is distributed on an "AS IS" BASIS, -> -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -> -- See the License for the specific language governing permissions and -> -- limitations under the License. -> -- -> -2d18 -< local plugin_name = "attach-consumer-label" -3a20 -> local plugin_name = "attach-consumer-label" -38,39c55,56 -< core.log.info("consumer username: ", ctx.consumer.username, -< " labels: ", core.json.delay_encode(labels)) ---- -> core.log.info("consumer username: ", ctx.consumer.username, " labels: ", -> core.json.delay_encode(labels)) diff --git a/diffs/diff_basic-auth.lua.diff b/diffs/diff_basic-auth.lua.diff deleted file mode 100644 index dbc6bdeb38e7..000000000000 --- a/diffs/diff_basic-auth.lua.diff +++ /dev/null @@ -1,82 +0,0 @@ -21,23d20 -< local schema_def = require("apisix.schema_def") -< local auth_utils = require("apisix.utils.auth") -< -37d33 -< anonymous_consumer = schema_def.anonymous_consumer_schema, -127c123,126 -< local function find_consumer(ctx) ---- -> function _M.rewrite(conf, ctx) -> core.log.info("plugin access phase, conf: ", core.json.delay_encode(conf)) -> -> -- 1. extract authorization from header -131c130 -< return nil, nil, "Missing authorization in request" ---- -> return 401, { message = "Missing authorization in request" } -136,138d134 -< if auth_utils.is_running_under_multi_auth(ctx) then -< return nil, nil, err -< end -140c136 -< return nil, nil, "Invalid authorization in request" ---- -> return 401, { message = "Invalid authorization in request" } -143,151c139,142 -< local cur_consumer, consumer_conf, err = consumer.find_consumer(plugin_name, -< "username", username) -< if not cur_consumer then -< err = "failed to find user: " .. (err or "invalid user") -< if auth_utils.is_running_under_multi_auth(ctx) then -< return nil, nil, err -< end -< core.log.warn(err) -< return nil, nil, "Invalid user authorization" ---- -> -- 2. get user info from consumer plugin -> local consumer_conf = consumer.plugin(plugin_name) -> if not consumer_conf then -> return 401, { message = "Missing related consumer" } -154,156c145 -< if cur_consumer.auth_conf.password ~= password then -< return nil, nil, "Invalid user authorization" -< end ---- -> local consumers = consumer.consumers_kv(plugin_name, consumer_conf, "username") -158,165c147,148 -< return cur_consumer, consumer_conf, err -< end -< -< -< function _M.rewrite(conf, ctx) -< core.log.info("plugin access phase, conf: ", core.json.delay_encode(conf)) -< -< local cur_consumer, consumer_conf, err = find_consumer(ctx) ---- -> -- 3. check user exists -> local cur_consumer = consumers[username] -167,177c150 -< if not conf.anonymous_consumer then -< return 401, { message = err } -< end -< cur_consumer, consumer_conf, err = consumer.get_anonymous_consumer(conf.anonymous_consumer) -< if not cur_consumer then -< if auth_utils.is_running_under_multi_auth(ctx) then -< return 401, err -< end -< core.log.error(err) -< return 401, { message = "Invalid user authorization" } -< end ---- -> return 401, { message = "Invalid user authorization" } -179d151 -< -181a154,160 -> -> -- 4. check the password is correct -> if cur_consumer.auth_conf.password ~= password then -> return 401, { message = "Invalid user authorization" } -> end -> -> -- 5. hide `Authorization` request header if `hide_credentials` is `true` diff --git a/diffs/diff_body-transformer.lua.diff b/diffs/diff_body-transformer.lua.diff deleted file mode 100644 index ba2c0d6ba0a8..000000000000 --- a/diffs/diff_body-transformer.lua.diff +++ /dev/null @@ -1,65 +0,0 @@ -21,22d20 -< local multipart = require("multipart") -< -34d31 -< local setmetatable = setmetatable -40,43c37 -< input_format = { -< type = "string", -< enum = {"xml", "json", "encoded", "args", "plain", "multipart",} -< }, ---- -> input_format = { type = "string", enum = {"xml", "json", "encoded", "args", "plain"} }, -74,77c68,71 -< :gsub("<", "<") -< :gsub(">", ">") -< :gsub("'", "'") -< :gsub('"', """) ---- -> :gsub("<", "<") -> :gsub(">", ">") -> :gsub("'", "'") -> :gsub('"', """) -127,130d120 -< multipart = function (data, content_type_header) -< local res = multipart(data, content_type_header) -< return res -< end -141,142d130 -< local _multipart -< -144,148d131 -< local ct = ctx.var.http_content_type -< if typ == "response" then -< ct = ngx.header.content_type -< end -< -152,156c135 -< out, err = decoders[format](body, ct) -< if format == "multipart" then -< _multipart = out -< out = out:get_all_with_arrays() -< end ---- -> out, err = decoders[format](body) -179,186c158,161 -< setmetatable(out, {__index = { -< _ctx = ctx, -< _body = body, -< _escape_xml = escape_xml, -< _escape_json = escape_json, -< _multipart = _multipart, -< }}) -< ---- -> out._ctx = ctx -> out._body = body -> out._escape_xml = escape_xml -> out._escape_json = escape_json -210,211d184 -< elseif str_find(ct:lower(), "multipart/", nil) then -< conf[typ].input_format = "multipart" -247,249d219 -< if not conf then -< return -< end diff --git a/diffs/diff_brotli.lua.diff b/diffs/diff_brotli.lua.diff deleted file mode 100644 index a0c3b49eca6b..000000000000 --- a/diffs/diff_brotli.lua.diff +++ /dev/null @@ -1,249 +0,0 @@ -0a1,26 -> -- -> -- Licensed to the Apache Software Foundation (ASF) under one or more -> -- contributor license agreements. See the NOTICE file distributed with -> -- this work for additional information regarding copyright ownership. -> -- The ASF licenses this file to You under the Apache License, Version 2.0 -> -- (the "License"); you may not use this file except in compliance with -> -- the License. You may obtain a copy of the License at -> -- -> -- http://www.apache.org/licenses/LICENSE-2.0 -> -- -> -- Unless required by applicable law or agreed to in writing, software -> -- distributed under the License is distributed on an "AS IS" BASIS, -> -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -> -- See the License for the specific language governing permissions and -> -- limitations under the License. -> -- -> local core = require("apisix.core") -> local ngx = ngx -> local ngx_re_gmatch = ngx.re.gmatch -> local ngx_header = ngx.header -> local req_http_version = ngx.req.http_version -> local str_sub = string.sub -> local ipairs = ipairs -> local tonumber = tonumber -> local type = type -> local is_loaded, brotli = pcall(require, "brotli") -1a28,248 -> -> local schema = { -> type = "object", -> properties = { -> types = { -> anyOf = { -> { -> type = "array", -> minItems = 1, -> items = { -> type = "string", -> minLength = 1, -> }, -> }, -> { -> enum = {"*"} -> } -> }, -> default = {"text/html"} -> }, -> min_length = { -> type = "integer", -> minimum = 1, -> default = 20, -> }, -> mode = { -> type = "integer", -> minimum = 0, -> maximum = 2, -> default = 0, -> -- 0: MODE_GENERIC (default), -> -- 1: MODE_TEXT (for UTF-8 format text input) -> -- 2: MODE_FONT (for WOFF 2.0) -> }, -> comp_level = { -> type = "integer", -> minimum = 0, -> maximum = 11, -> default = 6, -> -- follow the default value from ngx_brotli brotli_comp_level -> }, -> lgwin = { -> type = "integer", -> default = 19, -> -- follow the default value from ngx_brotli brotli_window -> enum = {0,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24}, -> }, -> lgblock = { -> type = "integer", -> default = 0, -> enum = {0,16,17,18,19,20,21,22,23,24}, -> }, -> http_version = { -> enum = {1.1, 1.0}, -> default = 1.1, -> }, -> vary = { -> type = "boolean", -> } -> }, -> } -> -> -> local _M = { -> version = 0.1, -> priority = 996, -> name = "brotli", -> schema = schema, -> } -> -> -> function _M.check_schema(conf) -> return core.schema.check(schema, conf) -> end -> -> -> local function create_brotli_compressor(mode, comp_level, lgwin, lgblock) -> local options = { -> mode = mode, -> quality = comp_level, -> lgwin = lgwin, -> lgblock = lgblock, -> } -> return brotli.compressor:new(options) -> end -> -> -> local function check_accept_encoding(ctx) -> local accept_encoding = core.request.header(ctx, "Accept-Encoding") -> -- no Accept-Encoding -> if not accept_encoding then -> return false -> end -> -> -- single Accept-Encoding -> if accept_encoding == "*" or accept_encoding == "br" then -> return true -> end -> -> -- multi Accept-Encoding -> local iterator, err = ngx_re_gmatch(accept_encoding, -> [[([a-z\*]+)(;q=)?([0-9.]*)?]], "jo") -> if not iterator then -> core.log.error("gmatch failed, error: ", err) -> return false -> end -> -> local captures -> while true do -> captures, err = iterator() -> if not captures then -> break -> end -> if err then -> core.log.error("iterator failed, error: ", err) -> return false -> end -> if (captures[1] == "br" or captures[1] == "*") and -> (not captures[2] or captures[3] ~= "0") then -> return true -> end -> end -> -> return false -> end -> -> -> function _M.header_filter(conf, ctx) -> if not is_loaded then -> core.log.error("please check the brotli library") -> return -> end -> -> local allow_encoding = check_accept_encoding(ctx) -> if not allow_encoding then -> return -> end -> -> local content_encoded = ngx_header["Content-Encoding"] -> if content_encoded then -> -- Don't compress if Content-Encoding is present in upstream data -> return -> end -> -> local types = conf.types -> local content_type = ngx_header["Content-Type"] -> if not content_type then -> -- Like Nginx, don't compress if Content-Type is missing -> return -> end -> -> if type(types) == "table" then -> local matched = false -> local from = core.string.find(content_type, ";") -> if from then -> content_type = str_sub(content_type, 1, from - 1) -> end -> -> for _, ty in ipairs(types) do -> if content_type == ty then -> matched = true -> break -> end -> end -> -> if not matched then -> return -> end -> end -> -> local content_length = tonumber(ngx_header["Content-Length"]) -> if content_length then -> local min_length = conf.min_length -> if content_length < min_length then -> return -> end -> -- Like Nginx, don't check min_length if Content-Length is missing -> end -> -> local http_version = req_http_version() -> if http_version < conf.http_version then -> return -> end -> -> if conf.vary then -> core.response.add_header("Vary", "Accept-Encoding") -> end -> -> local compressor = create_brotli_compressor(conf.mode, conf.comp_level, -> conf.lgwin, conf.lgblock) -> if not compressor then -> core.log.error("failed to create brotli compressor") -> return -> end -> -> ctx.brotli_matched = true -> ctx.compressor = compressor -> core.response.clear_header_as_body_modified() -> core.response.add_header("Content-Encoding", "br") -> end -> -> -> function _M.body_filter(conf, ctx) -> if not ctx.brotli_matched then -> return -> end -> -> local chunk, eof = ngx.arg[1], ngx.arg[2] -> if type(chunk) == "string" and chunk ~= "" then -> local encode_chunk = ctx.compressor:compress(chunk) -> ngx.arg[1] = encode_chunk .. ctx.compressor:flush() -> end -> -> if eof then -> -- overwriting the arg[1], results into partial response -> ngx.arg[1] = ngx.arg[1] .. ctx.compressor:finish() -> end -> end -> -> -> return _M diff --git a/diffs/diff_chaitin-waf.lua.diff b/diffs/diff_chaitin-waf.lua.diff deleted file mode 100644 index 9bc01feeda5b..000000000000 --- a/diffs/diff_chaitin-waf.lua.diff +++ /dev/null @@ -1,374 +0,0 @@ -0a1,22 -> -- -> -- Licensed to the Apache Software Foundation (ASF) under one or more -> -- contributor license agreements. See the NOTICE file distributed with -> -- this work for additional information regarding copyright ownership. -> -- The ASF licenses this file to You under the Apache License, Version 2.0 -> -- (the "License"); you may not use this file except in compliance with -> -- the License. You may obtain a copy of the License at -> -- -> -- http://www.apache.org/licenses/LICENSE-2.0 -> -- -> -- Unless required by applicable law or agreed to in writing, software -> -- distributed under the License is distributed on an "AS IS" BASIS, -> -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -> -- See the License for the specific language governing permissions and -> -- limitations under the License. -> -- -> local require = require -> local core = require("apisix.core") -> local rr_balancer = require("apisix.balancer.roundrobin") -> local plugin = require("apisix.plugin") -> local t1k = require "resty.t1k" -> local expr = require("resty.expr.v1") -1a24,373 -> local ngx = ngx -> local ngx_now = ngx.now -> local string = string -> local fmt = string.format -> local tostring = tostring -> local tonumber = tonumber -> local ipairs = ipairs -> -> local plugin_name = "chaitin-waf" -> -> local vars_schema = { -> type = "array", -> } -> -> local match_schema = { -> type = "array", -> items = { -> type = "object", -> properties = { -> vars = vars_schema -> } -> }, -> } -> -> local plugin_schema = { -> type = "object", -> properties = { -> -- TODO: we should add a configuration "mode" here -> -- It can be one of off, block and monitor -> match = match_schema, -> append_waf_resp_header = { -> type = "boolean", -> default = true -> }, -> append_waf_debug_header = { -> type = "boolean", -> default = false -> }, -> config = { -> type = "object", -> properties = { -> connect_timeout = { -> type = "integer", -> }, -> send_timeout = { -> type = "integer", -> }, -> read_timeout = { -> type = "integer", -> }, -> req_body_size = { -> type = "integer", -> }, -> keepalive_size = { -> type = "integer", -> }, -> keepalive_timeout = { -> type = "integer", -> } -> }, -> }, -> }, -> } -> -> local metadata_schema = { -> type = "object", -> properties = { -> nodes = { -> type = "array", -> items = { -> type = "object", -> properties = { -> host = { -> type = "string", -> pattern = "^\\*?[0-9a-zA-Z-._\\[\\]:/]+$" -> }, -> port = { -> type = "integer", -> minimum = 1, -> default = 80 -> }, -> }, -> required = { "host" } -> }, -> minItems = 1, -> }, -> config = { -> type = "object", -> properties = { -> connect_timeout = { -> type = "integer", -> default = 1000 -- milliseconds -> }, -> send_timeout = { -> type = "integer", -> default = 1000 -- milliseconds -> }, -> read_timeout = { -> type = "integer", -> default = 1000 -- milliseconds -> }, -> req_body_size = { -> type = "integer", -> default = 1024 -- milliseconds -> }, -> -- maximum concurrent idle connections to -> -- the SafeLine WAF detection service -> keepalive_size = { -> type = "integer", -> default = 256 -> }, -> keepalive_timeout = { -> type = "integer", -> default = 60000 -- milliseconds -> }, -> -- TODO: we need a configuration to enable/disable the real client ip -> -- the real client ip is calculated by APISIX -> }, -> default = {}, -> }, -> }, -> required = { "nodes" }, -> } -> -> local _M = { -> version = 0.1, -> priority = 2700, -> name = plugin_name, -> schema = plugin_schema, -> metadata_schema = metadata_schema -> } -> -> local global_server_picker -> -> local HEADER_CHAITIN_WAF = "X-APISIX-CHAITIN-WAF" -> local HEADER_CHAITIN_WAF_ERROR = "X-APISIX-CHAITIN-WAF-ERROR" -> local HEADER_CHAITIN_WAF_TIME = "X-APISIX-CHAITIN-WAF-TIME" -> local HEADER_CHAITIN_WAF_STATUS = "X-APISIX-CHAITIN-WAF-STATUS" -> local HEADER_CHAITIN_WAF_ACTION = "X-APISIX-CHAITIN-WAF-ACTION" -> local HEADER_CHAITIN_WAF_SERVER = "X-APISIX-CHAITIN-WAF-SERVER" -> local blocked_message = [[{"code": %s, "success":false, ]] .. -> [["message": "blocked by Chaitin SafeLine Web Application Firewall", "event_id": "%s"}]] -> -> -> function _M.check_schema(conf, schema_type) -> if schema_type == core.schema.TYPE_METADATA then -> return core.schema.check(metadata_schema, conf) -> end -> -> local ok, err = core.schema.check(plugin_schema, conf) -> -> if not ok then -> return false, err -> end -> -> if conf.match then -> for _, m in ipairs(conf.match) do -> local ok, err = expr.new(m.vars) -> if not ok then -> return false, "failed to validate the 'vars' expression: " .. err -> end -> end -> end -> -> return true -> end -> -> -> local function get_healthy_chaitin_server_nodes(metadata, checker) -> local nodes = metadata.nodes -> local new_nodes = core.table.new(0, #nodes) -> -> for i = 1, #nodes do -> local host, port = nodes[i].host, nodes[i].port -> new_nodes[host .. ":" .. tostring(port)] = 1 -> end -> -> return new_nodes -> end -> -> -> local function get_chaitin_server(metadata, ctx) -> if not global_server_picker or global_server_picker.upstream ~= metadata.value.nodes then -> local up_nodes = get_healthy_chaitin_server_nodes(metadata.value) -> if core.table.nkeys(up_nodes) == 0 then -> return nil, nil, "no healthy nodes" -> end -> core.log.info("chaitin-waf nodes: ", core.json.delay_encode(up_nodes)) -> -> global_server_picker = rr_balancer.new(up_nodes, metadata.value.nodes) -> end -> -> local server = global_server_picker.get(ctx) -> local host, port, err = core.utils.parse_addr(server) -> if err then -> return nil, nil, err -> end -> -> return host, port, nil -> end -> -> -> local function check_match(conf, ctx) -> local match_passed = true -> -> if conf.match then -> for _, match in ipairs(conf.match) do -> -- todo: use lrucache to cache the result -> local exp, err = expr.new(match.vars) -> if err then -> local msg = "failed to create match expression for " .. -> tostring(match.vars) .. ", err: " .. tostring(err) -> core.log.error(msg) -> return false, msg -> end -> -> match_passed = exp:eval(ctx.var) -> if match_passed then -> break -> end -> end -> end -> -> return match_passed, nil -> end -> -> -> local function get_conf(conf, metadata) -> local t = { -> mode = "block", -> } -> -> if metadata.config then -> t.connect_timeout = metadata.config.connect_timeout -> t.send_timeout = metadata.config.send_timeout -> t.read_timeout = metadata.config.read_timeout -> t.req_body_size = metadata.config.req_body_size -> t.keepalive_size = metadata.config.keepalive_size -> t.keepalive_timeout = metadata.config.keepalive_timeout -> end -> -> if conf.config then -> t.connect_timeout = conf.config.connect_timeout -> t.send_timeout = conf.config.send_timeout -> t.read_timeout = conf.config.read_timeout -> t.req_body_size = conf.config.req_body_size -> t.keepalive_size = conf.config.keepalive_size -> t.keepalive_timeout = conf.config.keepalive_timeout -> end -> -> return t -> end -> -> -> local function do_access(conf, ctx) -> local extra_headers = {} -> -> local match, err = check_match(conf, ctx) -> if not match then -> if err then -> extra_headers[HEADER_CHAITIN_WAF] = "err" -> extra_headers[HEADER_CHAITIN_WAF_ERROR] = tostring(err) -> return 500, nil, extra_headers -> else -> extra_headers[HEADER_CHAITIN_WAF] = "no" -> return nil, nil, extra_headers -> end -> end -> -> local metadata = plugin.plugin_metadata(plugin_name) -> if not core.table.try_read_attr(metadata, "value", "nodes") then -> extra_headers[HEADER_CHAITIN_WAF] = "err" -> extra_headers[HEADER_CHAITIN_WAF_ERROR] = "missing metadata" -> return 500, nil, extra_headers -> end -> -> local host, port, err = get_chaitin_server(metadata, ctx) -> if err then -> extra_headers[HEADER_CHAITIN_WAF] = "unhealthy" -> extra_headers[HEADER_CHAITIN_WAF_ERROR] = tostring(err) -> -> return 500, nil, extra_headers -> end -> -> core.log.info("picked chaitin-waf server: ", host, ":", port) -> -> local t = get_conf(conf, metadata.value) -> t.host = host -> t.port = port -> -> extra_headers[HEADER_CHAITIN_WAF_SERVER] = host -> extra_headers[HEADER_CHAITIN_WAF] = "yes" -> -> local start_time = ngx_now() * 1000 -> local ok, err, result = t1k.do_access(t, false) -> if not ok then -> extra_headers[HEADER_CHAITIN_WAF] = "waf-err" -> local err_msg = tostring(err) -> if core.string.find(err_msg, "timeout") then -> extra_headers[HEADER_CHAITIN_WAF] = "timeout" -> end -> extra_headers[HEADER_CHAITIN_WAF_ERROR] = tostring(err) -> else -> extra_headers[HEADER_CHAITIN_WAF_ACTION] = "pass" -> end -> extra_headers[HEADER_CHAITIN_WAF_TIME] = ngx_now() * 1000 - start_time -> -> local code = 200 -> extra_headers[HEADER_CHAITIN_WAF_STATUS] = code -> if result then -> if result.status then -> code = result.status -> extra_headers[HEADER_CHAITIN_WAF_STATUS] = code -> extra_headers[HEADER_CHAITIN_WAF_ACTION] = "reject" -> -> core.log.error("request rejected by chaitin-waf, event_id: " .. result.event_id) -> return tonumber(code), fmt(blocked_message, code, -> result.event_id) .. "\n", extra_headers -> end -> end -> if not ok then -> extra_headers[HEADER_CHAITIN_WAF_STATUS] = nil -> end -> -> return nil, nil, extra_headers -> end -> -> -> function _M.access(conf, ctx) -> local code, msg, extra_headers = do_access(conf, ctx) -> -> if not conf.append_waf_debug_header then -> extra_headers[HEADER_CHAITIN_WAF_ERROR] = nil -> extra_headers[HEADER_CHAITIN_WAF_SERVER] = nil -> end -> -> if conf.append_waf_resp_header then -> core.response.set_header(extra_headers) -> end -> -> return code, msg -> end -> -> -> function _M.header_filter(conf, ctx) -> t1k.do_header_filter() -> end -> -> -> return _M diff --git a/diffs/diff_client-control.lua.diff b/diffs/diff_client-control.lua.diff deleted file mode 100644 index 55189721c023..000000000000 --- a/diffs/diff_client-control.lua.diff +++ /dev/null @@ -1,6 +0,0 @@ -28a29 -> description = "Maximum message body size in bytes. No restriction when set to 0." -52c53 -< core.log.error("need to build APISIX-Base to support client control") ---- -> core.log.error("need to build APISIX-Runtime to support client control") diff --git a/diffs/diff_consumer-restriction.lua.diff b/diffs/diff_consumer-restriction.lua.diff deleted file mode 100644 index 85f04aac204b..000000000000 --- a/diffs/diff_consumer-restriction.lua.diff +++ /dev/null @@ -1,6 +0,0 @@ -131c131,133 -< return 401, { message = "Missing authentication or identity verification."} ---- -> local err_msg = "The request is rejected, please check the " -> .. conf.type .. " for this request" -> return 401, { message = err_msg} diff --git a/diffs/diff_error-log-logger.lua.diff b/diffs/diff_error-log-logger.lua.diff deleted file mode 100644 index ac4054655a9d..000000000000 --- a/diffs/diff_error-log-logger.lua.diff +++ /dev/null @@ -1,2 +0,0 @@ -248a249 -> diff --git a/diffs/diff_example-plugin.lua.diff b/diffs/diff_example-plugin.lua.diff deleted file mode 100644 index 00d9db49e2db..000000000000 --- a/diffs/diff_example-plugin.lua.diff +++ /dev/null @@ -1,29 +0,0 @@ -0a1,16 -> -- -> -- Licensed to the Apache Software Foundation (ASF) under one or more -> -- contributor license agreements. See the NOTICE file distributed with -> -- this work for additional information regarding copyright ownership. -> -- The ASF licenses this file to You under the Apache License, Version 2.0 -> -- (the "License"); you may not use this file except in compliance with -> -- the License. You may obtain a copy of the License at -> -- -> -- http://www.apache.org/licenses/LICENSE-2.0 -> -- -> -- Unless required by applicable law or agreed to in writing, software -> -- distributed under the License is distributed on an "AS IS" BASIS, -> -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -> -- See the License for the specific language governing permissions and -> -- limitations under the License. -> -- -95,99d110 -< function _M.header_filter(conf, ctx) -< core.log.warn("plugin header_filter phase, conf: ", core.json.encode(conf)) -< end -< -< -109,113d119 -< end -< -< -< function _M.log(conf, ctx) -< core.log.warn("plugin log phase, conf: ", core.json.encode(conf)) diff --git a/diffs/diff_exporter.lua.diff b/diffs/diff_exporter.lua.diff deleted file mode 100644 index 139b3fa231bf..000000000000 --- a/diffs/diff_exporter.lua.diff +++ /dev/null @@ -1,321 +0,0 @@ -19a20 -> local control = require("apisix.control.v1") -29a31 -> local prometheus_bkp -35a38,39 -> local get_global_rules = require("apisix.global_rules").global_rules -> local get_global_rules_prev_index = require("apisix.global_rules").get_pre_index -42,48d45 -< -< local shdict_name = "config" -< if ngx.config.subsystem == "stream" then -< shdict_name = shdict_name .. "-stream" -< end -< local config_dict = ngx.shared[shdict_name] -< -118a116,118 -> if prometheus_bkp then -> prometheus = prometheus_bkp -> end -139,141c139,142 -< local status_exptime = core.table.try_read_attr(attr, "metrics", "http_status", "expire") -< local latency_exptime = core.table.try_read_attr(attr, "metrics", "http_latency", "expire") -< local bandwidth_exptime = core.table.try_read_attr(attr, "metrics", "bandwidth", "expire") ---- -> local exptime -> if attr and attr.expire then -> exptime = attr.expire -> end -147c148 -< {"state", "gateway_group_id", "instance_id"}) ---- -> {"state"}) -150,151c151 -< "The total number of client requests since APISIX started", -< {"gateway_group_id", "instance_id",}) ---- -> "The total number of client requests since APISIX started") -154,155c154 -< "Config server etcd reachable from APISIX, 0 is unreachable", -< {"gateway_group_id", "instance_id",}) ---- -> "Config server etcd reachable from APISIX, 0 is unreachable") -157d155 -< -160c158 -< {"hostname", "gateway_group_id", "instance_id",}) ---- -> {"hostname"}) -164c162 -< {"key", "gateway_group_id", "instance_id"}) ---- -> {"key"}) -168c166 -< {"name", "gateway_group_id", "instance_id",}) ---- -> {"name"}) -172c170 -< {"name", "gateway_group_id", "instance_id",}) ---- -> {"name"}) -173a172,176 -> metrics.upstream_status = prometheus:gauge("upstream_status", -> "Upstream status from health check", -> {"name", "ip", "port"}, -> exptime) -> -181,184c184,186 -< {"code", "route", "route_id", "matched_uri", -< "matched_host", "service", "service_id","consumer", "node", -< "gateway_group_id", "instance_id", "api_product_id", -< unpack(extra_labels("http_status"))}, status_exptime) ---- -> {"code", "route", "matched_uri", "matched_host", "service", "consumer", "node", -> unpack(extra_labels("http_status"))}, -> exptime) -189a192 -> -192,194c195,196 -< {"type", "route", "route_id", "service", "service_id", "consumer", "node", -< "gateway_group_id", "instance_id", "api_product_id",unpack(extra_labels("http_latency"))}, -< buckets, latency_exptime) ---- -> {"type", "route", "service", "consumer", "node", unpack(extra_labels("http_latency"))}, -> buckets, exptime) -198,200c200,201 -< {"type", "route", "route_id", "service", "service_id", "consumer", "node", -< "gateway_group_id", "instance_id", "api_product_id", -< unpack(extra_labels("bandwidth"))}, bandwidth_exptime) ---- -> {"type", "route", "service", "consumer", "node", unpack(extra_labels("bandwidth"))}, -> exptime) -214c215 -< core.log.error("need to build APISIX-Base to support L4 metrics") ---- -> core.log.error("need to build APISIX-Runtime to support L4 metrics") -232,241d232 -< local function get_gateway_group_id() -< local gateway_group_id, err = config_dict:get("gateway_group_id") -< if not gateway_group_id then -< core.log.warn("failed to get gateway_group_id: ", err) -< return "" -< end -< return gateway_group_id -< end -< -< -246d236 -< local route = "" -249d238 -< local service = "" -251,253d239 -< local gateway_group_id = get_gateway_group_id() -< local instance_id = core.id.get() -< local api_product_id = ctx.api_product_id or "" -257d242 -< route = matched_route.id -259d243 -< service = matched_route.service_id or "" -262c246 -< route = matched_route.name or route ---- -> route_id = matched_route.name or route_id -264,265c248,249 -< local fetched_service = service_fetch(service_id) -< service = fetched_service and fetched_service.value.name or service_id ---- -> local service = service_fetch(service_id) -> service_id = service and service.value.name or service_id -278,280c262,264 -< gen_arr(vars.status, route, route_id, matched_uri, matched_host, -< service, service_id, consumer_name, balancer_ip, gateway_group_id, -< instance_id, api_product_id, unpack(extra_labels("http_status", ctx)))) ---- -> gen_arr(vars.status, route_id, matched_uri, matched_host, -> service_id, consumer_name, balancer_ip, -> unpack(extra_labels("http_status", ctx)))) -286,287c270,271 -< gen_arr("request", route, route_id, service, service_id, consumer_name, balancer_ip, -< gateway_group_id, instance_id, api_product_id, unpack(latency_extra_label_values))) ---- -> gen_arr("request", route_id, service_id, consumer_name, balancer_ip, -> unpack(latency_extra_label_values))) -291,292c275,276 -< gen_arr("upstream", route, route_id, service, service_id, consumer_name, balancer_ip, -< gateway_group_id, instance_id, api_product_id, unpack(latency_extra_label_values))) ---- -> gen_arr("upstream", route_id, service_id, consumer_name, balancer_ip, -> unpack(latency_extra_label_values))) -296,297c280,281 -< gen_arr("apisix", route, route_id, service, service_id, consumer_name, balancer_ip, -< gateway_group_id, instance_id, api_product_id, unpack(latency_extra_label_values))) ---- -> gen_arr("apisix", route_id, service_id, consumer_name, balancer_ip, -> unpack(latency_extra_label_values))) -302,303c286,287 -< gen_arr("ingress", route, route_id, service, service_id, consumer_name, balancer_ip, -< gateway_group_id, instance_id, api_product_id, unpack(bandwidth_extra_label_values))) ---- -> gen_arr("ingress", route_id, service_id, consumer_name, balancer_ip, -> unpack(bandwidth_extra_label_values))) -306,307c290,291 -< gen_arr("egress", route, route_id, service, service_id, consumer_name, balancer_ip, -< gateway_group_id, instance_id, api_product_id, unpack(bandwidth_extra_label_values))) ---- -> gen_arr("egress", route_id, service_id, consumer_name, balancer_ip, -> unpack(bandwidth_extra_label_values))) -329c313 -< local function nginx_status(gateway_group_id, instance_id) ---- -> local function nginx_status() -354c338 -< metrics.requests:set(val[0], {gateway_group_id, instance_id}) ---- -> metrics.requests:set(val[0]) -356c340 -< label_values = {name, gateway_group_id, instance_id,} ---- -> label_values[1] = name -364,365c348 -< local function set_modify_index(key, items, items_ver, global_max_index, -< gateway_group_id, instance_id) ---- -> local function set_modify_index(key, items, items_ver, global_max_index) -379c362 -< key_values = {key, gateway_group_id, instance_id} ---- -> key_values[1] = key -389c372 -< local function etcd_modify_index(gateway_group_id, instance_id) ---- -> local function etcd_modify_index() -395,396c378 -< global_max_idx = set_modify_index("routes", routes, routes_ver, global_max_idx, -< gateway_group_id, instance_id) ---- -> global_max_idx = set_modify_index("routes", routes, routes_ver, global_max_idx) -400,401c382 -< global_max_idx = set_modify_index("services", services, services_ver, global_max_idx, -< gateway_group_id, instance_id) ---- -> global_max_idx = set_modify_index("services", services, services_ver, global_max_idx) -405,406c386 -< global_max_idx = set_modify_index("ssls", ssls, ssls_ver, global_max_idx, -< gateway_group_id, instance_id) ---- -> global_max_idx = set_modify_index("ssls", ssls, ssls_ver, global_max_idx) -410,411c390 -< global_max_idx = set_modify_index("consumers", consumers, consumers_ver, global_max_idx, -< gateway_group_id, instance_id) ---- -> global_max_idx = set_modify_index("consumers", consumers, consumers_ver, global_max_idx) -414c393 -< local global_rules = router.global_rules ---- -> local global_rules, global_rules_ver = get_global_rules() -416,417c395,396 -< global_max_idx = set_modify_index("global_rules", global_rules.values, -< global_rules.conf_version, global_max_idx, gateway_group_id, instance_id) ---- -> global_max_idx = set_modify_index("global_rules", global_rules, -> global_rules_ver, global_max_idx) -420,421c399,401 -< key_values = {"prev_index", gateway_group_id, instance_id} -< metrics.etcd_modify_indexes:set(global_rules.prev_index, key_values) ---- -> key_values[1] = "prev_index" -> local prev_index = get_global_rules_prev_index() -> metrics.etcd_modify_indexes:set(prev_index, key_values) -424,425c404 -< global_max_idx = set_modify_index("global_rules", nil, nil, global_max_idx, -< gateway_group_id, instance_id) ---- -> global_max_idx = set_modify_index("global_rules", nil, nil, global_max_idx) -430,431c409 -< global_max_idx = set_modify_index("upstreams", upstreams, upstreams_ver, global_max_idx, -< gateway_group_id, instance_id) ---- -> global_max_idx = set_modify_index("upstreams", upstreams, upstreams_ver, global_max_idx) -436c414 -< stream_routes_ver, global_max_idx, gateway_group_id, instance_id) ---- -> stream_routes_ver, global_max_idx) -440,441c418 -< global_max_idx = set_modify_index("protos", protos, protos_ver, global_max_idx, -< gateway_group_id, instance_id) ---- -> global_max_idx = set_modify_index("protos", protos, protos_ver, global_max_idx) -444c421 -< key_values = {"max_modify_index", gateway_group_id, instance_id} ---- -> key_values[1] = "max_modify_index" -450c427,428 -< local function shared_dict_status(gateway_group_id, instance_id) ---- -> local function shared_dict_status() -> local name = {} -452,454c430,432 -< local labels = {shared_dict_name, gateway_group_id, instance_id} -< metrics.shared_dict_capacity_bytes:set(shared_dict:capacity(), labels) -< metrics.shared_dict_free_space_bytes:set(shared_dict:free_space(), labels) ---- -> name[1] = shared_dict_name -> metrics.shared_dict_capacity_bytes:set(shared_dict:capacity(), name) -> metrics.shared_dict_free_space_bytes:set(shared_dict:free_space(), name) -466,468d443 -< local gateway_group_id = get_gateway_group_id() -< local instance_id = core.id.get() -< -470c445 -< shared_dict_status(gateway_group_id, instance_id) ---- -> shared_dict_status() -473c448 -< nginx_status(gateway_group_id, instance_id) ---- -> nginx_status() -484c459 -< etcd_modify_index(gateway_group_id, instance_id) ---- -> etcd_modify_index() -488c463 -< metrics.etcd_reachable:set(1, {gateway_group_id, instance_id,}) ---- -> metrics.etcd_reachable:set(1) -491c466 -< metrics.etcd_reachable:set(0, {gateway_group_id, instance_id,}) ---- -> metrics.etcd_reachable:set(0) -503c478 -< key_values = {"x_etcd_index", gateway_group_id, instance_id} ---- -> key_values[1] = "x_etcd_index" -508c483 -< metrics.node_info:set(1, gen_arr(hostname, gateway_group_id, instance_id)) ---- -> metrics.node_info:set(1, gen_arr(hostname)) -509a485,494 -> -- update upstream_status metrics -> local stats = control.get_health_checkers() -> for _, stat in ipairs(stats) do -> for _, node in ipairs(stat.nodes) do -> metrics.upstream_status:set( -> (node.status == "healthy" or node.status == "mostly_healthy") and 1 or 0, -> gen_arr(stat.name, node.ip, node.port) -> ) -> end -> end -543a529,531 -> if not prometheus then -> core.response.exit(200, "{}") -> end -565a554,562 -> -> -> function _M.destroy() -> if prometheus ~= nil then -> prometheus_bkp = core.table.deepcopy(prometheus) -> prometheus = nil -> end -> end -> diff --git a/diffs/diff_file-logger.lua.diff b/diffs/diff_file-logger.lua.diff deleted file mode 100644 index 55f3508e6b57..000000000000 --- a/diffs/diff_file-logger.lua.diff +++ /dev/null @@ -1,21 +0,0 @@ -18a19 -> local expr = require("resty.expr.v1") -48a50,56 -> }, -> match = { -> type = "array", -> maxItems = 20, -> items = { -> type = "array", -> }, -77a86,91 -> if conf.match then -> local ok, err = expr.new(conf.match) -> if not ok then -> return nil, "failed to validate the 'match' expression: " .. err -> end -> end -162a177,179 -> if entry == nil then -> return -> end diff --git a/diffs/diff_gm.lua.diff b/diffs/diff_gm.lua.diff deleted file mode 100644 index 1212aa1256c4..000000000000 --- a/diffs/diff_gm.lua.diff +++ /dev/null @@ -1,4 +0,0 @@ -139c139 -< "into the APISIX-Base") ---- -> "into the APISIX-Runtime") diff --git a/diffs/diff_gzip.lua.diff b/diffs/diff_gzip.lua.diff deleted file mode 100644 index 99c88e30493f..000000000000 --- a/diffs/diff_gzip.lua.diff +++ /dev/null @@ -1,4 +0,0 @@ -105c105 -< core.log.error("need to build APISIX-Base to support setting gzip") ---- -> core.log.error("need to build APISIX-Runtime to support setting gzip") diff --git a/diffs/diff_helper.lua.diff b/diffs/diff_helper.lua.diff deleted file mode 100644 index e247cd85d64a..000000000000 --- a/diffs/diff_helper.lua.diff +++ /dev/null @@ -1,6 +0,0 @@ -52c52 -< local route = core.table.clone(ctx.matched_route).value ---- -> local route = core.table.deepcopy(ctx.matched_route).value -54a55 -> -- unimportant to send upstream info to OPA diff --git a/diffs/diff_hmac-auth.lua.diff b/diffs/diff_hmac-auth.lua.diff deleted file mode 100644 index 338d3bb81eae..000000000000 --- a/diffs/diff_hmac-auth.lua.diff +++ /dev/null @@ -1,96 +0,0 @@ -31,32d30 -< local schema_def = require("apisix.schema_def") -< local auth_utils = require("apisix.utils.auth") -66d63 -< anonymous_consumer = schema_def.anonymous_consumer_schema, -129,131c126,128 -< local cur_consumer, _, err = consumer.find_consumer(plugin_name, "key_id", key_id) -< if not cur_consumer then -< return nil, err or "Invalid key_id" ---- -> local consumer_conf = consumer.plugin(plugin_name) -> if not consumer_conf then -> return nil, "Missing related consumer" -133d129 -< core.log.info("consumer: ", core.json.delay_encode(consumer, true)) -135c131,138 -< return cur_consumer ---- -> local consumers = consumer.consumers_kv(plugin_name, consumer_conf, "key_id") -> local consumer = consumers[key_id] -> if not consumer then -> return nil, "Invalid key_id" -> end -> core.log.info("consumer: ", core.json.delay_encode(consumer)) -> -> return consumer -164c167 -< h .. ": " .. canonical_header) ---- -> h .. ": " .. canonical_header) -186,189d188 -< if not params then -< return nil -< end -< -294c293 -< if not auth_string:match("^Signature") then ---- -> if not core.string.has_prefix(auth_string, "Signature") then -325c324 -< local function find_consumer(conf, ctx) ---- -> function _M.rewrite(conf, ctx) -328,331c327,328 -< if not auth_utils.is_running_under_multi_auth(ctx) then -< core.log.warn("client request can't be validated: ", err) -< end -< return nil, nil, "client request can't be validated: " .. err ---- -> core.log.warn("client request can't be validated: ", err) -> return 401, {message = "client request can't be validated: " .. err} -333a331,333 -> if conf.hide_credentials then -> core.request.set_header("Authorization", nil) -> end -336,341c336,337 -< err = "client request can't be validated: " .. (err or "Invalid signature") -< if auth_utils.is_running_under_multi_auth(ctx) then -< return nil, nil, err -< end -< core.log.warn(err) -< return nil, nil, "client request can't be validated" ---- -> core.log.warn("client request can't be validated: ", err or "Invalid signature") -> return 401, {message = "client request can't be validated"} -344,369c340,342 -< local consumers_conf = consumer.consumers_conf(plugin_name) -< return validated_consumer, consumers_conf, err -< end -< -< -< function _M.rewrite(conf, ctx) -< local cur_consumer, consumers_conf, err = find_consumer(conf, ctx) -< if not cur_consumer then -< if not conf.anonymous_consumer then -< return 401, { message = err } -< end -< cur_consumer, consumers_conf, err = consumer.get_anonymous_consumer(conf.anonymous_consumer) -< if not cur_consumer then -< if auth_utils.is_running_under_multi_auth(ctx) then -< return 401, err -< end -< core.log.error(err) -< return 401, { message = "Invalid user authorization" } -< end -< end -< -< if conf.hide_credentials then -< core.request.set_header("Authorization", nil) -< end -< -< consumer.attach_consumer(ctx, cur_consumer, consumers_conf) ---- -> local consumer_conf = consumer.plugin(plugin_name) -> consumer.attach_consumer(ctx, validated_consumer, consumer_conf) -> core.log.info("hit hmac-auth rewrite") diff --git a/diffs/diff_http-dubbo.lua.diff b/diffs/diff_http-dubbo.lua.diff deleted file mode 100644 index e29a95963578..000000000000 --- a/diffs/diff_http-dubbo.lua.diff +++ /dev/null @@ -1,263 +0,0 @@ -0a1,16 -> -- -> -- Licensed to the Apache Software Foundation (ASF) under one or more -> -- contributor license agreements. See the NOTICE file distributed with -> -- this work for additional information regarding copyright ownership. -> -- The ASF licenses this file to You under the Apache License, Version 2.0 -> -- (the "License"); you may not use this file except in compliance with -> -- the License. You may obtain a copy of the License at -> -- -> -- http://www.apache.org/licenses/LICENSE-2.0 -> -- -> -- Unless required by applicable law or agreed to in writing, software -> -- distributed under the License is distributed on an "AS IS" BASIS, -> -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -> -- See the License for the specific language governing permissions and -> -- limitations under the License. -> -- -1a18,262 -> local require = require -> local core = require("apisix.core") -> local pairs = pairs -> local str_format = string.format -> local bit = require("bit") -> local rshift = bit.rshift -> local band = bit.band -> local char = string.char -> local tostring = tostring -> local ngx = ngx -> local type = type -> local plugin_name = "http-dubbo" -> -> -> local schema = { -> type = "object", -> properties = { -> service_name = { -> type = "string", -> minLength = 1, -> }, -> service_version = { -> type = "string", -> pattern = [[^\d+\.\d+\.\d+]], -> default ="0.0.0" -> }, -> method = { -> type = "string", -> minLength = 1, -> }, -> params_type_desc = { -> type = "string", -> default = "" -> }, -> serialization_header_key = { -> type = "string" -> }, -> serialized = { -> type = "boolean", -> default = false -> }, -> connect_timeout={ -> type = "number", -> default = 6000 -> }, -> read_timeout={ -> type = "number", -> default = 6000 -> }, -> send_timeout={ -> type = "number", -> default = 6000 -> } -> }, -> required = { "service_name", "method" }, -> } -> -> local _M = { -> version = 0.1, -> priority = 504, -> name = plugin_name, -> schema = schema, -> } -> -> function _M.check_schema(conf) -> return core.schema.check(schema, conf) -> end -> -> -> local function str_int32(int) -> return char(band(rshift(int, 24), 0xff), -> band(rshift(int, 16), 0xff), -> band(rshift(int, 8), 0xff), -> band(int, 0xff)) -> end -> -> -> local function parse_dubbo_header(header) -> for i = 1, 16 do -> local currentByte = header:byte(i) -> if not currentByte then -> return nil -> end -> end -> -> local magic_number = str_format("%04x", header:byte(1) * 256 + header:byte(2)) -> local message_flag = header:byte(3) -> local status = header:byte(4) -> local request_id = 0 -> for i = 5, 12 do -> request_id = request_id * 256 + header:byte(i) -> end -> -> local byte13Val = header:byte(13) * 256 * 256 * 256 -> local byte14Val = header:byte(14) * 256 * 256 -> local data_length = byte13Val + byte14Val + header:byte(15) * 256 + header:byte(16) -> -> local is_request = bit.band(bit.rshift(message_flag, 7), 0x01) == 1 and 1 or 0 -> local is_two_way = bit.band(bit.rshift(message_flag, 6), 0x01) == 1 and 1 or 0 -> local is_event = bit.band(bit.rshift(message_flag, 5), 0x01) == 1 and 1 or 0 -> -> return { -> magic_number = magic_number, -> message_flag = message_flag, -> is_request = is_request, -> is_two_way = is_two_way, -> is_event = is_event, -> status = status, -> request_id = request_id, -> data_length = data_length -> } -> end -> -> -> local function string_to_json_string(str) -> local result = "\"" -> for i = 1, #str do -> local byte = core.string.sub(str, i, i) -> if byte == "\\" then -> result = result .. "\\\\" -> elseif byte == "\n" then -> result = result .. "\\n" -> elseif byte == "\t" then -> result = result .. "\\t" -> elseif byte == "\r" then -> result = result .. "\\r" -> elseif byte == "\b" then -> result = result .. "\\b" -> elseif byte == "\f" then -> result = result .. "\\f" -> elseif byte == "\"" then -> result = result .. "\\\"" -> else -> result = result .. byte -> end -> end -> return result .. "\"" -> end -> -> -> local function get_dubbo_request(conf, ctx) -> -- use dubbo and fastjson -> local first_byte4 = "\xda\xbb\xc6\x00" -> -> local requestId = "\x00\x00\x00\x00\x00\x00\x00\x01" -> local version = "\"2.0.2\"\n" -> local service = "\"" .. conf.service_name .. "\"" .. "\n" -> -> local service_version = "\"" .. conf.service_version .. "\"" .. "\n" -> local method_name = "\"" .. conf.method .. "\"" .. "\n" -> -> local params_desc = "\"" .. conf.params_type_desc .. "\"" .. "\n" -> local params = "" -> local serialized = conf.serialized -> if conf.serialization_header_key then -> local serialization_header = core.request.header(ctx, conf.serialization_header_key) -> serialized = serialization_header == "true" -> end -> if serialized then -> params = core.request.get_body() -> if params then -> local end_of_params = core.string.sub(params, -1) -> if end_of_params ~= "\n" then -> params = params .. "\n" -> end -> end -> else -> local body_data = core.request.get_body() -> if body_data then -> local lua_object = core.json.decode(body_data); -> for _, v in pairs(lua_object) do -> local pt = type(v) -> if pt == "nil" then -> params = params .. "null" .. "\n" -> elseif pt == "string" then -> params = params .. string_to_json_string(v) .. "\n" -> elseif pt == "number" then -> params = params .. tostring(v) .. "\n" -> else -> params = params .. core.json.encode(v) .. "\n" -> end -> end -> end -> -> end -> local attachments = "{}\n" -> if params == nil then -> params = "" -> end -> local payload = #version + #service + #service_version -> + #method_name + #params_desc + #params + #attachments -> return { -> first_byte4, -> requestId, -> str_int32(payload), -> version, -> service, -> service_version, -> method_name, -> params_desc, -> params, -> attachments -> } -> end -> -> -> function _M.before_proxy(conf, ctx) -> local sock = ngx.socket.tcp() -> -> sock:settimeouts(conf.connect_timeout, conf.send_timeout, conf.read_timeout) -> local ok, err = sock:connect(ctx.picked_server.host, ctx.picked_server.port) -> if not ok then -> sock:close() -> core.log.error("failed to connect to upstream ", err) -> return 502 -> end -> local request = get_dubbo_request(conf, ctx) -> local bytes, _ = sock:send(request) -> if bytes > 0 then -> local header, _ = sock:receiveany(16); -> if header then -> local header_info = parse_dubbo_header(header) -> if header_info and header_info.status == 20 then -> local readline = sock:receiveuntil("\n") -> local body_status, _, _ = readline() -> if body_status then -> local response_status = core.string.sub(body_status, 1, 1) -> if response_status == "2" or response_status == "5" then -> sock:close() -> return 200 -> elseif response_status == "1" or response_status == "4" then -> local body, _, _ = readline() -> sock:close() -> return 200, body -> end -> end -> end -> end -> end -> sock:close() -> return 500 -> -> end -> -> return _M diff --git a/diffs/diff_init.lua.diff b/diffs/diff_init.lua.diff deleted file mode 100644 index f5adbac7b33a..000000000000 --- a/diffs/diff_init.lua.diff +++ /dev/null @@ -1,37 +0,0 @@ -25a26,30 -> local redis_single_new -> local redis_cluster_new -> do -> local redis_src = "apisix.plugins.limit-conn.limit-conn-redis" -> redis_single_new = require(redis_src).new -26a32,36 -> local cluster_src = "apisix.plugins.limit-conn.limit-conn-redis-cluster" -> redis_cluster_new = require(cluster_src).new -> end -> -> -34,36c44,63 -< core.log.info("create new limit-conn plugin instance") -< return limit_conn_new(shdict_name, conf.conn, conf.burst, -< conf.default_conn_delay) ---- -> if conf.policy == "local" then -> core.log.info("create new limit-conn plugin instance") -> return limit_conn_new(shdict_name, conf.conn, conf.burst, -> conf.default_conn_delay) -> elseif conf.policy == "redis" then -> -> core.log.info("create new limit-conn redis plugin instance") -> -> return redis_single_new("plugin-limit-conn", conf, conf.conn, conf.burst, -> conf.default_conn_delay) -> -> elseif conf.policy == "redis-cluster" then -> -> core.log.info("create new limit-conn redis-cluster plugin instance") -> -> return redis_cluster_new("plugin-limit-conn", conf, conf.conn, conf.burst, -> conf.default_conn_delay) -> else -> return nil, "policy enum not match" -> end diff --git a/diffs/diff_jwe-decrypt.lua.diff b/diffs/diff_jwe-decrypt.lua.diff deleted file mode 100644 index 4e6da31c8172..000000000000 --- a/diffs/diff_jwe-decrypt.lua.diff +++ /dev/null @@ -1,280 +0,0 @@ -0a1,23 -> -- -> -- Licensed to the Apache Software Foundation (ASF) under one or more -> -- contributor license agreements. See the NOTICE file distributed with -> -- this work for additional information regarding copyright ownership. -> -- The ASF licenses this file to You under the Apache License, Version 2.0 -> -- (the "License"); you may not use this file except in compliance with -> -- the License. You may obtain a copy of the License at -> -- -> -- http://www.apache.org/licenses/LICENSE-2.0 -> -- -> -- Unless required by applicable law or agreed to in writing, software -> -- distributed under the License is distributed on an "AS IS" BASIS, -> -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -> -- See the License for the specific language governing permissions and -> -- limitations under the License. -> -- -> local core = require("apisix.core") -> local consumer_mod = require("apisix.consumer") -> local base64 = require("ngx.base64") -> local aes = require("resty.aes") -> local ngx = ngx -> local sub_str = string.sub -> local cipher = aes.cipher(256, "gcm") -1a25,279 -> local plugin_name = "jwe-decrypt" -> -> local schema = { -> type = "object", -> properties = { -> header = { -> type = "string", -> default = "Authorization" -> }, -> forward_header = { -> type = "string", -> default = "Authorization" -> }, -> strict = { -> type = "boolean", -> default = true -> } -> }, -> required = { "header", "forward_header" }, -> } -> -> local consumer_schema = { -> type = "object", -> properties = { -> key = { type = "string" }, -> secret = { type = "string" }, -> is_base64_encoded = { type = "boolean" }, -> }, -> required = { "key", "secret" }, -> encrypt_fields = { "key", "secret" }, -> } -> -> -> local _M = { -> version = 0.1, -> priority = 2509, -> type = 'auth', -> name = plugin_name, -> schema = schema, -> consumer_schema = consumer_schema -> } -> -> -> function _M.check_schema(conf, schema_type) -> if schema_type == core.schema.TYPE_CONSUMER then -> local ok, err = core.schema.check(consumer_schema, conf) -> if not ok then -> return false, err -> end -> -> local local_conf, err = core.config.local_conf(true) -> if not local_conf then -> return false, "failed to load the configuration file: " .. err -> end -> -> local encrypted = core.table.try_read_attr(local_conf, "apisix", "data_encryption", -> "enable_encrypt_fields") and (core.config.type == "etcd") -> -> -- if encrypted, the secret length will exceed 32 so don't check -> if not encrypted then -> -- restrict the length of secret, we use A256GCM for encryption, -> -- so the length should be 32 chars only -> if conf.is_base64_encoded then -> if #base64.decode_base64url(conf.secret) ~= 32 then -> return false, "the secret length after base64 decode should be 32 chars" -> end -> else -> if #conf.secret ~= 32 then -> return false, "the secret length should be 32 chars" -> end -> end -> end -> -> return true -> end -> return core.schema.check(schema, conf) -> end -> -> -> local function get_secret(conf) -> local secret = conf.secret -> -> if conf.is_base64_encoded then -> return base64.decode_base64url(secret) -> end -> -> return secret -> end -> -> -> local function load_jwe_token(jwe_token) -> local o = { valid = false } -> o.header, o.enckey, o.iv, o.ciphertext, o.tag = jwe_token:match("(.