[GitHub] [apisix] EnableAsync commented on pull request #2225: move etcd cluster in docker for CI

2020-09-15 Thread GitBox 


EnableAsync commented on pull request #2225:
URL: https://github.com/apache/apisix/pull/2225#issuecomment-693182195


   > I think we could run ETCD as a service in github actions. [doc about 
github actions 
services](https://docs.github.com/en/actions/configuring-and-managing-workflows/about-service-containers)
   
   
   We cannot give a command for the container (CMD) to docker when a given 
service is created.
   
https://github.community/t/how-do-i-properly-override-a-service-entrypoint/17435/4
   
   And I've only come up with the same solution as this one so far, any other 
solutions?
   https://github.community/t/job-service-command/16477



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] membphis commented on a change in pull request #2233: change: check etcd cluster version when init_etcd

2020-09-15 Thread GitBox 


membphis commented on a change in pull request #2233:
URL: https://github.com/apache/apisix/pull/2233#discussion_r489165395



##
File path: bin/apisix
##
@@ -885,20 +939,44 @@ local function init_etcd(show_output)
 yaml_conf.etcd.host = {yaml_conf.etcd.host}
 end
 
+local cluster_version
 local host_count = #(yaml_conf.etcd.host)
-
-local etcd_ok = false
+-- check the etcd cluster version
 for index, host in ipairs(yaml_conf.etcd.host) do
--- check if etcd version above 3.4
-cmd = "curl " .. host .. "/version 2>&1"
-local res = excute_cmd(cmd)
-local op_ver = str_split(res, "\"")[4]
-local need_ver = "3.4.0"
-if not check_version(op_ver, need_ver) then
-io.stderr:write("etcd version must >=", need_ver, " current ", 
op_ver, "\n")
+uri = host .. "/version"
+local cmd = string.format("curl -s -m %d %s | sed -e 's/[{}]/''/g'", 
timeout * 2, uri)

Review comment:
   it depends on the tool `sed`. External tools, the less dependency the 
better.

##
File path: bin/apisix
##
@@ -885,20 +939,44 @@ local function init_etcd(show_output)
 yaml_conf.etcd.host = {yaml_conf.etcd.host}
 end
 
+local cluster_version
 local host_count = #(yaml_conf.etcd.host)
-
-local etcd_ok = false
+-- check the etcd cluster version
 for index, host in ipairs(yaml_conf.etcd.host) do
--- check if etcd version above 3.4
-cmd = "curl " .. host .. "/version 2>&1"
-local res = excute_cmd(cmd)
-local op_ver = str_split(res, "\"")[4]
-local need_ver = "3.4.0"
-if not check_version(op_ver, need_ver) then
-io.stderr:write("etcd version must >=", need_ver, " current ", 
op_ver, "\n")
+uri = host .. "/version"
+local cmd = string.format("curl -s -m %d %s | sed -e 's/[{}]/''/g'", 
timeout * 2, uri)
+local res = execute_cmd(cmd)
+local m = split(res, [[%s*,%s*]])
+local errmsg = string.format("got malformed version message: \"%s\" 
from etcd", res)
+
+for i = 1, #m do
+local mm = split(m[i], [[%s*:%s*]])
+if #mm ~= 2 then
+io.stderr:write(errmsg)
+return
+end
+
+if mm[1] == "\"etcdcluster\"" then
+cluster_version = string.sub(mm[2], 2, -2)
+break
+end
+end
+
+if not cluster_version then
+io.stderr:write(errmsg)
 return
 end
 
+if compare_semantic_version(cluster_version, min_etcd_version) then
+io.stderr:write(string.format("etcd cluster version \"%s\" is less 
than the required version \"%s\", please upgrade your etcd cluster", 
cluster_version, min_etcd_version))

Review comment:
   this line is too long. it is not easy for reading

##
File path: bin/apisix
##
@@ -885,20 +939,44 @@ local function init_etcd(show_output)
 yaml_conf.etcd.host = {yaml_conf.etcd.host}
 end
 
+local cluster_version
 local host_count = #(yaml_conf.etcd.host)
-
-local etcd_ok = false
+-- check the etcd cluster version
 for index, host in ipairs(yaml_conf.etcd.host) do
--- check if etcd version above 3.4
-cmd = "curl " .. host .. "/version 2>&1"
-local res = excute_cmd(cmd)
-local op_ver = str_split(res, "\"")[4]
-local need_ver = "3.4.0"
-if not check_version(op_ver, need_ver) then
-io.stderr:write("etcd version must >=", need_ver, " current ", 
op_ver, "\n")
+uri = host .. "/version"
+local cmd = string.format("curl -s -m %d %s | sed -e 's/[{}]/''/g'", 
timeout * 2, uri)
+local res = execute_cmd(cmd)
+local m = split(res, [[%s*,%s*]])

Review comment:
   I think we can use `dkjson` the parse the JSON response body, it was 
written by pure Lua code.
   
   https://luarocks.org/modules/dhkolf/dkjson





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-dashboard] membphis commented on issue #476: How to configure a TCP upstream by dashboard?

2020-09-15 Thread GitBox 


membphis commented on issue #476:
URL: 
https://github.com/apache/apisix-dashboard/issues/476#issuecomment-693164756


   that is a todo feature now. 
   
   @corffee welcome PR or provide your thoughts.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[apisix-dashboard] branch refactor updated (13d0e98 -> b1471f9)

2020-09-15 Thread vinci 
This is an automated email from the ASF dual-hosted git repository.

vinci pushed a change to branch refactor
in repository https://gitbox.apache.org/repos/asf/apisix-dashboard.git.


from 13d0e98  resolve conflict
 new 2ee78c7  refference droplet and write a API demo
 add 54f7a98  add tools to check ASF headers in code files. (#454)
 add 1eb1524  chore: remove unnecessary license file (#462)
 add d3678bc  Increase the checking of .conf and .toml files. And delete 
the redundant configuration of the ASF-Release.cfg file. (#461)
 add d6ba6cc  ci: Add lint (#455)
 add e2271b3  Feat: dashboard support route group (#433)
 add 885025e  feature:Independent license check operation file. (#465)
 add 66709c4  feat: support ungroup in manager api (#460)
 add 09c5be9  feat: add publish status to route in manager api (#450)
 add 13b5f0c  feat(route): add publish and offline to route (#451)
 add 361392f  feat: remove netlify (#472)
 add cf9d5ec  fix: host should not be required (#477)
 add c81f0b9  feat: added new plugin dependency (#475)
 new b1471f9  Merge remote-tracking branch 'origin/master' into refactor

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .actions/ASF-Release.cfg   | 101 +
 .../ASFLicenseHeaderMarkdown.txt   |  14 +-
 .actions/openwhisk-utilities   |   1 +
 .github/workflows/api_ci.yml   |   4 +
 .github/workflows/license_ci.yml   |  23 +
 .github/workflows/multiple-node-build.yml  |  29 +-
 CONTRIBUTING.md|  19 +
 LICENSE|  10 -
 api/docker-compose.yml => Makefile |  16 +-
 USER_GUIDE.md  |  19 +
 api/errno/error.go |   2 +
 api/filter/request_id.go   |   3 +-
 api/go.mod |  15 +-
 api/go.mod.orig|  39 --
 api/go.sum | 113 -
 api/go.sum.orig| 497 -
 api/internal/core/entity/entity.go |  38 +-
 api/internal/core/storage/etcd.go  |  18 +-
 api/internal/core/store/store.go   |  56 ++-
 api/internal/core/store/store_test.go  | 182 +++-
 api/internal/handler/route/route.go| 132 --
 api/internal/utils/data.go |   7 -
 api/log/log.go |  56 +++
 api/main.go|  22 +-
 api/route/base.go  |  18 +-
 api/route/route.go | 237 --
 api/route/route_group.go   |  16 +
 api/route/route_group_test.go  | 108 -
 api/route/route_test.go| 200 +
 api/script/db/schema.sql   |   2 +-
 api/service/route.go   |   7 +
 api/service/route_group.go |  20 +-
 api/service/route_group_test.go| 120 +
 api/service/upstream_test.go   |  16 +
 compose/apisix_conf/config.yaml|   1 -
 compose/dashboard_conf/nginx.conf  |  17 +
 .../grafana_conf/provisioning/dashboards/all.yaml  |   2 +-
 .../grafana_conf/provisioning/datasources/all.yaml |   2 +-
 config/routes.ts   |  12 +
 docker/nginx.conf  |  17 +
 licenses/LICENSE-api7-dashboard.txt| 204 -
 licenses/LICENSE-dag-to-lua.txt| 204 -
 package.json   |   8 +-
 src/helpers.tsx|   5 +
 src/locales/en-US/menu.ts  |   1 +
 src/locales/zh-CN/menu.ts  |   1 +
 src/pages/Consumer/components/Step1.tsx|   2 +-
 src/pages/Route/Create.less|   5 +
 src/pages/Route/Create.tsx |  31 +-
 src/pages/Route/List.tsx   | 103 +++--
 .../Route/components/CreateStep4/CreateStep4.tsx   |   2 +-
 src/pages/Route/components/Step1/MetaView.tsx  |  63 ++-
 .../Route/components/Step1/RequestConfigView.tsx   |   1 -
 src/pages/Route/components/Step1/index.tsx |   2 +-
 src/pages/Route/components/Step3/index.tsx |  38 +-
 src/pages/Route/constants.ts   |   3 +
 src/pages/Route/locales/en-US.ts   |  18 +-
 src/pages/Route/locales/zh-CN.ts

[apisix-dashboard] 01/02: refference droplet and write a API demo

2020-09-15 Thread vinci 
This is an automated email from the ASF dual-hosted git repository.

vinci pushed a commit to branch refactor
in repository https://gitbox.apache.org/repos/asf/apisix-dashboard.git

commit 2ee78c71bf38e076bb2def6e24a07743adcb1ca4
Author: ShiningRush <277040...@qq.com>
AuthorDate: Wed Sep 16 12:15:32 2020 +0800

refference droplet and write a API demo
---
 api/filter/request_id.go  |   3 +-
 api/go.mod|  15 +-
 api/go.mod.orig   |  39 ---
 api/go.sum| 113 ++--
 api/go.sum.orig   | 497 --
 api/internal/core/entity/entity.go|  38 +--
 api/internal/core/storage/etcd.go |  18 +-
 api/internal/core/store/store.go  |  56 +++-
 api/internal/core/store/store_test.go | 182 +++--
 api/internal/handler/route/route.go   | 132 ++---
 api/internal/utils/data.go|   7 -
 api/log/log.go|  56 
 api/main.go   |  22 +-
 api/route/base.go |  18 +-
 14 files changed, 511 insertions(+), 685 deletions(-)

diff --git a/api/filter/request_id.go b/api/filter/request_id.go
index f4cf521..8d8ea80 100644
--- a/api/filter/request_id.go
+++ b/api/filter/request_id.go
@@ -34,8 +34,9 @@ func RequestId() gin.HandlerFunc {
 
// Expose it for use in the application
c.Set("X-Request-Id", requestId)
+c.Request.Header.Set("X-Request-Id", requestId)
 
-   // Set X-Request-Id header
+// Set X-Request-Id header
c.Writer.Header().Set("X-Request-Id", requestId)
c.Next()
}
diff --git a/api/go.mod b/api/go.mod
index 0ba19e4..9d230c1 100644
--- a/api/go.mod
+++ b/api/go.mod
@@ -5,24 +5,31 @@ go 1.13
 require (
github.com/api7/apitest v1.4.9
github.com/coreos/etcd v3.3.25+incompatible // indirect
-   github.com/coreos/go-semver v0.3.0 // indirect
github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf // 
indirect
-   github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f // indirect
github.com/dgrijalva/jwt-go v3.2.0+incompatible
+   github.com/dustin/go-humanize v1.0.0 // indirect
github.com/gin-contrib/pprof v1.3.0
github.com/gin-contrib/sessions v0.0.3
github.com/gin-gonic/gin v1.6.3
-   github.com/go-sql-driver/mysql v1.5.0
+   github.com/go-sql-driver/mysql v1.5.0 // indirect
github.com/gogo/protobuf v1.3.1 // indirect
github.com/google/uuid v1.1.2 // indirect
github.com/jinzhu/gorm v1.9.12
github.com/satori/go.uuid v1.2.0
+   github.com/shiningrush/droplet v0.1.0
+   github.com/shiningrush/droplet/wrapper/gin v0.1.0
github.com/sirupsen/logrus v1.6.0
github.com/spf13/viper v1.7.1
+   github.com/steinfletcher/apitest v1.4.10 // indirect
github.com/stretchr/testify v1.6.1
github.com/tidwall/gjson v1.6.0
go.etcd.io/etcd v3.3.25+incompatible
go.uber.org/zap v1.16.0 // indirect
-   google.golang.org/grpc v1.26.0 // indirect
+   golang.org/x/net v0.0.0-20200904194848-62affa334b73 // indirect
+   golang.org/x/sys v0.0.0-20200915084602-288bc346aa39 // indirect
+   golang.org/x/text v0.3.3 // indirect
gopkg.in/resty.v1 v1.12.0
+   sigs.k8s.io/yaml v1.2.0 // indirect
 )
+
+replace google.golang.org/grpc => google.golang.org/grpc v1.26.0
diff --git a/api/go.mod.orig b/api/go.mod.orig
deleted file mode 100644
index b180c1b..000
--- a/api/go.mod.orig
+++ /dev/null
@@ -1,39 +0,0 @@
-module github.com/apisix/manager-api
-
-go 1.13
-
-require (
-   github.com/api7/apitest v1.4.9
-<<< HEAD
-   github.com/coreos/etcd v3.3.25+incompatible // indirect
-   github.com/coreos/go-semver v0.3.0 // indirect
-   github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf // 
indirect
-   github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f // indirect
-===
-   github.com/dgrijalva/jwt-go v3.2.0+incompatible
->>> origin
-   github.com/gin-contrib/pprof v1.3.0
-   github.com/gin-contrib/sessions v0.0.3
-   github.com/gin-gonic/gin v1.6.3
-<<< HEAD
-   github.com/go-sql-driver/mysql v1.5.0
-   github.com/gogo/protobuf v1.3.1 // indirect
-   github.com/google/uuid v1.1.2 // indirect
-   github.com/jinzhu/gorm v1.9.12
-   github.com/satori/go.uuid v1.2.0
-   github.com/sirupsen/logrus v1.6.0
-   github.com/spf13/viper v1.7.1
-===
-   github.com/go-sql-driver/mysql v1.5.0 // indirect
-   github.com/jinzhu/gorm v1.9.12
-   github.com/satori/go.uuid v1.2.0
-   github.com/sirupsen/logrus v1.6.0
-   github.com/steinfletcher/apitest v1.4.9 // indirect
->>> origin
-   github.com/stretchr/testify v1.6.1
-   github.com/tidwall/gjson v1.6.0
-   go.etcd.io/etcd v3.3.25+incompatible
-   go.uber.org/zap v1.16.0 //

[apisix-dashboard] 02/02: Merge remote-tracking branch 'origin/master' into refactor

2020-09-15 Thread vinci 
This is an automated email from the ASF dual-hosted git repository.

vinci pushed a commit to branch refactor
in repository https://gitbox.apache.org/repos/asf/apisix-dashboard.git

commit b1471f9db23a3af2636953918572fa5565a7f151
Merge: 2ee78c7 c81f0b9
Author: ShiningRush <277040...@qq.com>
AuthorDate: Wed Sep 16 12:16:42 2020 +0800

