[GitHub] [apisix] Revolyssup commented on pull request #9936: feat: remove rust dependency by rollback lua-resty-ldap on master
Revolyssup commented on PR #9936: URL: https://github.com/apache/apisix/pull/9936#issuecomment-1663332659 ![ldap](https://github.com/apache/apisix/assets/43276904/cd1d95b9-f593-47bc-a21e-68c7614806c7) @Sn0rt @monkeyDluffy6017 As you can see, a lot of features/fixes have been added after 0.1.0. And most importantly the client module was abstracted so the API changed a little, which means the code would need to be refactored as per the older version. The older version didn't have client.lua. What should I do here? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] riverwoo closed issue #1912: request help: Kubernetes deploy APISIX, Apisix-ingress-Controller appears a lot of error
riverwoo closed issue #1912: request help: Kubernetes deploy APISIX, Apisix-ingress-Controller appears a lot of error URL: https://github.com/apache/apisix-ingress-controller/issues/1912 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] sanjivkamate commented on issue #9928: help request: Dynamic routing based on HTTP_STATUS from first API
sanjivkamate commented on issue #9928: URL: https://github.com/apache/apisix/issues/9928#issuecomment-1663299287 > Hi @chilcano , Please let me know how did you make this plugin work? I am getting below while starting apisix and configuring the same in config.yaml 2023/08/02 02:15:02 [error] 1743857#1743857: init_by_lua error: error loading module 'socket.core' from file '/usr/local/apisix/apisix/plugins/custom/pipeline-request.lua': /usr/local/apisix/apisix/plugins/custom/pipeline-request.lua: invalid ELF header stack traceback: [C]: at 0x7fb18658e130 [C]: in function 'require' /usr/local/apisix//deps/share/lua/5.1/socket.lua:12: in main chunk [C]: in function 'require' /usr/local/apisix/apisix/patch.lua:20: in main chunk [C]: in function 'require' /usr/local/apisix/apisix/init.lua:28: in main chunk [C]: in function 'require' init_by_lua:3: in main chunk My configuration in config.yaml apisix: extra_lua_path: "/usr/local/apisix/custom/apisix/plugins/pipeline-request.lua" plugins: - pipeline-request -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] qihaiyan opened a new issue, #9959: bug: stringx.strip using wrong index if # > 200
qihaiyan opened a new issue, #9959: URL: https://github.com/apache/apisix/issues/9959 ### Current Behavior String won't be striped correctly if length > 200. the penlight version 1.9.2-1 used by apisix has this bug, and was fixed in 1.10.0 so maybe we should update penlight to the latest version in rockspeck. ### Expected Behavior _No response_ ### Error Logs _No response_ ### Steps to Reproduce use stringx.strip in any plugin's code. ### Environment - APISIX version (run `apisix version`): 3.3.0 - Operating system (run `uname -a`): ubuntu - OpenResty / Nginx version (run `openresty -V` or `nginx -V`): 1.21.4.1 - etcd version, if relevant (run `curl http://127.0.0.1:9090/v1/server_info`): 3.5.7 - APISIX Dashboard version, if relevant: - Plugin runner version, for issues related to plugin runners: - LuaRocks version, for installation issues (run `luarocks --version`): -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] shreemaan-abhishek commented on pull request #9936: feat: remove rust dependency by rollback lua-resty-ldap on master
shreemaan-abhishek commented on PR #9936: URL: https://github.com/apache/apisix/pull/9936#issuecomment-1663290697 @monkeyDluffy6017, right now everything is fine CI works well why do we need to remove rust dependency at the first place? cc: @Sn0rt -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] shreemaan-abhishek commented on a diff in pull request #9927: chore(ci): automate management of unresponded issues
shreemaan-abhishek commented on code in PR #9927: URL: https://github.com/apache/apisix/pull/9927#discussion_r1282642634 ## .github/workflows/remove-wait-for-update-label.yml: ## Review Comment: done -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] monkeyDluffy6017 commented on pull request #9926: chore: remove check of OpenResty in code because APISIX can not start when using an old version of OpenResty
monkeyDluffy6017 commented on PR #9926: URL: https://github.com/apache/apisix/pull/9926#issuecomment-1663282815 > ok,but i wonder if we use the master branch code with apisix-base version lower than 1.21 after PR #9913,can we start the apisix successfully? I'm not sure. Maybe we should check the versions of dependencies (apisix-base etc) when installing APISIX. Each version of APSIX has its corresponding dependencies. And after that we could remove these code. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] jiangfucheng commented on issue #9951: bug: route 404 after upgrade to 3.2.2
jiangfucheng commented on issue #9951: URL: https://github.com/apache/apisix/issues/9951#issuecomment-1663281568 @monkeyDluffy6017 @kingluo Hi, could you help take a look at this issue, I don't have enough time to process this issue in a timely manner. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] tao12345666333 closed issue #1849: bug: Cron CI judgment logic problem
tao12345666333 closed issue #1849: bug: Cron CI judgment logic problem URL: https://github.com/apache/apisix-ingress-controller/issues/1849 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] tao12345666333 commented on issue #1912: request help: Kubernetes deploy APISIX, Apisix-ingress-Controller appears a lot of error
tao12345666333 commented on issue #1912: URL: https://github.com/apache/apisix-ingress-controller/issues/1912#issuecomment-1663276126 NO. If you use APISIX Ingress, the only reliable source of configuration is declarative configuration. The APISIX Dashboard should be set as view mode. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] wklken commented on issue #9951: bug: route 404 after upgrade to 3.2.2
wklken commented on issue #9951: URL: https://github.com/apache/apisix/issues/9951#issuecomment-1663267850 @jiangfucheng can you please raise the level of this bug? Version 3.2.2/3.4.0/3.4.1 may all be affected(if it's related to #9456), especially if deploy or upgrade in a production environment. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] ronething commented on pull request #9926: chore: remove check of OpenResty in code because APISIX can not start when using an old version of OpenResty
ronething commented on PR #9926: URL: https://github.com/apache/apisix/pull/9926#issuecomment-1663265041 > I think you misunderstood this pr: https://github.com/apache/apisix/pull/9913. > > Its purpose is to remove the check of the compatibility between APISIX and openresty, because we use apisix-base instead. > > And we still have apisix-base that lower than 1.19.9.1, so i think we should keep these code ok,but i wonder if we use the master branch code with apisix-base version lower than 1.21 after PR #9913,can we start the apisix successfully? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] AlinsRan opened a new pull request, #9958: fix(ci): update expired ldap certificates
AlinsRan opened a new pull request, #9958: URL: https://github.com/apache/apisix/pull/9958 ### Description Fixes # (issue) ### Checklist - [ ] I have explained the need for this PR and the problem it solves - [ ] I have explained the changes or the new features added to this PR - [ ] I have added tests corresponding to this change - [ ] I have updated the documentation to reflect this change - [ ] I have verified that this change is backward compatible (If not, please discuss on the [APISIX mailing list](https://github.com/apache/apisix/tree/master#community) first) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] monkeyDluffy6017 commented on a diff in pull request #9927: chore(ci): automate management of unresponded issues
monkeyDluffy6017 commented on code in PR #9927: URL: https://github.com/apache/apisix/pull/9927#discussion_r1282613816 ## .github/workflows/remove-wait-for-update-label.yml: ## Review Comment: I think you should rename this file? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] wklken commented on issue #9366: bug: Adding routes to a Radix Tree in a different order can lead to the same URL matching the first added route instead of the longest path match
wklken commented on issue #9366: URL: https://github.com/apache/apisix/issues/9366#issuecomment-1663250854 https://github.com/TencentBlueKing/blueking-apigateway-operator/blob/60f0cd4c1ea59b169ba47e55b23a6af8d2dabf8c/pkg/commiter/conversion/resource.go#L61C6-L61C40 we set the `priority` to fix the issue; make it act like `the longest path match` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] monkeyDluffy6017 commented on pull request #9926: chore: remove check of OpenResty in code because APISIX can not start when using an old version of OpenResty
monkeyDluffy6017 commented on PR #9926: URL: https://github.com/apache/apisix/pull/9926#issuecomment-1663248093 I think you misunderstood this pr: https://github.com/apache/apisix/pull/9913. Its purpose is to remove the check of the compatibility between APISIX and openresty, because we use apisix-base instead. And we still have versions of apisix-base that lower than 1.19.9.1, so i think we should keep these code -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] Revolyssup commented on issue #9528: bug: grpc response leads to core dump
Revolyssup commented on issue #9528: URL: https://github.com/apache/apisix/issues/9528#issuecomment-1663246531 Fixed here https://github.com/api7/grpc-client-nginx-module/issues/69. This will be fixed by next version of grpc-client-nginx-module -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] fleashiro commented on issue #9614: feat: As a user, I want the opentelemetry plugin add support for configuring service_name via an additional attribute in the opentelemetry plugin.