-)%.(.-)%.(.-)%.(.-)%.(.*)") -> if not o.header then -> return o -> end -> local he = base64.decode_base64url(o.header) -> if not he then -> return o -> end -> o.header_obj = core.json.decode(he) -> if not o.header_obj then -> return o -> end -> o.valid = true -> return o -> end -> -> -> local function jwe_decrypt_with_obj(o, consumer) -> local secret = get_secret(consumer.auth_conf) -> local dec = base64.decode_base64url -> -> local aes_default = aes:new( -> secret, -> nil, -> cipher, -> {iv = dec(o.iv)} -> ) -> -> local decrypted = aes_default:decrypt(dec(o.ciphertext), dec(o.tag)) -> return decrypted -> end -> -> -> local function jwe_encrypt(o, consumer) -> local secret = get_secret(consumer.auth_conf) -> local enc = base64.encode_base64url -> -> local aes_default = aes:new( -> secret, -> nil, -> cipher, -> {iv = o.iv}) -> -> local encrypted = aes_default:encrypt(o.plaintext) -> -> o.ciphertext = encrypted[1] -> o.tag = encrypted[2] -> return o.header .. ".." .. enc(o.iv) .. "." .. enc(o.ciphertext) .. "." .. enc(o.tag) -> end -> -> -> local function get_consumer(key) -> local consumer_conf = consumer_mod.plugin(plugin_name) -> if not consumer_conf then -> return nil -> end -> local consumers = consumer_mod.consumers_kv(plugin_name, consumer_conf, "key") -> if not consumers then -> return nil -> end -> core.log.info("consumers: ", core.json.delay_encode(consumers)) -> return consumers[key] -> end -> -> -> local function fetch_jwe_token(conf, ctx) -> local token = core.request.header(ctx, conf.header) -> if token then -> local prefix = sub_str(token, 1, 7) -> if prefix == 'Bearer ' or prefix == 'bearer ' then -> return sub_str(token, 8) -> end -> -> return token -> end -> end -> -> -> function _M.rewrite(conf, ctx) -> -- fetch token and hide credentials if necessary -> local jwe_token, err = fetch_jwe_token(conf, ctx) -> if not jwe_token and conf.strict then -> core.log.info("failed to fetch JWE token: ", err) -> return 403, { message = "missing JWE token in request" } -> end -> -> local jwe_obj = load_jwe_token(jwe_token) -> if not jwe_obj.valid then -> return 400, { message = "JWE token invalid" } -> end -> -> if not jwe_obj.header_obj.kid then -> return 400, { message = "missing kid in JWE token" } -> end -> -> local consumer = get_consumer(jwe_obj.header_obj.kid) -> if not consumer then -> return 400, { message = "invalid kid in JWE token" } -> end -> -> local plaintext, err = jwe_decrypt_with_obj(jwe_obj, consumer) -> if err ~= nil then -> return 400, { message = "failed to decrypt JWE token" } -> end -> core.request.set_header(ctx, conf.forward_header, plaintext) -> end -> -> -> local function gen_token() -> local args = core.request.get_uri_args() -> if not args or not args.key then -> return core.response.exit(400) -> end -> -> local key = args.key -> local payload = args.payload -> if payload then -> payload = ngx.unescape_uri(payload) -> end -> -> local consumer = get_consumer(key) -> if not consumer then -> return core.response.exit(404) -> end -> -> core.log.info("consumer: ", core.json.delay_encode(consumer)) -> -> local iv = args.iv -> if not iv then -> -- TODO: random bytes -> iv = "123456789012" -> end -> -> local obj = { -> iv = iv, -> plaintext = payload, -> header_obj = { -> kid = key, -> alg = "dir", -> enc = "A256GCM", -> }, -> } -> obj.header = base64.encode_base64url(core.json.encode(obj.header_obj)) -> local jwe_token = jwe_encrypt(obj, consumer) -> if jwe_token then -> return core.response.exit(200, jwe_token) -> end -> -> return core.response.exit(404) -> end -> -> -> function _M.api() -> return { -> { -> methods = { "GET" }, -> uri = "/apisix/plugin/jwe/encrypt", -> handler = gen_token, -> } -> } -> end -> -> return _M diff --git a/diffs/diff_jwt-auth.lua.diff b/diffs/diff_jwt-auth.lua.diff deleted file mode 100644 index 5acb7dee9589..000000000000 --- a/diffs/diff_jwt-auth.lua.diff +++ /dev/null @@ -1,368 +0,0 @@ -17a18 -> local jwt = require("resty.jwt") -25d25 -< local ngx_time = ngx.time -31,33d30 -< local schema_def = require("apisix.schema_def") -< local jwt_parser = require("apisix.plugins.jwt-auth.parser") -< local auth_utils = require("apisix.utils.auth") -34a32 -> -53,67c51 -< }, -< anonymous_consumer = schema_def.anonymous_consumer_schema, -< claims_to_verify = { -< type = "array", -< items = { -< type = "string", -< enum = {"exp","nbf"}, -< }, -< uniqueItems = true, -< default = {"exp", "nbf"}, -< }, -< key_claim_name = { -< type = "string", -< default = "key" -< }, ---- -> } -75,82c59,60 -< key = { -< type = "string", -< minLength = 1, -< }, -< secret = { -< type = "string", -< minLength = 1, -< }, ---- -> key = {type = "string"}, -> secret = {type = "string"}, -85,99c63 -< enum = { -< "HS256", -< "HS384", -< "HS512", -< "RS256", -< "RS384", -< "RS512", -< "ES256", -< "ES384", -< "ES512", -< "PS256", -< "PS384", -< "PS512", -< "EdDSA", -< }, ---- -> enum = {"HS256", "HS512", "RS256", "ES256"}, -119c83 -< enum = {"HS256", "HS384", "HS512"}, ---- -> enum = {"HS256", "HS512"}, -126,133c90 -< public_key = { -< type = "string", -< minLength = 1, -< }, -< private_key= { -< type = "string", -< minLength = 1, -< }, ---- -> public_key = {type = "string"}, -135,146c92 -< enum = { -< "RS256", -< "RS384", -< "RS512", -< "ES256", -< "ES384", -< "ES512", -< "PS256", -< "PS384", -< "PS512", -< "EdDSA", -< }, ---- -> enum = {"RS256", "ES256"}, -149c95 -< required = {"public_key", "private_key"}, ---- -> required = {"public_key"}, -154c100 -< encrypt_fields = {"secret", "private_key"}, ---- -> encrypt_fields = {"secret"}, -183,185c129 -< local is_hs_alg = conf.algorithm:sub(1, 2) == "HS" -< -< if is_hs_alg and not conf.secret then ---- -> if conf.algorithm ~= "RS256" and conf.algorithm ~= "ES256" and not conf.secret then -193,203d136 -< if not is_hs_alg then -< -- Possible options are a) public key is missing -< -- b) private key is missing -< if not conf.public_key then -< return false, "missing valid public key" -< end -< if not conf.private_key then -< return false, "missing valid private key" -< end -< end -< -276c209 -< local function get_secret(conf, consumer_name) ---- -> local function get_secret(conf) -286,298c219,224 -< -< local function get_rsa_or_ecdsa_keypair(conf, consumer_name) -< local public_key = conf.public_key -< local private_key = conf.private_key -< -< if public_key and private_key then -< return public_key, private_key -< elseif public_key and not private_key then -< return nil, nil, "missing private key" -< elseif not public_key and private_key then -< return nil, nil, "missing public key" -< else -< return nil, nil, "public and private keys are missing" ---- -> local function get_auth_secret(auth_conf) -> if not auth_conf.algorithm or auth_conf.algorithm == "HS256" -> or auth_conf.algorithm == "HS512" then -> return get_secret(auth_conf) -> elseif auth_conf.algorithm == "RS256" or auth_conf.algorithm == "ES256" then -> return auth_conf.public_key -302,350c228 -< -< local function get_real_payload(key, auth_conf, payload, key_claim_name) -< local real_payload = { -< [key_claim_name] = key, -< exp = ngx_time() + auth_conf.exp -< } -< if payload then -< local extra_payload = core.json.decode(payload) -< core.table.merge(real_payload, extra_payload) -< end -< return real_payload -< end -< -< -< local function get_auth_secret(consumer, is_private) -< if not consumer.auth_conf.algorithm or consumer.auth_conf.algorithm:sub(1, 2) == "HS" then -< return get_secret(consumer.auth_conf) -< else -< local public_key, private_key, err = get_rsa_or_ecdsa_keypair(consumer.auth_conf) -< if is_private then -< return private_key, err -< end -< return public_key, err -< end -< end -< -< -< local function gen_jwt_header(consumer) -< local x5c -< if consumer.auth_conf.algorithm and consumer.auth_conf.algorithm:sub(1, 2) ~= "HS" then -< local public_key, _, err = get_rsa_or_ecdsa_keypair( -< consumer.auth_conf, consumer.username -< ) -< if not public_key then -< core.log.error("failed to sign jwt, err: ", err) -< core.response.exit(503, "failed to sign jwt") -< end -< x5c = {public_key} -< end -< -< return { -< typ = "JWT", -< alg = consumer.auth_conf.algorithm, -< x5c = x5c -< } -< end -< -< -< local function find_consumer(conf, ctx) ---- -> function _M.rewrite(conf, ctx) -355c233 -< return nil, nil, "Missing JWT token in request" ---- -> return 401, {message = "Missing JWT token in request"} -358,364c236,240 -< local jwt, err = jwt_parser.new(jwt_token) -< if not jwt then -< if auth_utils.is_running_under_multi_auth(ctx) then -< return nil, nil, "JWT token invalid " .. err -< end -< core.log.warn("JWT token invalid: ", err) -< return nil, nil, "JWT token invalid" ---- -> local jwt_obj = jwt:load_jwt(jwt_token) -> core.log.info("jwt object: ", core.json.delay_encode(jwt_obj)) -> if not jwt_obj.valid then -> core.log.warn("JWT token invalid: ", jwt_obj.reason) -> return 401, {message = "JWT token invalid"} -366d241 -< core.log.debug("parsed jwt object: ", core.json.delay_encode(jwt, true)) -368,369c243 -< local key_claim_name = conf.key_claim_name -< local user_key = jwt.payload and jwt.payload[key_claim_name] ---- -> local user_key = jwt_obj.payload and jwt_obj.payload.key -371c245 -< return nil, nil, "missing " .. key_claim_name .. " claim in JWT token" ---- -> return 401, {message = "missing user key in JWT token"} -374,381c248,250 -< local consumer, consumer_conf, err = consumer_mod.find_consumer(plugin_name, "key", user_key) -< if not consumer then -< local err = "failed to find consumer: " .. (err or "invalid user key") -< if auth_utils.is_running_under_multi_auth(ctx) then -< return nil, nil, err -< end -< core.log.warn(err) -< return nil, nil, "Invalid user key in JWT token" ---- -> local consumer_conf = consumer_mod.plugin(plugin_name) -> if not consumer_conf then -> return 401, {message = "Missing related consumer"} -384,392c253 -< local auth_secret, err = get_auth_secret(consumer) -< if not auth_secret then -< err = "failed to retrieve secrets, err: " .. err -< if auth_utils.is_running_under_multi_auth(ctx) then -< return nil, nil, err -< end -< core.log.error(err) -< return nil, nil, "failed to verify jwt" -< end ---- -> local consumers = consumer_mod.consumers_kv(plugin_name, consumer_conf, "key") -394,422c255 -< -- Now verify the JWT signature -< if not jwt:verify_signature(auth_secret) then -< local err = "failed to verify jwt: signature mismatch: " .. jwt.signature -< if auth_utils.is_running_under_multi_auth(ctx) then -< return nil, nil, err -< end -< core.log.warn(err) -< return nil, nil, "failed to verify jwt" -< end -< -< -- Verify the JWT registered claims -< local ok, err = jwt:verify_claims(conf.claims_to_verify, { -< lifetime_grace_period = consumer.auth_conf.lifetime_grace_period -< }) -< if not ok then -< err = "failed to verify jwt: " .. err -< if auth_utils.is_running_under_multi_auth(ctx) then -< return nil, nil, err -< end -< core.log.error(err) -< return nil, nil, "failed to verify jwt" -< end -< -< return consumer, consumer_conf -< end -< -< -< function _M.rewrite(conf, ctx) -< local consumer, consumer_conf, err = find_consumer(conf, ctx) ---- -> local consumer = consumers[user_key] -424,434c257 -< if not conf.anonymous_consumer then -< return 401, { message = err } -< end -< consumer, consumer_conf, err = consumer_mod.get_anonymous_consumer(conf.anonymous_consumer) -< if not consumer then -< if auth_utils.is_running_under_multi_auth(ctx) then -< return 401, err -< end -< core.log.error(err) -< return 401, { message = "Invalid user authorization"} -< end ---- -> return 401, {message = "Invalid user key in JWT token"} -436d258 -< -439,467c261 -< consumer_mod.attach_consumer(ctx, consumer, consumer_conf) -< core.log.info("hit jwt-auth rewrite") -< end -< -< -< local function gen_token() -< local args = core.request.get_uri_args() -< if not args or not args.key then -< return core.response.exit(400) -< end -< -< local key = args.key -< local payload = args.payload -< local key_claim_name = args.key_claim_name or "key" -< -< if payload then -< payload = ngx.unescape_uri(payload) -< end -< -< if not key then -< return 401, {message = "Missing user key in request"} -< end -< -< local consumer, _, _ = consumer_mod.find_consumer(plugin_name, "key", key) -< if not consumer then -< return core.response.exit(404) -< end -< -< local auth_secret, err = get_auth_secret(consumer, true) ---- -> local auth_secret, err = get_auth_secret(consumer.auth_conf) -470c264 -< return core.response.exit(401) ---- -> return 503, {message = "failed to verify jwt"} -471a266,267 -> local claim_specs = jwt:get_default_validation_options(jwt_obj) -> claim_specs.lifetime_grace_period = consumer.auth_conf.lifetime_grace_period -473,477c269,270 -< local jwt_header, err = gen_jwt_header(consumer) -< if not jwt_header then -< core.log.error("failed to generate jwt header: ", err) -< return core.response.exit(503) -< end ---- -> jwt_obj = jwt:verify_jwt_obj(auth_secret, jwt_obj, claim_specs) -> core.log.info("jwt object: ", core.json.delay_encode(jwt_obj)) -479,484c272,274 -< local real_payload = get_real_payload(key, consumer.auth_conf, payload, key_claim_name) -< local jwt_token, err = jwt_parser.encode(consumer.auth_conf.algorithm, auth_secret, -< jwt_header, real_payload) -< if not jwt_token then -< core.log.warn("failed to sign jwt: ", err) -< return core.response.exit(500, {message = "failed to sign jwt"}) ---- -> if not jwt_obj.verified then -> core.log.warn("failed to verify jwt: ", jwt_obj.reason) -> return 401, {message = "failed to verify jwt"} -487,498c277,278 -< return core.response.exit(200, jwt_token) -< end -< -< -< function _M.api() -< return { -< { -< methods = {"GET"}, -< uri = "/apisix/plugin/jwt/sign", -< handler = gen_token, -< } -< } ---- -> consumer_mod.attach_consumer(ctx, consumer, consumer_conf) -> core.log.info("hit jwt-auth rewrite") diff --git a/diffs/diff_kafka-logger.lua.diff b/diffs/diff_kafka-logger.lua.diff deleted file mode 100644 index e723df20cb41..000000000000 --- a/diffs/diff_kafka-logger.lua.diff +++ /dev/null @@ -1,21 +0,0 @@ -0a1,16 -> -- -> -- Licensed to the Apache Software Foundation (ASF) under one or more -> -- contributor license agreements. See the NOTICE file distributed with -> -- this work for additional information regarding copyright ownership. -> -- The ASF licenses this file to You under the Apache License, Version 2.0 -> -- (the "License"); you may not use this file except in compliance with -> -- the License. You may obtain a copy of the License at -> -- -> -- http://www.apache.org/licenses/LICENSE-2.0 -> -- -> -- Unless required by applicable law or agreed to in writing, software -> -- distributed under the License is distributed on an "AS IS" BASIS, -> -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -> -- See the License for the specific language governing