Merge remote-tracking branch 'origin/master' into refactor

 .actions/ASF-Release.cfg   | 101 +
 .../ASFLicenseHeaderMarkdown.txt   |  14 +-
 .actions/openwhisk-utilities   |   1 +
 .github/workflows/api_ci.yml   |   4 +
 .github/workflows/license_ci.yml   |  23 ++
 .github/workflows/multiple-node-build.yml  |  29 +--
 CONTRIBUTING.md|  19 ++
 LICENSE|  10 -
 .../provisioning/dashboards/all.yaml => Makefile   |  18 +-
 USER_GUIDE.md  |  19 ++
 api/errno/error.go |   2 +
 api/route/route.go | 237 +
 api/route/route_group.go   |  16 ++
 api/route/route_group_test.go  | 108 +-
 api/route/route_test.go| 200 +
 api/script/db/schema.sql   |   2 +-
 api/service/route.go   |   7 +
 api/service/route_group.go |  20 +-
 api/service/route_group_test.go| 120 +++
 api/service/upstream_test.go   |  16 ++
 compose/apisix_conf/config.yaml|   1 -
 compose/dashboard_conf/nginx.conf  |  17 ++
 .../grafana_conf/provisioning/dashboards/all.yaml  |   2 +-
 .../grafana_conf/provisioning/datasources/all.yaml |   2 +-
 config/routes.ts   |  12 ++
 docker/nginx.conf  |  17 ++
 licenses/LICENSE-api7-dashboard.txt| 204 --
 licenses/LICENSE-dag-to-lua.txt| 204 --
 package.json   |   8 +-
 src/helpers.tsx|   5 +
 src/locales/en-US/menu.ts  |   1 +
 src/locales/zh-CN/menu.ts  |   1 +
 src/pages/Consumer/components/Step1.tsx|   2 +-
 src/pages/Route/Create.less|   5 +
 src/pages/Route/Create.tsx |  31 +--
 src/pages/Route/List.tsx   | 103 ++---
 .../Route/components/CreateStep4/CreateStep4.tsx   |   2 +-
 src/pages/Route/components/Step1/MetaView.tsx  |  63 +-
 .../Route/components/Step1/RequestConfigView.tsx   |   1 -
 src/pages/Route/components/Step1/index.tsx |   2 +-
 src/pages/Route/components/Step3/index.tsx |  38 +++-
 src/pages/Route/constants.ts   |   3 +
 src/pages/Route/locales/en-US.ts   |  18 +-
 src/pages/Route/locales/zh-CN.ts   |  17 +-
 src/pages/Route/service.ts |  13 ++
 src/pages/Route/transform.ts   |  17 +-
 src/pages/Route/typing.d.ts|   8 +
 src/pages/RouteGroup/Create.tsx|  88 
 src/pages/{Route => RouteGroup}/List.tsx   |  69 ++
 src/pages/RouteGroup/components/Preview.tsx|  28 +++
 .../{Consumer => RouteGroup}/components/Step1.tsx  |  43 ++--
 src/pages/RouteGroup/constants.ts  |  31 +++
 src/pages/RouteGroup/index.ts  |  18 ++
 src/pages/RouteGroup/locales/en-US.ts  |  45 
 src/pages/RouteGroup/locales/zh-CN.ts  |  45 
 src/pages/RouteGroup/service.ts|  46 
 src/pages/RouteGroup/typing.d.ts   |  23 ++
 src/pages/User/index.ts|  17 ++
 src/pages/User/locales/en-US.ts|  17 ++
 src/pages/User/locales/zh-CN.ts|  17 ++
 src/pages/User/typing.d.ts |  17 ++
 yarn.lock  |  52 +++--
 62 files changed, 1664 insertions(+), 655 deletions(-)

[GitHub] [apisix] moonming commented on pull request #2225: move etcd cluster in docker for CI

2020-09-15 Thread GitBox 


moonming commented on pull request #2225:
URL: https://github.com/apache/apisix/pull/2225#issuecomment-693154696


   got it
   
   Thanks,
   Ming Wen
   Twitter: _WenMing
   
   
   EnableAsync  于2020年9月16日周三 上午11:40写道:
   
   > *@EnableAsync* commented on this pull request.
   > --
   >
   > In .github/workflows/build.yml
   > :
   >
   > >  run: sudo apt install -y cpanminus build-essential 
libncurses5-dev libreadline-dev libssl-dev perl etcd
   >
   > +  - name: Linux Get dependencies
   > +if: matrix.platform == 'ubuntu-18.04' && (matrix.os_name == 
'linux_openresty' || matrix.os_name == 'linux_tengine')
   > +run: sudo apt install -y cpanminus build-essential 
libncurses5-dev libreadline-dev libssl-dev perl etcd-client
   >
   > This test example uses the command etcdctl.
   > https://github.com/apache/apisix/blob/master/t/core/etcd-auth.t#L29
   >
   > —
   > You are receiving this because you commented.
   > Reply to this email directly, view it on GitHub
   > , or
   > unsubscribe
   > 

   > .
   >
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] EnableAsync commented on a change in pull request #2225: move etcd cluster in docker for CI

2020-09-15 Thread GitBox 


EnableAsync commented on a change in pull request #2225:
URL: https://github.com/apache/apisix/pull/2225#discussion_r489142349



##
File path: .github/workflows/build.yml
##
@@ -28,9 +28,13 @@ jobs:
 
 #
   - name: Linux Get dependencies
-if: matrix.platform == 'ubuntu-18.04'
+if: matrix.platform == 'ubuntu-18.04' && matrix.os_name != 
'linux_openresty' && matrix.os_name != 'linux_tengine'
 run: sudo apt install -y cpanminus build-essential libncurses5-dev 
libreadline-dev libssl-dev perl etcd
 
+  - name: Linux Get dependencies
+if: matrix.platform == 'ubuntu-18.04' && (matrix.os_name == 
'linux_openresty' || matrix.os_name == 'linux_tengine')
+run: sudo apt install -y cpanminus build-essential libncurses5-dev 
libreadline-dev libssl-dev perl etcd-client

Review comment:
   This test example uses the command `etcdctl`.
   https://github.com/apache/apisix/blob/master/t/core/etcd-auth.t#L29





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] membphis commented on a change in pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


membphis commented on a change in pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#discussion_r489141555



##
File path: bin/apisix
##
@@ -879,35 +887,35 @@ local function init_etcd(show_output)
 
 local host_count = #(yaml_conf.etcd.host)
 
--- check whether the user has enabled etcd v2 protocol
+local etcd_ok = false
 for index, host in ipairs(yaml_conf.etcd.host) do
-uri = host .. "/v2/keys"
-local cmd = "curl -i -m ".. timeout * 2 .. " -o /dev/null -s -w 
%{http_code} " .. uri
+-- check if etcd version above 3.4
+cmd = "curl " .. host .. "/version 2>&1"
 local res = excute_cmd(cmd)
-if res == "404" then
-io.stderr:write(string.format("failed: please make sure that you 
have enabled the v2 protocol of etcd on %s.\n", host))
+local op_ver = str_split(res, "\"")[4]
+local need_ver = "3.4.0"
+if not check_version(op_ver, need_ver) then
+io.stderr:write("etcd version must >=", need_ver, " current ", 
op_ver, "\n")
 return
 end
-end
-
-local etcd_ok = false
-for index, host in ipairs(yaml_conf.etcd.host) do
 
 local is_success = true
-uri = host .. "/v2/keys" .. (etcd_conf.prefix or "")
 
 for _, dir_name in ipairs({"/routes", "/upstreams", "/services",
"/plugins", "/consumers", "/node_status",
"/ssl", "/global_rules", "/stream_routes",
"/proto"}) do
-local cmd = "curl " .. uri .. dir_name
-.. "?prev_exist=false -X PUT -d dir=true "
-.. "--connect-timeout " .. timeout
+local key =  (etcd_conf.prefix or "") .. dir_name .. "/"
+
+local base64_encode = require("base64").encode
+local uri = host .. "/v3/kv/put"
+local post_json = '{"value":"' .. base64_encode("init_dir") ..  
'", "key":"' .. base64_encode(key) .. '"}'
+cmd = "curl " .. uri .. " -X POST -d '" .. post_json
+.. "' --connect-timeout " .. timeout
 .. " --max-time " .. timeout * 2 .. " --retry 1 2>&1"
 
 local res = excute_cmd(cmd)
-if not res:find("index", 1, true)
-and not res:find("createdIndex", 1, true) then
+if (etcd_version == "v3" and not res:find("OK", 1, true)) then

Review comment:
   you can create a new issue about this





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[apisix-dashboard] branch master updated: feat: added new plugin dependency (#475)

2020-09-15 Thread juzhiyuan 
This is an automated email from the ASF dual-hosted git repository.

juzhiyuan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-dashboard.git


The following commit(s) were added to refs/heads/master by this push:
 new c81f0b9  feat: added new plugin dependency (#475)
c81f0b9 is described below

commit c81f0b94fac96264fd34ba7fa943a4b80d45fe02
Author: 琚致远 
AuthorDate: Wed Sep 16 11:22:46 2020 +0800

feat: added new plugin dependency (#475)

* feat: added new plugin dependency

* feat: omit shadow var

* feat: omit shadow var
---
 package.json   |  8 ++--
 src/pages/Route/Create.tsx | 15 +++
 .../Route/components/CreateStep4/CreateStep4.tsx   |  2 +-
 src/pages/Route/components/Step1/index.tsx |  2 +-
 src/pages/Route/components/Step3/index.tsx | 22 ++---
 yarn.lock  | 52 ++
 6 files changed, 59 insertions(+), 42 deletions(-)

diff --git a/package.json b/package.json
index 7f3f1bb..0860c8a 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "apisix-dashboard",
-  "version": "1.5.3",
+  "version": "1.5.4",
   "private": true,
   "description": "Dashboard for Apache APISIX",
   "scripts": {
@@ -54,9 +54,9 @@
 "@ant-design/icons": "^4.0.0",
 "@ant-design/pro-layout": "^6.0.0",
 "@ant-design/pro-table": "2.6.3",
-"@api7-dashboard/plugin": "^1.0.3",
-"@api7-dashboard/pluginchart": "^1.0.9",
-"@api7-dashboard/ui": "^1.0.0",
+"@api7-dashboard/plugin": "^1.0.4",
+"@api7-dashboard/pluginchart": "^1.0.11",
+"@api7-dashboard/ui": "^1.0.3",
 "@rjsf/antd": "2.2.0",
 "@rjsf/core": "2.2.0",
 "antd": "^4.4.0",
diff --git a/src/pages/Route/Create.tsx b/src/pages/Route/Create.tsx
index fc767d2..40c6365 100644
--- a/src/pages/Route/Create.tsx
+++ b/src/pages/Route/Create.tsx
@@ -187,15 +187,10 @@ const Page: React.FC = (props) => {
 if (step === 3) {
   return (
  {
-if (mode === 'NORMAL') {
-  setStep3Data({ plugins: data, script: {} });
-  setChart(INIT_CHART);
-} else {
-  setChart(data);
-}
+  data={step3Data}
+  onChange={({ plugins, script = INIT_CHART }) => {
+setStep3Data({ plugins, script });
+setChart(script);
   }}
 />
   );
@@ -234,7 +229,7 @@ const Page: React.FC = (props) => {
 };
 
 const savePlugins = () => {
-  if (Object.keys(chart.nodes).length) {
+  if (Object.keys(chart.nodes || {}).length) {
 const transformChart = chartTransformer(chart);
 setStep3Data({ script: { ...transformChart, chart }, plugins: {} });
   } else {
diff --git a/src/pages/Route/components/CreateStep4/CreateStep4.tsx 
b/src/pages/Route/components/CreateStep4/CreateStep4.tsx
index ad47fc1..1d6928a 100644
--- a/src/pages/Route/components/CreateStep4/CreateStep4.tsx
+++ b/src/pages/Route/components/CreateStep4/CreateStep4.tsx
@@ -47,7 +47,7 @@ const CreateStep4: React.FC = ({ form1, form2, 
redirect, ...rest }) => {
   
   {formatMessage({ id: 
'route.create.plugin.configuration' })}
   {Boolean(Object.keys(plugins).length !== 0) && (
-
+
   )}
   {Boolean(Object.keys(script).length !== 0) && (
  = (props) => {
diff --git a/src/pages/Route/components/Step3/index.tsx 
b/src/pages/Route/components/Step3/index.tsx
index 0b872e9..ae6a606 100644
--- a/src/pages/Route/components/Step3/index.tsx
+++ b/src/pages/Route/components/Step3/index.tsx
@@ -18,13 +18,17 @@ import React, { useState } from 'react';
 import { Radio, Tooltip } from 'antd';
 import { QuestionCircleOutlined } from '@ant-design/icons';
 import { isChrome } from 'react-device-detect';
+
 import { PluginPage, PluginPageType } from '@api7-dashboard/plugin';
 import PluginOrchestration from '@api7-dashboard/pluginchart';
 
 type Props = {
-  data: PluginPageType.PluginData;
-  onChange(data: PluginPageType.PluginData): void;
-  readonly: boolean;
+  data: {
+plugins: PluginPageType.FinalData;
+script: Record;
+  };
+  onChange(data: { plugins: PluginPageType.FinalData; script: any }): void;
+  readonly?: boolean;
 };
 
 type Mode = 'NORMAL' | 'DRAW';
@@ -33,7 +37,7 @@ const Page: React.FC = ({ data, onChange, readonly = 
false }) => {
   const { plugins = {}, script = {} } = data;
 
   // NOTE: Currently only compatible with chrome
-  const type = Object.keys(script).length === 0 || !isChrome ? 'NORMAL' : 
'DRAW';
+  const type = Object.keys(script || {}).length === 0 || !isChrome ? 'NORMAL' 
: 'DRAW';
   const [mode, setMode] = useState(type);
 
   return (
@@ -44,6 +48,7 @@ const Page: React.FC = ({ data, onChange, readonly = 
false }) => {
   onChange={(e) => {
 setMode(e.target.value);
   }}
+

[apisix] branch master updated (4722198 -> 4c227ad)

2020-09-15 Thread wenming 
This is an automated email from the ASF dual-hosted git repository.

wenming pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git.


from 4722198  feature: support etcd v3 by mocking v2 API (#2036)
 add 4c227ad  doc: added channel at slack and added new qq group. (#2226)

No new revisions were added by this update.

