diff --git a/changelog/v1.18.0-beta35/remove-external-apis.yaml b/changelog/v1.18.0-beta35/remove-external-apis.yaml new file mode 100644 index 00000000000..f047180e905 --- /dev/null +++ b/changelog/v1.18.0-beta35/remove-external-apis.yaml @@ -0,0 +1,11 @@ +changelog: + - type: FIX + issueLink: https://github.com/solo-io/solo-projects/issues/6768 + resolvesIssue: false + description: >- + Remove docs for external APIs + - type: DEPENDENCY_BUMP + dependencyOwner: solo-io + dependencyRepo: solo-kit + dependencyTag: v0.36.2 + issueLink: https://github.com/solo-io/solo-projects/issues/6768 \ No newline at end of file diff --git a/docs/build-docs.sh b/docs/build-docs.sh index 54e7c9fd988..78e3a3a2bc8 100755 --- a/docs/build-docs.sh +++ b/docs/build-docs.sh @@ -265,11 +265,6 @@ firebaseJson=$(cat <}}) settings in the options of a [Route]({{< versioned_link_path fromRoot="/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/virtual_service.proto.sk/#route" >}}) in a [RouteTable]({{< versioned_link_path fromRoot="/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/route_table.proto.sk/" >}}). +You can set buffer limits and other connection options with the Buffer settings in the options of a [Route]({{< versioned_link_path fromRoot="/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/virtual_service.proto.sk/#route" >}}) in a [RouteTable]({{< versioned_link_path fromRoot="/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/route_table.proto.sk/" >}}). ```yaml apiVersion: gateway.solo.io/v1 diff --git a/docs/content/installation/advanced_configuration/gzip.md b/docs/content/installation/advanced_configuration/gzip.md index 22c273cb8cf..849b5631e34 100644 --- a/docs/content/installation/advanced_configuration/gzip.md +++ b/docs/content/installation/advanced_configuration/gzip.md @@ -43,8 +43,6 @@ spec: Once that is saved, you're all set. Traffic on the http gateway will call the gzip filter. -You can learn about the configuration options [here]({{< versioned_link_path fromRoot="/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/filter/http/gzip/v2/gzip.proto.sk" >}}). - More information about the Gzip filter can be found in the [relevant Envoy docs](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/gzip_filter). If data is not being compressed, you may want to check that all the necessary conditions for the Envoy filter are met. See the [How it works](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/gzip_filter#how-it-works) section for information on when compression will be skipped. diff --git a/docs/content/introduction/traffic_filter.md b/docs/content/introduction/traffic_filter.md index 6f570cf59b0..1f0a67f8038 100644 --- a/docs/content/introduction/traffic_filter.md +++ b/docs/content/introduction/traffic_filter.md @@ -103,7 +103,7 @@ Review the following diagram of how Gloo Gateway filters traffic, depending on w * **CORS**: See the [Cross-origin resources sharing security guide]({{% versioned_link_path fromRoot="/guides/security/cors/" %}}). * **DLP**: See the [Data loss prevention security guide]({{% versioned_link_path fromRoot="/guides/security/data_loss_prevention/" %}}). * **WAF**: See the [Web application firewall security guide]({{% versioned_link_path fromRoot="/guides/security/waf/" %}}). - * **Sanitize**: See the [sanitize proto reference]({{% versioned_link_path fromRoot="/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/extauth/sanitize.proto.sk/" %}}). + * **Sanitize** 4. **Filters only after external auth**: Review the information about other filters that you can apply only after external auth. * **RBAC**: Note that the RBAC filter requires the `JwtStaged` filter. See the [RBAC proto reference]({{% versioned_link_path fromRoot="/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/rbac/rbac.proto.sk/" %}}). * **gRPC-web**: See the [gRPC web guide]({{% versioned_link_path fromRoot="/guides/traffic_management/listener_configuration/grpc_web/" %}}). diff --git a/docs/content/operations/advanced/zero-downtime-gateway-rollout/_index.md b/docs/content/operations/advanced/zero-downtime-gateway-rollout/_index.md index 09992c5e172..4f68ae58e9a 100644 --- a/docs/content/operations/advanced/zero-downtime-gateway-rollout/_index.md +++ b/docs/content/operations/advanced/zero-downtime-gateway-rollout/_index.md @@ -82,8 +82,6 @@ In the previous example, `Upstream` pings are issued every 2 seconds. You might ``` {{< /highlight >}} -For more information, see the [health check API documentation]({{% versioned_link_path