fleashiro commented on issue #9614: URL: https://github.com/apache/apisix/issues/9614#issuecomment-1663238766 @Sn0rt Sorry for delayed response. To enhance this plugin, my main goal is to integrate the collector configuration directly into the plugin's attributes. Currently, the collector can only be configured using YAML, as explained in the [opentelemetry documentation](https://apisix.apache.org/docs/apisix/plugins/opentelemetry/#configuring-the-collector). To implement this feature: 1. Add the collector fields to the plugins's schema 2. Modify the create_tracer_obj (found at [opentelemetry.lua](https://github.com/apache/apisix/blob/master/apisix/plugins/opentelemetry.lua#L232C28-L232C28)) Function: If the conf.collector fields are available, use the values provided by the user; otherwise, fall back to default yaml values. ``` local function create_tracer_obj(conf) -- Set default values local default_address = plugin_info.collector.address local default_timeout = plugin_info.collector.request_timeout local default_headers = plugin_info.collector.request_headers -- Override defaults with values from the conf table if available local address = conf.collector and conf.collector.address or default_address local request_timeout = conf.collector and conf.collector.request_timeout or default_timeout local request_headers = conf.collector and conf.collector.request_headers or default_headers -- create exporter local exporter = otlp_exporter_new(exporter_client_new(address, request_timeout, request_headers)) -- Rest of the function code ... ``` 3. Add test cases -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] monkeyDluffy6017 commented on pull request #9936: feat: remove rust dependency by rollback lua-resty-ldap on master
monkeyDluffy6017 commented on PR #9936: URL: https://github.com/apache/apisix/pull/9936#issuecomment-1663237701 @Revolyssup please fix the ci -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] monkeyDluffy6017 commented on pull request #9936: feat: remove rust dependency by rollback lua-resty-ldap on master
monkeyDluffy6017 commented on PR #9936: URL: https://github.com/apache/apisix/pull/9936#issuecomment-1663237506 @shreemaan-abhishek What's your opinion? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] monkeyDluffy6017 commented on a diff in pull request #9909: fix: worker not exited when executing quit or reload command
monkeyDluffy6017 commented on code in PR #9909: URL: https://github.com/apache/apisix/pull/9909#discussion_r1282599477 ## apisix/core/config_etcd.lua: ## @@ -188,9 +190,43 @@ local function run_watch(premature) ::watch_event:: while true do -local res, err = res_func() -if log_level >= NGX_INFO then -log.info("res_func: ", inspect(res)) +local res +local sema, err = semaphore.new() +if not sema then +log.error("create sema failed", err) +goto watch_event +end + +local get_res_th = ngx_thread_spawn(function () Review Comment: How long do you think is appropriate? 1s? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] kayx23 opened a new issue, #9957: bug: runtime error with `proxy-cache` plugin when using in memory caching without specifying the `memory_cache` zone
kayx23 opened a new issue, #9957: URL: https://github.com/apache/apisix/issues/9957 ### Current Behavior This issue summurizes https://github.com/apache/apisix/issues/8719 which was reported for the same behaviour. Specifically, if you configure `proxy-cache` plugin with ONLY `"cache_strategy": "memory"`, you get a `500 Internal Server Error` with the following logs: ```text [error] 128#128: *7943331 lua entry thread aborted: runtime error: ./apisix/plugins/proxy-cache/memory.lua:47: attempt to index field 'dict' (a nil value) stack traceback: coroutine 0: ./apisix/plugins/proxy-cache/memory.lua: in function 'get' ./apisix/plugins/proxy-cache/memory_handler.lua:204: in function 'phase_func' ./apisix/plugin.lua:1099: in function 'run_plugin' ./apisix/init.lua:674: in function 'http_access_phase' access_by_lua(nginx.conf:340):2: in main chunk, client: 192.168.112.1, server: _, request: "POST /api HTTP/1.1", host: "127.0.0.1:9080" ``` The correct usage is to configure `"cache_strategy": "memory"`with "cache_zone": "memory_cache" (or any other customized memory cache zones defined in `config.yaml`), such as the below: ```json "proxy-cache": { "cache_strategy": "memory", "cache_zone": "memory_cache" } ``` ### Expected Behavior If a user incorrectly configure just the `"cache_strategy": "memory"` without specifying a memory zone, the program should return an error message to help users identify the issue, instead of crashing like the current behaviour. ### Error Logs _No response_ ### Steps to Reproduce - ### Environment APISIX version (run `apisix version`): 3.4.0 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] AlinsRan opened a new pull request, #9956: chore(ci): using apisix-base in ubuntu ci
AlinsRan opened a new pull request, #9956: URL: https://github.com/apache/apisix/pull/9956 ### Description Fixes # (issue) ### Checklist - [ ] I have explained the need for this PR and the problem it solves - [ ] I have explained the changes or the new features added to this PR - [ ] I have added tests corresponding to this change - [ ] I have updated the documentation to reflect this change - [ ] I have verified that this change is backward compatible (If not, please discuss on the [APISIX mailing list](https://github.com/apache/apisix/tree/master#community) first) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] wklken commented on issue #9951: bug: route 404 after upgrade to 3.2.2
wklken commented on issue #9951: URL: https://github.com/apache/apisix/issues/9951#issuecomment-1663203495 after register the route+service, got 404 > curl 'http://127.0.0.1:9180/apisix/admin/services/eee.prod.stage-20' -H 'X-API-KEY: eex3P86cLLSlAOagO1em3FADrRXhMR2c' | jq ``` { "key": "/bk-gateway-apisix/services/eee.prod.stage-20", "modifiedIndex": 437855, "value": { "labels": { "gateway.bk.tencent.com/stage": "prod", "gateway.bk.tencent.com/gateway": "eee" }, "update_time": 1691028294, ``` the modifiedIndex is `437855` and the log, `/watch` start_revisions is `437868`, so at that time, the apisix has no newest configdata, and will never know the changes until reload/restart ``` 2023/08/03 02:10:04 [info] 37#37: *19 [lua] v3.lua:852: request_chunk(): http request method: POST path: /watch body: {"create_request":{"range_end":"L2JrLWdhdGV3YXktYXBpc2l4MA==","key":"L2JrLWdhdGV3YXktYXBpc2l4Lw==","start_revision":437868}} query: nil, context: ngx.timer 2023/08/03 02:10:04 [info] 37#37: *19 [lua] config_etcd.lua:193: res_func: { result = { created = true, header = { cluster_id = "3892788201713343575", member_id = "12985827509394625062", raft_term = "57", revision = "437868" } } }, context: ngx.timer ``` and I add another route+service, 404; ``` 2023/08/03 02:22:05 [info] 40#40: *40 [lua] config_etcd.lua:193: res_func: nil, context: ngx.timer 2023/08/03 02:22:05 [info] 40#40: *40 [lua] config_etcd.lua:107: cancel_watch(): cancel watch connection success, context: ngx.timer 2023/08/03 02:22:05 [info] 40#40: *40 [lua] config_etcd.lua:181: restart watchdir: start_revision=437886, context: ngx.timer 2023/08/03 02:22:05 [info] 37#37: *28877 epoll_wait() reported that client prematurely closed connection, so upstream connection is closed too while reading upstream, client: unix:, server: , request: "POST /v3/watch HTTP/1.1", upstream: "http://1.1.1.1:2379/v3/watch;, host: "127.0.0.1" 2023/08/03 02:22:05 [info] 40#40: *40 [lua] v3.lua:76: choose_endpoint(): choose endpoint: http://127.0.0.1:2379, context: ngx.timer 2023/08/03 02:22:05 [info] 37#37: *19 [lua] config_etcd.lua:193: res_func: nil, context: ngx.timer 2023/08/03 02:22:05 [info] 37#37: *19 [lua] config_etcd.lua:107: cancel_watch(): cancel watch connection success, context: ngx.timer 2023/08/03 02:22:05 [info] 37#37: *19 [lua] config_etcd.lua:181: restart watchdir: start_revision=437886, context: ngx.timer 2023/08/03 02:22:05 [info] 37#37: *19 [lua] v3.lua:76: choose_endpoint(): choose endpoint: http://127.0.0.1:2379, context: ngx.timer 2023/08/03 02:22:05 [info] 37#37: *29656 [lua] client.lua:123: dns_parse(): dns resolve bk-apigateway-etcd, result: {"class":1,"address":"1.1.1.1","section":1,"name":"bk-apigateway-etcd.default.svc.cluster.local","ttl":30,"type":1}, client: unix:, server: , request: "POST /v3/watch HTTP/1.1", host: "127.0.0.1" 2023/08/03 02:22:05 [info] 37#37: *29656 [lua] resolver.lua:84: parse_domain(): parse addr: {"class":1,"section":1,"address":"1.1.1.1","name":"bk-apigateway-etcd.default.svc.cluster.local","ttl":30,"type":1}, client: unix:, server: , request: "POST /v3/watch HTTP/1.1", host: "127.0.0.1" 2023/08/03 02:22:05 [info] 37#37: *29656 [lua] resolver.lua:85: parse_domain(): resolver: ["10.96.0.10"], client: unix:, server: , request: "POST /v3/watch HTTP/1.1", host: "127.0.0.1" 2023/08/03 02:22:05 [info] 37#37: *29656 [lua] resolver.lua:86: parse_domain(): host: bk-apigateway-etcd, client: unix:, server: , request: "POST /v3/watch HTTP/1.1", host: "127.0.0.1" 2023/08/03 02:22:05 [info] 37#37: *29656 [lua] resolver.lua:88: parse_domain(): dns resolver domain: bk-apigateway-etcd to 1.1.1.1, client: unix:, server: , request: "POST /v3/watch HTTP/1.1", host: "127.0.0.1" 2023/08/03 02:22:05 [info] 37#37: *29589 epoll_wait() reported that client prematurely closed connection, so upstream connection is closed too while reading upstream, client: unix:, server: , request: "POST /v3/watch HTTP/1.1", upstream: "http://1.1.1.1:2379/v3/watch;, host: "127.0.0.1" 2023/08/03 02:22:05 [info] 37#37: *30892 [lua] client.lua:123: dns_parse(): dns resolve bk-apigateway-etcd, result: {"class":1,"address":"1.1.1.1","section":1,"name":"bk-apigateway-etcd.default.svc.cluster.local","ttl":30,"type":1}, client: unix:, server: , request: "POST /v3/watch HTTP/1.1", host: "127.0.0.1" 2023/08/03 02:22:05 [info] 37#37: *30892 [lua] resolver.lua:84: parse_domain(): parse addr: {"class":1,"section":1,"address":"1.1.1.1","name":"bk-apigateway-etcd.default.svc.cluster.local","ttl":30,"type":1}, client: unix:, server: , request: "POST /v3/watch HTTP/1.1", host: "127.0.0.1" 2023/08/03 02:22:05 [info] 37#37: *30892 [lua] resolver.lua:85: parse_domain(): resolver: ["10.96.0.10"],
[GitHub] [apisix] shreemaan-abhishek commented on issue #9928: help request: Dynamic routing based on HTTP_STATUS from first API
shreemaan-abhishek commented on issue #9928: URL: https://github.com/apache/apisix/issues/9928#issuecomment-1663199849 > 1. What libraries are available in each phase? Can't list them all but it's logical thinking: _you cannot modify the response headers even before the HTTP request is sent to the upstream_, does it makes sense? > 2. If only some libraries are accessible in each phase, how I can chain the execution of 2 plugins where the response of the 1st plugin is available in the 2nd plugin I don't have an answer right now, let me think of something. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] darkSheep404 commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
darkSheep404 commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1663185895 > 不出意外,我是没有权限往你的分支推送commit. 给你分枝发送PR, 不如将你的 分支 fork 回来, 在你的 HEAD 上添加 commit . 我今天来处理一下这个PR. 我刚刚尝试 邀请你到我fork的那个github仓库 不知道是否可行 不过按你的方式处理也可以 有需要帮助的地方艾特我就好 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] lakewatcher commented on issue #9527: bug: runtime error: /usr/local/apisix/apisix/discovery/nacos/init.lua:361: attempt to index upvalue 'applications' (a nil value)
lakewatcher commented on issue #9527: URL: https://github.com/apache/apisix/issues/9527#issuecomment-1663174682 > @lakewatcher If you get the error multiple times even after few of the requests succeed. Can you check if all the error come from the same nginx worker process. The process id can be found at the beginning of log like `[error] #` @Revolyssup ![image](https://github.com/apache/apisix/assets/27823963/1c372f85-3aa1-4c51-aeca-f2ea1450078b) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[apisix-ingress-controller] branch master updated: chore: remove support for Ingress in the extensions/v1beta1 API version (#1840)
This is an automated email from the ASF dual-hosted git repository. zhangjintao pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/apisix-ingress-controller.git The following commit(s) were added to refs/heads/master by this push: new 3fa789df chore: remove support for Ingress in the extensions/v1beta1 API version (#1840) 3fa789df is described below commit 3fa789df1fdf996b7dcac806633b076432581ce4 Author: Jintao Zhang AuthorDate: Thu Aug 3 09:27:40 2023 +0800 chore: remove support for Ingress in the extensions/v1beta1 API version (#1840) Signed-off-by: Jintao Zhang --- cmd/ingress/ingress.go | 7 - pkg/config/config.go | 2 +- pkg/kube/ingress.go| 65 ++--- pkg/providers/controller.go| 15 +- pkg/providers/ingress/ingress.go | 45 +- pkg/providers/ingress/ingress_test.go | 40 -- pkg/providers/ingress/translation/translator.go| 151 pkg/providers/utils/ingress_status.go | 43 -- pkg/providers/utils/ingress_status_test.go | 72 -- test/e2e/suite-annotations/authorization.go| 92 - test/e2e/suite-annotations/cors.go | 85 test/e2e/suite-annotations/csrf.go | 54 test/e2e/suite-annotations/forward_auth.go | 43 +- test/e2e/suite-annotations/http_method.go | 70 -- test/e2e/suite-annotations/iprestriction.go| 58 test/e2e/suite-annotations/plugin_conifg.go| 29 test/e2e/suite-annotations/redirect.go | 95 - test/e2e/suite-annotations/response_rewrite.go | 99 -- test/e2e/suite-annotations/rewrite.go | 59 test/e2e/suite-annotations/svc_namespace.go| 78 --- test/e2e/suite-annotations/upstreamprotocol.go | 33 - test/e2e/suite-annotations/websocket.go| 84 test/e2e/suite-chore/consistency.go| 54 .../suite-ingress-resource/ingress.go | 152 + 24 files changed, 22 insertions(+), 1503 deletions(-) diff --git a/cmd/ingress/ingress.go b/cmd/ingress/ingress.go index 638a4ddd..03666b9d 100644 --- a/cmd/ingress/ingress.go +++ b/cmd/ingress/ingress.go @@ -80,13 +80,6 @@ For Kubernetes cluster version older than v1.19.0, you should always set the --i --kubeconfig /path/to/kubeconfig \ --ingress-version networking/v1beta1 -If your Kubernetes cluster version is prior to v1.14+, only ingress.extensions/v1beta1 can be used. - -apisix-ingress-controller ingress \ - --default-apisix-cluster-base-url http://apisix-service:9180/apisix/admin \ - --kubeconfig /path/to/kubeconfig \ - --ingress-version extensions/v1beta1 - If you run apisix-ingress-controller outside the Kubernetes cluster, --kubeconfig option (or kubeconfig item in configuration file) should be specified explicitly, or if you run it inside cluster, leave it alone and in-cluster configuration will be discovered and used. diff --git a/pkg/config/config.go b/pkg/config/config.go index 0b31f87f..c164affa 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -207,7 +207,7 @@ func (cfg *Config) Validate() error { return errors.New("apisix base url is required") } switch cfg.Kubernetes.IngressVersion { - case IngressNetworkingV1, IngressNetworkingV1beta1, IngressExtensionsV1beta1: + case IngressNetworkingV1, IngressNetworkingV1beta1: break default: return errors.New("unsupported ingress version") diff --git a/pkg/kube/ingress.go b/pkg/kube/ingress.go index 84b7ba31..91e2e11d 100644 --- a/pkg/kube/ingress.go +++ b/pkg/kube/ingress.go @@ -17,11 +17,9 @@ package kube import ( "errors" - extensionsv1beta1 "k8s.io/api/extensions/v1beta1" networkingv1 "k8s.io/api/networking/v1" networkingv1beta1 "k8s.io/api/networking/v1beta1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - listersextensionsv1beta1 "k8s.io/client-go/listers/extensions/v1beta1" listersnetworkingv1 "k8s.io/client-go/listers/networking/v1" listersnetworkingv1beta1 "k8s.io/client-go/listers/networking/v1beta1" ) @@ -31,8 +29,6 @@ const ( IngressV1 = "networking/v1" // IngressV1beta1 represents the Ingress in networking/v1beta1 group version. IngressV1beta1 = "networking/v1beta1" - // IngressExtensionsV1beta1 represents the Ingress in extensions/v1beta1 group version. - IngressExtensionsV1beta1 = "extensions/v1beta1" ) // IngressLister is an encapsulation for the lister of Kubernetes @@ -42,8 +38,6 @@ type IngressLister interface { V1(string, string) (Ingress, error)
[GitHub] [apisix-ingress-controller] tao12345666333 closed issue #1839: NOTICE: remove support for Ingress in the extensions/v1beta1 API version
tao12345666333 closed issue #1839: NOTICE: remove support for Ingress in the extensions/v1beta1 API version URL: https://github.com/apache/apisix-ingress-controller/issues/1839 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-ingress-controller] tao12345666333 merged pull request #1840: chore: remove support for Ingress in the extensions/v1beta1 API version
tao12345666333 merged PR #1840: URL: https://github.com/apache/apisix-ingress-controller/pull/1840 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] Sn0rt commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
Sn0rt commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1663148005 不出意外,我是没有权限往你的分支推送commit. 给你分枝发送PR, 不如将你的 分支 fork 回来, 在你的 HEAD 上添加 commit . 我今天来处理一下这个PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] wklken commented on issue #9951: bug: route 404 after upgrade to 3.2.2
wklken commented on issue #9951: URL: https://github.com/apache/apisix/issues/9951#issuecomment-1663120425 I run the apisix in k8s, the etcd address is a service(bitnami etcd helm chart) And I set `timeout` to `120` ```yaml deployment: role: traditional role_traditional: config_provider: etcd etcd: host: - "http://apigateway-etcd:2379; timeout: 120 prefix: /gateway-apisix user: root password: ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] chilcano commented on issue #9928: help request: Dynamic routing based on HTTP_STATUS from first API
