feat(ops): allow access admin loopback IP address

[kwanhur]

Description

Allow IPv4 loopback address 127.0.0.0/8 and IPv6 loopback address to access admin.

Now, if not the address 127.0.0.0/24, it'll get a warning tip like

WARNING: using fixed Admin API token has security risk.
Please modify "admin_key" in conf/config.yaml .

• support single IP address and CIDR format
• support both IPv4 and IPv6
• remove hardcode 127.0.0.0/24 when checking

Checklist

• [x] I have explained the need for this PR and the problem it solves
• [x] I have explained the changes or the new features added to this PR
• [x] I have added tests corresponding to this change
• [ ] I have updated the documentation to reflect this change
• [x] I have verified that this change is backward compatible (If not, please discuss on the APISIX mailing list first)

[spacewander]

Would you please add test to cover it?

[kwanhur]

Test cases cover IPv4 IPv6 CIDR and IPv6 loopback single address.

I'm not sure if need to cover non-loopback address cases.

[spacewander]

Let's merge master to make CI pass.

[kwanhur]

Done.

[github-actions[bot]]

This pull request has been marked as stale due to 60 days of inactivity. It will be closed in 4 weeks if no further activity occurs. If you think that's incorrect or this pull request should instead be reviewed, please simply write any comment. Even if closed, you can still revive the PR at any time or discuss it on the [email protected] list. Thank you for your contributions.

[github-actions[bot]]

This pull request/issue has been closed due to lack of activity. If you think that is incorrect, or the pull request requires review, you can revive the PR at any time.