fromRoot="/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/v2/core/health_check.proto.sk/#healthcheck" %}}). - [Retries]({{% versioned_link_path fromRoot="/guides/traffic_management/request_processing/retries/" %}}) are configured on `VirtualServices` at the route level: {{< highlight yaml "hl_lines=17" >}} diff --git a/docs/content/operations/production_deployment/_index.md b/docs/content/operations/production_deployment/_index.md index 8b760467ea2..e4dfb9b8bad 100644 --- a/docs/content/operations/production_deployment/_index.md +++ b/docs/content/operations/production_deployment/_index.md @@ -285,7 +285,7 @@ Also, consider using `retries` on your _routes_. The default value for this attr ### Proxy latency filter -In the `httpGateway.options` section of your Gateway resource, you can enable the proxy latency filter. This Envoy filter measures the request and response latency incurred by the filter chain in additional histograms and access log parameters. For more information about the `proxyLatency` section, see the [API reference]({{% versioned_link_path fromRoot="/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/proxylatency/proxylatency.proto.sk/#proxylatency" %}}). +In the `httpGateway.options` section of your Gateway resource, you can enable the proxy latency filter. This Envoy filter measures the request and response latency incurred by the filter chain in additional histograms and access log parameters. ### Grafana dashboards diff --git a/docs/content/reference/api/envoy/api/v2/route/route.proto.sk.md b/docs/content/reference/api/envoy/api/v2/route/route.proto.sk.md index 519775ec9ae..2d8c4f0e864 100644 --- a/docs/content/reference/api/envoy/api/v2/route/route.proto.sk.md +++ b/docs/content/reference/api/envoy/api/v2/route/route.proto.sk.md @@ -1060,7 +1060,7 @@ Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HT | `name` | `string` | Specifies the name of the header in the request. | | `exactMatch` | `string` | If specified, header match will be performed based on the value of the header. Only one of `exactMatch`, `regexMatch`, `rangeMatch`, `presentMatch`, `prefixMatch`, or `suffixMatch` can be set. | | `regexMatch` | `string` | If specified, this regex string is a regular expression rule which implies the entire request header value must match the regex. The rule will not match if only a subsequence of the request header value matches the regex. The regex grammar used in the value field is defined [here](https://en.cppreference.com/w/cpp/regex/ecmascript). Examples: * The regex *\d{3}* matches the value *123* * The regex *\d{3}* does not match the value *1234* * The regex *\d{3}* does not match the value *123.456*. Only one of `regexMatch`, `exactMatch`, `rangeMatch`, `presentMatch`, `prefixMatch`, or `suffixMatch` can be set. | -| `rangeMatch` | [.solo.io.envoy.type.Int64Range](../../../../../github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/range.proto.sk/#int64range) | If specified, header match will be performed based on range. The rule will match if the request header value is within this range. The entire request header value must represent an integer in base 10 notation: consisting of an optional plus or minus sign followed by a sequence of digits. The rule will not match if the header value does not represent an integer. Match will fail for empty values, floating point numbers or if only a subsequence of the header value is an integer. Examples: * For range [-10,0), route will match for header value -1, but not for 0, "somestring", 10.9, "-1somestring". Only one of `rangeMatch`, `exactMatch`, `regexMatch`, `presentMatch`, `prefixMatch`, or `suffixMatch` can be set. | +| `rangeMatch` | .solo.io.envoy.type.Int64Range | If specified, header match will be performed based on range. The rule will match if the request header value is within this range. The entire request header value must represent an integer in base 10 notation: consisting of an optional plus or minus sign followed by a sequence of digits. The rule will not match if the header value does not represent an integer. Match will fail for empty values, floating point numbers or if only a subsequence of the header value is an integer. Examples: * For range [-10,0), route will match for header value -1, but not for 0, "somestring", 10.9, "-1somestring". Only one of `rangeMatch`, `exactMatch`, `regexMatch`, `presentMatch`, `prefixMatch`, or `suffixMatch` can be set. | | `presentMatch` | `bool` | If specified, header match will be performed based on whether the header is in the request. Only one of `presentMatch`, `exactMatch`, `regexMatch`, `rangeMatch`, `prefixMatch`, or `suffixMatch` can be set. | | `prefixMatch` | `string` | If specified, header match will be performed based on the prefix of the header value. Note: empty prefix is not allowed, please use present_match instead. Examples: * The prefix *abcd* matches the value *abcdxyz*, but not for *abcxyz*. Only one of `prefixMatch`, `exactMatch`, `regexMatch`, `rangeMatch`, `presentMatch`, or `suffixMatch` can be set. | | `suffixMatch` | `string` | If specified, header match will be performed based on the suffix of the header value. Note: empty suffix is not allowed, please use present_match instead. Examples: * The suffix *abcd* matches the value *xyzabcd*, but not for *xyzbcd*. Only one of `suffixMatch`, `exactMatch`, `regexMatch`, `rangeMatch`, `presentMatch`, or `prefixMatch` can be set. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/gateway.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/gateway.proto.sk.md index cf6d898bd56..e7e5122c447 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/gateway.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/gateway.proto.sk.md @@ -189,7 +189,7 @@ and the routing configuration to upstreams that are reachable via a specific por | Field | Type | Description | | ----- | ---- | ----------- | | `sslConfig` | [.gloo.solo.io.SslConfig](../../../../gloo/api/v1/ssl/ssl.proto.sk/#sslconfig) | Gloo use SNI domains as matching criteria for Gateway selection The other ssl_config properties will be applied to the outputFilterChain's transport socket SslConfig from VirtualServices will be ignored in a MatchedGateway. | -| `sourcePrefixRanges` | [[]solo.io.envoy.config.core.v3.CidrRange](../../../../gloo/api/external/envoy/config/core/v3/address.proto.sk/#cidrrange) | CidrRange specifies an IP Address and a prefix length to construct the subnet mask for a CIDR range. See https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-cidrrange. | +| `sourcePrefixRanges` | []solo.io.envoy.config.core.v3.CidrRange | CidrRange specifies an IP Address and a prefix length to construct the subnet mask for a CIDR range. See https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-cidrrange. | | `passthroughCipherSuites` | `[]string` | Enterprise-only: Passthrough cipher suites is an allow-list of OpenSSL cipher suite names for which TLS passthrough will be enabled. If a client does not support any ciphers that are natively supported by Envoy, but does support one of the ciphers in the passthrough list, then traffic will be routed via TCP Proxy to a destination specified by the TcpGateway, where TLS can then be terminated. This field is only applicable to TcpGateways. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/matchable_http_gateway.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/matchable_http_gateway.proto.sk.md index 274e49f52c3..733fd1aef12 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/matchable_http_gateway.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/matchable_http_gateway.proto.sk.md @@ -66,7 +66,7 @@ and FilterChain configuration (MatchableHttpGateway CR) | Field | Type | Description | | ----- | ---- | ----------- | -| `sourcePrefixRanges` | [[]solo.io.envoy.config.core.v3.CidrRange](../../../../gloo/api/external/envoy/config/core/v3/address.proto.sk/#cidrrange) | CidrRange specifies an IP Address and a prefix length to construct the subnet mask for a CIDR range. See https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-cidrrange. | +| `sourcePrefixRanges` | []solo.io.envoy.config.core.v3.CidrRange | CidrRange specifies an IP Address and a prefix length to construct the subnet mask for a CIDR range. See https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-cidrrange. | | `sslConfig` | [.gloo.solo.io.SslConfig](../../../../gloo/api/v1/ssl/ssl.proto.sk/#sslconfig) | Ssl configuration applied to the FilterChain: - FilterChainMatch: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/listener/v3/listener_components.proto#config-listener-v3-filterchainmatch) - TransportSocket: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#envoy-v3-api-msg-config-core-v3-transportsocket. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/matchable_tcp_gateway.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/matchable_tcp_gateway.proto.sk.md index e033e6b49ba..a8bf5d8edf9 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/matchable_tcp_gateway.