permissions and -> -- limitations under the License. -> -- -84c100 -< enum = { 0, 1, -1 }, ---- -> enum = { 1, -1 }, diff --git a/diffs/diff_key-auth.lua.diff b/diffs/diff_key-auth.lua.diff deleted file mode 100644 index 227e15a3ea46..000000000000 --- a/diffs/diff_key-auth.lua.diff +++ /dev/null @@ -1,61 +0,0 @@ -20,21d19 -< local schema_def = require("apisix.schema_def") -< local auth_utils = require("apisix.utils.auth") -22a21 -> -37,38c36 -< }, -< anonymous_consumer = schema_def.anonymous_consumer_schema, ---- -> } -71c69 -< local function find_consumer(ctx, conf) ---- -> function _M.rewrite(conf, ctx) -82c80 -< return nil, nil, "Missing API key found in request" ---- -> return 401, {message = "Missing API key in request"} -85c83,89 -< local consumer, consumer_conf, err = consumer_mod.find_consumer(plugin_name, "key", key, ctx) ---- -> local consumer_conf = consumer_mod.plugin(plugin_name) -> if not consumer_conf then -> return 401, {message = "Missing related consumer"} -> end -> -> local consumers = consumer_mod.consumers_kv(plugin_name, consumer_conf, "key") -> local consumer = consumers[key] -87,92c91 -< err = "failed to find consumer: " .. (err or "invalid api key") -< if auth_utils.is_running_under_multi_auth(ctx) then -< return nil, nil, err -< end -< core.log.warn(err) -< return nil, nil, "Invalid API key in request" ---- -> return 401, {message = "Invalid API key in request"} -93a93 -> core.log.info("consumer: ", core.json.delay_encode(consumer)) -105,125d104 -< return consumer, consumer_conf -< end -< -< -< function _M.rewrite(conf, ctx) -< local consumer, consumer_conf, err = find_consumer(ctx, conf) -< if not consumer then -< if not conf.anonymous_consumer then -< return 401, { message = err} -< end -< consumer, consumer_conf, err = consumer_mod.get_anonymous_consumer(conf.anonymous_consumer) -< if not consumer then -< if auth_utils.is_running_under_multi_auth(ctx) then -< return 401, err -< end -< core.log.error(err) -< return 401, { message = "Invalid user authorization"} -< end -< end -< -< core.log.info("consumer: ", core.json.delay_encode(consumer)) diff --git a/diffs/diff_ldap-auth.lua.diff b/diffs/diff_ldap-auth.lua.diff deleted file mode 100644 index b6aef4d6e8d5..000000000000 --- a/diffs/diff_ldap-auth.lua.diff +++ /dev/null @@ -1,20 +0,0 @@ -114,115c114,119 -< if err then -< core.log.warn(err) ---- -> if err or not user then -> if err then -> core.log.warn(err) -> else -> core.log.warn("nil user") -> end -121,122d124 -< -< local userdn = conf.uid .. "=" .. user.username .. "," .. conf.base_dn -139a142,143 -> local user_dn = conf.uid .. "=" .. user.username .. "," .. conf.base_dn -> -147c151 -< local consumer = consumers[userdn] ---- -> local consumer = consumers[user_dn] diff --git a/diffs/diff_limit-conn-redis-cluster.lua.diff b/diffs/diff_limit-conn-redis-cluster.lua.diff deleted file mode 100644 index 93a1f482d7f3..000000000000 --- a/diffs/diff_limit-conn-redis-cluster.lua.diff +++ /dev/null @@ -1,79 +0,0 @@ -0a1,21 -> -- -> -- Licensed to the Apache Software Foundation (ASF) under one or more -> -- contributor license agreements. See the NOTICE file distributed with -> -- this work for additional information regarding copyright ownership. -> -- The ASF licenses this file to You under the Apache License, Version 2.0 -> -- (the "License"); you may not use this file except in compliance with -> -- the License. You may obtain a copy of the License at -> -- -> -- http://www.apache.org/licenses/LICENSE-2.0 -> -- -> -- Unless required by applicable law or agreed to in writing, software -> -- distributed under the License is distributed on an "AS IS" BASIS, -> -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -> -- See the License for the specific language governing permissions and -> -- limitations under the License. -> -- -> local redis_cluster = require("apisix.utils.rediscluster") -> local core = require("apisix.core") -> local util = require("apisix.plugins.limit-conn.util") -> local setmetatable = setmetatable -> local ngx_timer_at = ngx.timer.at -1a23,78 -> local _M = {version = 0.1} -> -> -> local mt = { -> __index = _M -> } -> -> -> function _M.new(plugin_name, conf, max, burst, default_conn_delay) -> -> local red_cli, err = redis_cluster.new(conf, "plugin-limit-conn-redis-cluster-slot-lock") -> if not red_cli then -> return nil, err -> end -> local self = { -> conf = conf, -> plugin_name = plugin_name, -> burst = burst, -> max = max + 0, -- just to ensure the param is good -> unit_delay = default_conn_delay, -> red_cli = red_cli, -> } -> return setmetatable(self, mt) -> end -> -> -> function _M.incoming(self, key, commit) -> return util.incoming(self, self.red_cli, key, commit) -> end -> -> -> function _M.is_committed(self) -> return self.committed -> end -> -> -> local function leaving_thread(premature, self, key, req_latency) -> return util.leaving(self, self.red_cli, key, req_latency) -> end -> -> -> function _M.leaving(self, key, req_latency) -> -- log_by_lua can't use cosocket -> local ok, err = ngx_timer_at(0, leaving_thread, self, key, req_latency) -> if not ok then -> core.log.error("failed to create timer: ", err) -> return nil, err -> end -> -> return ok -> -> end -> -> -> -> return _M diff --git a/diffs/diff_limit-conn-redis.lua.diff b/diffs/diff_limit-conn-redis.lua.diff deleted file mode 100644 index d71045ccf122..000000000000 --- a/diffs/diff_limit-conn-redis.lua.diff +++ /dev/null @@ -1,86 +0,0 @@ -0a1,20 -> -- -> -- Licensed to the Apache Software Foundation (ASF) under one or more -> -- contributor license agreements. See the NOTICE file distributed with -> -- this work for additional information regarding copyright ownership. -> -- The ASF licenses this file to You under the Apache License, Version 2.0 -> -- (the "License"); you may not use this file except in compliance with -> -- the License. You may obtain a copy of the License at -> -- -> -- http://www.apache.org/licenses/LICENSE-2.0 -> -- -> -- Unless required by applicable law or agreed to in writing, software -> -- distributed under the License is distributed on an "AS IS" BASIS, -> -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -> -- See the License for the specific language governing permissions and -> -- limitations under the License. -> -- -> local redis = require("apisix.utils.redis") -> local core = require("apisix.core") -> local util = require("apisix.plugins.limit-conn.util") -> local ngx_timer_at = ngx.timer.at -1a22,85 -> local setmetatable = setmetatable -> -> -> local _M = {version = 0.1} -> -> -> local mt = { -> __index = _M -> } -> -> function _M.new(plugin_name, conf, max, burst, default_conn_delay) -> -> local self = { -> conf = conf, -> plugin_name = plugin_name, -> burst = burst, -> max = max + 0, -- just to ensure the param is good -> unit_delay = default_conn_delay, -> } -> return setmetatable(self, mt) -> end -> -> -> function _M.incoming(self, key, commit) -> local conf = self.conf -> local red, err = redis.new(conf) -> if not red then -> return red, err -> end -> return util.incoming(self, red, key, commit) -> end -> -> -> function _M.is_committed(self) -> return self.committed -> end -> -> -> local function leaving_thread(premature, self, key, req_latency) -> -> local conf = self.conf -> local red, err = redis.new(conf) -> if not red then -> return red, err -> end -> return util.leaving(self, red, key, req_latency) -> end -> -> -> function _M.leaving(self, key, req_latency) -> -- log_by_lua can't use cosocket -> local ok, err = ngx_timer_at(0, leaving_thread, self, key, req_latency) -> if not ok then -> core.log.error("failed to create timer: ", err) -> return nil, err -> end -> -> return ok -> -> end -> -> -> -> return _M diff --git a/diffs/diff_limit-conn.lua.diff b/diffs/diff_limit-conn.lua.diff deleted file mode 100644 index fbb4d0aa083b..000000000000 --- a/diffs/diff_limit-conn.lua.diff +++ /dev/null @@ -1,45 +0,0 @@ -17,18c17,21 -< local core = require("apisix.core") -< local limit_conn = require("apisix.plugins.limit-conn.init") ---- -> local core = require("apisix.core") -> local limit_conn = require("apisix.plugins.limit-conn.init") -> local redis_schema = require("apisix.utils.redis-schema") -> local policy_to_additional_properties = redis_schema.schema -> local plugin_name = "limit-conn" -21c24 -< local plugin_name = "limit-conn" ---- -> -25c28 -< conn = {type = "integer", exclusiveMinimum = 0}, ---- -> conn = {type = "integer", exclusiveMinimum = 0}, -- limit.conn max -33a37,41 -> policy = { -> type = "string", -> enum = {"redis", "redis-cluster", "local"}, -> default = "local", -> }, -42c50,68 -< required = {"conn", "burst", "default_conn_delay", "key"} ---- -> required = {"conn", "burst", "default_conn_delay", "key"}, -> ["if"] = { -> properties = { -> policy = { -> enum = {"redis"}, -> }, -> }, -> }, -> ["then"] = policy_to_additional_properties.redis, -> ["else"] = { -> ["if"] = { -> properties = { -> policy = { -> enum = {"redis-cluster"}, -> }, -> }, -> }, -> ["then"] = policy_to_additional_properties["redis-cluster"], -> } diff --git a/diffs/diff_limit-count-local.lua.diff b/diffs/diff_limit-count-local.lua.diff deleted file mode 100644 index c17f4da76f8f..000000000000 --- a/diffs/diff_limit-count-local.lua.diff +++ /dev/null @@ -1,7 +0,0 @@ -68,71c68 -< local reset = 0 -< if not delay then -< return delay, remaining, reset -< end ---- -> local reset diff --git a/diffs/diff_limit-count-redis-cluster.lua.diff b/diffs/diff_limit-count-redis-cluster.lua.diff deleted file mode 100644 index 06aff02bc481..000000000000 --- a/diffs/diff_limit-count-redis-cluster.lua.diff +++ /dev/null @@ -1,75 +0,0 @@ -18c18 -< local rediscluster = require("resty.rediscluster") ---- -> local redis_cluster = require("apisix.utils.rediscluster") -20d19 -< local delayed_syncer = require("apisix.plugins.limit-count.delayed-syncer") -23d21 -< local ipairs = ipairs -34c32,33 -< local ttl = redis.call('pttl', KEYS[1]) ---- -> assert(tonumber(ARGV[3]) >= 1, "cost must be at least 1") -> local ttl = redis.call('ttl', KEYS[1]) -37c36 -< return {ARGV[1] - ARGV[3], ARGV[2] * 1000} ---- -> return {ARGV[1] - ARGV[3], ARGV[2]} -43,75d41 -< local function new_redis_cluster(conf) -< local config = { -< -- can set different name for different redis cluster -< name = conf.redis_cluster_name, -< serv_list = {}, -< read_timeout = conf.redis_timeout, -< auth = conf.redis_password, -< dict_name = "plugin-limit-count-redis-cluster-slot-lock", -< connect_opts = { -< ssl = conf.redis_cluster_ssl, -< ssl_verify = conf.redis_cluster_ssl_verify, -< } -< } -< -< for i, conf_item in ipairs(conf.redis_cluster_nodes) do -< local host, port, err = core.utils.parse_addr(conf_item) -< if err then -< return nil, "failed to parse address: " .. conf_item -< .. " err: " .. err -< end -< -< config.serv_list[i] = {ip = host, port = port} -< end -< -< local red_cli, err = rediscluster:new(config) -< if not red_cli then -< return nil, "failed to new redis cluster: " .. err -< end -< -< return red_cli -< end -< -< -77c43 -< local red_cli, err = new_redis_cluster(conf) ---- -> local red_cli, err = redis_cluster.new(conf, "plugin-limit-count-redis-cluster-slot-lock") -89c55 -< self.delayed_syncer = delayed_syncer.new(limit, window, conf, self) ---- -> -93,103d58 -< function _M.incoming_delayed(self, key, cost, syncer_id) -< core.log.info("delayed sync to redis-cluster") -- for sanity test -< local remaining, reset, err = self.delayed_syncer:delayed_sync(key, cost, syncer_id) -< if not remaining then -< return nil, err, 0 -< end -< if remaining < 0 then -< return nil, "rejected", reset -< end -< return 0, remaining, reset -< end -119c74 -< ttl = res[2] / 1000.0 ---- -> ttl = res[2] diff --git a/diffs/diff_limit-count-redis.lua.diff b/diffs/diff_limit-count-redis.lua.diff deleted file mode 100644 index 2822fcae202c..000000000000 --- a/diffs/diff_limit-count-redis.lua.diff +++ /dev/null @@ -1,84 +0,0 @@ -17c17 -< local redis_new = require("resty.redis").new ---- -> local redis = require("apisix.utils.redis") -19d18 -< local delayed_syncer = require("apisix.plugins.limit-count.delayed-syncer") -34c33,34 -< local ttl = redis.call('pttl', KEYS[1]) ---- -> assert(tonumber(ARGV[3]) >= 1, "cost must be at least 1") -> local ttl = redis.call('ttl', KEYS[1]) -37c37 -< return {ARGV[1] - ARGV[3], ARGV[2] * 1000} ---- -> return {ARGV[1] - ARGV[3], ARGV[2]} -42,44d41 -< local function redis_cli(conf) -< local red = redis_new() -< local timeout = conf.redis_timeout or 1000 -- 1sec -46,86d42 -< red:set_timeouts(timeout, timeout, timeout) -< -< local sock_opts = { -< ssl = conf.redis_ssl, -< ssl_verify = conf.redis_ssl_verify -< } -< -< local ok, err = red:connect(conf.redis_host, conf.redis_port or 6379, sock_opts) -< if not ok then -< return false, err -< end -< -< local count -< count, err = red:get_reused_times() -< if 0 == count then -< if conf.redis_password and conf.redis_password ~= '' then -< local ok, err -< if conf.redis_username then -< ok, err = red:auth(conf.redis_username, conf.redis_password) -< else -< ok, err = red:auth(conf.redis_password) -< end -< if not ok then -< return nil, err -< end -< end -< -< -- select db -< if conf.redis_database ~= 0 then -< local ok, err = red:select(conf.redis_database) -< if not ok then -< return false, "failed to change redis db, err: " .. err -< end -< end -< elseif err then -< -- core.log.info(" err: ", err) -< return nil, err -< end -< return red, nil -< end -< -96d51 -< self.delayed_syncer = delayed_syncer.new(limit, window, conf, self) -100,111d54 -< function _M.incoming_delayed(self, key, cost, syncer_id) -< core.log.info("delayed sync to redis") -- for sanity test -< local remaining, reset, err = self.delayed_syncer:delayed_sync(key, cost, syncer_id) -< if not remaining then -< return nil, err, 0 -< end -< if remaining < 0 then -< return nil, "rejected", reset -< end -< return 0, remaining, reset -< end -< -114c57 -< local red, err = redis_cli(conf) ---- -> local red, err = redis.new(conf) -132c75 -< ttl = res[2] / 1000.0 ---- -> ttl = res[2] diff --git a/diffs/diff_limit-count.lua.diff b/diffs/diff_limit-count.lua.diff deleted file mode 100644 index 3f5ffa8c67d2..000000000000 --- a/diffs/diff_limit-count.lua.diff +++ /dev/null @@ -1,27 +0,0 @@ -19c19 -< local workflow = require("apisix.plugins.workflow") ---- -> -22c22 -< version = 0.4, ---- -> version = 0.5, -26d25 -< metadata_schema = limit_count.metadata_schema, -30,31c29,30 -< function _M.check_schema(conf, schema_type) -< return limit_count.check_schema(conf, schema_type) ---- -> function _M.check_schema(conf) -> return limit_count.check_schema(conf) -40,49d38 -< -< function _M.workflow_handler() -< workflow.register(plugin_name, -< function (conf, ctx) -< return limit_count.rate_limit(conf, ctx, plugin_name, 1) -< end, -< function (conf) -< return limit_count.check_schema(conf) -< end) -< end diff --git a/diffs/diff_limit-req-redis-cluster.lua.diff b/diffs/diff_limit-req-redis-cluster.lua.diff deleted file mode 100644 index a7141669725a..000000000000 --- a/diffs/diff_limit-req-redis-cluster.lua.diff +++ /dev/null @@ -1,51 +0,0 @@ -0a1,19 -> -- -> -- Licensed to the Apache Software Foundation (ASF) under one or more -> -- contributor license agreements. See the NOTICE file distributed with -> -- this work for additional information regarding copyright ownership. -> -- The ASF licenses this file to You under the Apache License, Version 2.0 -> -- (the "License"); you may not use this file except in compliance with -> -- the License. You may obtain a copy of the License at -> -- -> -- http://www.apache.org/licenses/LICENSE-2.0 -> -- -> -- Unless required by applicable law or agreed to in writing, software -> -- distributed under the License is distributed on an "AS IS" BASIS, -> -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -> -- See the License for the specific language governing permissions and -> -- limitations under the License. -> -- -> local redis_cluster = require("apisix.utils.rediscluster") -> local setmetatable = setmetatable -> local util = require("apisix.plugins.limit-req.util") -1a21,50 -> local _M = {version = 0.1} -> -> -> local mt = { -> __index = _M -> } -> -> -> function _M.new(plugin_name, conf, rate, burst) -> local red_cli, err = redis_cluster.new(conf, "plugin-limit-req-redis-cluster-slot-lock") -> if not red_cli then -> return nil, err -> end -> local self = { -> conf = conf, -> plugin_name = plugin_name, -> burst = burst * 1000, -> rate = rate * 1000, -> red_cli = red_cli, -> } -> return setmetatable(self, mt) -> end -> -> -> function _M.incoming(self, key, commit) -> return util.incoming(self, self.red_cli, key, commit) -> end -> -> -> return _M diff --git a/diffs/diff_limit-req-redis.lua.diff b/diffs/diff_limit-req-redis.lua.diff deleted file mode 100644 index c5e1e13d5eee..000000000000 --- a/diffs/diff_limit-req-redis.lua.diff +++ /dev/null @@ -1,55 +0,0 @@ -0a1,19 -> -- -> -- Licensed to the Apache Software Foundation (ASF) under one or more -> -- contributor license agreements. See the NOTICE file distributed with -> -- this work for additional information regarding copyright ownership. -> -- The ASF licenses this file to You under the Apache License, Version 2.0 -> -- (the "License"); you may not use this file except in compliance with -> -- the License. You may obtain a copy of the License at -> -- -> -- http://www.apache.org/licenses/LICENSE-2.0 -> -- -> -- Unless required by applicable law or agreed to in writing, software -> -- distributed under the License is distributed on an "AS IS" BASIS, -> -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -> -- See the License for the specific language governing permissions and -> -- limitations under the License. -> -- -> local redis = require("apisix.utils.redis") -> local setmetatable = setmetatable -> local util = require("apisix.plugins.limit-req.util") -1a21,54 -> local setmetatable = setmetatable -> -> -> local _M = {version = 0.1} -> -> -> local mt = { -> __index = _M -> } -> -> -> function _M.new(plugin_name, conf, rate, burst) -> local self = { -> conf = conf, -> plugin_name = plugin_name, -> burst = burst * 1000, -> rate = rate * 1000, -> } -> return setmetatable(self, mt) -> end -> -> -> function _M.incoming(self, key, commit) -> local conf = self.conf -> local red, err = redis.new(conf) -> if not red then -> return red, err -> end -> -> return util.incoming(self, red, key, commit) -> end -> -> -> return _M diff --git a/diffs/diff_limit-req.lua.diff b/diffs/diff_limit-req.lua.diff deleted file mode 100644 index 5f44ca8f5644..000000000000 --- a/diffs/diff_limit-req.lua.diff +++ /dev/null @@ -1,75 +0,0 @@ -17,19c17,21 -< local limit_req_new = require("resty.limit.req").new -< local core = require("apisix.core") -< local plugin_name = "limit-req" ---- -> local limit_req_new = require("resty.limit.req").new -> local core = require("apisix.core") -> local redis_schema = require("apisix.utils.redis-schema") -> local policy_to_additional_properties = redis_schema.schema -> local plugin_name = "limit-req" -21a24,28 -> local redis_single_new -> local redis_cluster_new -> do -> local redis_src = "apisix.plugins.limit-req.limit-req-redis" -> redis_single_new = require(redis_src).new -22a30,34 -> local cluster_src = "apisix.plugins.limit-req.limit-req-redis-cluster" -> redis_cluster_new = require(cluster_src).new -> end -> -> -26a39 -> -36a50,54 -> policy = { -> type = "string", -> enum = {"redis", "redis-cluster", "local"}, -> default = "local", -> }, -48c66,84 -< required = {"rate", "burst", "key"} ---- -> required = {"rate", "burst", "key"}, -> ["if"] = { -> properties = { -> policy = { -> enum = {"redis"}, -> }, -> }, -> }, -> ["then"] = policy_to_additional_properties.redis, -> ["else"] = { -> ["if"] = { -> properties = { -> policy = { -> enum = {"redis-cluster"}, -> }, -> }, -> }, -> ["then"] = policy_to_additional_properties["redis-cluster"], -> } -54c90 -< priority = 999, ---- -> priority = 1001, -71,72c107,121 -< core.log.info("create new limit-req plugin instance") -< return limit_req_new("plugin-limit-req", conf.rate, conf.burst) ---- -> if conf.policy == "local" then -> core.log.info("create new limit-req plugin instance") -> return limit_req_new("plugin-limit-req", conf.rate, conf.burst) -> -> elseif conf.policy == "redis" then -> core.log.info("create new limit-req redis plugin instance") -> return redis_single_new("plugin-limit-req", conf, conf.rate, conf.burst) -> -> elseif conf.policy == "redis-cluster" then -> core.log.info("create new limit-req redis-cluster plugin instance") -> return redis_cluster_new("plugin-limit-req", conf, conf.rate, conf.burst) -> -> else -> return nil, "policy enum not match" -> end diff --git a/diffs/diff_log-rotate.lua.diff b/diffs/diff_log-rotate.lua.diff deleted file mode 100644 index da70375cc47f..000000000000 --- a/diffs/diff_log-rotate.lua.diff +++ /dev/null @@ -1,83 +0,0 @@ -35d34 -< local str_find = string.find -37c36 -< local str_reverse = string.reverse ---- -> local str_byte = string.byte -38a38 -> local string_rfind = require("pl.stringx").rfind -51a52 -> local SLASH_BYTE = str_byte("/") -77,88d77 -< local function get_last_index(str, key) -< local rev = str_reverse(str) -< local _, idx = str_find(rev, key) -< local n -< if idx then -< n = #rev - idx + 1 -< end -< -< return n -< end -< -< -104d92 -< local root = str_sub(conf_path, 1, 1) -106c94 -< if root ~= "/" then ---- -> if str_byte(conf_path) ~= SLASH_BYTE then -109c97 -< local n = get_last_index(conf_path, "/") ---- -> local n = string_rfind(conf_path, "/") -129c117 -< local log_dir, _ = get_log_path_info(log_file_name) ---- -> local log_dir, log_name = get_log_path_info(log_file_name) -131c119 -< local compression_log_type = log_file_name .. COMPRESSION_FILE_SUFFIX ---- -> local compression_log_type = log_name .. COMPRESSION_FILE_SUFFIX -133c121 -< local n = get_last_index(file, "__") ---- -> local n = string_rfind(file, "__") -136c124 -< if log_type == log_file_name or log_type == compression_log_type then ---- -> if log_type == log_name or log_type == compression_log_type then -171c159 -< local function compression_file(new_file) ---- -> local function compression_file(new_file, timeout) -177c165 -< local n = get_last_index(new_file, "/") ---- -> local n = string_rfind(new_file, "/") -185c173 -< local ok, stdout, stderr, reason, status = shell.run(cmd) ---- -> local ok, stdout, stderr, reason, status = shell.run(cmd, nil, timeout, nil) -220c208 -< local function rotate_file(files, now_time, max_kept) ---- -> local function rotate_file(files, now_time, max_kept, timeout) -251c239 -< compression_file(new_file) ---- -> compression_file(new_file, timeout) -273a262 -> local timeout = 10000 -- default timeout 10 seconds -277a267 -> timeout = attr.timeout or timeout -283a274 -> core.log.info("rotate timeout:", timeout) -303c294 -< rotate_file(files, now_time, max_kept) ---- -> rotate_file(files, now_time, max_kept, timeout) -321c312 -< rotate_file(files, now_time, max_kept) ---- -> rotate_file(files, now_time, max_kept, timeout) diff --git a/diffs/diff_memory.lua.diff b/diffs/diff_memory.lua.diff deleted file mode 100644 index ca08538b0931..000000000000 --- a/diffs/diff_memory.lua.diff +++ /dev/null @@ -1,22 +0,0 @@ -34a35,38 -> if self.dict == nil then -> return nil, "invalid cache_zone provided" -> end -> -45a50,53 -> if self.dict == nil then -> return nil, "invalid cache_zone provided" -> end -> -47c55 -< local res_json, err = self.dict:get(key) ---- -> local res_json, err, stale = self.dict:get_stale(key) -54a63,65 -> if stale then -> return nil, "expired" -> end -65a77,79 -> if self.dict == nil then -> return nil, "invalid cache_zone provided" -> end diff --git a/diffs/diff_memory_handler.lua.diff b/diffs/diff_memory_handler.lua.diff deleted file mode 100644 index ab683ed0a8bb..000000000000 --- a/diffs/diff_memory_handler.lua.diff +++ /dev/null @@ -1,17 +0,0 @@ -216,217c216,220 -< core.response.set_header("Apisix-Cache-Status", "MISS") -< if err ~= "not found" then ---- -> if err == "expired" then -> core.response.set_header("Apisix-Cache-Status", "EXPIRED") -> -> elseif err ~= "not found" then -> core.response.set_header("Apisix-Cache-Status", "MISS") -218a222 -> -219a224 -> core.response.set_header("Apisix-Cache-Status", "MISS") -220a226,228 -> -> else -> core.response.set_header("Apisix-Cache-Status", "MISS") diff --git a/diffs/diff_mocking.lua.diff b/diffs/diff_mocking.lua.diff deleted file mode 100644 index 68bb395a64e4..000000000000 --- a/diffs/diff_mocking.lua.diff +++ /dev/null @@ -1,2 +0,0 @@ -231a232 -> value = core.utils.resolve_var(value, ctx.var) diff --git a/diffs/diff_multi-auth.lua.diff b/diffs/diff_multi-auth.lua.diff deleted file mode 100644 index a4592b231787..000000000000 --- a/diffs/diff_multi-auth.lua.diff +++ /dev/null @@ -1,51 +0,0 @@ -20,22d19 -< local type = type -< local ipairs = ipairs -< local plugin = require("apisix.plugin") -53c50 -< local auth = plugin.get(auth_plugin_name) ---- -> local auth = require("apisix.plugins." .. auth_plugin_name) -55a53,60 -> else -> if auth.type ~= 'auth' then -> return false, auth_plugin_name .. " plugin is not supported" -> end -> local ok, err = auth.check_schema(auth_plugin_conf, auth.schema) -> if not ok then -> return false, "plugin " .. auth_plugin_name .. " check schema failed: " .. err -> end -57,64d61 -< if auth.type ~= 'auth' then -< return false, auth_plugin_name .. " plugin is not supported" -< end -< local ok, err = auth.check_schema(auth_plugin_conf) -< if not ok then -< return false, "multi-auth plugin failed to check the configuration of plugin " -< .. auth_plugin_name .. " err: " .. err -< end -74d70 -< local errors = {} -77c73 -< local auth = plugin.get(auth_plugin_name) ---- -> local auth = require("apisix.plugins." .. auth_plugin_name) -79,83c75 -< local auth_code, err = auth.rewrite(auth_plugin_conf, ctx) -< if type(err) == "table" then -< err = err.message -- compat -< end -< ---- -> local auth_code = auth.rewrite(auth_plugin_conf, ctx) -89,91c81,82 -< core.table.insert(errors, auth_plugin_name .. -< " failed to authenticate the request, code: " -< .. auth_code .. ". error: " .. err) ---- -> core.log.debug(auth_plugin_name .. " failed to authenticate the request, code: " -> .. auth_code) -98,100d88 -< for _, error in ipairs(errors) do -< core.log.warn(error) -< end diff --git a/diffs/diff_node-status.lua.diff b/diffs/diff_node-status.lua.diff deleted file mode 100644 index b60e618f2adc..000000000000 --- a/diffs/diff_node-status.lua.diff +++ /dev/null @@ -1,4 +0,0 @@ -33c33 -< priority = 998, ---- -> priority = 1000, diff --git a/diffs/diff_ocsp-stapling.lua.diff b/diffs/diff_ocsp-stapling.lua.diff deleted file mode 100644 index 09595021e34e..000000000000 --- a/diffs/diff_ocsp-stapling.lua.diff +++ /dev/null @@ -1,221 +0,0 @@ -0a1,18 -> -- -> -- Licensed to the Apache Software Foundation (ASF) under one -> -- or more contributor license agreements. See the NOTICE file -> -- distributed with this work for additional information -> -- regarding copyright ownership. The ASF licenses this file -> -- to you under the Apache License, Version 2.0 (the -> -- "License"); you may not use this file except in compliance -> -- with the License. You may obtain a copy of the License at -> -- -> -- http://www.apache.org/licenses/LICENSE-2.0 -> -- -> -- Unless required by applicable law or agreed to in writing, -> -- software distributed under the License is distributed on an -> -- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -> -- KIND, either express or implied. See the License for the -> -- specific language governing permissions and limitations -> -- under the License. -> -- -1a20,220 -> local require = require -> local http = require("resty.http") -> local ngx = ngx -> local ngx_ocsp = require("ngx.ocsp") -> local ngx_ssl = require("ngx.ssl") -> local radixtree_sni = require("apisix.ssl.router.radixtree_sni") -> local core = require("apisix.core") -> -> local plugin_name = "ocsp-stapling" -> local ocsp_resp_cache = ngx.shared[plugin_name] -> -> local plugin_schema = { -> type = "object", -> properties = {}, -> } -> -> local _M = { -> name = plugin_name, -> schema = plugin_schema, -> version = 0.1, -> priority = -44, -> } -> -> -> function _M.check_schema(conf) -> return core.schema.check(plugin_schema, conf) -> end -> -> -> local function fetch_ocsp_resp(der_cert_chain) -> core.log.info("fetch ocsp response from remote") -> local ocsp_url, err = ngx_ocsp.get_ocsp_responder_from_der_chain(der_cert_chain) -> -> if not ocsp_url then -> -- if cert not support ocsp, the report error is nil -> if not err then -> err = "cert not contains authority_information_access extension" -> end -> return nil, "failed to get ocsp url: " .. err -> end -> -> local ocsp_req, err = ngx_ocsp.create_ocsp_request(der_cert_chain) -> if not ocsp_req then -> return nil, "failed to create ocsp request: " .. err -> end -> -> local httpc = http.new() -> local res, err = httpc:request_uri(ocsp_url, { -> method = "POST", -> headers = { -> ["Content-Type"] = "application/ocsp-request", -> }, -> body = ocsp_req -> }) -> -> if not res then -> return nil, "ocsp responder query failed: " .. err -> end -> -> local http_status = res.status -> if http_status ~= 200 then -> return nil, "ocsp responder returns bad http status code: " -> .. http_status -> end -> -> if res.body and #res.body > 0 then -> return res.body, nil -> end -> -> return nil, "ocsp responder returns empty body" -> end -> -> -> local function set_ocsp_resp(full_chain_pem_cert, skip_verify, cache_ttl) -> local der_cert_chain, err = ngx_ssl.cert_pem_to_der(full_chain_pem_cert) -> if not der_cert_chain then -> return false, "failed to convert certificate chain from PEM to DER: ", err -> end -> -> local ocsp_resp = ocsp_resp_cache:get(der_cert_chain) -> if ocsp_resp == nil then -> core.log.info("not ocsp resp cache found, fetch from ocsp responder") -> ocsp_resp, err = fetch_ocsp_resp(der_cert_chain) -> if ocsp_resp == nil then -> return false, err -> end -> core.log.info("fetch ocsp resp ok, cache it") -> ocsp_resp_cache:set(der_cert_chain, ocsp_resp, cache_ttl) -> end -> -> if not skip_verify then -> local ok, err = ngx_ocsp.validate_ocsp_response(ocsp_resp, der_cert_chain) -> if not ok then -> return false, "failed to validate ocsp response: " .. err -> end -> end -> -> -- set the OCSP stapling -> local ok, err = ngx_ocsp.set_ocsp_status_resp(ocsp_resp) -> if not ok then -> return false, "failed to set ocsp status response: " .. err -> end -> -> return true -> end -> -> -> local original_set_cert_and_key -> local function set_cert_and_key(sni, value) -> if value.gm then -> -- should not run with gm plugin -> core.log.warn("gm plugin enabled, no need to run ocsp-stapling plugin") -> return original_set_cert_and_key(sni, value) -> end -> -> if not value.ocsp_stapling then -> core.log.info("no 'ocsp_stapling' field found, no need to run ocsp-stapling plugin") -> return original_set_cert_and_key(sni, value) -> end -> -> if not value.ocsp_stapling.enabled then -> return original_set_cert_and_key(sni, value) -> end -> -> if not ngx.ctx.tls_ext_status_req then -> core.log.info("no status request required, no need to send ocsp response") -> return original_set_cert_and_key(sni, value) -> end -> -> local ok, err = radixtree_sni.set_pem_ssl_key(sni, value.cert, value.key) -> if not ok then -> return false, err -> end -> local fin_pem_cert = value.cert -> -> -- multiple certificates support. -> if value.certs then -> for i = 1, #value.certs do -> local cert = value.certs[i] -> local key = value.keys[i] -> ok, err = radixtree_sni.set_pem_ssl_key(sni, cert, key) -> if not ok then -> return false, err -> end -> fin_pem_cert = cert -> end -> end -> -> local ok, err = set_ocsp_resp(fin_pem_cert, -> value.ocsp_stapling.skip_verify, -> value.ocsp_stapling.cache_ttl) -> if not ok then -> core.log.error("no ocsp response send: ", err) -> end -> -> return true -> end -> -> -> function _M.init() -> if core.schema.ssl.properties.gm ~= nil then -> core.log.error("ocsp-stapling plugin should not run with gm plugin") -> end -> -> original_set_cert_and_key = radixtree_sni.set_cert_and_key -> radixtree_sni.set_cert_and_key = set_cert_and_key -> -> if core.schema.ssl.properties.ocsp_stapling ~= nil then -> core.log.error("Field 'ocsp_stapling' is occupied") -> end -> -> core.schema.ssl.properties.ocsp_stapling = { -> type = "object", -> properties = { -> enabled = { -> type = "boolean", -> default = false, -> }, -> skip_verify = { -> type = "boolean", -> default = false, -> }, -> cache_ttl = { -> type = "integer", -> minimum = 60, -> default = 3600, -> }, -> } -> } -> -> end -> -> -> function _M.destroy() -> radixtree_sni.set_cert_and_key = original_set_cert_and_key -> core.schema.ssl.properties.ocsp_stapling = nil -> ocsp_resp_cache:flush_all() -> end -> -> -> return _M diff --git a/diffs/diff_opa.lua.diff b/diffs/diff_opa.lua.diff deleted file mode 100644 index 187dda04c6de..000000000000 --- a/diffs/diff_opa.lua.diff +++ /dev/null @@ -1,2 +0,0 @@ -71d70 -< diff --git a/diffs/diff_openai.lua.diff