Summary of changes:
 README.md| 4 +++-
 README_CN.md | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

[apisix-dashboard] branch master updated: feat: added new plugin dependency (#475)

2020-09-15 Thread juzhiyuan 
This is an automated email from the ASF dual-hosted git repository.

juzhiyuan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-dashboard.git


The following commit(s) were added to refs/heads/master by this push:
 new c81f0b9  feat: added new plugin dependency (#475)
c81f0b9 is described below

commit c81f0b94fac96264fd34ba7fa943a4b80d45fe02
Author: 琚致远 
AuthorDate: Wed Sep 16 11:22:46 2020 +0800

feat: added new plugin dependency (#475)

* feat: added new plugin dependency

* feat: omit shadow var

* feat: omit shadow var
---
 package.json   |  8 ++--
 src/pages/Route/Create.tsx | 15 +++
 .../Route/components/CreateStep4/CreateStep4.tsx   |  2 +-
 src/pages/Route/components/Step1/index.tsx |  2 +-
 src/pages/Route/components/Step3/index.tsx | 22 ++---
 yarn.lock  | 52 ++
 6 files changed, 59 insertions(+), 42 deletions(-)

diff --git a/package.json b/package.json
index 7f3f1bb..0860c8a 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "apisix-dashboard",
-  "version": "1.5.3",
+  "version": "1.5.4",
   "private": true,
   "description": "Dashboard for Apache APISIX",
   "scripts": {
@@ -54,9 +54,9 @@
 "@ant-design/icons": "^4.0.0",
 "@ant-design/pro-layout": "^6.0.0",
 "@ant-design/pro-table": "2.6.3",
-"@api7-dashboard/plugin": "^1.0.3",
-"@api7-dashboard/pluginchart": "^1.0.9",
-"@api7-dashboard/ui": "^1.0.0",
+"@api7-dashboard/plugin": "^1.0.4",
+"@api7-dashboard/pluginchart": "^1.0.11",
+"@api7-dashboard/ui": "^1.0.3",
 "@rjsf/antd": "2.2.0",
 "@rjsf/core": "2.2.0",
 "antd": "^4.4.0",
diff --git a/src/pages/Route/Create.tsx b/src/pages/Route/Create.tsx
index fc767d2..40c6365 100644
--- a/src/pages/Route/Create.tsx
+++ b/src/pages/Route/Create.tsx
@@ -187,15 +187,10 @@ const Page: React.FC = (props) => {
 if (step === 3) {
   return (
  {
-if (mode === 'NORMAL') {
-  setStep3Data({ plugins: data, script: {} });
-  setChart(INIT_CHART);
-} else {
-  setChart(data);
-}
+  data={step3Data}
+  onChange={({ plugins, script = INIT_CHART }) => {
+setStep3Data({ plugins, script });
+setChart(script);
   }}
 />
   );
@@ -234,7 +229,7 @@ const Page: React.FC = (props) => {
 };
 
 const savePlugins = () => {
-  if (Object.keys(chart.nodes).length) {
+  if (Object.keys(chart.nodes || {}).length) {
 const transformChart = chartTransformer(chart);
 setStep3Data({ script: { ...transformChart, chart }, plugins: {} });
   } else {
diff --git a/src/pages/Route/components/CreateStep4/CreateStep4.tsx 
b/src/pages/Route/components/CreateStep4/CreateStep4.tsx
index ad47fc1..1d6928a 100644
--- a/src/pages/Route/components/CreateStep4/CreateStep4.tsx
+++ b/src/pages/Route/components/CreateStep4/CreateStep4.tsx
@@ -47,7 +47,7 @@ const CreateStep4: React.FC = ({ form1, form2, 
redirect, ...rest }) => {
   
   {formatMessage({ id: 
'route.create.plugin.configuration' })}
   {Boolean(Object.keys(plugins).length !== 0) && (
-
+
   )}
   {Boolean(Object.keys(script).length !== 0) && (
  = (props) => {
diff --git a/src/pages/Route/components/Step3/index.tsx 
b/src/pages/Route/components/Step3/index.tsx
index 0b872e9..ae6a606 100644
--- a/src/pages/Route/components/Step3/index.tsx
+++ b/src/pages/Route/components/Step3/index.tsx
@@ -18,13 +18,17 @@ import React, { useState } from 'react';
 import { Radio, Tooltip } from 'antd';
 import { QuestionCircleOutlined } from '@ant-design/icons';
 import { isChrome } from 'react-device-detect';
+
 import { PluginPage, PluginPageType } from '@api7-dashboard/plugin';
 import PluginOrchestration from '@api7-dashboard/pluginchart';
 
 type Props = {
-  data: PluginPageType.PluginData;
-  onChange(data: PluginPageType.PluginData): void;
-  readonly: boolean;
+  data: {
+plugins: PluginPageType.FinalData;
+script: Record;
+  };
+  onChange(data: { plugins: PluginPageType.FinalData; script: any }): void;
+  readonly?: boolean;
 };
 
 type Mode = 'NORMAL' | 'DRAW';
@@ -33,7 +37,7 @@ const Page: React.FC = ({ data, onChange, readonly = 
false }) => {
   const { plugins = {}, script = {} } = data;
 
   // NOTE: Currently only compatible with chrome
-  const type = Object.keys(script).length === 0 || !isChrome ? 'NORMAL' : 
'DRAW';
+  const type = Object.keys(script || {}).length === 0 || !isChrome ? 'NORMAL' 
: 'DRAW';
   const [mode, setMode] = useState(type);
 
   return (
@@ -44,6 +48,7 @@ const Page: React.FC = ({ data, onChange, readonly = 
false }) => {
   onChange={(e) => {
 setMode(e.target.value);
   }}
+

[apisix] branch master updated (4722198 -> 4c227ad)

2020-09-15 Thread wenming 
This is an automated email from the ASF dual-hosted git repository.

wenming pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git.


from 4722198  feature: support etcd v3 by mocking v2 API (#2036)
 add 4c227ad  doc: added channel at slack and added new qq group. (#2226)

No new revisions were added by this update.

Summary of changes:
 README.md| 4 +++-
 README_CN.md | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

[GitHub] [apisix-control-plane] Firstsawyou commented on issue #25: CI: add tools to check ASF headers in code files

2020-09-15 Thread GitBox 


Firstsawyou commented on issue #25:
URL: 
https://github.com/apache/apisix-control-plane/issues/25#issuecomment-693147259


   solve #26 



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-control-plane] Firstsawyou removed a comment on issue #25: CI: add tools to check ASF headers in code files

2020-09-15 Thread GitBox 


Firstsawyou removed a comment on issue #25:
URL: 
https://github.com/apache/apisix-control-plane/issues/25#issuecomment-693146608


   solve #26 



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-control-plane] Firstsawyou closed issue #25: CI: add tools to check ASF headers in code files

2020-09-15 Thread GitBox 


Firstsawyou closed issue #25:
URL: https://github.com/apache/apisix-control-plane/issues/25


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-dashboard] juzhiyuan merged pull request #475: feat: added new plugin dependency

2020-09-15 Thread GitBox 


juzhiyuan merged pull request #475:
URL: https://github.com/apache/apisix-dashboard/pull/475


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming merged pull request #2226: doc: added channel at slack and added new qq group.

2020-09-15 Thread GitBox 


moonming merged pull request #2226:
URL: https://github.com/apache/apisix/pull/2226


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-control-plane] Firstsawyou commented on issue #25: CI: add tools to check ASF headers in code files

2020-09-15 Thread GitBox 


Firstsawyou commented on issue #25:
URL: 
https://github.com/apache/apisix-control-plane/issues/25#issuecomment-693146608


   solve #26 



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] tokers opened a new issue #2234: bug: etcd_version in ./bin/apisix is not defined

2020-09-15 Thread GitBox 


tokers opened a new issue #2234:
URL: https://github.com/apache/apisix/issues/2234


   ### Issue description
   
   The variable `etcd_version` in ./bin/apisix is not defined, comment see 
[here](https://github.com/apache/apisix/pull/2036/files#diff-62edadffc237f13dc28a694080d293a8R918).



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] tokers commented on a change in pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


tokers commented on a change in pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#discussion_r489129014



##
File path: bin/apisix
##
@@ -879,35 +887,35 @@ local function init_etcd(show_output)
 
 local host_count = #(yaml_conf.etcd.host)
 
--- check whether the user has enabled etcd v2 protocol
+local etcd_ok = false
 for index, host in ipairs(yaml_conf.etcd.host) do
-uri = host .. "/v2/keys"
-local cmd = "curl -i -m ".. timeout * 2 .. " -o /dev/null -s -w 
%{http_code} " .. uri
+-- check if etcd version above 3.4
+cmd = "curl " .. host .. "/version 2>&1"
 local res = excute_cmd(cmd)
-if res == "404" then
-io.stderr:write(string.format("failed: please make sure that you 
have enabled the v2 protocol of etcd on %s.\n", host))
+local op_ver = str_split(res, "\"")[4]
+local need_ver = "3.4.0"
+if not check_version(op_ver, need_ver) then
+io.stderr:write("etcd version must >=", need_ver, " current ", 
op_ver, "\n")
 return
 end
-end
-
-local etcd_ok = false
-for index, host in ipairs(yaml_conf.etcd.host) do
 
 local is_success = true
-uri = host .. "/v2/keys" .. (etcd_conf.prefix or "")
 
 for _, dir_name in ipairs({"/routes", "/upstreams", "/services",
"/plugins", "/consumers", "/node_status",
"/ssl", "/global_rules", "/stream_routes",
"/proto"}) do
-local cmd = "curl " .. uri .. dir_name
-.. "?prev_exist=false -X PUT -d dir=true "
-.. "--connect-timeout " .. timeout
+local key =  (etcd_conf.prefix or "") .. dir_name .. "/"
+
+local base64_encode = require("base64").encode
+local uri = host .. "/v3/kv/put"
+local post_json = '{"value":"' .. base64_encode("init_dir") ..  
'", "key":"' .. base64_encode(key) .. '"}'
+cmd = "curl " .. uri .. " -X POST -d '" .. post_json
+.. "' --connect-timeout " .. timeout
 .. " --max-time " .. timeout * 2 .. " --retry 1 2>&1"
 
 local res = excute_cmd(cmd)
-if not res:find("index", 1, true)
-and not res:find("createdIndex", 1, true) then
+if (etcd_version == "v3" and not res:find("OK", 1, true)) then

Review comment:
   Where is the definition of `etcd_version`?





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2233: change: check etcd cluster version when init_etcd

2020-09-15 Thread GitBox 


moonming commented on pull request #2233:
URL: https://github.com/apache/apisix/pull/2233#issuecomment-693135758


   nice! we can fix it in this PR :)
   
   Thanks,
   Ming Wen
   Twitter: _WenMing
   
   
   Alex Zhang  于2020年9月16日周三 上午10:36写道:
   
   > @moonming  I found PR #2036
   >  also checked the etcd
   > version, but IMHO the way is wrong.
   >
   > Firstly, when we ask the version message from etcd, it returns a JSON
   > string like this:
   >
   > {"etcdserver":"3.5.0-pre","etcdcluster":"3.5.0"}
   >
   > we should check the version of etcdcluster, not the endpoint's server
   > version (etcdserver) that we requested, the cluster version is the
   > minimal server version of all endpoints in the cluster. So that's the one
   > we need to check.
   >
   > Secondly, the semantic version check method doesn't consider the pre
   > release situation, although it's rare in prod, i think's better to
   > consider it.
   >
   > —
   > You are receiving this because you were mentioned.
   > Reply to this email directly, view it on GitHub
   > , or
   > unsubscribe
   > 

   > .
   >
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] membphis commented on a change in pull request #2221: send file contents and not file name

2020-09-15 Thread GitBox 


membphis commented on a change in pull request #2221:
URL: https://github.com/apache/apisix/pull/2221#discussion_r488333965



##
File path: apisix/utils/log-util.lua
##
@@ -64,7 +64,11 @@ local function get_full_log(ngx, conf)
 else
 local body_file = ngx.req.get_body_file()
 if body_file then
-log.request.body_file = body_file
+local lines = {}

Review comment:
   
https://stackoverflow.com/questions/11201262/how-to-read-data-from-a-file-in-lua
   
   Read the file content in this way, here is the right way:
   
   ```lua
   local open = io.open
   
   local function read_file(path)
   local file = open(path, "rb") -- r read mode and b binary mode
   if not file then return nil end
   local content = file:read "*a" -- *a or *all reads the whole file
   file:close()
   return content
   end
   
   local fileContent = read_file("foo.html");
   print (fileContent);
   ```





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] tokers commented on pull request #2233: change: check etcd cluster version when init_etcd

2020-09-15 Thread GitBox 


tokers commented on pull request #2233:
URL: https://github.com/apache/apisix/pull/2233#issuecomment-693134034


   @moonming I found PR  #2036 also checked the etcd version, but IMHO the way 
is wrong.
   
   Firstly, when we ask the version message from etcd, it returns a JSON string 
like this:
   
   ```json
   {"etcdserver":"3.5.0-pre","etcdcluster":"3.5.0"}
   ```
   
   we should check the version of `etcdcluster`, not the endpoint's server 
version (`etcdserver`) that we requested, the cluster version is the minimal 
server version of all endpoints in the cluster. So that's the one we need to 
check.
   
   Secondly, the semantic version check method doesn't consider the `pre 
release` situation, although it's rare in prod, i think's better to consider it.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] tokers commented on pull request #2233: change: check etcd cluster version when init_etcd

2020-09-15 Thread GitBox 


tokers commented on pull request #2233:
URL: https://github.com/apache/apisix/pull/2233#issuecomment-693130100


   @moonming OK, let me rebase my branch. By the way, i think it's better to 
check out the CHANGELOG of etcd, AKAIK there are some bugs in 3.x series 
releases, but i'm not sure the exact version range.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2233: change: check etcd cluster version when init_etcd

2020-09-15 Thread GitBox 


moonming commented on pull request #2233:
URL: https://github.com/apache/apisix/pull/2233#issuecomment-693129140


   we used to be the default version installed by github actions, now it is the 
etcd 3.4 version installed manually in 
https://github.com/apache/apisix/pull/2036



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[apisix] branch master updated (b6354ec -> 4722198)

2020-09-15 Thread wenming 
This is an automated email from the ASF dual-hosted git repository.

wenming pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git.


from b6354ec  feat: allow to limit client body size to protect the service 
(#2214)
 add 4722198  feature: support etcd v3 by mocking v2 API (#2036)

No new revisions were added by this update.

Summary of changes:
 .travis.yml |   1 -
 .travis/linux_apisix_current_luarocks_runner.sh |   6 +-
 .travis/linux_openresty_mtls_runner.sh  |   5 +-
 .travis/linux_openresty_runner.sh   |   6 +-
 .travis/linux_tengine_runner.sh |   6 +-
 .travis/osx_openresty_runner.sh |   2 +-
 README.md   |   5 +-
 README_CN.md|   5 +-
 apisix/core/config_etcd.lua | 198 --
 apisix/core/etcd.lua| 164 +++-
 bin/apisix  |  42 +--
 doc/architecture-design.md  |   2 +-
 doc/install-dependencies.md |  12 +-
 doc/zh-cn/install-dependencies.md   |  16 +-
 rockspec/apisix-master-0.rockspec   |   3 +-
 t/admin/routes.t|   5 +-
 t/core/etcd-auth-fail.t |  22 +-
 t/core/etcd-auth.t  |  17 +-
 t/core/etcd-sync.t  |   2 +
 t/core/etcd.t   | 335 
 t/lib/server.lua|   7 +
 utils/{install_yaml_conf.sh => install-etcd.sh} |  11 +-
 22 files changed, 710 insertions(+), 162 deletions(-)
 create mode 100644 t/core/etcd.t
 copy utils/{install_yaml_conf.sh => install-etcd.sh} (74%)

[GitHub] [apisix] moonming merged pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


moonming merged pull request #2036:
URL: https://github.com/apache/apisix/pull/2036


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] tokers commented on pull request #2233: change: check etcd cluster version when init_etcd

2020-09-15 Thread GitBox 


tokers commented on pull request #2233:
URL: https://github.com/apache/apisix/pull/2233#issuecomment-693127956


   @moonming It seems the version selection for etcd is not specified in 
`./bin/apisix` or other stuffs. Is it under the Github Action's control?



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[apisix-dashboard] branch master updated: fix: host should not be required (#477)

2020-09-15 Thread juzhiyuan 
This is an automated email from the ASF dual-hosted git repository.

juzhiyuan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-dashboard.git


The following commit(s) were added to refs/heads/master by this push:
 new cf9d5ec  fix: host should not be required (#477)
cf9d5ec is described below

commit cf9d5ec8ed2464201d08e51ec7d9383dae632144
Author: litesun <7sunm...@gmail.com>
AuthorDate: Wed Sep 16 09:57:24 2020 +0800

fix: host should not be required (#477)
---
 src/pages/Route/components/Step1/RequestConfigView.tsx | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/pages/Route/components/Step1/RequestConfigView.tsx 
b/src/pages/Route/components/Step1/RequestConfigView.tsx
index 53e4013..6037ada 100644
--- a/src/pages/Route/components/Step1/RequestConfigView.tsx
+++ b/src/pages/Route/components/Step1/RequestConfigView.tsx
@@ -47,7 +47,6 @@ const RequestConfigView: React.FC = ({ data, disabled, 
onChange }) => {

[GitHub] [apisix-dashboard] juzhiyuan merged pull request #477: fix: host should not be required

2020-09-15 Thread GitBox 


juzhiyuan merged pull request #477:
URL: https://github.com/apache/apisix-dashboard/pull/477


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-dashboard] LiteSun opened a new pull request #477: fix: host should not be required

2020-09-15 Thread GitBox 


LiteSun opened a new pull request #477:
URL: https://github.com/apache/apisix-dashboard/pull/477


   Please answer these questions before submitting a pull request
   
   - Why submit this pull request?
   - [x] Bug fix
   - [ ] New feature provided
   - [ ] Improve performance
   
   - Related issues
   
   ___
   ### Bugfix
   - Description
   related issue:  #458 
   - How to fix?
   
   ___
   ### New feature or improvement
   - Describe the details and related test reports.
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-dashboard] corffee opened a new issue #476: How to configure a TCP upstream by dashboard?

