change string to bool pointer variable

envoyproxy · Nov 8, 2024 · 528f373 · 528f373
1 parent 574815d
commit 528f373
Show file tree

Hide file tree

Showing 5 changed files with 7 additions and 7 deletions.
diff --git a/api/v1alpha1/ext_auth_types.go b/api/v1alpha1/ext_auth_types.go
@@ -33,7 +33,7 @@ type ExtAuth struct {
 	// +optional
 	HeadersToExtAuth []string `json:"headersToExtAuth,omitempty"`
 
-	BodyToExtAuth *string `json:"bodyToExtAuth,omitempty"`
+	BodyToExtAuth *bool `json:"bodyToExtAuth,omitempty"`
 
 	// FailOpen is a switch used to control the behavior when a response from the External Authorization service cannot be obtained.
 	// If FailOpen is set to true, the system allows the traffic to pass through.

diff --git a/internal/gatewayapi/testdata/securitypolicy-with-extauth-backend.in.yaml b/internal/gatewayapi/testdata/securitypolicy-with-extauth-backend.in.yaml
@@ -99,7 +99,7 @@ securityPolicies:
         headersToExtAuth:
           - header1
           - header2
-        bodyToExtAuth: '{"name": "John Doe"}'
+        bodyToExtAuth: true
         grpc:
           backendRefs:
             - name: service-2

diff --git a/internal/gatewayapi/testdata/securitypolicy-with-extauth-backend.out.yaml b/internal/gatewayapi/testdata/securitypolicy-with-extauth-backend.out.yaml
@@ -179,7 +179,7 @@ securityPolicies:
       headersToExtAuth:
       - header1
       - header2
-      bodyToExtAuth: '{"name": "John Doe"}'
+      bodyToExtAuth: true
     targetRef:
       group: gateway.networking.k8s.io
       kind: HTTPRoute
@@ -263,7 +263,7 @@ xdsIR:
             headersToExtAuth:
             - header1
             - header2
-            bodyToExtAuth: '{"name": "John Doe"}'
+            bodyToExtAuth: true
             name: securitypolicy/default/policy-for-http-route-1
       - destination:
           name: httproute/default/httproute-1/rule/1
@@ -308,7 +308,7 @@ xdsIR:
             headersToExtAuth:
             - header1
             - header2
-            bodyToExtAuth: '{"name": "John Doe"}'
+            bodyToExtAuth: true
             name: securitypolicy/default/policy-for-http-route-1
       - destination:
           name: httproute/default/httproute-2/rule/0

diff --git a/internal/ir/xds.go b/internal/ir/xds.go
@@ -994,7 +994,7 @@ type ExtAuth struct {
 	// +optional
 	HeadersToExtAuth []string `json:"headersToExtAuth,omitempty"`
 
-	BodyToExtAuth *string `json:"bodyToExtAuth,omitempty"`
+	BodyToExtAuth *bool `json:"bodyToExtAuth,omitempty"`
 
 	// FailOpen is a switch used to control the behavior when a response from the External Authorization service cannot be obtained.
 	// If FailOpen is set to true, the system allows the traffic to pass through.

diff --git a/internal/xds/translator/extauth.go b/internal/xds/translator/extauth.go
@@ -117,7 +117,7 @@ func extAuthConfig(extAuth *ir.ExtAuth) *extauthv3.ExtAuthz {
 		})
 	}
 
-	if extAuth.BodyToExtAuth != nil {
+	if extAuth.BodyToExtAuth != nil && *extAuth.BodyToExtAuth {
 		config.WithRequestBody = &extauthv3.BufferSettings{
 			AllowPartialMessage: false,
 			PackAsBytes:         false,