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gateway/api/v1/matchable_tcp_gateway.proto.sk.md @@ -65,7 +65,7 @@ and FilterChain configuration (MatchableTcpGateway CR). | Field | Type | Description | | ----- | ---- | ----------- | -| `sourcePrefixRanges` | [[]solo.io.envoy.config.core.v3.CidrRange](../../../../gloo/api/external/envoy/config/core/v3/address.proto.sk/#cidrrange) | CidrRange specifies an IP Address and a prefix length to construct the subnet mask for a CIDR range. See https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-cidrrange. | +| `sourcePrefixRanges` | []solo.io.envoy.config.core.v3.CidrRange | CidrRange specifies an IP Address and a prefix length to construct the subnet mask for a CIDR range. See https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/address.proto#envoy-v3-api-msg-config-core-v3-cidrrange. | | `sslConfig` | [.gloo.solo.io.SslConfig](../../../../gloo/api/v1/ssl/ssl.proto.sk/#sslconfig) | Ssl configuration applied to the FilterChain, if using passthrough should not include secrets : - FilterChainMatch: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/listener/v3/listener_components.proto#config-listener-v3-filterchainmatch) - TransportSocket: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/base.proto#envoy-v3-api-msg-config-core-v3-transportsocket. | | `passthroughCipherSuites` | `[]string` | Enterprise-only: Passthrough cipher suites is an allow-list of OpenSSL cipher suite names for which TLS passthrough will be enabled. If a client does not support any ciphers that are natively supported by Envoy, but does support one of the ciphers in the passthrough list, then traffic will be routed via TCP Proxy to a destination specified by the TcpGateway, where TLS can then be terminated. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/consul/query_options.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/consul/query_options.proto.sk.md deleted file mode 100644 index e1b6ef1a958..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/consul/query_options.proto.sk.md +++ /dev/null @@ -1,62 +0,0 @@ - ---- -title: "query_options.proto" -weight: 5 ---- - - - - -### Package: `consul.external.gloo.solo.io` -#### Types: - - -- [QueryOptions](#queryoptions) - - - - -##### Enums: - - - - [ConsulConsistencyModes](#consulconsistencymodes) - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/consul/query_options.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/consul/query_options.proto) - - - - - ---- -### QueryOptions - - -mirrors client query options struct in consul catalog api - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - -### ConsulConsistencyModes - -Description: These are the same consistency modes offered by Consul. For more information please review https://www.consul.io/api-docs/features/consistency. -For more information please review https://pkg.go.dev/github.com/hashicorp/consul/api#QueryOptions. - -| Name | Description | -| ----- | ----------- | -| ConsistentMode | This is strongly consistent. Sets the RequireConsistent in the consul api to true. | -| DefaultMode | This will set (clears) both the AllowStale and the RequireConsistent in the consul api to false. | -| StaleMode | Allows stale reads when set. This will set the AllowStale in the consul api. | - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/envoy/extensions/transport_sockets/proxy_protocol/v3/upstream_proxy_protocol.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/envoy/extensions/transport_sockets/proxy_protocol/v3/upstream_proxy_protocol.proto.sk.md deleted file mode 100644 index ad91771e775..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/envoy/extensions/transport_sockets/proxy_protocol/v3/upstream_proxy_protocol.proto.sk.md +++ /dev/null @@ -1,48 +0,0 @@ - ---- -title: "upstream_proxy_protocol.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.extensions.transport_sockets.proxy_protocol.v3` -#### Types: - - -- [ProxyProtocolUpstreamTransport](#proxyprotocolupstreamtransport) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/envoy/extensions/transport_sockets/proxy_protocol/v3/upstream_proxy_protocol.proto](https://github.com/solo-io/gloo/blob/master/projects/gloo/api/external/envoy/api/envoy/extensions/transport_sockets/proxy_protocol/v3/upstream_proxy_protocol.proto) - - - - - ---- -### ProxyProtocolUpstreamTransport - - -Configuration for PROXY protocol socket - -```yaml -"config": .solo.io.envoy.config.core.v3.ProxyProtocolConfig -"transportSocket": .solo.io.envoy.config.core.v3.TransportSocket - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `config` | [.solo.io.envoy.config.core.v3.ProxyProtocolConfig](../../../../../../../config/core/v3/proxy_protocol.proto.sk/#proxyprotocolconfig) | The PROXY protocol settings. | -| `transportSocket` | [.solo.io.envoy.config.core.v3.TransportSocket](../../../../../../../config/core/v3/base.proto.sk/#transportsocket) | The underlying transport socket being wrapped. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/v2/cluster/outlier_detection.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/v2/cluster/outlier_detection.proto.sk.md deleted file mode 100644 index 87ae60dc8b9..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/v2/cluster/outlier_detection.proto.sk.md +++ /dev/null @@ -1,75 +0,0 @@ - ---- -title: "outlier_detection.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.api.v2.cluster` -#### Types: - - -- [OutlierDetection](#outlierdetection) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/v2/cluster/outlier_detection.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/api/v2/cluster/outlier_detection.proto) - - - - - ---- -### OutlierDetection - - -See the `architecture overview (arch_overview_outlier_detection)` for -more information on outlier detection. - -```yaml -"consecutive5Xx": .google.protobuf.UInt32Value -"interval": .google.protobuf.Duration -"baseEjectionTime": .google.protobuf.Duration -"maxEjectionPercent": .google.protobuf.UInt32Value -"enforcingConsecutive5Xx": .google.protobuf.UInt32Value -"enforcingSuccessRate": .google.protobuf.UInt32Value -"successRateMinimumHosts": .google.protobuf.UInt32Value -"successRateRequestVolume": .google.protobuf.UInt32Value -"successRateStdevFactor": .google.protobuf.UInt32Value -"consecutiveGatewayFailure": .google.protobuf.UInt32Value -"enforcingConsecutiveGatewayFailure": .google.protobuf.UInt32Value -"splitExternalLocalOriginErrors": bool -"consecutiveLocalOriginFailure": .google.protobuf.UInt32Value -"enforcingConsecutiveLocalOriginFailure": .google.protobuf.UInt32Value -"enforcingLocalOriginSuccessRate": .google.protobuf.UInt32Value - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `consecutive5Xx` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The number of consecutive 5xx responses or local origin errors that are mapped to 5xx error codes before a consecutive 5xx ejection occurs. Defaults to 5. | -| `interval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The time interval between ejection analysis sweeps. This can result in both new ejections as well as hosts being returned to service. Defaults to 10000ms or 10s. | -| `baseEjectionTime` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The base time that a host is ejected for. The real time is equal to the base time multiplied by the number of times the host has been ejected. Defaults to 30000ms or 30s. | -| `maxEjectionPercent` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The maximum % of an upstream cluster that can be ejected due to outlier detection. Defaults to 10% but will eject at least one host regardless of the value. | -| `enforcingConsecutive5Xx` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The % chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. | -| `enforcingSuccessRate` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The % chance that a host will be actually ejected when an outlier status is detected through success rate statistics. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. | -| `successRateMinimumHosts` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The number of hosts in a cluster that must have enough request volume to detect success rate outliers. If the number of hosts is less than this setting, outlier detection via success rate statistics is not performed for any host in the cluster. Defaults to 5. | -| `successRateRequestVolume` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The minimum number of total requests that must be collected in one interval (as defined by the interval duration above) to include this host in success rate based outlier detection. If the volume is lower than this setting, outlier detection via success rate statistics is not performed for that host. Defaults to 100. | -| `successRateStdevFactor` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | This factor is used to determine the ejection threshold for success rate outlier ejection. The ejection threshold is the difference between the mean success rate, and the product of this factor and the standard deviation of the mean success rate: mean - (stdev * success_rate_stdev_factor). This factor is divided by a thousand to get a double. That is, if the