2020-09-15 Thread GitBox 


corffee opened a new issue #476:
URL: https://github.com/apache/apisix-dashboard/issues/476


   Please answer these questions before submitting your issue.
   
   - Why do you submit this issue?
   - [ 1] Question or discussion
   - [ ] Bug
   - [ ] Requirements
   - [ ] Feature or performance improvement
   - [ ] Other
   
   ___
   ### Question
   - What do you want to know?
   How to  configure a TCP upstream by dashboard?
   ___
   ### Bug
   - Which version of Apache APISIX Dashboard, OS, and Browser?
   
   - What happened?
   If possible, provide a way to reproduce the error.
   
   ___
   ### Requirement or improvement
   - Please describe your requirements or improvement suggestions.
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-dashboard] juzhiyuan commented on issue #469: Feature: debug a route online

2020-09-15 Thread GitBox 


juzhiyuan commented on issue #469:
URL: 
https://github.com/apache/apisix-dashboard/issues/469#issuecomment-693117338


   Looks good to me, and this needs a backend to proxy those different origins' 
requests, I guess this doesn't depend on DB, so feel free to go :D



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-dashboard] juzhiyuan closed issue #474: Publish route failed

2020-09-15 Thread GitBox 


juzhiyuan closed issue #474:
URL: https://github.com/apache/apisix-dashboard/issues/474


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-control-plane] moonming merged pull request #26: CI: add tools to check ASF headers in code files

2020-09-15 Thread GitBox 


moonming merged pull request #26:
URL: https://github.com/apache/apisix-control-plane/pull/26


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[apisix-control-plane] branch master updated: CI: add tools to check ASF headers in code files (#26)

2020-09-15 Thread wenming 
This is an automated email from the ASF dual-hosted git repository.

wenming pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-control-plane.git


The following commit(s) were added to refs/heads/master by this push:
 new 729ca37  CI: add tools to check ASF headers in code files (#26)
729ca37 is described below

commit 729ca3768502775cdc5748db4ed2ad4993a22257
Author: Firstsawyou <52862365+firstsaw...@users.noreply.github.com>
AuthorDate: Wed Sep 16 06:58:34 2020 +0800

CI: add tools to check ASF headers in code files (#26)

* add license check.

* Change the contents of the `Makefile`.

* add `license_ci` file.
---
 .actions/ASF-Release.cfg  | 75 +++
 .actions/ASFLicenseHeaderMarkdown.txt | 18 +
 .actions/openwhisk-utilities  |  1 +
 .github/workflows/license_ci.yml  | 23 +++
 Makefile  | 25 
 pkg/yml/plugin.go | 17 
 6 files changed, 159 insertions(+)

diff --git a/.actions/ASF-Release.cfg b/.actions/ASF-Release.cfg
new file mode 100644
index 000..09678b8
--- /dev/null
+++ b/.actions/ASF-Release.cfg
@@ -0,0 +1,75 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more 
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+# scanCode.py configuration file
+
+# List of filenames containing the text of valid license (headers)
+# These files SHOULD be in the same directory path where scanCode.py
+# resides.
+[Licenses]
+ASFLicenseHeader.txt
+ASFLicenseHeaderBash.txt
+ASFLicenseHeaderMarkdown.txt
+ASFLicenseHeaderLua.txt
+
+# Filters (path/filename) with wildcards and associated scan checks
+# that are to be run against them.  The checks are actual valid
+# function names found in scanCode.py.
+[Includes]
+*=is_not_symlink, regex_check
+*.conf=has_block_license, eol_at_eof, regex_check
+*.go=has_block_license, eol_at_eof, regex_check
+*.md=no_tabs, has_block_license, eol_at_eof, regex_check
+*.properties=no_tabs, has_block_license, eol_at_eof, regex_check
+*.py=no_tabs, has_block_license, eol_at_eof, regex_check
+*.scala=has_block_license, no_tabs, eol_at_eof, regex_check
+*.sh=has_block_license, eol_at_eof, regex_check
+*.yaml=has_block_license, eol_at_eof, regex_check
+*.yml=has_block_license, eol_at_eof, regex_check
+*Dockerfile*=has_block_license
+
+# Sanity check files not required to have ASF headers because either they
+# are excluded or are not packaged with the Apache source release.
+*.cfg=regex_check
+*.ini=regex_check
+*.j2=regex_check
+*.json=regex_check
+*.txt=regex_check
+*.xml=regex_check
+
+# List of paths (inclusive of subdirectories) to exclude from code scanning
+[Excludes]
+
+# General tooling & binary file exclusions
+.bin
+.dockerignore
+.eslintrc.*
+.git
+.gitattributes
+.github
+.gitignore
+.gradle
+.idea
+.jshintrc
+.pydevproject
+.rat-excludes
+.tox
+
+# Exclude Apache standard legal files
+CREDITS.txt
+DISCLAIMER.txt
+LICENSE*.txt
+NOTICE.txt
+
+conf
+.actions/openwhisk-utilities
+
+[Options]
+# Not all code files allow licenses to appear starting at the first character
+# of the file. This option tells the scan to allow licenses to appear starting
+# within the first 'x' characters of each code file (as provided by this 
option's
+# value).
+LICENSE_SLACK_LENGTH=500
+
+# List of regular expressions for forbidden strings, e.g. \w...@company.com
+[Regex]
diff --git a/.actions/ASFLicenseHeaderMarkdown.txt 
b/.actions/ASFLicenseHeaderMarkdown.txt
new file mode 100644
index 000..c474814
--- /dev/null
+++ b/.actions/ASFLicenseHeaderMarkdown.txt
@@ -0,0 +1,18 @@
+
diff --git a/.actions/openwhisk-utilities b/.actions/openwhisk-utilities
new file mode 16
index 000..8636f9a
--- /dev/null
+++ b/.actions/openwhisk-utilities
@@ -0,0 +1 @@
+Subproject commit 8636f9ad3bb7c4ed216f6b9291b0a6bf9a12cb76
diff --git a/.github/workflows/license_ci.yml b/.github/workflows/license_ci.yml
new file mode 100644
index 000..28a222e
--- /dev/null
+++ b/.github/workflows/license_ci.yml
@@ -0,0 +1,23 @@
+name: LICENSE CI
+
+on:
+  push:
+branches:
+  - master
+  pull_request:
+branches:
+  - master
+
+jobs:
+
+  check-license:
+
+runs-on: ubuntu-latest
+
+steps:
+
+- uses: actions/checkout@v2
+
+- name: run license check
+  run: |
+make license-check
diff --git a/Makefile b/Makefile
new file mode 100644
index 000..1245ce7
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,25 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#

[GitHub] [apisix] nic-chen commented on pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


nic-chen commented on pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#issuecomment-693018270


   > Currently the log produced by lua-resty-etcd would show message without 
base64 decode. For example
   > 
   > ```
   > 
   > 2020/09/15 23:18:52 [info] 1964#1964: *2 [lua] v3.lua:284: set(): v3 set 
body: 
{"prev_kv":{"value":"InRlc3RfdmFsdWUi","create_revision":"149","mod_revision":"150","key":"L2FwaXNpeC90ZXN0X2tleQ==","version":"2"},"header":{"raft_term":"2","cluster_id":"8925027824743593106","member_id":"13803658152347727308","revision":"151"}},
 client: 127.0.0.1, server: localhost, request: "GET /t HTTP/1.1", host: 
"localhost"
   > 
   > 2020/09/15 23:18:52 [info] 1964#1964: *15 [lua] v3.lua:500: 
request_chunk(): http request method: POST path: /v3/watch body: 
{"create_request":{"range_end":"L2FwaXNpeC91cHN0cmVhbXQ=","start_revision":151,"key":"L2FwaXNpeC91cHN0cmVhbXM="}}
 query: nil, context: ngx.timer
   > 
   > ```
   > 
   > Shall we do the decode on etcd side, or just remove these logs like v2 did?
   
   we could optimize it in another pr



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-dashboard] liuxiran commented on issue #469: Feature: debug a route online

2020-09-15 Thread GitBox 


liuxiran commented on issue #469:
URL: 
https://github.com/apache/apisix-dashboard/issues/469#issuecomment-692861654


   After research on swagger-ui, and tried to introduce 
[swagger-ui-react](https://www.npmjs.com/package/swagger-ui-react ) in our 
project, I found it would be a  feasible solution to do the online debug here, 
and the **demo** just like this:
   
   1. add a [online debug] button in route list
   
![image](https://user-images.githubusercontent.com/2561857/93241981-b3c07880-f7b8-11ea-8f63-e730899b60b8.png)
   
   1. click the debug button, get the route info, tranfer the data to the 
swagger json object, then render the debug page
   
![image](https://user-images.githubusercontent.com/2561857/93242244-13b71f00-f7b9-11ea-8d62-c7d62bd448d7.png)
   
![image](https://user-images.githubusercontent.com/2561857/93242400-57aa2400-f7b9-11ea-8ece-61d83fb15161.png)
   
   1. click [Execute] button, directly initiate a cross-domain request to 
apisix, and then get response
   
![image](https://user-images.githubusercontent.com/2561857/93242763-e028c480-f7b9-11ea-9f90-598857335992.png)
   
   
   The original design was to make a pure front-end function, but due to 
browser security restrictions, cross-domain requests initiated directly by the 
front-end cannot directly modify the Host attribute of the request header. This 
is inconsistent with our business logic, so **this function still needs to rely 
on manager-api to help forward the request**臘‍♀️.
   
   How about this proposal? Looking forward to your feedback,thanks @juzhiyuan 
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Firstsawyou commented on a change in pull request #2209: feature: allow empty `service` object, it does not contain any `upstream` and `plugin`.

2020-09-15 Thread GitBox 


Firstsawyou commented on a change in pull request #2209:
URL: https://github.com/apache/apisix/pull/2209#discussion_r488819427



##
File path: t/admin/schema.t
##
@@ -37,10 +37,47 @@ qr/"plugins":\{"type":"object"}/
 
 
 === TEST 2: get service schema
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/schema/service',
+ngx.HTTP_GET,
+"",
+[[{
+"anyOf": [
+{
+"required":[
+"upstream"
+]
+},
+{
+"required":[
+"upstream_id"
+]
+},
+{
+"required":[
+"plugins"
+]
+},
+{
+"required":[
+"script"
+]
+}
+],
+"action": "set"
+}]]

Review comment:
   The way to detect the removal of "anyOf" is wrong, causing the test to 
fail.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-dashboard] liuxiran commented on issue #474: Publish route failed

2020-09-15 Thread GitBox 


liuxiran commented on issue #474:
URL: 
https://github.com/apache/apisix-dashboard/issues/474#issuecomment-692790666


   > I had updated mysql, you could have a try again. @juzhiyuan @liuxiran
   
   passed 



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Yiyiyimu commented on pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


Yiyiyimu commented on pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#issuecomment-69271


   Currently the log produced by lua-resty-etcd would show message without 
base64 decode. For example
   ```
   2020/09/15 23:18:52 [info] 1964#1964: *2 [lua] v3.lua:284: set(): v3 set 
body: 
{"prev_kv":{"value":"InRlc3RfdmFsdWUi","create_revision":"149","mod_revision":"150","key":"L2FwaXNpeC90ZXN0X2tleQ==","version":"2"},"header":{"raft_term":"2","cluster_id":"8925027824743593106","member_id":"13803658152347727308","revision":"151"}},
 client: 127.0.0.1, server: localhost, request: "GET /t HTTP/1.1", host: 
"localhost"
   2020/09/15 23:18:52 [info] 1964#1964: *15 [lua] v3.lua:500: request_chunk(): 
http request method: POST path: /v3/watch body: 
{"create_request":{"range_end":"L2FwaXNpeC91cHN0cmVhbXQ=","start_revision":151,"key":"L2FwaXNpeC91cHN0cmVhbXM="}}
 query: nil, context: ngx.timer
   ```
   Shall we do the decode on etcd side, or just remove these logs like v2 did?



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Yiyiyimu commented on a change in pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


Yiyiyimu commented on a change in pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#discussion_r488751665



##
File path: apisix/core/etcd.lua
##
@@ -44,24 +49,144 @@ end
 _M.new = new
 
 
+local function kvs_to_node(kvs)
+local node = {}
+node.key = kvs.key
+node.value = kvs.value
+node.createdIndex = tonumber(kvs.create_revision)
+node.modifiedIndex = tonumber(kvs.mod_revision)
+return node
+end
+
+local function kvs_to_nodes(res, start_index)
+res.body.node.dir = true
+res.body.node.nodes = {}
+for i=start_index, #res.body.kvs do
+if start_index == 1 then
+res.body.node.nodes[i] = kvs_to_node(res.body.kvs[i])
+else
+res.body.node.nodes[i-1] = kvs_to_node(res.body.kvs[i])
+end
+end
+return res
+end
+
+
+local function not_found(res)
+res.body.message = "Key not found"
+res.reason = "Not found"
+res.status = 404
+return res
+end
+
+
+function _M.get_format(res, realkey)
+if res.body.error == "etcdserver: user name is empty" then
+return nil, "insufficient credentials code: 401"
+end
+
+res.headers["X-Etcd-Index"] = res.body.header.revision
+
+if not res.body.kvs then
+return not_found(res)
+end
+res.body.action = "get"
+
+res.body.node = kvs_to_node(res.body.kvs[1])
+-- kvs.value = nil, so key is root
+if type(res.body.kvs[1].value) == "userdata" or not res.body.kvs[1].value 
then
+-- remove last "/" when necesary
+if string.sub(res.body.node.key, -1, -1) == "/" then
+res.body.node.key = string.sub(res.body.node.key, 1, 
#res.body.node.key-1)
+end
+res = kvs_to_nodes(res, 2)
+-- key not match, so realkey is root
+elseif res.body.kvs[1].key ~= realkey then
+res.body.node.key = realkey
+res = kvs_to_nodes(res, 1)
+-- first is root (in v2, root not contains value), others are nodes
+elseif #res.body.kvs > 1 then
+res = kvs_to_nodes(res, 2)
+end
+
+res.body.kvs = nil
+return res, nil
+end
+
+
+function _M.watch_format(v3res)

Review comment:
   The change [I made last 
time](https://github.com/apache/apisix/pull/2036#discussion_r477341702)
   
   Maybe I need some suggestions on how to name these two functions 藍 





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Yiyiyimu edited a comment on issue #2227: CLI: Check the etcd version in CLI. The version must be 3.4 or greater.

