Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTP Endpoint for KOURIER_EXTAUTHZ_HOST #754

Closed
sidharthramesh opened this issue Jan 15, 2022 · 4 comments · Fixed by #786
Closed

HTTP Endpoint for KOURIER_EXTAUTHZ_HOST #754

sidharthramesh opened this issue Jan 15, 2022 · 4 comments · Fixed by #786
Labels
good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.
Milestone
v1.4.0

Comments

@sidharthramesh
Copy link
Contributor

I see in the e2e tests for external authz that a gRPC service is supported. Any idea this will support a HTTP service?

I'd like to use ORY Oathkeeper as the external authenticator and it only exposes an HTTP endpoint for now.
@nak3
Copy link
Contributor

nak3 commented Jan 17, 2022

/good-first-issue

We did not have the plan as nobody requested the feature. But I think it makes sense and complicated change is not necessary.
It just needs to add an option and switch the http option here - https:/knative-sandbox/net-kourier/blob/37d366313782ca3ebf7b40166c278610fac72205/pkg/config/ext_authz.go#L97-L103

PR is welcome 🙏

@knative-prow-robot
Copy link

@nak3:
This request has been marked as suitable for new contributors.

Please ensure the request meets the requirements listed here.

If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-good-first-issue command.

In response to this:

/good-first-issue

We did not have the plan as nobody requested the feature. But I think it makes sense and complicated change is not necessary.
It just needs to add an option and switch the http option here - https:/knative-sandbox/net-kourier/blob/37d366313782ca3ebf7b40166c278610fac72205/pkg/config/ext_authz.go#L97-L103

PR is welcome 🙏

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@knative-prow-robot knative-prow-robot added good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. labels Jan 17, 2022
@sidharthramesh
Copy link
Contributor Author

Thank you @nak3. I'll try to understand the code.

According to the Envoy docs either grpc_service (config.core.v3.GrpcService) or http_service (extensions.filters.http.ext_authz.v3.HttpService) should be set.

So I'm assuming there's also going to be some changes here?
https:/knative-sandbox/net-kourier/blob/37d366313782ca3ebf7b40166c278610fac72205/pkg/config/ext_authz.go#L141-L155

I'm very new to this, and barely getting around Knative, Kourier and GoLang. So forgive me if I'm not very helpful.

@nak3
Copy link
Contributor

nak3 commented Jan 17, 2022

Yes, I think you are right. Thank you!

@nak3 nak3 added this to the v1.4.0 milestone Mar 2, 2022
@norbjd norbjd mentioned this issue Mar 6, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.
Projects
None yet
Milestone
v1.4.0
Development

Successfully merging a pull request may close this issue.

Ext auth service : add http/https protocol norbjd/net-kourier
3 participants
@nak3 @sidharthramesh @knative-prow-robot