wasm-extensions
wasm-extensions copied to clipboard
Published
20 hours ago •
istio-ecosystem
istio-ecosystem
Can basic_auth wasm only be used with gateway resources?
Hi everyone, I have a wasm problem and I hope someone can help me.
I used the community's basic_wasm, its address is: https://github.com/istio-ecosystem/wasm-extensions/tree/master/extensions/basic_auth
But I changed some configurations, I want to use it in the following way, my purpose is to do interface permission verification.
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
labels:
app: reviews
name: notice-reviews
namespace: demo
spec:
configPatches:
- applyTo: HTTP_FILTER
match:
listener:
filterChain:
filter:
name: envoy.http_connection_manager
proxy:
proxyVersion: ^1\.11.*
patch:
operation: INSERT_BEFORE
value:
config_discovery:
config_source:
ads: {}
initial_fetch_timeout: 0s
type_urls:
- type.googleapis.com/envoy.extensions.filters.http.wasm.v3.Wasm
name: notice-reviews
- applyTo: EXTENSION_CONFIG
match: {}
patch:
operation: ADD
value:
name: notice-reviews
typed_config:
'@type': type.googleapis.com/udpa.type.v1.TypedStruct
type_url: type.googleapis.com/envoy.extensions.filters.http.wasm.v3.Wasm
value:
config:
configuration:
'@type': type.googleapis.com/google.protobuf.StringValue
value: |
{
"basic_auth_rules": [
{
"prefix": "/reviews",
"request_methods":[ "GET", "POST" ]
}
]
}
vm_config:
code:
remote:
http_uri:
uri: http://xxxx/wasm/basic_auth.wasm
runtime: envoy.wasm.runtime.v8
vm_id: notice-reviews
workloadSelector:
labels:
app: reviews
When I applied the envoyfilter to the workload, it reported an error:
2023-03-07T07:42:14.653677Z warning envoy wasm wasm log notice-reviews: [extensions/basic_auth/plugin.cc:306]::configure() cannot parse plugin configuration JSON string: {
"basic_auth_rules": [
{
"prefix": "/reviews",
"request_methods":[ "GET", "POST" ]
}
]
}
I don't understand what's going on here, is basic_auth wasm only enabled with gateway ? Can someone help me, it's urgent. .