2020-09-15 Thread GitBox 


Yiyiyimu edited a comment on issue #2227:
URL: https://github.com/apache/apisix/issues/2227#issuecomment-69218


   Sorry @tokers I just noticed you pick up this issue. I fixed it in the [new 
commit](https://github.com/apache/apisix/pull/2036/files/d2e3d01eb9f17ff16fd40f14bf0c5d1017d047ce..0570fdb4e5ecb490f76ac0947bae8e034fed70c8).
 But it would still be great if you could review it~



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Yiyiyimu commented on a change in pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


Yiyiyimu commented on a change in pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#discussion_r488745722



##
File path: apisix/core/etcd.lua
##
@@ -44,24 +48,134 @@ end
 _M.new = new
 
 
+local function kvs_to_node(kvs)
+local node = {}
+node.key = kvs.key
+node.value = kvs.value
+node.createdIndex = tonumber(kvs.create_revision)
+node.modifiedIndex = tonumber(kvs.mod_revision)
+return node
+end
+
+local function kvs_to_nodes(res)
+res.body.node.dir = true
+res.body.node.nodes = {}
+for i=2, #res.body.kvs do
+res.body.node.nodes[i-1] = kvs_to_node(res.body.kvs[i])
+end
+return res
+end
+
+
+local function not_found(res)
+res.body.message = "Key not found"
+res.reason = "Not found"
+res.status = 404
+return res
+end
+
+
+function _M.get_format(res, realkey)
+if res.body.error == "etcdserver: user name is empty" then

Review comment:
   Some does and some don't. For example in this case, ngx.status is set to 
400.
   ```
   {
 body = {
   code = 3,
   error = "etcdserver: user name is empty",
   message = "etcdserver: user name is empty"
 },
 body_reader = ,
 has_body = true,
 headers = {...},
 read_body = ,
 read_trailers = ,
 reason = "Bad Request",
 status = 400,
 trailer_reader = 
   }
   ```





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Yiyiyimu commented on a change in pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


Yiyiyimu commented on a change in pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#discussion_r488739432



##
File path: apisix/core/etcd.lua
##
@@ -44,24 +48,134 @@ end
 _M.new = new
 
 
+local function kvs_to_node(kvs)
+local node = {}
+node.key = kvs.key
+node.value = kvs.value
+node.createdIndex = tonumber(kvs.create_revision)
+node.modifiedIndex = tonumber(kvs.mod_revision)
+return node
+end
+
+local function kvs_to_nodes(res)
+res.body.node.dir = true
+res.body.node.nodes = {}
+for i=2, #res.body.kvs do
+res.body.node.nodes[i-1] = kvs_to_node(res.body.kvs[i])
+end
+return res
+end
+
+
+local function not_found(res)
+res.body.message = "Key not found"
+res.reason = "Not found"
+res.status = 404
+return res
+end
+
+
+function _M.get_format(res, realkey)
+if res.body.error == "etcdserver: user name is empty" then
+return nil, "insufficient credentials code: 401"

Review comment:
   1. The error resulted from `get` when etcd auth failed in v3 is 
different from v2, so I tried to keep it the same
   2. That's the only difference I know between v2 and v3. We could return 
other error directly.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2225: move etcd cluster in docker for CI

2020-09-15 Thread GitBox 


moonming commented on pull request #2225:
URL: https://github.com/apache/apisix/pull/2225#issuecomment-692752316


   Cool, agreed
   
   nic-chen 于2020年9月15日 周二下午9:34写道:
   
   >
   >
   > I think we could run ETCD as a service in github actions. doc about
   > github actions services
   > 

   >
   >
   >
   >
   > —
   > You are receiving this because you commented.
   > Reply to this email directly, view it on GitHub
   > , or
   > unsubscribe
   > 

   > .
   >
   >
   > --
   Thanks,
   Ming Wen
   Twitter: _WenMing
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Miss-you commented on a change in pull request #2226: doc: added channel at slack and added new qq group.

2020-09-15 Thread GitBox 


Miss-you commented on a change in pull request #2226:
URL: https://github.com/apache/apisix/pull/2226#discussion_r488705032



##
File path: README_CN.md
##
@@ -23,9 +23,11 @@
 [![Build 
Status](https://travis-ci.org/apache/apisix.svg?branch=master)](https://travis-ci.org/apache/apisix)
 
[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://github.com/apache/apisix/blob/master/LICENSE)
 
-- **QQ 交流群**: 552030619
 - 邮件列表: 发邮件到 dev-subscr...@apisix.apache.org, 然后跟着回复邮件操作即可。
+- **QQ 交流群**: 578997126(推荐), 552030619

Review comment:
   LGTM





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] spacewander merged pull request #2214: feat: allow to limit client body size to protect the service

2020-09-15 Thread GitBox 


spacewander merged pull request #2214:
URL: https://github.com/apache/apisix/pull/2214


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[apisix] branch master updated: feat: allow to limit client body size to protect the service (#2214)

2020-09-15 Thread spacewander 
This is an automated email from the ASF dual-hosted git repository.

spacewander pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git


The following commit(s) were added to refs/heads/master by this push:
 new b6354ec  feat: allow to limit client body size to protect the service 
(#2214)
b6354ec is described below

commit b6354ec33eab21ecbd47159d1036c2805624c3c7
Author: 罗泽轩 
AuthorDate: Tue Sep 15 21:58:30 2020 +0800

feat: allow to limit client body size to protect the service (#2214)
---
 .travis/apisix_cli_test.sh | 15 +++
 bin/apisix |  2 +-
 conf/config-default.yaml   |  4 
 3 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/.travis/apisix_cli_test.sh b/.travis/apisix_cli_test.sh
index efea3a2..84b1ebb 100755
--- a/.travis/apisix_cli_test.sh
+++ b/.travis/apisix_cli_test.sh
@@ -211,6 +211,21 @@ fi
 
 echo "passed: worker_shutdown_timeout in nginx.conf is ok"
 
+# check the 'client_max_body_size' in 'nginx.conf' .
+
+sed -i 's/client_max_body_size: 0/client_max_body_size: 512m/'  
conf/config-default.yaml
+
+make init
+
+if ! grep -E "client_max_body_size 512m" conf/nginx.conf > /dev/null; then
+echo "failed: client_max_body_size in nginx.conf doesn't change"
+exit 1
+fi
+
+echo "passed: client_max_body_size in nginx.conf is ok"
+
+git checkout conf/config-default.yaml
+
 # check worker processes number is configurable.
 
 git checkout conf/config.yaml
diff --git a/bin/apisix b/bin/apisix
index dc4fc42..d609c21 100755
--- a/bin/apisix
+++ b/bin/apisix
@@ -240,7 +240,7 @@ http {
 
 access_log {* http.access_log *} main buffer=16384 flush=3;
 open_file_cache  max=1000 inactive=60;
-client_max_body_size 0;
+client_max_body_size {* http.client_max_body_size *};
 keepalive_timeout {* http.keepalive_timeout *};
 client_header_timeout {* http.client_header_timeout *};
 client_body_timeout {* http.client_body_timeout *};
diff --git a/conf/config-default.yaml b/conf/config-default.yaml
index faa482b..f6a4710 100644
--- a/conf/config-default.yaml
+++ b/conf/config-default.yaml
@@ -123,6 +123,10 @@ nginx_config: # config for render the 
template to genarate n
 keepalive_timeout: 60s # timeout during which a keep-alive client 
connection will stay open on the server side.
 client_header_timeout: 60s # timeout for reading client request 
header, then 408 (Request Time-out) error is returned to the client
 client_body_timeout: 60s   # timeout for reading client request body, 
then 408 (Request Time-out) error is returned to the client
+client_max_body_size: 0# The maximum allowed size of the client 
request body.
+   # If exceeded, the 413 (Request Entity Too 
Large) error is returned to the client.
+   # Note that unlike Nginx, we don't limit 
the body size by default.
+
 send_timeout: 10s  # timeout for transmitting a response to 
the client.then the connection is closed
 underscores_in_headers: "on"   # default enables the use of underscores in 
client request header fields
 real_ip_header: "X-Real-IP"# 
http://nginx.org/en/docs/http/ngx_http_realip_module.html#real_ip_header

[GitHub] [apisix] nic-chen commented on a change in pull request #2192: feat: add AK/SK auth plugin

2020-09-15 Thread GitBox 


nic-chen commented on a change in pull request #2192:
URL: https://github.com/apache/apisix/pull/2192#discussion_r488680308



##
File path: doc/plugins/hmac-auth.md
##
@@ -0,0 +1,151 @@
+
+
+- [中文](../zh-cn/plugins/hmac-auth.md)
+
+# Summary
+- [**Name**](#name)
+- [**Attributes**](#attributes)
+- [**How To Enable**](#how-to-enable)
+- [**Test Plugin**](#test-plugin)
+- [**Disable Plugin**](#disable-plugin)
+
+
+## Name
+
+`hmac-auth` is an authentication plugin that need to work with `consumer`. Add 
HMAC Authentication to a `service` or `route`.
+
+The `consumer` then adds its key to request header to verify its request.
+
+## Attributes
+
+|Name  |Requirement |Default  |Description|
+|- ||---|---|
+| access_key | required | none |Different `consumer` objects should 
have different values, and it should be unique. If different consumers use the 
same `access_key`, a request matching exception will occur|
+| secret_key  | required | none |Use as a pair with `access_key`|
+| algorithm|  optional| hmac-sha256 |Encryption algorithm. support 
`hmac-sha1`, `hmac-sha256` and `hmac-sha512`|
+| clock_skew  | optional | 300 |The clock skew allowed by the signature in 
seconds. For example, if the time is allowed to skew by 10 seconds, then it 
should be set to `10`. especially, `0` means not checking timestamp.|
+
+## How To Enable
+
+1. set a consumer and config the value of the `hmac-auth` option
+
+```shell
+curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: 
edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+"username": "jack",
+"plugins": {
+"hmac-auth": {
+"access_key": "user-key",
+"secret_key": "my-secret-key",
+"clock_skew": 10
+}
+}
+}'
+```
+
+2. add a Route or add a Service , and enable the `hmac-auth` plugin
+
+```shell
+curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: 
edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+"uri": "/index.html",
+"plugins": {
+"hmac-auth": {}
+},
+"upstream": {
+"type": "roundrobin",
+"nodes": {
+"39.97.63.215:80": 1
+}
+}
+}'
+```
+
+## Test Plugin
+
+### generate signature:
+The calculation formula of the signature is `signature = 
HMAC-SHAx-HEX(secret_key, signning_string)`. From the formula, it can be seen 
that in order to obtain the signature, two parameters, `SECRET_KEY` and 
`SIGNNING_STRING`, are required. Where secret_key is configured by the 
corresponding consumer, the calculation formula of `SIGNNING_STRING` is: 
`signning_string = HTTP Method + HTTP URI + canonical_query_string + HTTP BODY 
+ ACCESS_KEY + TIMESTAMP + SECRET_KEY`
+
+1. **HTTP Method** : Refers to the GET, PUT, POST and other request methods 
defined in the HTTP protocol, and must be in all uppercase.
+2. **HTTP URI** : `HTTP URI` requirements must start with "/", those that do 
not start with "/" need to be added, and the empty path is "/".
+3. **canonical_query_string** :`canonical_query_string` is the result of 
encoding the `query` in the URL (`query` is the string "key1 = valve1 & key2 = 
valve2" after the "?" in the URL).
+
+> The coding steps are as follows:
+
+* Extract the `query` item in the URL, that is, the string "key1 = valve1 & 
key2 = valve2" after the "?" in the URL.
+* Split the `query` into several items according to the & separator, each item 
is in the form of key=value or only key.
+* Encoding each item after disassembly is divided into the following three 
situations.
+
+* When the item has only key, the conversion formula is UriEncode(key) + 
"=".
+* When the item is in the form of key=value, the conversion formula is in 
the form of UriEncode(key) + "=" + UriEncode(value). Here value can be an empty 
string.
+* After converting each item, sort by key in lexicographic order (ASCII 
code from small to large), and connect them with the & symbol to generate the 
corresponding canonical_query_string.

Review comment:
   ok





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] nic-chen commented on a change in pull request #2192: feat: add AK/SK auth plugin

2020-09-15 Thread GitBox 


nic-chen commented on a change in pull request #2192:
URL: https://github.com/apache/apisix/pull/2192#discussion_r488679450



##
File path: doc/zh-cn/plugins/hmac-auth.md
##
@@ -0,0 +1,157 @@
+
+
+- [English](../../plugins/hmac-auth.md)
+
+# 目录
+- [**名字**](#名字)
+- [**属性**](#属性)
+- [**如何启用**](#如何启用)
+- [**测试插件**](#测试插件)
+- [**禁用插件**](#禁用插件)
+
+
+## 名字
+
+`hmac-auth` 是一个认证插件,它需要与 `consumer` 一起配合才能工作。
+
+添加 HMAC Authentication 到一个 `service` 或 `route`。 然后 `consumer` 将其签名添加到请求头以验证其请求。
+
+## 属性
+
+|属性名 |是否可选 | 默认值 |描述|
+|- ||---|---|
+| `access_key` | 必须 | 无 | 不同的 `consumer` 对象应有不同的值,它应当是唯一的。不同 consumer 使用了相同的 
`access_key` ,将会出现请求匹配异常。|
+| `secret_key`| 必须 | 无 | 与 `access_key` 配对使用。|
+| `algorithm` | 可选 | hmac-sha256 | 加密算法。目前支持 `hmac-sha1`, `hmac-sha256` 和 
`hmac-sha512`。|
+| `clock_skew`| 可选 | 300 | 签名允许的时间偏移,以秒为单位的计时。比如允许时间偏移 10 秒钟,那么就应设置为 
`10`。特别地,`0` 表示不对 `timestamp` 进行检查。|
+
+## 如何启用
+
+1. 创建一个 consumer 对象,并设置插件 `hmac-auth` 的值。
+
+```shell
+curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: 
edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+"username": "jack",
+"plugins": {
+"hmac-auth": {
+"access_key": "user-key",
+"secret_key": "my-secret-key",
+"clock_skew": 10
+}
+}
+}'
+```
+
+2. 创建 Route 或 Service 对象,并开启 `hmac-auth` 插件。
+
+```shell
+curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: 
edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+"uri": "/index.html",
+"plugins": {
+"hmac-auth": {}
+},
+"upstream": {
+"type": "roundrobin",
+"nodes": {
+"39.97.63.215:80": 1
+}
+}
+}'
+```
+
+## Test Plugin
+
+### 签名生成公式
+
+签名的计算公式为 `signature = HMAC-SHAx-HEX(secret_key, 
signning_string)`,从公式可以看出,想要获得签名需要得到 `secret_key` 和 `signning_string` 两个参数。其中 
`secret_key` 为对应 consumer 所配置的, `signning_string` 的计算公式为: `signning_string = 
HTTP Method + HTTP URI + canonical_query_string + HTTP BODY + access_key + 
timestamp + secret_key`

Review comment:
   There is another way to do both, that is, we can put the body hash in 
request header which could be put in the `signning_string`. what do you think ? 
@membphis 
   





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] nic-chen commented on a change in pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


nic-chen commented on a change in pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#discussion_r488672188



##
File path: utils/install-etcd.sh
##
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+wget 
https://github.com/etcd-io/etcd/releases/download/v3.4.0/etcd-v3.4.0-linux-amd64.tar.gz

Review comment:
   sure.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] nic-chen commented on pull request #2225: move etcd cluster in docker for CI

2020-09-15 Thread GitBox 


nic-chen commented on pull request #2225:
URL: https://github.com/apache/apisix/pull/2225#issuecomment-692717762


   I think we could run ETCD as a service in github actions. [doc about github 
actions 
services](https://docs.github.com/en/actions/configuring-and-managing-workflows/about-service-containers)



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-dashboard] nic-chen commented on issue #474: Publish route failed

2020-09-15 Thread GitBox 


nic-chen commented on issue #474:
URL: 
https://github.com/apache/apisix-dashboard/issues/474#issuecomment-692708138


   I had updated mysql, you could have a try again. @juzhiyuan @liuxiran 



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-control-plane] Firstsawyou opened a new pull request #26: CI: add tools to check ASF headers in code files #25

2020-09-15 Thread GitBox 


Firstsawyou opened a new pull request #26:
URL: https://github.com/apache/apisix-control-plane/pull/26


   add license check.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on issue #2188: request help: url_block.lua plugin: Is there any performance bottleneck if there are many block rules, say 1000000 url rules in production envirom

2020-09-15 Thread GitBox 


moonming commented on issue #2188:
URL: https://github.com/apache/apisix/issues/2188#issuecomment-692680602


   > Can we divide the 1+ million block urls into groups according to their 
hosts?
   > 
   > ===
   > 
   > @spacewander the whole 1+million urls only for one host(upstream) :)
   
   Can you give some examples?
   On the other hand, why are there a million regex rules under the same host?