chilcano commented on issue #9928: URL: https://github.com/apache/apisix/issues/9928#issuecomment-1662182931 Thanks @shreemaan-abhishek for sharing this information. Definitely, I'm missing out something in my code. __Questions:__ __1. What libraries are available in each phase?.__ I changed the plugin phase from `_M.access()` to `_M.header_filter()` and now I'm having this error when the plugin is being executed. ```sh .. 2023/08/02 11:21:15 [error] 51#51: *4647263 failed to run header_filter_by_lua*: /usr/local/apisix/apisix/patch.lua:372: API disabled in the context of header_filter_by_lua* stack traceback: [C]: in function 'error' /usr/local/openresty/lualib/resty/core/socket/tcp.lua:271: in function 'original_tcp' /usr/local/apisix/apisix/patch.lua:372: in function 'ngx_socket_tcp' /usr/local/apisix//deps/share/lua/5.1/resty/http.lua:133: in function 'new' /opt/apisix/plugins/api2-plugin.lua:41: in function 'make_request_to_url' /opt/apisix/plugins/api2-plugin.lua:123: in function 'phase_func' /usr/local/apisix/apisix/plugin.lua:1134: in function 'common_phase' /usr/local/apisix/apisix/init.lua:760: in function 'http_header_filter_phase' header_filter_by_lua:2: in main chunk, client: 172.19.0.1, server: _, request: "GET /mychainedapi/hello HTTP/1.1", host: "127.0.0.1:9080" ... ``` This means there are not libraries available in that phase. If so, what libraries can be used there? __2. If only some libraries are accessible in each phase, how I can chain the execution of 2 plugins where the response of the 1st plugin is available in the 2nd plugin__ Each plugin (api1-plugin and api2-plugin) call external Endpoint URL Any idea is welcome. Regards. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] darkSheep404 commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
darkSheep404 commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1662135273 > > hi @Sn0rt 我更新了插件的schema 但是说来惭愧 我的工作pc是Windows,且因为公司网络原因 make deps时 需要从 github下载依赖时 会有网络问题 (我们工作中使用apisix是直接跑的docker 镜像文件) > > 可以麻烦你帮我运行一下格式化命令? 我再对应做修改吗? > > 可以, 我将会在你 commit 之后添加 commit 来完善你的需求. 需要先关闭这个 PR, 重新开一个. 需要我先关闭这个PR吗 或者你可以在我fork仓库的对应分钟再commit一次然后push到我这个分支 ? 这样应该也会自动更新到这个PR内 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] Sn0rt commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
Sn0rt commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1662118778 > hi @Sn0rt 我更新了插件的schema 但是说来惭愧 我的工作pc是Windows,且因为公司网络原因 make deps时 需要从 github下载依赖时 会有网络问题 (我们工作中使用apisix是直接跑的docker 镜像文件) > > 可以麻烦你帮我运行一下格式化命令? 我再对应做修改吗? 可以, 我将会在你 commit 之后添加 commit 来完善你的需求. 需要先关闭这个 PR, 重新开一个. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] monkeyDluffy6017 commented on a diff in pull request #9903: feat: support host level dynamic setting of tls protocol version
monkeyDluffy6017 commented on code in PR #9903: URL: https://github.com/apache/apisix/pull/9903#discussion_r1281813886 ## apisix/init.lua: ## @@ -178,11 +178,31 @@ end function _M.http_ssl_phase() +local ok, err = router.router_ssl.set(ngx.ctx.matched_ssl) +if not ok then +if err then +core.log.error("failed to fetch ssl config: ", err) +end +ngx_exit(-1) +end +end + + +function _M.http_ssl_protocols_phase() Review Comment: is `http_ssl_client_hello_phase` better? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] monkeyDluffy6017 commented on a diff in pull request #9903: feat: support host level dynamic setting of tls protocol version
monkeyDluffy6017 commented on code in PR #9903: URL: https://github.com/apache/apisix/pull/9903#discussion_r1281758681 ## apisix/init.lua: ## @@ -192,10 +212,16 @@ function _M.http_ssl_phase() if err then core.log.error("failed to fetch ssl config: ", err) end +core.log.error("failed to match any SSL certificate by SNI: ", sni) ngx_exit(-1) end -end +ok, err = apisix_ssl.set_protocols_by_clienthello(ngx_ctx.matched_ssl.value.ssl_protocols) +if not ok then +core.log.error("failed to set ssl protocols: ", err) +ngx_exit(-1) +end +end Review Comment: need a blank below -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] AlinsRan opened a new pull request, #9955: ci(ldap): test
AlinsRan opened a new pull request, #9955: URL: https://github.com/apache/apisix/pull/9955 ### Description Fixes # (issue) ### Checklist - [ ] I have explained the need for this PR and the problem it solves - [ ] I have explained the changes or the new features added to this PR - [ ] I have added tests corresponding to this change - [ ] I have updated the documentation to reflect this change - [ ] I have verified that this change is backward compatible (If not, please discuss on the [APISIX mailing list](https://github.com/apache/apisix/tree/master#community) first) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] wklken commented on issue #9951: bug: route 404 after upgrade to 3.2.2
wklken commented on issue #9951: URL: https://github.com/apache/apisix/issues/9951#issuecomment-1661955530 I change the log level to info, and after create the route/service, the changes have been watched and the config_etcd print the event; But still 404; I did not see any additional logs regarding what happened after the event was received. ``` 2023/08/02 10:06:34 [info] 37#37: *19 [lua] config_etcd.lua:193: res_func: { result = { events = { { kv = { create_revision = "437830", key = "/bk-gateway-apisix/services/ddd.prod.stage-19", mod_revision = "437830", value = { create_time = 1690970794, desc = "正式环境", id = "ddd.prod.stage-19", labels = { ["gateway.bk.tencent.com/gateway"] = "ddd", ["gateway.bk.tencent.com/stage"] = "prod" }, name = "ddd-prod-stage-prod-19", 2023/08/02 10:06:34 [info] 40#40: *36 [lua] config_etcd.lua:117: produce_res(): append res: { result = { events = { { kv = { create_revision = "437830", key = "/bk-gateway-apisix/services/ddd.prod.stage-19", mod_revision = "437830", value = { create_time = 1690970794, desc = "正式环境", id = "ddd.prod.stage-19", labels = { ["gateway.bk.tencent.com/gateway"] = "ddd", ["gateway.bk.tencent.com/stage"] = "prod" }, name = "ddd-prod-stage-prod-19", 2023/08/02 10:06:34 [info] 37#37: *19 [lua] config_etcd.lua:193: res_func: { result = { events = { { kv = { create_revision = "437831", key = "/bk-gateway-apisix/routes/ddd.prod.-1", mod_revision = "437831", value = { create_time = 1690970794, desc = "获取发布信息,用于检查版本发布结果", id = "ddd.prod.-1", labels = { ["gateway.bk.tencent.com/gateway"] = "ddd", ["gateway.bk.tencent.com/stage"] = "prod" }, methods = { "GET", = <1>{} }, name = "ddd-prod-apigw-builtin-mock-release-version", plugins = { 2023/08/02 10:06:34 [info] 40#40: *36 [lua] config_etcd.lua:117: produce_res(): append res: { result = { events = { { kv = { create_revision = "437831", key = "/bk-gateway-apisix/routes/ddd.prod.-1", mod_revision = "437831", 2023/08/02 10:07:22 [info] 40#40: *7873 [lua] v3.lua:187: _request_uri(): v3 request uri: /kv/range, timeout: 120, context: ngx.timer 2023/08/02 10:07:22 [info] 40#40: *7873 [lua] v3.lua:76: choose_endpoint(): choose endpoint: http://127.0.0.1:2379, context: ngx.timer 2023/08/02 10:07:22 [info] 37#37: *6184 [lua] client.lua:123: dns_parse(): dns resolve bk-apigateway-etcd, result: {"class":1,"type":1,"section":1,"address":"2.2.2.2","ttl":30,"name":"bk-apigateway-etcd.default.svc.cluster.local"}, client: unix:, server: , request: "POST /v3/kv/range HTTP/1.1", host: "127.0.0.1" 2023/08/02 10:07:22 [info] 37#37: *6184 [lua] resolver.lua:84: parse_domain(): parse addr: {"class":1,"type":1,"section":1,"address":"2.2.2.2","ttl":30,"name":"bk-apigateway-etcd.default.svc.cluster.local"}, client: unix:, server: , request: "POST /v3/kv/range HTTP/1.1", host: "127.0.0.1" 2023/08/02 10:07:22 [info] 37#37: *6184 [lua] resolver.lua:85: parse_domain(): resolver: ["1.1.1.1"], client: unix:, server: , request: "POST /v3/kv/range HTTP/1.1", host: "127.0.0.1" 2023/08/02 10:07:22 [info] 37#37: *6184 [lua] resolver.lua:86: parse_domain(): host: bk-apigateway-etcd, client: unix:, server: , request: "POST /v3/kv/range HTTP/1.1", host: "127.0.0.1" 2023/08/02 10:07:22 [info] 37#37: *6184 [lua] resolver.lua:88: parse_domain(): dns resolver domain: bk-apigateway-etcd to 2.2.2.2, client: unix:, server: , request: "POST /v3/kv/range HTTP/1.1", host: "127.0.0.1" 2023/08/02 10:07:22 [info] 40#40: *7873 [lua] v3.lua:187: keepalive(): v3 request uri: /lease/keepalive, timeout: nil, context: ngx.timer 2023/08/02 10:07:22 [info] 40#40: *7873 [lua] v3.lua:76: choose_endpoint(): choose endpoint: http://127.0.0.1:2379, context: ngx.timer 2023/08/02 10:07:22 [info] 37#37: *6184 [lua] client.lua:123: dns_parse(): dns resolve bk-apigateway-etcd, result: {"class":1,"type":1,"section":1,"address":"2.2.2.2","ttl":30,"name":"bk-apigateway-etcd.default.svc.cluster.local"}, client: unix:, server: , request: "POST /v3/lease/keepalive HTTP/1.1", host: "127.0.0.1" 2023/08/02 10:07:22 [info] 37#37: *6184 [lua] resolver.lua:84: parse_domain(): parse addr:
[apisix] branch moonming-patch-2 deleted (was c3d7bc261)
This is an automated email from the ASF dual-hosted git repository. membphis pushed a change to branch moonming-patch-2 in repository https://gitbox.apache.org/repos/asf/apisix.git was c3d7bc261 Update .asf.yaml The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[apisix] branch SkyeYoung-patch-1 deleted (was 3c44c7570)
This is an automated email from the ASF dual-hosted git repository. membphis pushed a change to branch SkyeYoung-patch-1 in repository https://gitbox.apache.org/repos/asf/apisix.git was 3c44c7570 docs(admin-api.md): code block syntax (v3.2) The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[apisix] branch docs/tutorial-websocket-authentication deleted (was 0d936d873)
This is an automated email from the ASF dual-hosted git repository. membphis pushed a change to branch docs/tutorial-websocket-authentication in repository https://gitbox.apache.org/repos/asf/apisix.git was 0d936d873 docs: added missing plugin The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[apisix] branch moonming-patch-1 deleted (was 1c0c01232)
This is an automated email from the ASF dual-hosted git repository. membphis pushed a change to branch moonming-patch-1 in repository https://gitbox.apache.org/repos/asf/apisix.git was 1c0c01232 Update docs/en/latest/FAQ.md The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[apisix] branch patch-1 deleted (was b3bf9fa1b)
This is an automated email from the ASF dual-hosted git repository. membphis pushed a change to branch patch-1 in repository https://gitbox.apache.org/repos/asf/apisix.git was b3bf9fa1b resolve code review The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[apisix] branch juzhiyuan-patch-1 deleted (was 89f509804)
This is an automated email from the ASF dual-hosted git repository. membphis pushed a change to branch juzhiyuan-patch-1 in repository https://gitbox.apache.org/repos/asf/apisix.git was 89f509804 docs: fix 404 link The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[GitHub] [apisix] darkSheep404 commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
darkSheep404 commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661939302 hi @Sn0rt 我更新了插件的schema 但是我的工作pc是Windows,且因为公司网络原因 make deps时 需要从 github下载依赖时 会有网络问题 (我们工作中使用apisix是直接跑的docker 镜像文件) 可以麻烦你帮我运行一下格式化命令? 我再对应做修改吗? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] github-actions[bot] commented on issue #7587: help request: limit-count plugin
github-actions[bot] commented on issue #7587: URL: https://github.com/apache/apisix/issues/7587#issuecomment-1661925630 This issue has been marked as stale due to 350 days of inactivity. It will be closed in 2 weeks if no further activity occurs. If this issue is still relevant, please simply write any comment. Even if closed, you can still revive the issue at any time or discuss it on the d...@apisix.apache.org list. Thank you for your contributions. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] github-actions[bot] closed issue #7574: feat: support Discovery Center - PolarisMesh
github-actions[bot] closed issue #7574: feat: support Discovery Center - PolarisMesh URL: https://github.com/apache/apisix/issues/7574 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] 1056597498 opened a new issue, #9953: help request: How to configure the response-rewrite plugin to perform different rewriting tasks based on different matching conditions?
1056597498 opened a new issue, #9953: URL: https://github.com/apache/apisix/issues/9953 ### Description How to configure the response-rewrite plugin to perform different rewriting tasks based on different matching conditions? Example: I need to achieve the following: -When the content_type is "text/html", rewrite the body as "this is html." -When the content_type is "application/javascript", rewrite the body as "this is js." The configuration I can think of is: `{ "response-rewrite":{ "body":"{\"code\":\"ok\",\"message\":\"this is html\"}", "vars":[ [ "sent_http_content_type", "~~", "text/html" ] ] } }` and `{ "response-rewrite":{ "body":"{\"code\":\"ok\",\"message\":\"this is js\"}", "vars":[ [ "sent_http_content_type", "~~", "application/javascript" ] ] } }` But these are two different configurations for the response-rewrite plugin. How should I configure a single response-rewrite plugin to achieve the above requirements? ### Environment - APISIX version (run `3.2`): - Operating system (run `x86_64 GNU/Linux`): - OpenResty / Nginx version (openresty/1.21.4.1): - etcd version, if relevant (run `curl http://127.0.0.1:9090/v1/server_info`): - APISIX Dashboard version, if relevant: - Plugin runner version, for issues related to plugin runners: - LuaRocks version, for installation issues (run `luarocks --version`): -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] lakewatcher commented on issue #9527: bug: runtime error: /usr/local/apisix/apisix/discovery/nacos/init.lua:361: attempt to index upvalue 'applications' (a nil value)
lakewatcher commented on issue #9527: URL: https://github.com/apache/apisix/issues/9527#issuecomment-1661908220 > 我场景是这样的 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] lakewatcher commented on issue #9527: bug: runtime error: /usr/local/apisix/apisix/discovery/nacos/init.lua:361: attempt to index upvalue 'applications' (a nil value)
lakewatcher commented on issue #9527: URL: https://github.com/apache/apisix/issues/9527#issuecomment-1661901454 > @lakewatcher Can you look for a notice log that says something like "update local variable application, event is: ", to see how the encoded `applications` look like? 应该是每次启动的时候有 "update local variable application, event is: " 这样的日志。其余的时间没有 2023/08/02 16:44:31 [notice] 52#52: *415 [lua] init.lua:51: update local variable application, event is: updatingsource: discovery_nacos_update_applicationserver pid:46, application: {"":{"":{"demo02":[{"port":20880,"host":"10.202.68.118","weight":1}],"waybill-gather":[{"port":20889,"host":"10.202.18.65","weight":1}]}}}, context: ngx.timer > Do you get "wait init" as a warning log somewhere? 会有很多 2023/08/02 17:40:57 [warn] 132#132: *764954 [lua] init.lua:354: nodes(): wait init, client: 10.202.17.34, server: _, request: "POST /demo02/http2dubbo/car_createCar HTTP/1.0", host: ![image](https://github.com/apache/apisix/assets/27823963/e676f1df-f45f-4d50-a0e8-e8c1a0d85086) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] wklken opened a new issue, #9951: bug: route 404 after upgrade to 3.2.2
wklken opened a new issue, #9951: URL: https://github.com/apache/apisix/issues/9951 ### Current Behavior register route and service into etcd, the changes not been watched and got 404 ### Expected Behavior apisix watch the changes in time, the url should not be 404 ### Error Logs I have create route/service 4 times, delete the instance and redo only 1 time got an error log. another 3 times got no error log(still 404) 2023/08/02 08:28:44 [error] 1051#1051: *44434 upstream timed out (110: Connection timed out) while reading upstream, client: unix:, server: , request: "POST /v3/watch HTTP/1.1", upstream: "http://10.96.15.155:2379/v3/watch;, host: "127.0.0.1" ### Steps to Reproduce 1. upgrade apisix from 3.2.1 to 3.2.2 2. register the service and route 3. apisix-dashboard can see the route and service 4. apisix admin api can fetch the route and service 5. call the url, 404 7. do `apisix reload`, call the url, 200; 8. downgrade to apisix 3.2.1, do 2-5, call the url, 200; -- got an error log maybe this feature cause the error: https://github.com/apache/apisix/pull/9456 ### Environment - APISIX version (run `apisix version`): 3.2.2 - Operating system (run `uname -a`): - OpenResty / Nginx version (run `openresty -V` or `nginx -V`): nginx version: openresty/1.21.4.1 - etcd version, if relevant (run `curl http://127.0.0.1:9090/v1/server_info`): 2.5.4 - APISIX Dashboard version, if relevant: - Plugin runner version, for issues related to plugin runners: - LuaRocks version, for installation issues (run `luarocks --version`): -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] shenjc2013 opened a new issue, #9950: bug:
shenjc2013 opened a new issue, #9950: URL: https://github.com/apache/apisix/issues/9950 ### Current Behavior 同一张https通配符证书 使用阿里云CLB 配置七层监听: 所有用户访问全部正常 日志记录: ssl_cipher:ECDHE-RSA-AES128-GCM-SHA256 日志记录 ssl_protocol:TLSv1.2 使用apisix 架构: 阿里云 四层负载均衡 + apisix apisix跑在k8s集群内部,通过k8s服务发现转发流量,没有使用crd nginx.conf: master_process on; worker_processes auto; worker_cpu_affinity auto; error_log /data/logs/apisix-error.log warn; pid logs/nginx.pid; worker_rlimit_nofile 60; events { accept_mutex off; worker_connections 60960; } worker_rlimit_core 16G; worker_shutdown_timeout 240s; env APISIX_PROFILE; env KUBERNETES_SERVICE_PORT; env KUBERNETES_SERVICE_HOST; lua { } stream { lua_package_path "$prefix/deps/share/lua/5.1/?.lua;$prefix/deps/share/lua/5.1/?/init.lua;/usr/local/apisix/?.lua;/usr/local/apisix/?/init.lua;;./?.lua;/usr/local/openresty/luajit/share/luajit-2.1.0-beta3/?.lua;/usr/local/share/lua/5.1/?.lua;/usr/local/share/lua/5.1/?/init.lua;/usr/local/openresty/luajit/share/lua/5.1/?.lua;/usr/local/openresty/luajit/share/lua/5.1/?/init.lua;;"; lua_package_cpath "$prefix/deps/lib64/lua/5.1/?.so;$prefix/deps/lib/lua/5.1/?.so;;./?.so;/usr/local/lib/lua/5.1/?.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so;/usr/local/lib/lua/5.1/loadall.so;"; lua_socket_log_errors off; lua_max_pending_timers 16384; lua_max_running_timers 4096; lua_shared_dict lrucache-lock-stream 10m; lua_shared_dict etcd-cluster-health-check-stream 10m; lua_shared_dict plugin-limit-conn-stream 10m; resolver 172.16.24.10 valid=30 ipv6=on; resolver_timeout 5; upstream apisix_backend { server 127.0.0.1:80; balancer_by_lua_block { apisix.stream_balancer_phase() } } init_by_lua_block { require "resty.core" apisix = require("apisix") local dns_resolver = { "172.16.24.10", } local args = { dns_resolver = dns_resolver, } apisix.stream_init(args) } init_worker_by_lua_block { apisix.stream_init_worker() } server { listen 9100 reuseport; listen 9200 udp reuseport; preread_by_lua_block { apisix.stream_preread_phase() } proxy_pass apisix_backend; set $upstream_sni "apisix_backend"; proxy_ssl_server_name on; proxy_ssl_name $upstream_sni; log_by_lua_block { apisix.stream_log_phase() } } } http { lua_package_path "$prefix/deps/share/lua/5.1/?.lua;$prefix/deps/share/lua/5.1/?/init.lua;/usr/local/apisix/?.lua;/usr/local/apisix/?/init.lua;;./?.lua;/usr/local/openresty/luajit/share/luajit-2.1.0-beta3/?.lua;/usr/local/share/lua/5.1/?.lua;/usr/local/share/lua/5.1/?/init.lua;/usr/local/openresty/luajit/share/lua/5.1/?.lua;/usr/local/openresty/luajit/share/lua/5.1/?/init.lua;;"; lua_package_cpath "$prefix/deps/lib64/lua/5.1/?.so;$prefix/deps/lib/lua/5.1/?.so;;./?.so;/usr/local/lib/lua/5.1/?.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so;/usr/local/lib/lua/5.1/loadall.so;"; lua_max_pending_timers 16384; lua_max_running_timers 4096; lua_shared_dict internal-status 10m; lua_shared_dict upstream-healthcheck 10m; lua_shared_dict worker-events 10m; lua_shared_dict lrucache-lock 10m; lua_shared_dict balancer-ewma 10m; lua_shared_dict balancer-ewma-locks 10m; lua_shared_dict balancer-ewma-last-touched-at 10m; lua_shared_dict kubernetes 1m; lua_shared_dict plugin-limit-conn 10m; lua_shared_dict plugin-limit-req 10m; lua_shared_dict plugin-limit-count 10m; lua_shared_dict plugin-limit-count-redis-cluster-slot-lock 1m; lua_shared_dict prometheus-metrics 10m; lua_shared_dict plugin-api-breaker 10m; proxy_cache_path /tmp/disk_cache_one levels=1:2 keys_zone=disk_cache_one:2048m inactive=1d max_size=1G use_temp_path=off; map $upstream_cache_zone $upstream_cache_zone_info { disk_cache_one /tmp/disk_cache_one,1:2; } lua_ssl_verify_depth 5; ssl_session_timeout 86400; underscores_in_headers on; lua_socket_log_errors off; proxy_buffer_size 128k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k; resolver 172.16.24.10 valid=30 ipv6=on; resolver_timeout 5; lua_http10_buffering off; lua_regex_match_limit 10; lua_regex_cache_max_entries 8192; log_format main escape=json '{"time_local": "$time_local", "env": "prod", "proxy_protocol_addr":"$proxy_protocol_addr", "remote_addr": "$remote_addr", "server_addr": "$server_addr", "host": "$host", "http_x_forwarded_for":
[GitHub] [apisix] Sn0rt commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
Sn0rt commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661748239 Looking forward to you becoming a new contributor to APISIX --- 期待你成为APISIX 新的贡献者 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] darkSheep404 commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
darkSheep404 commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661744125 > 讲道理, 既然想把这个选项暴露出来为啥没有更新这个地方? `openid-connect.lua` > > ```lua > local schema = { > type = "object", > properties = { > client_id = {type = "string"}, > client_secret = {type = "string"}, > discovery = {type = "string"}, > scope = { > type = "string", > default = "openid", > }, > ssl_verify = { > type = "boolean", > default = false, > }, > timeout = { > type = "integer", > minimum = 1, > default = 3, > description = "timeout in seconds", > }, > introspection_endpoint = { > type = "string" > }, > introspection_endpoint_auth_method = { > type = "string", > default = "client_secret_basic" > }, > bearer_only = { > type = "boolean", > default = false, > }, > session = { > type = "object", > properties = { > secret = { > type = "string", > description = "the key used for the encrypt and HMAC calculation", > minLength = 16, > }, > }, > required = {"secret"}, > additionalProperties = false, > }, > realm = { > type = "string", > default = "apisix", > }, > logout_path = { > type = "string", > default = "/logout", > }, > redirect_uri = { > type = "string", > description = "use ngx.var.request_uri if not configured" > }, > post_logout_redirect_uri = { > type = "string", > description = "the URI will be redirect when request logout_path", > }, > unauth_action = { > type = "string", > default = "auth", > enum = {"auth", "deny", "pass"}, > description = "The action performed when client is not authorized. Use auth to " .. > "redirect user to identity provider, deny to respond with 401 Unauthorized, and " .. > "pass to allow the request regardless." > }, > public_key = {type = "string"}, > token_signing_alg_values_expected = {type = "string"}, > use_pkce = { > description = "when set to true the PKEC(Proof Key for Code Exchange) will be used.", > type = "boolean", > default = false > }, > set_access_token_header = { > description = "Whether the access token should be added as a header to the request " .. > "for downstream", > type = "boolean", > default = true > }, > access_token_in_authorization_header = { > description = "Whether the access token should be added in the Authorization " .. > "header as opposed to the X-Access-Token header.", > type = "boolean", > default = false > }, > set_id_token_header = { > description = "Whether the ID token should be added in the X-ID-Token header to " .. > "the request for downstream.", > type = "boolean", > default = true > }, > set_userinfo_header = { > description = "Whether the user info token should be added in the X-Userinfo " .. > "header to the request for downstream.", > type = "boolean", > default = true > }, > set_refresh_token_header = { > description = "Whether the refresh token should be added in the X-Refresh-Token " .. > "header to the request for downstream.", > type = "boolean", > default = false > } > }, > encrypt_fields = {"client_secret"}, > required = {"client_id", "client_secret", "discovery"} > } > ``` 确实没有想到去更新这个地方 我等下一起补一下吧 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] darkSheep404 commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
darkSheep404 commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661743511 > 确实没有想到去更新这个地方 我等下一起补一下吧 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] starsz closed pull request #8941: feat: add redirect_after_logout_uri to the oidc plugin to replace or …
starsz closed pull request #8941: feat: add redirect_after_logout_uri to the oidc plugin to replace or … URL: https://github.com/apache/apisix/pull/8941 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] starsz commented on pull request #8941: feat: add redirect_after_logout_uri to the oidc plugin to replace or …
starsz commented on PR #8941: URL: https://github.com/apache/apisix/pull/8941#issuecomment-1661732996 > @starsz can you close this one ? and I have create a new one for track. OK. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] Sn0rt commented on pull request #8941: feat: add redirect_after_logout_uri to the oidc plugin to replace or …
Sn0rt commented on PR #8941: URL: https://github.com/apache/apisix/pull/8941#issuecomment-1661730258 @starsz can you close this one ? and I have create a new one for track. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] darkSheep404 commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
darkSheep404 commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661707901 > make deps 说来惭愧 我现在的work pc是Windows 我们用apisix时是 使用docker的image运行的 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] Sn0rt opened a new pull request, #9949: feat: add redirect_after_logout_uri to the oidc plugin to replace or …