b/diffs/diff_openai.lua.diff deleted file mode 100644 index 5ad11ad7790c..000000000000 --- a/diffs/diff_openai.lua.diff +++ /dev/null @@ -1,34 +0,0 @@ -24d23 -< local type = type -46,48c45,47 -< scheme = parsed_url and parsed_url.scheme or "https", -< host = parsed_url and parsed_url.host or DEFAULT_HOST, -< port = parsed_url and parsed_url.port or DEFAULT_PORT, ---- -> scheme = parsed_url.scheme or "https", -> host = parsed_url.host or DEFAULT_HOST, -> port = parsed_url.port or DEFAULT_PORT, -50c49 -< ssl_server_name = parsed_url and parsed_url.host or DEFAULT_HOST, ---- -> ssl_server_name = parsed_url.host or DEFAULT_HOST, -58c57 -< local query_params = conf.auth.query or {} ---- -> local path = (parsed_url.path or DEFAULT_PATH) -60,68d58 -< if type(parsed_url) == "table" and parsed_url.query and #parsed_url.query > 0 then -< local args_tab = core.string.decode_args(parsed_url.query) -< if type(args_tab) == "table" then -< core.table.merge(query_params, args_tab) -< end -< end -< -< local path = (endpoint and parsed_url.path or DEFAULT_PATH) -< -77c67 -< query = query_params ---- -> query = conf.auth.query -87d76 -< httpc:set_timeout(30000) diff --git a/diffs/diff_openid-connect.lua.diff b/diffs/diff_openid-connect.lua.diff deleted file mode 100644 index 67f1e8c2cdfe..000000000000 --- a/diffs/diff_openid-connect.lua.diff +++ /dev/null @@ -1,107 +0,0 @@ -26d25 -< local auth_utils = require("apisix.utils.auth") -59a59,62 -> token_endpoint_auth_method = { -> type = "string", -> default = "client_secret_basic" -> }, -80c83 -< }, ---- -> } -95c98 -< description = "use ngx.var.request_uri if not configured" ---- -> description = "auto append '.apisix/redirect' to ngx.var.uri if not configured" -200,201c203 -< type = "integer", -< default = 900 ---- -> type = "integer" -276,280c278 -< }, -< token_endpoint_auth_method = { -< type = "string", -< default = "client_secret_basic" -< }, ---- -> } -282c280 -< encrypt_fields = {"client_secret"}, ---- -> encrypt_fields = {"client_secret", "client_rsa_private_key"}, -290d287 -< type = 'auth', -457d453 -< -467d462 -< -478d472 -< -487a482,483 -> local path = ctx.var.request_uri -> -489c485,500 -< conf.redirect_uri = ctx.var.request_uri ---- -> -- NOTE: 'lua-resty-openidc' requires that 'redirect_uri' be -> -- different from 'uri'. So default to append the -> -- '.apisix/redirect' suffix if not configured. -> local suffix = "/.apisix/redirect" -> local uri = ctx.var.uri -> if core.string.has_suffix(uri, suffix) then -> -- This is the redirection response from the OIDC provider. -> conf.redirect_uri = uri -> else -> if string.sub(uri, -1, -1) == "/" then -> conf.redirect_uri = string.sub(uri, 1, -2) .. suffix -> else -> conf.redirect_uri = uri .. suffix -> end -> end -> core.log.debug("auto set redirect_uri: ", conf.redirect_uri) -496a508,520 -> if path == (conf.logout_path or "/logout") then -> local discovery, discovery_err = openidc.get_discovery_doc(conf) -> if discovery_err then -> core.log.error("OIDC access discovery url failed : ", discovery_err) -> return 503 -> end -> if conf.post_logout_redirect_uri and not discovery.end_session_endpoint then -> -- If the end_session_endpoint field does not exist in the OpenID Provider Discovery -> -- Metadata, the redirect_after_logout_uri field is used for redirection. -> conf.redirect_after_logout_uri = conf.post_logout_redirect_uri -> end -> end -> -499c523 -< if conf.bearer_only or conf.introspection_endpoint or conf.public_key then ---- -> if conf.bearer_only or conf.introspection_endpoint or conf.public_key or conf.use_jwks then -508d531 -< err = "OIDC introspection failed: " .. err -510,513c533 -< if auth_utils.is_running_under_multi_auth(ctx) then -< return response, err -< end -< core.log.error(err) ---- -> core.log.error("OIDC introspection failed: ", err) -539,540d558 -< -< ctx.external_user = userinfo -560a579,581 -> if session then -> session:close() -> end -567,571c588 -< err = "OIDC authentication failed: " .. err -< if auth_utils.is_running_under_multi_auth(ctx) then -< return 500, err -< end -< core.log.error(err) ---- -> core.log.error("OIDC authentication failed: ", err) -600,601d616 -< -< ctx.external_user = response.user diff --git a/diffs/diff_opentelemetry.lua.diff b/diffs/diff_opentelemetry.lua.diff deleted file mode 100644 index d4ea5f115d8e..000000000000 --- a/diffs/diff_opentelemetry.lua.diff +++ /dev/null @@ -1,123 +0,0 @@ -58c58 -< local metadata_schema = { ---- -> local attr_schema = { -70,72c70 -< additionalProperties = { -< one_of = {{type = "boolean"},{type = "number"}, {type = "string"}}, -< }, ---- -> additionalProperties = {{type = "boolean"}, {type = "number"}, {type = "string"}}, -119,121c117,119 -< type = "boolean", -< description = "set nginx variables", -< default = false, ---- -> type = "boolean", -> description = "set nginx variables", -> default = false, -197c195 -< metadata_schema = metadata_schema, ---- -> attr_schema = attr_schema, -201,206c199 -< function _M.check_schema(conf, schema_type) -< if schema_type == core.schema.TYPE_METADATA then -< local check = {"collector.address"} -< core.utils.check_https(check, conf, plugin_name) -< return core.schema.check(metadata_schema, conf) -< end ---- -> function _M.check_schema(conf) -212a206 -> local plugin_info -227c221,229 -< end ---- -> plugin_info = plugin.plugin_attr(plugin_name) or {} -> local check = {"collector.address"} -> core.utils.check_https(check, plugin_info, plugin_name) -> local ok, err = core.schema.check(attr_schema, plugin_info) -> if not ok then -> core.log.error("failed to check the plugin_attr[", plugin_name, "]", -> ": ", err) -> return -> end -229,230d230 -< -< local function create_tracer_obj(conf, plugin_info) -236a237,240 -> end -> -> -> local function create_tracer_obj(conf) -309,314c313 -< local metadata = plugin.plugin_metadata(plugin_name) -< if metadata == nil then -< core.log.warn("plugin_metadata is required for opentelemetry plugin to working properly") -< return -< end -< core.log.info("metadata: ", core.json.delay_encode(metadata)) ---- -> local vars = api_ctx.var -316,317c315 -< local tracer, err = core.lrucache.plugin_ctx(lrucache, api_ctx, metadata.modifiedIndex, -< create_tracer_obj, conf, metadata.value) ---- -> local tracer, err = core.lrucache.plugin_ctx(lrucache, api_ctx, nil, create_tracer_obj, conf) -323,324c321,322 -< -- extract trace context from the headers of downstream HTTP request -< local upstream_context = trace_context_propagator:extract(context, ngx.req) ---- -> local span_name = vars.method -> -326,327c324,328 -< attr.string("service", api_ctx.service_name), -< attr.string("route", api_ctx.route_name), ---- -> attr.string("net.host.name", vars.host), -> attr.string("http.method", vars.method), -> attr.string("http.scheme", vars.scheme), -> attr.string("http.target", vars.request_uri), -> attr.string("http.user_agent", vars.http_user_agent), -329a331,342 -> if api_ctx.curr_req_matched then -> table.insert(attributes, attr.string("apisix.route_id", api_ctx.route_id)) -> table.insert(attributes, attr.string("apisix.route_name", api_ctx.route_name)) -> table.insert(attributes, attr.string("http.route", api_ctx.curr_req_matched._path)) -> span_name = span_name .. " " .. api_ctx.curr_req_matched._path -> end -> -> if api_ctx.service_id then -> table.insert(attributes, attr.string("apisix.service_id", api_ctx.service_id)) -> table.insert(attributes, attr.string("apisix.service_name", api_ctx.service_name)) -> end -> -343c356,359 -< local ctx = tracer:start(upstream_context, api_ctx.var.request_uri, { ---- -> -- extract trace context from the headers of downstream HTTP request -> local upstream_context = trace_context_propagator:extract(context, ngx.req) -> -> local ctx = tracer:start(upstream_context, span_name, { -348,355c364,371 -< if metadata.value.set_ngx_var then -< local span_context = ctx:span():context() -< ngx_var.opentelemetry_context_traceparent = string_format("00-%s-%s-%02x", -< span_context.trace_id, -< span_context.span_id, -< span_context.trace_flags) -< ngx_var.opentelemetry_trace_id = span_context.trace_id -< ngx_var.opentelemetry_span_id = span_context.span_id ---- -> if plugin_info.set_ngx_var then -> local span_context = ctx:span():context() -> ngx_var.opentelemetry_context_traceparent = string_format("00-%s-%s-%02x", -> span_context.trace_id, -> span_context.span_id, -> span_context.trace_flags) -> ngx_var.opentelemetry_trace_id = span_context.trace_id -> ngx_var.opentelemetry_span_id = span_context.span_id -377a394,395 -> -> span:set_attributes(attr.int("http.status_code", upstream_status)) diff --git a/diffs/diff_openwhisk.lua.diff b/diffs/diff_openwhisk.lua.diff deleted file mode 100644 index 4d15958013b7..000000000000 --- a/diffs/diff_openwhisk.lua.diff +++ /dev/null @@ -1,4 +0,0 @@ -52c52 -< required = {"api_host", "service_token", "namespace", "action"}, ---- -> required = {"api_host", "service_token", "namespace", "action"}, diff --git a/diffs/diff_proxy-control.lua.diff b/diffs/diff_proxy-control.lua.diff deleted file mode 100644 index 1489d1bea091..000000000000 --- a/diffs/diff_proxy-control.lua.diff +++ /dev/null @@ -1,4 +0,0 @@ -50c50 -< core.log.error("need to build APISIX-Base to support proxy control") ---- -> core.log.error("need to build APISIX-Runtime to support proxy control") diff --git a/diffs/diff_proxy-mirror.lua.diff b/diffs/diff_proxy-mirror.lua.diff deleted file mode 100644 index e4416d3832c4..000000000000 --- a/diffs/diff_proxy-mirror.lua.diff +++ /dev/null @@ -1,26 +0,0 @@ -30c30 -< pattern = [=[^http(s)?:\/\/([\da-zA-Z.-]+|\[[\da-fA-F:]+\])(:\d+)?$]=], ---- -> pattern = [=[^(http(s)?|grpc(s)?):\/\/([\da-zA-Z.-]+|\[[\da-fA-F:]+\])(:\d+)?$]=], -79c79 -< return prop_host ---- -> return url_decoded.scheme, prop_host -85c85 -< return host ---- -> return url_decoded.scheme, host -87c87 -< return prop_host ---- -> return url_decoded.scheme, prop_host -104c104,106 -< ctx.var.upstream_mirror_uri = resolver_host(conf.host) .. uri ---- -> local _, mirror_host = resolver_host(conf.host) -> ctx.var.upstream_mirror_host = mirror_host -> ctx.var.upstream_mirror_uri = mirror_host .. uri -116a119 -> ctx.enable_mirror = true -122a126 -> ctx.enable_mirror = true diff --git a/diffs/diff_proxy-rewrite.lua.diff b/diffs/diff_proxy-rewrite.lua.diff deleted file mode 100644 index 2a3617e7ff13..000000000000 --- a/diffs/diff_proxy-rewrite.lua.diff +++ /dev/null @@ -1,105 +0,0 @@ -23a24,25 -> local re_match = ngx.re.match -> local req_set_uri = ngx.req.set_uri -43a46,49 -> core.ctx.register_var("proxy_rewrite_regex_uri_captures", function(ctx) -> return ctx.proxy_rewrite_regex_uri_captures -> end) -> -63d68 -< maxItems = 2, -189,193c194,195 -< local _, _, err = re_sub("/fake_uri", conf.regex_uri[1], -< conf.regex_uri[2], "jo") -< if err then -< return false, "invalid regex_uri(" .. conf.regex_uri[1] .. -< ", " .. conf.regex_uri[2] .. "): " .. err ---- -> if (#conf.regex_uri % 2 ~= 0) then -> return false, "The length of regex_uri should be an even number" -194a197,204 -> for i = 1, #conf.regex_uri, 2 do -> local _, _, err = re_sub("/fake_uri", conf.regex_uri[i], -> conf.regex_uri[i + 1], "jo") -> if err then -> return false, "invalid regex_uri(" .. conf.regex_uri[i] .. -> ", " .. conf.regex_uri[i + 1] .. "): " .. err -> end -> end -259a270 -> -271c282,284 -< elseif conf.uri ~= nil then ---- -> end -> -> if conf.uri ~= nil then -273a287 -> -279,288c293,316 -< local uri, _, err = re_sub(upstream_uri, conf.regex_uri[1], -< conf.regex_uri[2], "jo") -< if uri then -< upstream_uri = uri -< else -< local msg = "failed to substitute the uri " .. ctx.var.uri .. -< " (" .. conf.regex_uri[1] .. ") with " .. -< conf.regex_uri[2] .. " : " .. err -< core.log.error(msg) -< return 500, {message = msg} ---- -> local error_msg -> for i = 1, #conf.regex_uri, 2 do -> local captures, err = re_match(upstream_uri, conf.regex_uri[i], "jo") -> if err then -> error_msg = "failed to match the uri " .. ctx.var.uri .. -> " (" .. conf.regex_uri[i] .. ") " .. " : " .. err -> break -> end -> -> if captures then -> ctx.proxy_rewrite_regex_uri_captures = captures -> -> local uri, _, err = re_sub(upstream_uri, -> conf.regex_uri[i], conf.regex_uri[i + 1], "jo") -> if uri then -> upstream_uri = uri -> else -> error_msg = "failed to substitute the uri " .. ngx.var.uri .. -> " (" .. conf.regex_uri[i] .. ") with " .. -> conf.regex_uri[i + 1] .. " : " .. err -> end -> -> break -> end -289a318,322 -> -> if error_msg ~= nil then -> core.log.error(error_msg) -> return 500, { error_msg = error_msg } -> end -306a340,341 -> req_set_uri(upstream_uri) -> -315a351,352 -> else -> ctx.var.upstream_uri = upstream_uri -328,330c365,372 -< local val = core.utils.resolve_var(hdr_op.add[i + 1], ctx.var) -< local header = hdr_op.add[i] -< core.request.add_header(ctx, header, val) ---- -> local val = core.utils.resolve_var_with_captures(hdr_op.add[i + 1], -> ctx.proxy_rewrite_regex_uri_captures) -> val = core.utils.resolve_var(val, ctx.var) -> -- A nil or empty table value will cause add_header function to throw an error. -> if val then -> local header = hdr_op.add[i] -> core.request.add_header(ctx, header, val) -> end -335c377,379 -< local val = core.utils.resolve_var(hdr_op.set[i + 1], ctx.var) ---- -> local val = core.utils.resolve_var_with_captures(hdr_op.set[i + 1], -> ctx.proxy_rewrite_regex_uri_captures) -> val = core.utils.resolve_var(val, ctx.var) diff --git a/diffs/diff_real-ip.lua.diff b/diffs/diff_real-ip.lua.diff deleted file mode 100644 index a812e4880ed7..000000000000 --- a/diffs/diff_real-ip.lua.diff +++ /dev/null @@ -1,8 +0,0 @@ -93c93 -< -- after core.request.header function changed, ---- -> -- after core.request.header function changed -136c136 -< core.log.error("need to build APISIX-Base to support setting real ip") ---- -> core.log.error("need to build APISIX-Runtime to support setting real ip") diff --git a/diffs/diff_request-id.lua.diff b/diffs/diff_request-id.lua.diff deleted file mode 100644 index 35da522ab743..000000000000 --- a/diffs/diff_request-id.lua.diff +++ /dev/null @@ -1,206 +0,0 @@ -19d18 -< local bit = require("bit") -21d19 -< local snowflake = require("snowflake") -24,29d21 -< local process = require("ngx.process") -< local timers = require("apisix.timers") -< local tostring = tostring -< local math_pow = math.pow -< local math_ceil = math.ceil -< local math_floor = math.floor -36,40d27 -< local data_machine = nil -< local snowflake_inited = nil -< -< local attr = nil -< -48c35 -< enum = {"uuid", "snowflake", "nanoid", "range_id"}, ---- -> enum = {"uuid", "nanoid", "range_id"}, -65c52,53 -< } ---- -> }, -> default = {} -70,87d57 -< local attr_schema = { -< type = "object", -< properties = { -< snowflake = { -< type = "object", -< properties = { -< enable = {type = "boolean", default = false}, -< snowflake_epoc = {type = "integer", minimum = 1, default = 1609459200000}, -< data_machine_bits = {type = "integer", minimum = 1, maximum = 31, default = 12}, -< sequence_bits = {type = "integer", minimum = 1, default = 10}, -< delta_offset = {type = "integer", default = 1, enum = {1, 10, 100, 1000}}, -< data_machine_ttl = {type = "integer", minimum = 1, default = 30}, -< data_machine_interval = {type = "integer", minimum = 1, default = 10} -< } -< } -< } -< } -< -95d64 -< -100,227d68 -< -< -- Generates the current process data machine -< local function gen_data_machine(max_number) -< if data_machine == nil then -< local etcd_cli, prefix = core.etcd.new() -< local prefix = prefix .. "/plugins/request-id/snowflake/" -< local uuid = uuid.generate_v4() -< local id = 1 -< ::continue:: -< while (id <= max_number) do -< local res, err = etcd_cli:grant(attr.snowflake.data_machine_ttl) -< if err then -< id = id + 1 -< core.log.error("Etcd grant failure, err: ".. err) -< goto continue -< end -< -< local _, err1 = etcd_cli:setnx(prefix .. tostring(id), uuid) -< local res2, err2 = etcd_cli:get(prefix .. tostring(id)) -< -< if err1 or err2 or res2.body.kvs[1].value ~= uuid then -< core.log.notice("data_machine " .. id .. " is not available") -< id = id + 1 -< else -< data_machine = id -< -< local _, err3 = -< etcd_cli:set( -< prefix .. tostring(id), -< uuid, -< { -< prev_kv = true, -< lease = res.body.ID -< } -< ) -< -< if err3 then -< id = id + 1 -< etcd_cli:delete(prefix .. tostring(id)) -< core.log.error("set data_machine " .. id .. " lease error: " .. err3) -< goto continue -< end -< -< local lease_id = res.body.ID -< local start_at = ngx.time() -< local handler = function() -< local now = ngx.time() -< if now - start_at < attr.snowflake.data_machine_interval