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] juzhiyuan commented on a change in pull request #2226: doc: added channel at slack and added new qq group.

2020-09-15 Thread GitBox 


juzhiyuan commented on a change in pull request #2226:
URL: https://github.com/apache/apisix/pull/2226#discussion_r488623153



##
File path: README.md
##
@@ -23,9 +23,11 @@
 [![Build 
Status](https://travis-ci.org/apache/apisix.svg?branch=master)](https://travis-ci.org/apache/apisix)
 
[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://github.com/apache/apisix/blob/master/LICENSE)
 
-- **QQ group**: 552030619
 - Mail list: Mail to dev-subscr...@apisix.apache.org, follow the reply to 
subscribe the mail list.
+- **QQ group**: 578997126(recommend), 552030619

Review comment:
   QQ Group would be better.
   
   Also please use recommended 

##
File path: README.md
##
@@ -23,9 +23,11 @@
 [![Build 
Status](https://travis-ci.org/apache/apisix.svg?branch=master)](https://travis-ci.org/apache/apisix)
 
[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://github.com/apache/apisix/blob/master/LICENSE)
 
-- **QQ group**: 552030619
 - Mail list: Mail to dev-subscr...@apisix.apache.org, follow the reply to 
subscribe the mail list.
+- **QQ group**: 578997126(recommend), 552030619
+- Join `apisix` channel at [Apache Slack](http://s.apache.org/slack-invite). 
If the link is not working, find the latest one at [Apache INFRA 
WIKI](https://cwiki.apache.org/confluence/display/INFRA/Slack+Guest+Invites).

Review comment:
   Join in





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on issue #2188: request help: url_block.lua plugin: Is there any performance bottleneck if there are many block rules, say 1000000 url rules in production envirom

2020-09-15 Thread GitBox 


moonming commented on issue #2188:
URL: https://github.com/apache/apisix/issues/2188#issuecomment-692679685


   > Improving performance mainly depends on the quality of the rules.
   > 
   > For runtime selection, if better performance is required, streaming 
matching such as hyperscan is needed.
   
   uri match is none business with streaming match



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-dashboard] juzhiyuan commented on issue #474: Publish route failed

2020-09-15 Thread GitBox 


juzhiyuan commented on issue #474:
URL: 
https://github.com/apache/apisix-dashboard/issues/474#issuecomment-692679130


   not sure, cc @nic-chen 



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming closed issue #2176: request help: How to configure timeout settings?

2020-09-15 Thread GitBox 


moonming closed issue #2176:
URL: https://github.com/apache/apisix/issues/2176


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2233: change: check etcd cluster version when init_etcd

2020-09-15 Thread GitBox 


moonming commented on pull request #2233:
URL: https://github.com/apache/apisix/pull/2233#issuecomment-692677880


   the etcd in CI is 3.2, so failed: 
https://github.com/apache/apisix/pull/2233/checks?check_run_id=1116987808#step:6:288



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] fankeke commented on issue #2188: request help: url_block.lua plugin: Is there any performance bottleneck if there are many block rules, say 1000000 url rules in production envirome

2020-09-15 Thread GitBox 


fankeke commented on issue #2188:
URL: https://github.com/apache/apisix/issues/2188#issuecomment-692671931


   Can we divide the 1+ million block urls into groups according to their hosts?
   
   ===
   
   @spacewander the whole 1+million urls only for one host(upstream)  :)
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Firstsawyou commented on a change in pull request #2209: feature: allow empty `service` object, it does not contain any `upstream` and `plugin`.

2020-09-15 Thread GitBox 


Firstsawyou commented on a change in pull request #2209:
URL: https://github.com/apache/apisix/pull/2209#discussion_r488599115



##
File path: t/admin/services.t
##
@@ -1085,3 +1085,50 @@ GET /t
 --- error_code: 400
 --- no_error_log
 [error]
+
+
+
+=== TEST 31: set service(id: 1)(allow empty `service` object)
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/services/1',
+ngx.HTTP_PUT,
+[[{
+"desc": "empty service"
+}]]
+)
+
+ngx.status = code
+ngx.say(body)
+}
+}
+--- request
+GET /t
+--- response_body
+passed
+--- no_error_log
+[error]
+
+
+
+=== TEST 32: get service(id: 1)(allow empty `service` object)
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/services/1',
+ ngx.HTTP_GET
+)

Review comment:
   ok.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] membphis commented on a change in pull request #2192: feat: add AK/SK auth plugin

2020-09-15 Thread GitBox 


membphis commented on a change in pull request #2192:
URL: https://github.com/apache/apisix/pull/2192#discussion_r488558126



##
File path: t/plugin/hmac-auth.t
##
@@ -0,0 +1,596 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+use t::APISIX 'no_plan';
+
+repeat_each(2);
+no_long_string();
+no_root_location();
+no_shuffle();
+run_tests;
+
+__DATA__
+
+=== TEST 1: add consumer with username and plugins
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/consumers',
+ngx.HTTP_PUT,
+[[{
+"username": "jack",
+"plugins": {
+"hmac-auth": {
+"access_key": "my-access-key",
+"secret_key": "my-secret-key"
+}
+}
+}]],
+[[{
+"node": {
+"value": {
+"username": "jack",
+"plugins": {
+"hmac-auth": {
+"access_key": "my-access-key",
+"secret_key": "my-secret-key",
+"algorithm": "hmac-sha256",
+"clock_skew": 300
+}
+}
+}
+},
+"action": "set"
+}]]
+)
+
+ngx.status = code
+ngx.say(body)
+}
+}
+--- request
+GET /t
+--- response_body
+passed
+--- no_error_log
+[error]
+
+
+
+=== TEST 2: add consumer with plugin hmac-auth - missing secret key
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/consumers',
+ngx.HTTP_PUT,
+[[{
+"username": "foo",
+"plugins": {
+"hmac-auth": {
+"access_key": "user-key"
+}
+}
+}]])
+
+ngx.status = code
+ngx.say(body)
+}
+}
+--- request
+GET /t
+--- error_code: 400
+--- response_body eval
+qr/\{"error_msg":"invalid plugins configuration: failed to check the 
configuration of plugin hmac-auth err: value should match only one schema, but 
matches none"\}/
+--- no_error_log
+[error]
+
+
+
+=== TEST 3: add consumer with plugin hmac-auth - missing access key
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/consumers',
+ngx.HTTP_PUT,
+[[{
+"username": "bar",
+"plugins": {
+"hmac-auth": {
+"secret_key": "skey"
+}
+}
+}]])
+
+ngx.status = code
+ngx.say(body)
+}
+}
+--- request
+GET /t
+--- error_code: 400
+--- response_body eval
+qr/\{"error_msg":"invalid plugins configuration: failed to check the 
configuration of plugin hmac-auth err: value should match only one schema, but 
matches none"\}/
+--- no_error_log
+[error]
+
+
+
+=== TEST 4: add consumer with plugin hmac-auth - access key exceeds the length 
limit
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/consumers',
+ngx.HTTP_PUT,
+[[{
+"username": "li",
+"plugins": {
+"hmac-auth": {
+"access_key":

[GitHub] [apisix] membphis commented on a change in pull request #2192: feat: add AK/SK auth plugin

2020-09-15 Thread GitBox 


membphis commented on a change in pull request #2192:
URL: https://github.com/apache/apisix/pull/2192#discussion_r488557288



##
File path: doc/plugins/hmac-auth.md
##
@@ -0,0 +1,151 @@
+
+
+- [中文](../zh-cn/plugins/hmac-auth.md)
+
+# Summary
+- [**Name**](#name)
+- [**Attributes**](#attributes)
+- [**How To Enable**](#how-to-enable)
+- [**Test Plugin**](#test-plugin)
+- [**Disable Plugin**](#disable-plugin)
+
+
+## Name
+
+`hmac-auth` is an authentication plugin that need to work with `consumer`. Add 
HMAC Authentication to a `service` or `route`.
+
+The `consumer` then adds its key to request header to verify its request.
+
+## Attributes
+
+|Name  |Requirement |Default  |Description|
+|- ||---|---|
+| access_key | required | none |Different `consumer` objects should 
have different values, and it should be unique. If different consumers use the 
same `access_key`, a request matching exception will occur|
+| secret_key  | required | none |Use as a pair with `access_key`|
+| algorithm|  optional| hmac-sha256 |Encryption algorithm. support 
`hmac-sha1`, `hmac-sha256` and `hmac-sha512`|
+| clock_skew  | optional | 300 |The clock skew allowed by the signature in 
seconds. For example, if the time is allowed to skew by 10 seconds, then it 
should be set to `10`. especially, `0` means not checking timestamp.|
+
+## How To Enable
+
+1. set a consumer and config the value of the `hmac-auth` option
+
+```shell
+curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: 
edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+"username": "jack",
+"plugins": {
+"hmac-auth": {
+"access_key": "user-key",
+"secret_key": "my-secret-key",
+"clock_skew": 10
+}
+}
+}'
+```
+
+2. add a Route or add a Service , and enable the `hmac-auth` plugin
+
+```shell
+curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: 
edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+"uri": "/index.html",
+"plugins": {
+"hmac-auth": {}
+},
+"upstream": {
+"type": "roundrobin",
+"nodes": {
+"39.97.63.215:80": 1
+}
+}
+}'
+```
+
+## Test Plugin
+
+### generate signature:
+The calculation formula of the signature is `signature = 
HMAC-SHAx-HEX(secret_key, signning_string)`. From the formula, it can be seen 
that in order to obtain the signature, two parameters, `SECRET_KEY` and 
`SIGNNING_STRING`, are required. Where secret_key is configured by the 
corresponding consumer, the calculation formula of `SIGNNING_STRING` is: 
`signning_string = HTTP Method + HTTP URI + canonical_query_string + HTTP BODY 
+ ACCESS_KEY + TIMESTAMP + SECRET_KEY`
+
+1. **HTTP Method** : Refers to the GET, PUT, POST and other request methods 
defined in the HTTP protocol, and must be in all uppercase.
+2. **HTTP URI** : `HTTP URI` requirements must start with "/", those that do 
not start with "/" need to be added, and the empty path is "/".
+3. **canonical_query_string** :`canonical_query_string` is the result of 
encoding the `query` in the URL (`query` is the string "key1 = valve1 & key2 = 
valve2" after the "?" in the URL).
+
+> The coding steps are as follows:
+
+* Extract the `query` item in the URL, that is, the string "key1 = valve1 & 
key2 = valve2" after the "?" in the URL.
+* Split the `query` into several items according to the & separator, each item 
is in the form of key=value or only key.
+* Encoding each item after disassembly is divided into the following three 
situations.
+
+* When the item has only key, the conversion formula is UriEncode(key) + 
"=".
+* When the item is in the form of key=value, the conversion formula is in 
the form of UriEncode(key) + "=" + UriEncode(value). Here value can be an empty 
string.
+* After converting each item, sort by key in lexicographic order (ASCII 
code from small to large), and connect them with the & symbol to generate the 
corresponding canonical_query_string.

Review comment:
   ping @nic-chen 





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] membphis commented on a change in pull request #2192: feat: add AK/SK auth plugin

2020-09-15 Thread GitBox 


membphis commented on a change in pull request #2192:
URL: https://github.com/apache/apisix/pull/2192#discussion_r488557091



##
File path: apisix/plugins/hmac-auth.lua
##
@@ -0,0 +1,303 @@
+--
+-- Licensed to the Apache Software Foundation (ASF) under one or more
+-- contributor license agreements.  See the NOTICE file distributed with
+-- this work for additional information regarding copyright ownership.
+-- The ASF licenses this file to You under the Apache License, Version 2.0
+-- (the "License"); you may not use this file except in compliance with
+-- the License.  You may obtain a copy of the License at
+--
+-- http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing, software
+-- distributed under the License is distributed on an "AS IS" BASIS,
+-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+-- See the License for the specific language governing permissions and
+-- limitations under the License.
+--
+local ngx= ngx
+local type   = type
+local select = select
+local abs= math.abs
+local ngx_time   = ngx.time
+local ngx_re = require("ngx.re")
+local ngx_req= ngx.req
+local pairs  = pairs
+local ipairs = ipairs
+local hmac_sha1  = ngx.hmac_sha1
+local escape_uri = ngx.escape_uri
+local core   = require("apisix.core")
+local hmac   = require("resty.hmac")
+local consumer   = require("apisix.consumer")
+local ngx_decode_base64 = ngx.decode_base64
+
+local SIGNATURE_KEY = "X-HMAC-SIGNATURE"
+local ALGORITHM_KEY = "X-HMAC-ALGORITHM"
+local TIMESTAMP_KEY = "X-HMAC-TIMESTAMP"
+local ACCESS_KEY= "X-HMAC-ACCESS-KEY"
+local plugin_name   = "hmac-auth"
+
+local schema = {
+type = "object",
+oneOf = {
+{
+title = "work with consumer object",
+properties = {
+access_key = {type = "string", minLength = 1, maxLength = 256},
+secret_key = {type = "string", minLength = 1, maxLength = 256},
+algorithm = {
+type = "string",
+enum = {"hmac-sha1", "hmac-sha256", "hmac-sha512"},
+default = "hmac-sha256"
+},
+clock_skew = {
+type = "integer",
+default = 300
+}
+},
+required = {"access_key", "secret_key"},
+additionalProperties = false,
+},
+{
+title = "work with route or service object",
+properties = {},
+additionalProperties = false,
+}
+}
+}
+
+local _M = {
+version = 0.1,
+priority = 2530,
+type = 'auth',
+name = plugin_name,
+schema = schema,
+}
+
+local hmac_funcs = {
+["hmac-sha1"] = function(secret_key, message)
+return hmac_sha1(secret_key, message)
+end,
+["hmac-sha256"] = function(secret_key, message)
+return hmac:new(secret_key, hmac.ALGOS.SHA256):final(message)
+end,
+["hmac-sha512"] = function(secret_key, message)
+return hmac:new(secret_key, hmac.ALGOS.SHA512):final(message)
+end,
+}
+
+
+local function try_attr(t, ...)
+local tbl = t
+local count = select('#', ...)
+for i = 1, count do
+local attr = select(i, ...)
+tbl = tbl[attr]
+if type(tbl) ~= "table" then
+return false
+end
+end
+
+return true
+end
+
+
+local create_consumer_cache
+do
+local consumer_ids = {}
+
+function create_consumer_cache(consumers)
+core.table.clear(consumer_ids)
+
+for _, consumer in ipairs(consumers.nodes) do
+core.log.info("consumer node: ", core.json.delay_encode(consumer))
+consumer_ids[consumer.auth_conf.access_key] = consumer
+end
+
+return consumer_ids
+end
+
+end -- do
+
+
+function _M.check_schema(conf)
+core.log.info("input conf: ", core.json.delay_encode(conf))
+
+return core.schema.check(schema, conf)
+end
+
+
+local function get_consumer(access_key)
+if not access_key then
+return nil, {message = "missing access key"}
+end
+
+local consumer_conf = consumer.plugin(plugin_name)
+if not consumer_conf then
+return nil, {message = "Missing related consumer"}
+end
+
+local consumers = core.lrucache.plugin(plugin_name, "consumers_key",
+consumer_conf.conf_version,
+create_consumer_cache, consumer_conf)
+
+local consumer = consumers[access_key]
+if not consumer then
+return nil, {message = "Invalid access key"}
+end
+core.log.info("consumer: ", core.json.delay_encode(consumer))
+
+return consumer
+end
+
+
+local function generate_signature(ctx, secret_key, params)
+local canonical_uri = ctx.var.uri
+local canonical_query_string = ""
+local request_method = ngx_req.get_method()
+local args = ngx_req.get_uri_args()
+
+if

[GitHub] [apisix] xyz2b commented on issue #2176: request help: How to configure timeout settings?