Sn0rt opened a new pull request, #9949: URL: https://github.com/apache/apisix/pull/9949 …override end_session_endpoint Add "redirect_after_logout_uri" to the oidc plugin to replace or override end_session_endpoint take over https://github.com/apache/apisix/pull/8941 ### Description Fixes # (issue) ### Checklist - [ ] I have explained the need for this PR and the problem it solves - [ ] I have explained the changes or the new features added to this PR - [ ] I have added tests corresponding to this change - [ ] I have updated the documentation to reflect this change - [ ] I have verified that this change is backward compatible (If not, please discuss on the [APISIX mailing list](https://github.com/apache/apisix/tree/master#community) first) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] jiangfucheng commented on a diff in pull request #9947: fix: add default value for range_id object
jiangfucheng commented on code in PR #9947: URL: https://github.com/apache/apisix/pull/9947#discussion_r1281546321 ## t/plugin/request-id2.t: ## @@ -70,39 +70,6 @@ passed -=== TEST 2: add plugin with algorithm range_id Review Comment: Why need remove this test? Maybe we should add a test to hit route, it can cover this bug. eg: ``` === TEST 3: hit --- request GET /opentracing ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] Sn0rt commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
Sn0rt commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661701416 > hi @Sn0rt 我添加完测试了 不过 现在utils内没有这个reindex文件 ![image](https://user-images.githubusercontent.com/49020899/257742446-b8df1043-e58d-4544-99a9-dfa40ad16885.png) > > ![image](https://user-images.githubusercontent.com/49020899/257741663-bf1eb3fc-dbfb-4856-ba09-74119c68d86c.png) https://apisix.apache.org/docs/apisix/building-apisix/ 我想这个链接可能对你有用. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] darkSheep404 commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
darkSheep404 commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661697636 hi @Sn0rt 我添加完测试了 不过 现在utils内没有这个reindex文件 ![image](https://github.com/apache/apisix/assets/49020899/b8df1043-e58d-4544-99a9-dfa40ad16885) ![image](https://github.com/apache/apisix/assets/49020899/bf1eb3fc-dbfb-4856-ba09-74119c68d86c) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] wxbty commented on pull request #9660: feat: add dubbo protocols support for xrpc
wxbty commented on PR #9660: URL: https://github.com/apache/apisix/pull/9660#issuecomment-1661697214 > The codes looks good to me now. > > But looks like we the xrpc test cases never be run? > > https://user-images.githubusercontent.com/33000667/257679431-5b868b5a-5abd-4b1e-bddb-223588e83056.png;> https://user-images.githubusercontent.com/33000667/257679508-99bf004b-8552-43bb-9672-877a83d632b3.png;> > Please have a look, thanks! @wxbty I may have misunderstood what you meant earlier, build.yml and tm-cron.yml are available, centos and redhat are not, I will add it for a try -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] Sn0rt commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
Sn0rt commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661696163 讲道理, 既然想把这个选项暴露出来为啥没有更新这个地方? `openid-connect.lua` ```lua local schema = { type = "object", properties = { client_id = {type = "string"}, client_secret = {type = "string"}, discovery = {type = "string"}, scope = { type = "string", default = "openid", }, ssl_verify = { type = "boolean", default = false, }, timeout = { type = "integer", minimum = 1, default = 3, description = "timeout in seconds", }, introspection_endpoint = { type = "string" }, introspection_endpoint_auth_method = { type = "string", default = "client_secret_basic" }, bearer_only = { type = "boolean", default = false, }, session = { type = "object", properties = { secret = { type = "string", description = "the key used for the encrypt and HMAC calculation", minLength = 16, }, }, required = {"secret"}, additionalProperties = false, }, realm = { type = "string", default = "apisix", }, logout_path = { type = "string", default = "/logout", }, redirect_uri = { type = "string", description = "use ngx.var.request_uri if not configured" }, post_logout_redirect_uri = { type = "string", description = "the URI will be redirect when request logout_path", }, unauth_action = { type = "string", default = "auth", enum = {"auth", "deny", "pass"}, description = "The action performed when client is not authorized. Use auth to " .. "redirect user to identity provider, deny to respond with 401 Unauthorized, and " .. "pass to allow the request regardless." }, public_key = {type = "string"}, token_signing_alg_values_expected = {type = "string"}, use_pkce = { description = "when set to true the PKEC(Proof Key for Code Exchange) will be used.", type = "boolean", default = false }, set_access_token_header = { description = "Whether the access token should be added as a header to the request " .. "for downstream", type = "boolean", default = true }, access_token_in_authorization_header = { description = "Whether the access token should be added in the Authorization " .. "header as opposed to the X-Access-Token header.", type = "boolean", default = false }, set_id_token_header = { description = "Whether the ID token should be added in the X-ID-Token header to " .. "the request for downstream.", type = "boolean", default = true }, set_userinfo_header = { description = "Whether the user info token should be added in the X-Userinfo " .. "header to the request for downstream.", type = "boolean", default = true }, set_refresh_token_header = { description = "Whether the refresh token should be added in the X-Refresh-Token " .. "header to the request for downstream.", type = "boolean", default = false } }, encrypt_fields = {"client_secret"}, required = {"client_id", "client_secret", "discovery"} } ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] Sn0rt commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
Sn0rt commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661674307 > > 你测试了这个格式么 "http://username:password@127.0.0.1:8080; 么? > > hi 我这边 只用到了 不需要认证的代理服务器 所以没有试过这个格式 添加一个 test 吧, 内容如下. ```lua === TEST 5: Set up new route access the auth server via http proxy --- ONLY --- config location /t { content_by_lua_block { local t = require("lib.test_admin").test local code, body = t('/apisix/admin/routes/1', ngx.HTTP_PUT, [[{ "plugins": { "openid-connect": { "client_id": "kbyuFDidLLm280LIwVFiazOqjO3ty8KH", "client_secret": "60Op4HFM0I8ajz0WdiStAbziZ-VFQttXuxixHHs2R7r7-CW8GR79l-mmLqMhc-Sa", "discovery": "http://127.0.0.1:1980/.well-known/openid-configuration;, "redirect_uri": "https://iresty.com;, "ssl_verify": false, "timeout": 10, "scope": "apisix", "proxy_opts": "http://username:password@127.0.0.1:8080;, "use_pkce": false } }, "upstream": { "nodes": { "127.0.0.1:1980": 1 }, "type": "roundrobin" }, "uri": "/hello" }]] ) if code >= 300 then ngx.status = code end ngx.say(body) } } --- response_body passed ``` 可以使用下面指令格式化测试文件 ```shell ~/w/apisix *master> ./utils/reindex t/plugin/openid-connect.t reindex: t/plugin/openid-connect.t: skipped. ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] darkSheep404 commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
darkSheep404 commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661668867 > 你测试了这个格式么 "http://username:password@127.0.0.1:8080; 么? hi 我这边只用到了 不需要账密认证的代理服务器 所以没有试过这个格式 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] Sn0rt commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
Sn0rt commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661661377 你测试了这个格式么 "http://username:password@127.0.0.1:8080; 么? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] darkSheep404 commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
darkSheep404 commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661617517 > 需要多等待一下. > > 1. 如果能用单元测试覆盖到这个选项最好 (可能有难度 > 2. 单元测试覆盖不了, 需要多等待一下, 我会把你的代码 fetch 到我的开发环境里面进行回归测试保证对现有的功能不受影响. 好的 thk thk~ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] Sn0rt commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
Sn0rt commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661601580 需要多等待一下. 1. 如果能用单元测试覆盖到这个选项最好 (可能有难度 2. 单元测试覆盖不了, 需要多等待一下, 我会把你的代码 fetch 到我的开发环境里面进行回归测试保证对现有的功能不受影响. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] AlinsRan commented on a diff in pull request #9903: feat: support host level dynamic setting of tls protocol version