then -< return -< end -< -< local _, err4 = etcd_cli:keepalive(lease_id) -< if err4 then -< snowflake_inited = nil -< data_machine = nil -< timers.unregister_timer("plugin#request-id") -< core.log.error("snowflake data_machine: " .. id .." lease failed.") -< end -< start_at = now -< core.log.info("snowflake data_machine: " .. id .." lease success.") -< end -< -< timers.register_timer("plugin#request-id", handler) -< core.log.info( -< "timer created to lease snowflake algorithm data_machine, interval: ", -< attr.snowflake.data_machine_interval) -< core.log.notice("lease snowflake data_machine: " .. id) -< break -< end -< end -< -< if data_machine == nil then -< core.log.error("No data_machine is not available") -< return nil -< end -< end -< return data_machine -< end -< -< -< -- Split 'Data Machine' into 'Worker ID' and 'datacenter ID' -< local function split_data_machine(data_machine, node_id_bits, datacenter_id_bits) -< local num = bit.tobit(data_machine) -< local worker_id = bit.band(num, math_pow(2, node_id_bits) - 1) -< num = bit.rshift(num, node_id_bits) -< local datacenter_id = bit.band(num, math_pow(2, datacenter_id_bits) - 1) -< return worker_id, datacenter_id -< end -< -< -< -- Initialize the snowflake algorithm -< local function snowflake_init() -< if snowflake_inited == nil then -< local max_number = math_pow(2, (attr.snowflake.data_machine_bits)) -< local datacenter_id_bits = math_floor(attr.snowflake.data_machine_bits / 2) -< local node_id_bits = math_ceil(attr.snowflake.data_machine_bits / 2) -< data_machine = gen_data_machine(max_number) -< if data_machine == nil then -< return "" -< end -< -< local worker_id, datacenter_id = split_data_machine(data_machine, -< node_id_bits, datacenter_id_bits) -< -< core.log.info("snowflake init datacenter_id: " .. -< datacenter_id .. " worker_id: " .. worker_id) -< snowflake.init( -< datacenter_id, -< worker_id, -< attr.snowflake.snowflake_epoc, -< node_id_bits, -< datacenter_id_bits, -< attr.snowflake.sequence_bits, -< attr.delta_offset -< ) -< snowflake_inited = true -< end -< end -< -< -< -- generate snowflake id -< local function next_id() -< if snowflake_inited == nil then -< snowflake_init() -< end -< return snowflake:next_id() -< end -< -249c90 -< return next_id() ---- -> return uuid() -266,268d106 -< if ctx.var.apisix_request_id then -< ctx.var.apisix_request_id = uuid_val -< end -279,299d116 -< end -< end -< -< function _M.init() -< local local_conf = core.config.local_conf() -< attr = core.table.try_read_attr(local_conf, "plugin_attr", plugin_name) -< local ok, err = core.schema.check(attr_schema, attr) -< if not ok then -< core.log.error("failed to check the plugin_attr[", plugin_name, "]", ": ", err) -< return -< end -< if attr.snowflake.enable then -< if process.type() == "worker" then -< ngx.timer.at(0, snowflake_init) -< end -< end -< end -< -< function _M.destroy() -< if snowflake_inited then -< timers.unregister_timer("plugin#request-id") diff --git a/diffs/diff_response-rewrite.lua.diff b/diffs/diff_response-rewrite.lua.diff deleted file mode 100644 index 8c3b4a467a5a..000000000000 --- a/diffs/diff_response-rewrite.lua.diff +++ /dev/null @@ -1,24 +0,0 @@ -21a22 -> local ngx_header = ngx.header -28a30 -> local content_decode = require("apisix.utils.content-decode") -262a265,279 -> if ctx.response_encoding ~= nil then -> local decoder = content_decode.dispatch_decoder(ctx.response_encoding) -> if not decoder then -> core.log.error("filters may not work as expected ", -> "due to unsupported compression encoding type: ", -> ctx.response_encoding) -> return -> end -> body, err = decoder(body) -> if err ~= nil then -> core.log.error("filters may not work as expected: ", err) -> return -> end -> end -> -335a353 -> local response_encoding = ngx_header["Content-Encoding"] -336a355 -> ctx.response_encoding = response_encoding diff --git a/diffs/diff_skywalking-logger.lua.diff b/diffs/diff_skywalking-logger.lua.diff deleted file mode 100644 index 0b58298e7302..000000000000 --- a/diffs/diff_skywalking-logger.lua.diff +++ /dev/null @@ -1,4 +0,0 @@ -87d86 -< -161d159 -< diff --git a/diffs/diff_skywalking.lua.diff b/diffs/diff_skywalking.lua.diff deleted file mode 100644 index ac0a971ad31f..000000000000 --- a/diffs/diff_skywalking.lua.diff +++ /dev/null @@ -1,57 +0,0 @@ -76d75 -< -105d103 -< local started_skywalking_reporter = false -107,108c105,107 -< if not ctx.skywalking_sample then -< return ---- -> if ctx.skywalking_sample then -> sw_tracer:prepareForReport() -> core.log.info("tracer prepare for report") -110,124d108 -< -< if not started_skywalking_reporter then -< started_skywalking_reporter = true -< -< local sk_cli = require("skywalking.client") -< -< local plugin_info = _M.plugin_info -< if plugin_info.report_interval then -< sk_cli.backendTimerDelay = plugin_info.report_interval -< end -< sk_cli:startBackendTimer(plugin_info.endpoint_addr) -< end -< -< sw_tracer:prepareForReport() -< core.log.info("tracer prepare for report") -131a116 -> -144a130,131 -> local metadata_shdict = ngx.shared.tracing_buffer -> -149,152d135 -< _M.plugin_info = local_plugin_info -< -< local metadata_shdict = ngx.shared.tracing_buffer -< -154a138,144 -> -> local sk_cli = require("skywalking.client") -> if local_plugin_info.report_interval then -> sk_cli.backendTimerDelay = local_plugin_info.report_interval -> end -> -> sk_cli:startBackendTimer(local_plugin_info.endpoint_addr) -155a146,156 -> -> -> function _M.destroy() -> if process.type() ~= "worker" then -> return -> end -> -> local sk_cli = require("skywalking.client") -> sk_cli:destroyBackendTimer() -> end -> diff --git a/diffs/diff_sls-logger.lua.diff b/diffs/diff_sls-logger.lua.diff deleted file mode 100644 index f8768a78afb7..000000000000 --- a/diffs/diff_sls-logger.lua.diff +++ /dev/null @@ -1,10 +0,0 @@ -82,85c82,85 -< if schema_type == core.schema.TYPE_METADATA then -< return core.schema.check(metadata_schema, conf) -< end -< return core.schema.check(schema, conf) ---- -> if schema_type == core.schema.TYPE_METADATA then -> return core.schema.check(metadata_schema, conf) -> end -> return core.schema.check(schema, conf) diff --git a/diffs/diff_traffic-split.lua.diff b/diffs/diff_traffic-split.lua.diff deleted file mode 100644 index 432b330a7a62..000000000000 --- a/diffs/diff_traffic-split.lua.diff +++ /dev/null @@ -1,23 +0,0 @@ -175a176 -> scheme = upstream_info.scheme -193c194,196 -< ---- -> if upstream_info.scheme == "https" then -> upstream.set_scheme(ctx, up_conf) -> end -235a239,252 -> -- check if all upstream_ids are valid -> if rule.weighted_upstreams then -> for _, wupstream in ipairs(rule.weighted_upstreams) do -> local ups_id = wupstream.upstream_id -> if ups_id then -> local ups = upstream.get_by_id(ups_id) -> if not ups then -> return 500, "failed to fetch upstream info by " -> .. "upstream id: " .. ups_id -> end -> end -> end -> end -> diff --git a/diffs/diff_ua-restriction.lua.diff b/diffs/diff_ua-restriction.lua.diff deleted file mode 100644 index 32b9a858db10..000000000000 --- a/diffs/diff_ua-restriction.lua.diff +++ /dev/null @@ -1,8 +0,0 @@ -28d27 -< -154c153 -< -- after core.request.header function changed, ---- -> -- after core.request.header function changed -178d176 -< diff --git a/diffs/diff_util.lua.diff b/diffs/diff_util.lua.diff deleted file mode 100644 index a20b74d7f3af..000000000000 --- a/diffs/diff_util.lua.diff +++ /dev/null @@ -1,82 +0,0 @@ -0a1,16 -> -- -> -- Licensed to the Apache Software Foundation (ASF) under one or more -> -- contributor license agreements. See the NOTICE file distributed with -> -- this work for additional information regarding copyright ownership. -> -- The ASF licenses this file to You under the Apache License, Version 2.0 -> -- (the "License"); you may not use this file except in compliance with -> -- the License. You may obtain a copy of the License at -> -- -> -- http://www.apache.org/licenses/LICENSE-2.0 -> -- -> -- Unless required by applicable law or agreed to in writing, software -> -- distributed under the License is distributed on an "AS IS" BASIS, -> -- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -> -- See the License for the specific language governing permissions and -> -- limitations under the License. -> -- -1a18,81 -> local assert = assert -> local math = require "math" -> local floor = math.floor -> local _M = {version = 0.3} -> -> -> function _M.incoming(self, red, key, commit) -> local max = self.max -> self.committed = false -> key = "limit_conn" .. ":" .. key -> -> local conn, err -> if commit then -> conn, err = red:incrby(key, 1) -> if not conn then -> return nil, err -> end -> -> if conn > max + self.burst then -> conn, err = red:incrby(key, -1) -> if not conn then -> return nil, err -> end -> return nil, "rejected" -> end -> self.committed = true -> -> else -> local conn_from_red, err = red:get(key) -> if err then -> return nil, err -> end -> conn = (conn_from_red or 0) + 1 -> end -> -> if conn > max then -> -- make the excessive connections wait -> return self.unit_delay * floor((conn - 1) / max), conn -> end -> -> -- we return a 0 delay by default -> return 0, conn -> end -> -> -> function _M.leaving(self, red, key, req_latency) -> assert(key) -> key = "limit_conn" .. ":" .. key -> -> local conn, err = red:incrby(key, -1) -> if not conn then -> return nil, err -> end -> -> if req_latency then -> local unit_delay = self.unit_delay -> self.unit_delay = (req_latency + unit_delay) / 2 -> end -> -> return conn -> end -> -> -> return _M diff --git a/diffs/diff_workflow.lua.diff b/diffs/diff_workflow.lua.diff deleted file mode 100644 index 62295ad08a7c..000000000000 --- a/diffs/diff_workflow.lua.diff +++ /dev/null @@ -1,58 +0,0 @@ -18c18 -< local plugin = require("apisix.plugin") ---- -> local limit_count = require("apisix.plugins.limit-count.init") -52c52 -< required = {"actions"} ---- -> required = {"case", "actions"} -55c55,56 -< } ---- -> }, -> required = {"rules"} -94a96,100 -> local function rate_limit(conf, ctx) -> return limit_count.rate_limit(conf, ctx, "limit-count", 1) -> end -> -> -99a106,109 -> ["limit-count"] = { -> handler = rate_limit, -> check_schema = limit_count.check_schema, -> } -103,110d112 -< function _M.register(plugin_name, handler, check_schema) -< support_action[plugin_name] = { -< handler = handler, -< check_schema = check_schema -< } -< end -< -< -118,122c120,122 -< if rule.case then -< local ok, err = expr.new(rule.case) -< if not ok then -< return false, "failed to validate the 'case' expression: " .. err -< end ---- -> local ok, err = expr.new(rule.case) -> if not ok then -> return false, "failed to validate the 'case' expression: " .. err -123a124 -> -144a146 -> local match_result -146,150c148,149 -< local match_result = true -< if rule.case then -< local expr, _ = expr.new(rule.case) -< match_result = expr:eval(ctx.var) -< end ---- -> local expr, _ = expr.new(rule.case) -> match_result = expr:eval(ctx.var) -154d152 -< plugin.skip_plugin(ctx, action[1]) diff --git a/diffs/diff_zipkin.lua.diff b/diffs/diff_zipkin.lua.diff deleted file mode 100644 index fd8cf6fc9da8..000000000000 --- a/diffs/diff_zipkin.lua.diff +++ /dev/null @@ -1,32 +0,0 @@ -34a35 -> -216,217c217,218 -< request_span:set_baggage_item("x-b3-sampled","1") -< end ---- -> request_span:set_baggage_item("x-b3-sampled","1") -> end -219,227c220,228 -< if plugin_info.set_ngx_var then -< local span_context = request_span:context() -< ngx_var.zipkin_context_traceparent = string_format("00-%s-%s-%02x", -< to_hex(span_context.trace_id), -< to_hex(span_context.span_id), -< span_context:get_baggage_item("x-b3-sampled")) -< ngx_var.zipkin_trace_id = span_context.trace_id -< ngx_var.zipkin_span_id = span_context.span_id -< end ---- -> if plugin_info.set_ngx_var then -> local span_context = request_span:context() -> ngx_var.zipkin_context_traceparent = string_format("00-%s-%s-%02x", -> to_hex(span_context.trace_id), -> to_hex(span_context.span_id), -> span_context:get_baggage_item("x-b3-sampled")) -> ngx_var.zipkin_trace_id = span_context.trace_id -> ngx_var.zipkin_span_id = span_context.span_id -> end -229c230 -< if not ctx.opentracing_sample then ---- -> if not ctx.opentracing_sample then diff --git a/ee-apisix-diff-reporter b/ee-apisix-diff-reporter deleted file mode 100755 index 47f7be8c3b70..000000000000 --- a/ee-apisix-diff-reporter +++ /dev/null @@ -1,132 +0,0 @@ -#!/bin/bash - -# Check if the script is run from the correct directory -current_dir=$(basename "$PWD") -# Create output markdown file -output_file="diff_report.md" -echo "# Diff Report" > "$output_file" -echo "## Files compared between apisix and api7-ee-3-gateway." >> "$output_file" - -echo "| Filepath | Diff | Related PRs |" >> "$output_file" -echo "|----------|------|-------------|" >> "$output_file" - -# Take filepath argument -filepath="$1" -if [[ -z "$filepath" ]]; then - echo "Filepath argument is required." - exit 1 -fi - -# Recursively process files if directory -if [[ -d "$filepath" ]]; then - # Remove trailing slash if present - filepath="${filepath%/}" - echo "Processing directory $filepath" - files=$(find "$filepath" -type f) -else - echo "Processing file $filepath" - files="$filepath" -fi - -if [[ "$current_dir" == "apisix" ]]; then - # Switch to sibling api7-ee-3-gateway directory - cd .. || exit 1 - cd api7-ee-3-gateway || { echo "Could not enter api7-ee-3-gateway"; exit 1; } -elif [[ "$current_dir" != "api7-ee-3-gateway" ]]; then - echo "This script can only be run in apisix or api7-ee-3-gateway directories. Please make sure they are siblings." - exit 1 -fi - -# Helper function to process a single file -process_file() { - local file="$1" - local f1="" - local f2="" - local diff_file="diffs/diff_$(basename "$file").diff" - local related_prs="" - - # Ensure we are on the main branch in api7-ee-3-gateway - git checkout main || { echo "Failed to checkout main in api7-ee-3-gateway"; exit 1; } - - # Try to read file contents relative to api7-ee-3-gateway - if [[ -f "$file" ]]; then - f1=$(cat "$file") - related_prs="Manually check the commit differences here: https://github.com/apache/apisix/commits/release/3.11/$file https://github.com/api7/api7-ee-3-gateway/commits/main/$file" - else - echo "File not present in ee gateway❌" - related_prs="CHECK APISIX" - fi - - # Go back to apisix directory - cd ../apisix || { echo "Could not enter apisix"; exit 1; } - - # If file not found in api7-ee-3-gateway, get it from apisix/release/3.2 branch - if [[ -z "$f1" ]]; then - git checkout release/3.2 || { echo "Failed to checkout release/3.2 in apisix"; exit 1; } - if [[ -f "$file" ]]; then - f1=$(cat "$file") - else - echo "File not present in release/3.2❌" - fi - fi - - # Checkout release/3.11 branch in apisix - git checkout release/3.11 || { echo "Failed to checkout release/3.11 in apisix"; exit 1; } - - # Get file contents for release/3.11 - if [[ -f "$file" ]]; then - f2=$(cat "$file") - else - echo "File doesn't exist in release/3.11 apisix❌" - fi - - # Compare f1 and f2, save diff - mkdir -p "$(dirname "$diff_file")" - diff <(echo "$f1") <(echo "$f2") > "$diff_file" - - if [[ -s "$diff_file" ]]; then - echo "Diff found and saved to $diff_file βœ…" - - # Calculate related PRs if f1 is from release/3.2 - if [[ "$related_prs" == "CHECK APISIX" ]]; then - related_prs="" - local start_commit - start_commit=$(git rev-parse release/3.2) - # Traverse merge commits and check diffs for the file - # Normalize file path to match git output - normalized_file=$(echo "$file" | sed 's|^\./||') - # Traverse merge commits and check diffs for the file - for commit in $(git log --pretty=format:"%H" release/3.2..release/3.11); do - if git diff --name-only "$commit^1" "$commit" | grep -q "^$normalized_file$"; then - pr_number=$(git log -1 --pretty=%B "$commit" | grep -oE '#[0-9]+' | sed 's/#//') - if [[ -n "$pr_number" ]]; then - related_prs+="github.com/apache/apisix/pull/$pr_number," - fi - fi - done - - related_prs=$(echo "$related_prs" | tr ',' '\n' | sort -u | tr '\n' ',' | sed 's/^,//; s/,$//; s/,/, /g') - fi - - echo "| $file | Diff found and saved to $diff_file βœ… | ${related_prs:-could not compute} |" >> "$output_file" - else - echo "No difference found between the files.πŸ’―" - echo "| $file | No diff πŸ’― | - |" >> "$output_file" - rm "$diff_file" - fi - - # Switch back to api7-ee-3-gateway - cd ../api7-ee-3-gateway || exit 1 -} - - - -# Process each file -for file in $files; do - echo "Processing $file" - process_file "$file" -done - - -# Final message -echo "Diff report generated in $output_file βœ…"