2020-09-15 Thread GitBox 


xyz2b commented on issue #2176:
URL: https://github.com/apache/apisix/issues/2176#issuecomment-692622830


   ok, thanks



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] gy09535 edited a comment on pull request #2177: feature: support plugin for aliyun log service

2020-09-15 Thread GitBox 


gy09535 edited a comment on pull request #2177:
URL: https://github.com/apache/apisix/pull/2177#issuecomment-692061891


   > @gy09535 Apache APISIX already has the syslog plugin, can these two 
plugins be combined into one?
   
   For combined into one I think the aliyun has some special config, we should 
has different plugin to config it and I reference  tcp logger plugin to 
implement it, I think I can refactor tcp logger and sls logger plugin , change 
the common code into one module, For sys-logger plugin I think  some code  is 
duplicate , for example the batch processor has [retry]( 
https://github.com/apache/apisix/blob/master/apisix/plugins/syslog.lua#L179) 
the "resty.logger.socket" also has 
[retry](https://github.com/apache/apisix/blob/master/apisix/plugins/syslog.lua#L96)
 etc. so I prefer use cosocket .



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] gy09535 edited a comment on pull request #2177: feature: support plugin for aliyun log service

2020-09-15 Thread GitBox 


gy09535 edited a comment on pull request #2177:
URL: https://github.com/apache/apisix/pull/2177#issuecomment-692061891


   > @gy09535 Apache APISIX already has the syslog plugin, can these two 
plugins be combined into one?
   
   For combined into one I think the aliyun has some special config, we should 
has different plugin to config it and I reference  tcp logger plugin to 
implement it, I think I can refactor tcp logger and sls logger plugin , change 
the common code into one module, For syslog I think  some code  is duplicate , 
for example the batch processor has [retry]( 
https://github.com/apache/apisix/blob/master/apisix/plugins/syslog.lua#L179) 
the "resty.logger.socket" also has 
[retry](https://github.com/apache/apisix/blob/master/apisix/plugins/syslog.lua#L96)
 etc. so I prefer use cosocket .



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] tokers opened a new pull request #2233: change: check etcd cluster version when init_etcd

2020-09-15 Thread GitBox 


tokers opened a new pull request #2233:
URL: https://github.com/apache/apisix/pull/2233


   Signed-off-by: tokers 
   
   ### What this PR does / why we need it:
   
   
   
   ### Pre-submission checklist:
   
   * [ ] Did you explain what problem does this PR solve? Or what new features 
have been added?
   * [ ] Have you added corresponding test cases?
   * [ ] Have you modified the corresponding document?
   * [ ] Is this PR backward compatible?
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-dashboard] liuxiran commented on issue #470: Proposal: Health Checks for Upstream

2020-09-15 Thread GitBox 


liuxiran commented on issue #470:
URL: 
https://github.com/apache/apisix-dashboard/issues/470#issuecomment-692600340


   > hi @liuxiran, would you like to implement this feature (if you have free 
time)?
   
   yes, waiting for my pr :)(later this week)



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox 


moonming commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-692560517


   No, `YOUR_OWN_API_TOKEN` is just hint in doc, not api token itself.
   
   Thanks,
   Ming Wen
   Twitter: _WenMing
   
   
   YuanSheng Wang  于2020年9月15日周二 下午4:29写道:
   
   > *@membphis* commented on this pull request.
   > --
   >
   > In bin/apisix
   > :
   >
   > > +]]
   > +if type(default_conf.apisix.admin_key) ~= "table" or
   > +   #default_conf.apisix.admin_key == 0
   > +then
   > +io.stderr:write(help, "\n")
   > +os.exit(1)
   > +end
   > +
   > +for _, admin in ipairs(default_conf.apisix.admin_key) do
   > +if type(admin.key) == "table" then
   > +admin.key = ""
   > +else
   > +admin.key = tostring(admin.key)
   > +end
   > +
   > +if admin.key == "" or admin.key:gsub("*", "") == "" then
   >
   > In APISIX, the Admin API Key containing only * is invalid.
   > It is shadowy, but it works.
   >
   > If we use YOUR_OWN_API_TOKEN as Key, then we have to disable it here too.
   >
   > —
   > You are receiving this because you commented.
   > Reply to this email directly, view it on GitHub
   > , or
   > unsubscribe
   > 

   > .
   >
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on a change in pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


moonming commented on a change in pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#discussion_r488484438



##
File path: apisix/core/etcd.lua
##
@@ -44,24 +48,134 @@ end
 _M.new = new
 
 
+local function kvs_to_node(kvs)
+local node = {}
+node.key = kvs.key
+node.value = kvs.value
+node.createdIndex = tonumber(kvs.create_revision)
+node.modifiedIndex = tonumber(kvs.mod_revision)
+return node
+end
+
+local function kvs_to_nodes(res)
+res.body.node.dir = true
+res.body.node.nodes = {}
+for i=2, #res.body.kvs do
+res.body.node.nodes[i-1] = kvs_to_node(res.body.kvs[i])
+end
+return res
+end
+
+
+local function not_found(res)
+res.body.message = "Key not found"
+res.reason = "Not found"
+res.status = 404
+return res
+end
+
+
+function _M.get_format(res, realkey)
+if res.body.error == "etcdserver: user name is empty" then

Review comment:
   does etcd has error code with msg?

##
File path: apisix/core/etcd.lua
##
@@ -44,24 +48,134 @@ end
 _M.new = new
 
 
+local function kvs_to_node(kvs)
+local node = {}
+node.key = kvs.key
+node.value = kvs.value
+node.createdIndex = tonumber(kvs.create_revision)
+node.modifiedIndex = tonumber(kvs.mod_revision)
+return node
+end
+
+local function kvs_to_nodes(res)
+res.body.node.dir = true
+res.body.node.nodes = {}
+for i=2, #res.body.kvs do
+res.body.node.nodes[i-1] = kvs_to_node(res.body.kvs[i])
+end
+return res
+end
+
+
+local function not_found(res)
+res.body.message = "Key not found"
+res.reason = "Not found"
+res.status = 404
+return res
+end
+
+
+function _M.get_format(res, realkey)
+if res.body.error == "etcdserver: user name is empty" then
+return nil, "insufficient credentials code: 401"

Review comment:
   why not return `res.body.error`?

##
File path: apisix/core/etcd.lua
##
@@ -44,24 +48,134 @@ end
 _M.new = new
 
 
+local function kvs_to_node(kvs)
+local node = {}
+node.key = kvs.key
+node.value = kvs.value
+node.createdIndex = tonumber(kvs.create_revision)
+node.modifiedIndex = tonumber(kvs.mod_revision)
+return node
+end
+
+local function kvs_to_nodes(res)
+res.body.node.dir = true
+res.body.node.nodes = {}
+for i=2, #res.body.kvs do
+res.body.node.nodes[i-1] = kvs_to_node(res.body.kvs[i])
+end
+return res
+end
+
+
+local function not_found(res)
+res.body.message = "Key not found"
+res.reason = "Not found"
+res.status = 404
+return res
+end
+
+
+function _M.get_format(res, realkey)
+if res.body.error == "etcdserver: user name is empty" then
+return nil, "insufficient credentials code: 401"

Review comment:
   and do we need to deal with other error msg in `res.body.error`?

##
File path: apisix/core/etcd.lua
##
@@ -44,24 +49,144 @@ end
 _M.new = new
 
 
+local function kvs_to_node(kvs)
+local node = {}
+node.key = kvs.key
+node.value = kvs.value
+node.createdIndex = tonumber(kvs.create_revision)
+node.modifiedIndex = tonumber(kvs.mod_revision)
+return node
+end
+
+local function kvs_to_nodes(res, start_index)
+res.body.node.dir = true
+res.body.node.nodes = {}
+for i=start_index, #res.body.kvs do
+if start_index == 1 then
+res.body.node.nodes[i] = kvs_to_node(res.body.kvs[i])
+else
+res.body.node.nodes[i-1] = kvs_to_node(res.body.kvs[i])
+end
+end
+return res
+end
+
+
+local function not_found(res)
+res.body.message = "Key not found"
+res.reason = "Not found"
+res.status = 404
+return res
+end
+
+
+function _M.get_format(res, realkey)
+if res.body.error == "etcdserver: user name is empty" then
+return nil, "insufficient credentials code: 401"
+end
+
+res.headers["X-Etcd-Index"] = res.body.header.revision
+
+if not res.body.kvs then
+return not_found(res)
+end
+res.body.action = "get"
+
+res.body.node = kvs_to_node(res.body.kvs[1])
+-- kvs.value = nil, so key is root
+if type(res.body.kvs[1].value) == "userdata" or not res.body.kvs[1].value 
then
+-- remove last "/" when necesary
+if string.sub(res.body.node.key, -1, -1) == "/" then
+res.body.node.key = string.sub(res.body.node.key, 1, 
#res.body.node.key-1)
+end
+res = kvs_to_nodes(res, 2)
+-- key not match, so realkey is root
+elseif res.body.kvs[1].key ~= realkey then
+res.body.node.key = realkey
+res = kvs_to_nodes(res, 1)
+-- first is root (in v2, root not contains value), others are nodes
+elseif #res.body.kvs > 1 then
+res = kvs_to_nodes(res, 2)
+end
+
+res.body.kvs = nil
+return res, nil
+end
+
+
+function _M.watch_format(v3res)

Review comment:
   Need a more meaningful function name

[GitHub] [apisix] membphis commented on pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox 


membphis commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-692558053


   > I insist on this, if automatic generation token is not possible, I would 
rather not remove the default token
   
   I think they are two different questions. Let us discuss it in mail list.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Yiyiyimu commented on a change in pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


Yiyiyimu commented on a change in pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#discussion_r488485180



##
File path: apisix/core/config_etcd.lua
##
@@ -92,17 +105,29 @@ local function waitdir(etcd_cli, key, modified_index, 
timeout)
 return nil, nil, "not inited"
 end
 
-local res, err = etcd_cli:waitdir(key, modified_index, timeout)
+local opts = {}
+opts.start_revision = modified_index
+opts.timeout = timeout
+local res_fun, fun_err = etcd_cli:watchdir(key, opts)
+if not res_fun then
+return nil, fun_err
+end
+
+-- try twice to skip create info
+local res, err = res_fun()
+if not res or not res.result or not res.result.events then
+res, err = res_fun()
+end
+

Review comment:
   in etcd v3, the 1st response of watch is the success of watch creation, 
useless to us





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] membphis commented on a change in pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox 


membphis commented on a change in pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#discussion_r488483897



##
File path: bin/apisix
##
@@ -643,6 +643,34 @@ local function read_yaml_conf()
 merge_conf(default_conf, user_conf)
 end
 
+-- check the Admin API token
+if default_conf.apisix.enable_admin then
+local help = [[
+ERROR: missing valid apisix.admin_key
+
+You can call `]] .. arg[0] .. [[ gen_admin_key` to generate a new Admin API 
key or
+manually update the `conf/config.yaml` file.
+]]
+if type(default_conf.apisix.admin_key) ~= "table" or
+   #default_conf.apisix.admin_key == 0
+then
+io.stderr:write(help, "\n")
+os.exit(1)
+end
+
+for _, admin in ipairs(default_conf.apisix.admin_key) do
+if type(admin.key) == "table" then
+admin.key = ""
+else
+admin.key = tostring(admin.key)
+end
+
+if admin.key == "" or admin.key:gsub("*", "") == "" then

Review comment:
   In APISIX, the Admin API Key containing only `*` is invalid.
   It is shadowy, but it works.
   
   If we use `YOUR_OWN_API_TOKEN` as Key, then we have to disable it here too.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Yiyiyimu commented on a change in pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


Yiyiyimu commented on a change in pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#discussion_r488484262



##
File path: apisix/core/config_etcd.lua
##
@@ -92,17 +105,29 @@ local function waitdir(etcd_cli, key, modified_index, 
timeout)
 return nil, nil, "not inited"
 end
 
-local res, err = etcd_cli:waitdir(key, modified_index, timeout)
+local opts = {}
+opts.start_revision = modified_index
+opts.timeout = timeout
+local res_fun, fun_err = etcd_cli:watchdir(key, opts)

Review comment:
   fix. thx!





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Yiyiyimu commented on issue #2227: CLI: Check the etcd version in CLI. The version must be 3.4 or greater.

2020-09-15 Thread GitBox 


Yiyiyimu commented on issue #2227:
URL: https://github.com/apache/apisix/issues/2227#issuecomment-69218


   Sorry @tokers I just noticed you pick up this issue. I fixed it in the [new 
commit](https://github.com/apache/apisix/pull/2036/commits/58e8401a24ceed0313702903103ea4e608128021).
 But it would still be great if you could review it



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Firstsawyou commented on a change in pull request #2192: feat: add AK/SK auth plugin

2020-09-15 Thread GitBox 


Firstsawyou commented on a change in pull request #2192:
URL: https://github.com/apache/apisix/pull/2192#discussion_r488482999



##
File path: t/plugin/hmac-auth.t
##
@@ -0,0 +1,596 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+use t::APISIX 'no_plan';
+
+repeat_each(2);
+no_long_string();
+no_root_location();
+no_shuffle();
+run_tests;
+
+__DATA__
+
+=== TEST 1: add consumer with username and plugins
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/consumers',
+ngx.HTTP_PUT,
+[[{
+"username": "jack",
+"plugins": {
+"hmac-auth": {
+"access_key": "my-access-key",
+"secret_key": "my-secret-key"
+}
+}
+}]],
+[[{
+"node": {
+"value": {
+"username": "jack",
+"plugins": {
+"hmac-auth": {
+"access_key": "my-access-key",
+"secret_key": "my-secret-key",
+"algorithm": "hmac-sha256",
+"clock_skew": 300
+}
+}
+}
+},
+"action": "set"
+}]]
+)
+
+ngx.status = code
+ngx.say(body)
+}
+}
+--- request
+GET /t
+--- response_body
+passed
+--- no_error_log
+[error]
+
+
+
+=== TEST 2: add consumer with plugin hmac-auth - missing secret key
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/consumers',
+ngx.HTTP_PUT,
+[[{
+"username": "foo",
+"plugins": {
+"hmac-auth": {
+"access_key": "user-key"
+}
+}
+}]])
+
+ngx.status = code
+ngx.say(body)
+}
+}
+--- request
+GET /t
+--- error_code: 400
+--- response_body eval
+qr/\{"error_msg":"invalid plugins configuration: failed to check the 
configuration of plugin hmac-auth err: value should match only one schema, but 
matches none"\}/
+--- no_error_log
+[error]
+
+
+
+=== TEST 3: add consumer with plugin hmac-auth - missing access key
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/consumers',
+ngx.HTTP_PUT,
+[[{
+"username": "bar",
+"plugins": {
+"hmac-auth": {
+"secret_key": "skey"
+}
+}
+}]])
+
+ngx.status = code
+ngx.say(body)
+}
+}
+--- request
+GET /t
+--- error_code: 400
+--- response_body eval
+qr/\{"error_msg":"invalid plugins configuration: failed to check the 
configuration of plugin hmac-auth err: value should match only one schema, but 
matches none"\}/
+--- no_error_log
+[error]
+
+
+
+=== TEST 4: add consumer with plugin hmac-auth - access key exceeds the length 
limit
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/consumers',
+ngx.HTTP_PUT,
+[[{
+"username": "li",
+"plugins": {
+"hmac-auth": {
+"access_key":