desired factor is 1.9, the runtime value should be 1900. Defaults to 1900. | -| `consecutiveGatewayFailure` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The number of consecutive gateway failures (502, 503, 504 status codes) before a consecutive gateway failure ejection occurs. Defaults to 5. | -| `enforcingConsecutiveGatewayFailure` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The % chance that a host will be actually ejected when an outlier status is detected through consecutive gateway failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 0. | -| `splitExternalLocalOriginErrors` | `bool` | Determines whether to distinguish local origin failures from external errors. If set to true the following configuration parameters are taken into account: `consecutive_local_origin_failure (envoy_api_field_cluster.OutlierDetection.consecutive_local_origin_failure)`, `enforcing_consecutive_local_origin_failure (envoy_api_field_cluster.OutlierDetection.enforcing_consecutive_local_origin_failure)` and `enforcing_local_origin_success_rate (envoy_api_field_cluster.OutlierDetection.enforcing_local_origin_success_rate)`. Defaults to false. | -| `consecutiveLocalOriginFailure` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The number of consecutive locally originated failures before ejection occurs. Defaults to 5. Parameter takes effect only when `split_external_local_origin_errors (envoy_api_field_cluster.OutlierDetection.split_external_local_origin_errors)` is set to true. | -| `enforcingConsecutiveLocalOriginFailure` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The % chance that a host will be actually ejected when an outlier status is detected through consecutive locally originated failures. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. Parameter takes effect only when `split_external_local_origin_errors (envoy_api_field_cluster.OutlierDetection.split_external_local_origin_errors)` is set to true. | -| `enforcingLocalOriginSuccessRate` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The % chance that a host will be actually ejected when an outlier status is detected through success rate statistics for locally originated errors. This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100. Parameter takes effect only when `split_external_local_origin_errors (envoy_api_field_cluster.OutlierDetection.split_external_local_origin_errors)` is set to true. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/v2/core/health_check.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/v2/core/health_check.proto.sk.md deleted file mode 100644 index da672fa11a1..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/v2/core/health_check.proto.sk.md +++ /dev/null @@ -1,239 +0,0 @@ - ---- -title: "health_check.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.api.v2.core` -#### Types: - - -- [HealthCheck](#healthcheck) -- [Payload](#payload) -- [HttpHealthCheck](#httphealthcheck) -- [TcpHealthCheck](#tcphealthcheck) -- [RedisHealthCheck](#redishealthcheck) -- [GrpcHealthCheck](#grpchealthcheck) -- [CustomHealthCheck](#customhealthcheck) - - - - -##### Enums: - - - - [HealthStatus](#healthstatus) - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/api/v2/core/health_check.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/api/v2/core/health_check.proto) - - - - - ---- -### HealthCheck - - - -```yaml -"timeout": .google.protobuf.Duration -"interval": .google.protobuf.Duration -"initialJitter": .google.protobuf.Duration -"intervalJitter": .google.protobuf.Duration -"intervalJitterPercent": int -"unhealthyThreshold": .google.protobuf.UInt32Value -"healthyThreshold": .google.protobuf.UInt32Value -"reuseConnection": .google.protobuf.BoolValue -"httpHealthCheck": .solo.io.envoy.api.v2.core.HealthCheck.HttpHealthCheck -"tcpHealthCheck": .solo.io.envoy.api.v2.core.HealthCheck.TcpHealthCheck -"grpcHealthCheck": .solo.io.envoy.api.v2.core.HealthCheck.GrpcHealthCheck -"customHealthCheck": .solo.io.envoy.api.v2.core.HealthCheck.CustomHealthCheck -"noTrafficInterval": .google.protobuf.Duration -"unhealthyInterval": .google.protobuf.Duration -"unhealthyEdgeInterval": .google.protobuf.Duration -"healthyEdgeInterval": .google.protobuf.Duration -"eventLogPath": string -"alwaysLogHealthCheckFailures": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `timeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The time to wait for a health check response. If the timeout is reached the health check attempt will be considered a failure. | -| `interval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The