AlinsRan commented on code in PR #9903: URL: https://github.com/apache/apisix/pull/9903#discussion_r1281471181 ## apisix/ssl/router/radixtree_sni.lua: ## @@ -206,13 +206,35 @@ function _M.match_and_set(api_ctx, match_only, alt_sni) end end -local matched_ssl = api_ctx.matched_ssl -core.log.info("debug - matched: ", core.json.delay_encode(matched_ssl, true)) +core.log.info("debug - matched: ", core.json.delay_encode(api_ctx.matched_ssl, true)) if match_only then return true end +ok, err = _M.set(api_ctx.matched_ssl, sni) +if not ok then +return false, err +end + +return true +end + + +function _M.set(matched_ssl, sni) +if not matched_ssl then +return false, "failed to match ssl certificate" +end +local ok, err Review Comment: Line 242 has. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] AlinsRan commented on a diff in pull request #9903: feat: support host level dynamic setting of tls protocol version
AlinsRan commented on code in PR #9903: URL: https://github.com/apache/apisix/pull/9903#discussion_r1281472050 ## apisix/ssl/router/radixtree_sni.lua: ## @@ -206,13 +206,35 @@ function _M.match_and_set(api_ctx, match_only, alt_sni) end end -local matched_ssl = api_ctx.matched_ssl -core.log.info("debug - matched: ", core.json.delay_encode(matched_ssl, true)) +core.log.info("debug - matched: ", core.json.delay_encode(api_ctx.matched_ssl, true)) if match_only then return true end +ok, err = _M.set(api_ctx.matched_ssl, sni) +if not ok then +return false, err +end + +return true +end + + +function _M.set(matched_ssl, sni) +if not matched_ssl then +return false, "failed to match ssl certificate" +end +local ok, err Review Comment: `ok, err = _M.set_cert_and_key(sni, new_ssl_value)` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] leslie-tsang commented on a diff in pull request #9903: feat: support host level dynamic setting of tls protocol version
leslie-tsang commented on code in PR #9903: URL: https://github.com/apache/apisix/pull/9903#discussion_r1281466682 ## apisix/ssl/router/radixtree_sni.lua: ## @@ -206,13 +206,35 @@ function _M.match_and_set(api_ctx, match_only, alt_sni) end end -local matched_ssl = api_ctx.matched_ssl -core.log.info("debug - matched: ", core.json.delay_encode(matched_ssl, true)) +core.log.info("debug - matched: ", core.json.delay_encode(api_ctx.matched_ssl, true)) if match_only then return true end +ok, err = _M.set(api_ctx.matched_ssl, sni) +if not ok then +return false, err +end + +return true +end + + +function _M.set(matched_ssl, sni) +if not matched_ssl then +return false, "failed to match ssl certificate" +end +local ok, err Review Comment: unused var `ok` here. ## apisix/schema_def.lua: ## @@ -790,6 +790,15 @@ _M.ssl = { enum = {1, 0}, default = 1 }, +ssl_protocols = { +description = "set ssl protocols", +type = "array", +maxItems = 3, +uniqueItems = true, +items = { +enum = {"TLSv1.1","TLSv1.2", "TLSv1.3"} Review Comment: ```suggestion enum = {"TLSv1.1", "TLSv1.2", "TLSv1.3"} ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] darkSheep404 commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
darkSheep404 commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661595998 > 看上去不错. 修改一下文档? 我approve 一下 CI. hi @Sn0rt 我已经重新提交了 现在只加了两行 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] shreemaan-abhishek commented on issue #9928: help request: Dynamic routing based on HTTP_STATUS from first API
shreemaan-abhishek commented on issue #9928: URL: https://github.com/apache/apisix/issues/9928#issuecomment-1661594324 APISIX plugins are executed sequentially through the phases in openresty: https://github.com/apache/apisix/assets/61597896/b00750d5-a78f-4215-9ae4-4a691db9910e;> i.e plugins that run on the `rewrite` phase will always execute before the plugins in the `access` phase irrespective of priority. (the priority is followed strictly among the plugins that run under the same given execution phase). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] Sn0rt commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
Sn0rt commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661582503 看上去不错. 修改一下文档? 我approve 一下 CI. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] darkSheep404 commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
darkSheep404 commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661579858 > Thanks for your PR > > 1. Can the document not be modified so much? I think you should just add a line. > 2. Where does this option come from? How to confirm that it works normally, can you explain briefly? Indeed, it may be inconvenient to build tests because it involves proxy. > Thanks for your PR > > 1. Can the document not be modified so much? I think you should just add a line. > 2. Where does this option come from? How to confirm that it works normally, can you explain briefly? Indeed, it may be inconvenient to build tests because it involves proxy. 像上文中的流程图一样 openid-connect插件 通过http请求oauth2服务器的操作 都是调用`openidc`.lua的方法来实现 `openidc.lua` 发起http请求时 都会通过以下代码新建http request ```lua local httpc = http.new() openidc_configure_timeouts(httpc, opts.timeout) openidc_configure_proxy(httpc, opts.proxy_opts) ``` 其中`configure_proxy`方法 会检测`opts.proxy_opts`属性是否存在 存在则会配置代理 ```lua local function openidc_configure_proxy(httpc, proxy_opts) if httpc and proxy_opts and type(proxy_opts) == "table" then log(DEBUG, "openidc_configure_proxy : use http proxy") httpc:set_proxy_options(proxy_opts) else log(DEBUG, "openidc_configure_proxy : don't use http proxy") end end ``` `openid-connect `调用`openidc.lua`时 会把拷贝的插件的配置`conf` 作为第一个参数 传入 `openidc.lua`把传入的第一个参数作为`opts`接收 调用`openidc.authenticate()`方法时 ``` #in openid-connect.lua response, err = openidc.authenticate(conf,_,_,session_opts) #in openidc.lua openidc.authenticate(opts, target_url, unauth_action, session_opts) ``` 另外 `_M_rewrite`入口处 会`local conf = core.table.clone(plugin_conf)` 所以 openid-connect插件配置`proxy_opts`参数时 会传给`openidc.lua` 作为`opts.proxy_opts`, 用于新建http请求时 配置代理 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] Sn0rt commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
Sn0rt commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661576032 > 是的 这个PR 其实只加了一个属性到文档,如果使用忽略格式化和空行的git 工具可以更清晰的看到更改. 因为向markdown的的table加了一行, 所以影响到了上面的缩进 问题是你加的这个选项为啥会工作呢? 可以解释一下么? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] shreemaan-abhishek commented on pull request #9936: feat: remove rust dependency by rollback lua-resty-ldap on master
shreemaan-abhishek commented on PR #9936: URL: https://github.com/apache/apisix/pull/9936#issuecomment-1661570555 @Revolyssup, eventually in the future we might have to upgrade `lua-resty-ldap` version again. This doesn't make sense to me as a good solution in the long run. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] darkSheep404 commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
darkSheep404 commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661561849 > Thanks for your PR > > 1. Can the document not be modified so much? I think you should just add a line. > 2. Where does this option come from? How to confirm that it works normally, can you explain briefly? Indeed, it may be inconvenient to build tests because it involves proxy. yes,this pr only add a proxy_opts attribute to doc ,if use git tools which can ignore format and emptylines will be more clearly,The indentation above is affected because markdown's table has been modified by adding a new line 是的 这个PR 其实只加了一个属性到文档,如果使用忽略格式化和空行的git 工具可以更清晰的看到更改. 因为向markdown的的table加了一行, 所以影响到了上面的缩进 或者我可以重新提一个影响代码更少的pr -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] shreemaan-abhishek commented on issue #9925: help request: when etcd enable auth, the etcd log will continuously print ‘delete a simple token’
shreemaan-abhishek commented on issue #9925: URL: https://github.com/apache/apisix/issues/9925#issuecomment-1661555670 That is probably an issue with etcd. And they are info logs so I don't think they are problematic. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] Sn0rt commented on pull request #9948: docs: add proxy_opts attribute for openid-connect.md
Sn0rt commented on PR #9948: URL: https://github.com/apache/apisix/pull/9948#issuecomment-1661546203 Thanks for your PR 1. Can the document not be modified so much? I think you should just add a line. 2. Where does this option come from? How to confirm that it works normally, can you explain briefly? Indeed, it may be inconvenient to build tests because it involves proxy. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix-dashboard] hanrea opened a new issue, #2846: Add redirect plugin support
hanrea opened a new issue, #2846: URL: https://github.com/apache/apisix-dashboard/issues/2846 # Feature request Add redirect plugin support. Redirect plugin is often used in conjunction with the rewrite plugin to achieve routing forwarding A clear and concise description of what you want and what your use case is. ## Describe the solution you'd like "plugins": { "redirect": { "regex_uri": ["^/$", "/index.html"] "ret_code": 301 }, "proxy-rewrite": { "regex_uri": ["^/(.*)$", "/static/$1"] } }, -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org