[GitHub] [apisix] Yiyiyimu edited a comment on pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


Yiyiyimu edited a comment on pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#issuecomment-692553222


   > > one more thing, we need to check the `etcd` version in `bin/apisix`, 
confirm the `etcd` version `>= 3.4` .
   > 
   > we can fix this in a new PR, here is the related issue: #2227
   
   fix #2227



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Yiyiyimu commented on pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


Yiyiyimu commented on pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#issuecomment-692553222


   > > one more thing, we need to check the `etcd` version in `bin/apisix`, 
confirm the `etcd` version `>= 3.4` .
   > 
   > we can fix this in a new PR, here is the related issue: #2227
   
   fix #2227 in new commit



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] Firstsawyou commented on a change in pull request #2192: feat: add AK/SK auth plugin

2020-09-15 Thread GitBox 


Firstsawyou commented on a change in pull request #2192:
URL: https://github.com/apache/apisix/pull/2192#discussion_r488476189



##
File path: t/plugin/hmac-auth.t
##
@@ -0,0 +1,596 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+use t::APISIX 'no_plan';
+
+repeat_each(2);
+no_long_string();
+no_root_location();
+no_shuffle();
+run_tests;
+
+__DATA__
+
+=== TEST 1: add consumer with username and plugins
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/consumers',
+ngx.HTTP_PUT,
+[[{
+"username": "jack",
+"plugins": {
+"hmac-auth": {
+"access_key": "my-access-key",
+"secret_key": "my-secret-key"
+}
+}
+}]],
+[[{
+"node": {
+"value": {
+"username": "jack",
+"plugins": {
+"hmac-auth": {
+"access_key": "my-access-key",
+"secret_key": "my-secret-key",
+"algorithm": "hmac-sha256",
+"clock_skew": 300
+}
+}
+}
+},
+"action": "set"
+}]]
+)
+
+ngx.status = code
+ngx.say(body)
+}
+}
+--- request
+GET /t
+--- response_body
+passed
+--- no_error_log
+[error]
+
+
+
+=== TEST 2: add consumer with plugin hmac-auth - missing secret key
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/consumers',
+ngx.HTTP_PUT,
+[[{
+"username": "foo",
+"plugins": {
+"hmac-auth": {
+"access_key": "user-key"
+}
+}
+}]])
+
+ngx.status = code
+ngx.say(body)
+}
+}
+--- request
+GET /t
+--- error_code: 400
+--- response_body eval
+qr/\{"error_msg":"invalid plugins configuration: failed to check the 
configuration of plugin hmac-auth err: value should match only one schema, but 
matches none"\}/
+--- no_error_log
+[error]
+
+
+
+=== TEST 3: add consumer with plugin hmac-auth - missing access key
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/consumers',
+ngx.HTTP_PUT,
+[[{
+"username": "bar",
+"plugins": {
+"hmac-auth": {
+"secret_key": "skey"
+}
+}
+}]])
+
+ngx.status = code
+ngx.say(body)
+}
+}
+--- request
+GET /t
+--- error_code: 400
+--- response_body eval
+qr/\{"error_msg":"invalid plugins configuration: failed to check the 
configuration of plugin hmac-auth err: value should match only one schema, but 
matches none"\}/
+--- no_error_log
+[error]
+
+
+
+=== TEST 4: add consumer with plugin hmac-auth - access key exceeds the length 
limit
+--- config
+location /t {
+content_by_lua_block {
+local t = require("lib.test_admin").test
+local code, body = t('/apisix/admin/consumers',
+ngx.HTTP_PUT,
+[[{
+"username": "li",
+"plugins": {
+"hmac-auth": {
+"access_key":

[GitHub] [apisix] moonming commented on a change in pull request #2036: feature: support etcd v3, by mocking v2 API

2020-09-15 Thread GitBox 


moonming commented on a change in pull request #2036:
URL: https://github.com/apache/apisix/pull/2036#discussion_r487762501



##
File path: apisix/core/config_etcd.lua
##
@@ -92,17 +105,29 @@ local function waitdir(etcd_cli, key, modified_index, 
timeout)
 return nil, nil, "not inited"
 end
 
-local res, err = etcd_cli:waitdir(key, modified_index, timeout)
+local opts = {}
+opts.start_revision = modified_index
+opts.timeout = timeout
+local res_fun, fun_err = etcd_cli:watchdir(key, opts)
+if not res_fun then
+return nil, fun_err
+end
+
+-- try twice to skip create info
+local res, err = res_fun()
+if not res or not res.result or not res.result.events then
+res, err = res_fun()
+end
+

Review comment:
   why call `res_fun` twice? 

##
File path: utils/install-etcd.sh
##
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+wget 
https://github.com/etcd-io/etcd/releases/download/v3.4.0/etcd-v3.4.0-linux-amd64.tar.gz

Review comment:
   Just a suggestion, you can refer to the way of docker: 
https://github.com/apache/apisix/pull/2225/files#diff-65e6a3c4290328a0a57797b4cf3de4d2R39.
   we can not modify it in this PR

##
File path: apisix/core/config_etcd.lua
##
@@ -92,17 +105,29 @@ local function waitdir(etcd_cli, key, modified_index, 
timeout)
 return nil, nil, "not inited"
 end
 
-local res, err = etcd_cli:waitdir(key, modified_index, timeout)
+local opts = {}
+opts.start_revision = modified_index
+opts.timeout = timeout
+local res_fun, fun_err = etcd_cli:watchdir(key, opts)

Review comment:
   `fun` -> `func`





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-dashboard] moonming commented on issue #473: PluginModule: v2

2020-09-15 Thread GitBox 


moonming commented on issue #473:
URL: 
https://github.com/apache/apisix-dashboard/issues/473#issuecomment-692548163


   plugin categories and priority:
   - limit traffic: limit-req, limit-conn, limit-conn
   - observability: prometheus, skywalking, zipkin, request-id
   - security: ip-restriction,CORS, uri-blocker, Fault Injection, Request 
Validator
   - Authentications: key-auth, JWT, basic-auth, openid-connect, authz-keycloak
   - Log: kafka, http-logger, tcp-logger, udp-logger, syslog
   - others: proxy-cache, proxy-mirror, echo



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on issue #2232: request help: dashboard 404

2020-09-15 Thread GitBox 


moonming commented on issue #2232:
URL: https://github.com/apache/apisix/issues/2232#issuecomment-692539013


   Only 127.0.0.1 can access the dashboard by default,  you can modify the ip 
limit yourself



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on a change in pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox 


moonming commented on a change in pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#discussion_r488454473



##
File path: bin/apisix
##
@@ -643,6 +643,34 @@ local function read_yaml_conf()
 merge_conf(default_conf, user_conf)
 end
 
+-- check the Admin API token
+if default_conf.apisix.enable_admin then
+local help = [[
+ERROR: missing valid apisix.admin_key
+
+You can call `]] .. arg[0] .. [[ gen_admin_key` to generate a new Admin API 
key or
+manually update the `conf/config.yaml` file.
+]]
+if type(default_conf.apisix.admin_key) ~= "table" or
+   #default_conf.apisix.admin_key == 0
+then
+io.stderr:write(help, "\n")
+os.exit(1)
+end
+
+for _, admin in ipairs(default_conf.apisix.admin_key) do
+if type(admin.key) == "table" then
+admin.key = ""
+else
+admin.key = tostring(admin.key)
+end
+
+if admin.key == "" or admin.key:gsub("*", "") == "" then

Review comment:
   `*` is invalid, which is too shadowy





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] membphis commented on pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox 


membphis commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-692528591


   > why `**` is invalid? Is this hard-coded in the code?
   
   you can take a look at this source code in CLI:
   
   
https://github.com/apache/apisix/pull/2230/files#diff-62edadffc237f13dc28a694080d293a8R668
   
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] MrJLuo opened a new issue #2232: request help: dashboard 404

2020-09-15 Thread GitBox 


MrJLuo opened a new issue #2232:
URL: https://github.com/apache/apisix/issues/2232


   ### Issue description
   
![image](https://user-images.githubusercontent.com/24730937/93179490-51d82280-f768-11ea-94b1-b7128fa5718d.png)
   
![image](https://user-images.githubusercontent.com/24730937/93179554-67e5e300-f768-11ea-89c8-d82474560d97.png)
   
![image](https://user-images.githubusercontent.com/24730937/93179750-b2675f80-f768-11ea-9e63-b55ec5df2bdf.png)
   
   
   The nginx static resource file cannot be requested through the dashboard. 
How should nginx.conf be configured?
   ### Environment
   linux
   
   * apisix version (cmd: `apisix version`):v1.5
   
   * OS:linux
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix-dashboard] liuxiran commented on issue #474: Publish route failed

2020-09-15 Thread GitBox 


liuxiran commented on issue #474:
URL: 
https://github.com/apache/apisix-dashboard/issues/474#issuecomment-692525992


   something like mysql has not been updated, Will mysql be updated 
synchronously when the demo environment updated? @juzhiyuan 



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming opened a new pull request #2231: change: remove dashboard sub module.

2020-09-15 Thread GitBox 


moonming opened a new pull request #2231:
URL: https://github.com/apache/apisix/pull/2231


   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox 


moonming commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-692518089


   why `**` is invalid? Is this hard-coded in the code?
   
   Thanks,
   Ming Wen
   Twitter: _WenMing
   
   
   YuanSheng Wang  于2020年9月15日周二 下午3:15写道:
   
   > YOUR_OWN_API_TOKEN
   >
   > that is a bad name, because of the YOUR_OWN_API_TOKEN is a valid Admin
   > API key.
   >
   > the ** is a invalid Admin API key.
   >
   > valid config.yaml
   >
   > apisix:
   > admin_key:
   > -
   > name: "admin"
   > key:   YOUR_OWN_API_TOKEN # set your Admin API Key
   > role: admin
   >
   > invalid config.yaml
   >
   > apisix:
   > admin_key:
   > -
   > name: "admin"
   > key:   ** # set your Admin API Key
   > role: admin
   >
   > —
   > You are receiving this because you commented.
   > Reply to this email directly, view it on GitHub
   > , or
   > unsubscribe
   > 

   > .
   >
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] membphis commented on pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox 


membphis commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-692516876


   > YOUR_OWN_API_TOKEN
   
   that is a bad name, because of the `YOUR_OWN_API_TOKEN` is a valid Admin API 
key.
   
   the `**`  is a invalid Admin API key.
   
   > valid `config.yaml`
   
   ```yaml
   apisix:
   admin_key:
   -
   name: "admin"
   key:   YOUR_OWN_API_TOKEN # set your Admin API Key
   role: admin
   
   ```
   
   >  invalid `config.yaml`
   
   ```yaml
   apisix:
   admin_key:
   -
   name: "admin"
   key:   ** # set your Admin API Key
   role: admin
   
   ```



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox 


moonming commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-692515707


   I insist on this, if automatic generation token is not possible, I would
   rather not remove the default token
   
   Thanks,
   Ming Wen
   Twitter: _WenMing
   
   
   YuanSheng Wang  于2020年9月15日周二 下午3:07写道:
   
   > Users will encounter errors when running apisix start, and this
   > experience is bad.
   >
   > I think it is enough for now. We have told the user how to generate the
   > Admin API key.
   >
   > ./bin/apisix init
   > ERROR: missing valid apisix.admin_key
   >
   > You can call `./bin/apisix gen_admin_key` to generate a new Admin API key 
or
   > manually update the `conf/config.yaml` file.
   >
   > If you prefer to automatically generate tokens, we can fix it with another
   > new PR maybe.
   >
   > We need to discuss on the mailing list whether to automatically generate
   > tokens for users when APISIX starts.
   >
   > The main purpose of this PR is to remove all default tokens. The current
   > PR is already big. I hope this PR will merge as soon as possible instead of
   > being blocked here.
   >
   > —
   > You are receiving this because you commented.
   > Reply to this email directly, view it on GitHub
   > , or
   > unsubscribe
   > 

   > .
   >
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox 


moonming commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-692515133


   YOUR_OWN_API_TOKEN
   
   Thanks,
   Ming Wen
   Twitter: _WenMing
   
   
   YuanSheng Wang  于2020年9月15日周二 下午3:09写道:
   
   > *@membphis* commented on this pull request.
   > --
   >
   > In FAQ.md
   > :
   >
   > > @@ -80,7 +80,7 @@ An example, `foo.com/product/index.html?id=204=2` 
, gray release based on `i
   >
   >  here is the way:
   >  ```shell
   > -curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: 
edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
   > +curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: 
**' -X PUT -d '
   >
   > what is your advice?
   >
   > —
   > You are receiving this because you commented.
   > Reply to this email directly, view it on GitHub
   > , or
   > unsubscribe
   > 

   > .
   >
   



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] membphis edited a comment on pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox 


membphis edited a comment on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-692513326


   > Users will encounter errors when running `apisix start`, and this 
experience is bad.
   
   I think it is good enough for now. We have told the user how to generate the 
Admin API key.
   
   ```shell
   ./bin/apisix init
   ERROR: missing valid apisix.admin_key
   
   You can call `./bin/apisix gen_admin_key` to generate a new Admin API key or
   manually update the `conf/config.yaml` file.
   ```
   
   If you prefer to automatically generate tokens, we can fix it with another 
new PR maybe.
   
   We need to discuss on the mailing list whether to automatically generate 
tokens for users when APISIX starts.
   
   The main purpose of this PR is to remove all default tokens. The current PR 
is already big. I hope this PR will merge as soon as possible instead of being 
blocked here.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] membphis commented on a change in pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox 


membphis commented on a change in pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#discussion_r488435973



##
File path: FAQ.md
##
@@ -80,7 +80,7 @@ An example, `foo.com/product/index.html?id=204=2`, gray 
release based on `i
 
 here is the way:
 ```shell
-curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: 
edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: **' -X 
PUT -d '

Review comment:
   what is your advice?





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] membphis commented on pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox 


membphis commented on pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#issuecomment-692513326


   > Users will encounter errors when running `apisix start`, and this 
experience is bad.
   
   I think it is enough for now. We have told the user how to generate the 
Admin API key.
   
   ```shell
   ./bin/apisix init
   ERROR: missing valid apisix.admin_key
   
   You can call `./bin/apisix gen_admin_key` to generate a new Admin API key or
   manually update the `conf/config.yaml` file.
   ```
   
   If you prefer to automatically generate tokens, we can fix it with another 
new PR maybe.
   
   We need to discuss on the mailing list whether to automatically generate 
tokens for users when APISIX starts.
   
   The main purpose of this PR is to remove all default tokens. The current PR 
is already big. I hope this PR will merge as soon as possible instead of being 
blocked here.



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on issue #2227: CLI: Check the etcd version in CLI. The version must be 3.4 or greater.

2020-09-15 Thread GitBox 


moonming commented on issue #2227:
URL: https://github.com/apache/apisix/issues/2227#issuecomment-692510383


   sure, assigned to you @tokers 



This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [apisix] moonming commented on a change in pull request #2230: bug: removed default access token for Admin API

2020-09-15 Thread GitBox 


moonming commented on a change in pull request #2230:
URL: https://github.com/apache/apisix/pull/2230#discussion_r488430805



##
File path: FAQ.md
##
@@ -80,7 +80,7 @@ An example, `foo.com/product/index.html?id=204=2`, gray 
release based on `i
 
 here is the way:
 ```shell
-curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: 
edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: **' -X 
PUT -d '

Review comment:
   `**` is not a good hint for user.





This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

  1   2   >