interval between health checks. | -| `initialJitter` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | An optional jitter amount in milliseconds. If specified, Envoy will start health checking after for a random time in ms between 0 and initial_jitter. This only applies to the first health check. | -| `intervalJitter` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | An optional jitter amount in milliseconds. If specified, during every interval Envoy will add interval_jitter to the wait time. | -| `intervalJitterPercent` | `int` | An optional jitter amount as a percentage of interval_ms. If specified, during every interval Envoy will add interval_ms * interval_jitter_percent / 100 to the wait time. If interval_jitter_ms and interval_jitter_percent are both set, both of them will be used to increase the wait time. | -| `unhealthyThreshold` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The number of unhealthy health checks required before a host is marked unhealthy. Note that for *http* health checking if a host responds with 503 this threshold is ignored and the host is considered unhealthy immediately. | -| `healthyThreshold` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The number of healthy health checks required before a host is marked healthy. Note that during startup, only a single successful health check is required to mark a host healthy. | -| `reuseConnection` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Reuse health check connection between health checks. Default is true. | -| `httpHealthCheck` | [.solo.io.envoy.api.v2.core.HealthCheck.HttpHealthCheck](../health_check.proto.sk/#httphealthcheck) | HTTP health check. Only one of `httpHealthCheck`, `tcpHealthCheck`, `grpcHealthCheck`, or `customHealthCheck` can be set. | -| `tcpHealthCheck` | [.solo.io.envoy.api.v2.core.HealthCheck.TcpHealthCheck](../health_check.proto.sk/#tcphealthcheck) | TCP health check. Only one of `tcpHealthCheck`, `httpHealthCheck`, `grpcHealthCheck`, or `customHealthCheck` can be set. | -| `grpcHealthCheck` | [.solo.io.envoy.api.v2.core.HealthCheck.GrpcHealthCheck](../health_check.proto.sk/#grpchealthcheck) | gRPC health check. Only one of `grpcHealthCheck`, `httpHealthCheck`, `tcpHealthCheck`, or `customHealthCheck` can be set. | -| `customHealthCheck` | [.solo.io.envoy.api.v2.core.HealthCheck.CustomHealthCheck](../health_check.proto.sk/#customhealthcheck) | Custom health check. Only one of `customHealthCheck`, `httpHealthCheck`, `tcpHealthCheck`, or `grpcHealthCheck` can be set. | -| `noTrafficInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The "no traffic interval" is a special health check interval that is used when a cluster has never had traffic routed to it. This lower interval allows cluster information to be kept up to date, without sending a potentially large amount of active health checking traffic for no reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the standard health check interval that is defined. Note that this interval takes precedence over any other. The default value for "no traffic interval" is 60 seconds. | -| `unhealthyInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The "unhealthy interval" is a health check interval that is used for hosts that are marked as unhealthy. As soon as the host is marked as healthy, Envoy will shift back to using the standard health check interval that is defined. The default value for "unhealthy interval" is the same as "interval". | -| `unhealthyEdgeInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The "unhealthy edge interval" is a special health check interval that is used for the first health check right after a host is marked as unhealthy. For subsequent health checks Envoy will shift back to using either "unhealthy interval" if present or the standard health check interval that is defined. The default value for "unhealthy edge interval" is the same as "unhealthy interval". | -| `healthyEdgeInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The "healthy edge interval" is a special health check interval that is used for the first health check right after a host is marked as healthy. For subsequent health checks Envoy will shift back to using the standard health check interval that is defined. The default value for "healthy edge interval" is the same as the default interval. | -| `eventLogPath` | `string` | Specifies the path to the `health check event log (arch_overview_health_check_logging)`. If empty, no event log will be written. | -| `alwaysLogHealthCheckFailures` | `bool` | If set to true, health check failure events will always be logged. If set to false, only the initial health check failure event will be logged. The default value is false. | - - - - ---- -### Payload - - -Describes the encoding of the payload bytes in the payload. - -```yaml -"text": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `text` | `string` | Hex encoded payload. E.g., "000000FF". | - - - - ---- -### HttpHealthCheck - - -[#comment:next free field: 11] - -```yaml -"host": string -"path": string -"serviceName": string -"requestHeadersToAdd": []solo.io.envoy.api.v2.core.HeaderValueOption -"requestHeadersToRemove": []string -"useHttp2": bool -"expectedStatuses": []solo.io.envoy.type.Int64Range -"responseAssertions": .advancedhttp.options.gloo.solo.io.ResponseAssertions -"method": .solo.io.envoy.config.core.v3.RequestMethod - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `host` | `string` | The value of the host header in the HTTP health check request. If left empty (default value), the name of the cluster this health check is associated with will be used. | -| `path` | `string` | Specifies the HTTP path that will be requested during health checking. For example */healthcheck*. | -| `serviceName` | `string` | An optional service name parameter which is used to validate the identity of the health checked cluster. See the `architecture overview (arch_overview_health_checking_identity)` for more information. | -| `requestHeadersToAdd` | [[]solo.io.envoy.api.v2.core.HeaderValueOption](../../../../../../../../../../solo-kit/api/external/envoy/api/v2/core/base.proto.sk/#headervalueoption) | Specifies a list of HTTP headers that should be added to each request that is sent to the health checked cluster. For more information, including details on header value syntax, see the documentation on `custom request headers (config_http_conn_man_headers_custom_request_headers)`. | -| `requestHeadersToRemove` | `[]string` | Specifies a list of HTTP headers that should be removed from each request that is sent to the health checked cluster. | -| `useHttp2` | `bool` | If set, health checks will be made using http/2. | -| `expectedStatuses` | [[]solo.io.envoy.type.Int64Range](../../../../type/range.proto.sk/#int64range) | Specifies a list of HTTP response statuses considered healthy. If provided, replaces default 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open semantics of `Int64Range (envoy_api_msg_type.Int64Range)`. | -| `responseAssertions` | [.advancedhttp.options.gloo.solo.io.ResponseAssertions](../../../../../../v1/options/advanced_http/advanced_http.proto.sk/#responseassertions) | (Enterprise Only): If defined, the response health check rules take precedence over the http `expected_statuses`. | -| `method` | [.solo.io.envoy.config.core.v3.RequestMethod](../../../../config/core/v3/base.proto.sk/#requestmethod) | HTTP Method that will be used for health checking, default is "GET". GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH methods are supported, but making request body is not supported. CONNECT method is disallowed because it is not appropriate for health check request. If a non-200 response is expected by the method, it needs to be set in expected_statuses. | - - - - ---- -### TcpHealthCheck - - - -```yaml -"send": .solo.io.envoy.api.v2.core.HealthCheck.Payload -"receive": []solo.io.envoy.api.v2.core.HealthCheck.Payload - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `send` | [.solo.io.envoy.api.v2.core.HealthCheck.Payload](../health_check.proto.sk/#payload) | Empty payloads imply a connect-only health check. | -| `receive` | [[]solo.io.envoy.api.v2.core.HealthCheck.Payload](../health_check.proto.sk/#payload) | When checking the response, “fuzzy” matching is performed such that each binary block must be found, and in the order specified, but not necessarily contiguous. | - - - - ---- -### RedisHealthCheck - - - -```yaml -"key": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `key` | `string` | If set, optionally perform `EXISTS ` instead of `PING`. A return value from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance by setting the specified key to any value and waiting for traffic to drain. | - - - - ---- -### GrpcHealthCheck - - -[grpc.health.v1.Health](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto)-based -healthcheck. See [gRPC doc](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) -for details. - -```yaml -"serviceName": string -"authority": string -"initialMetadata": []solo.io.envoy.api.v2.core.HeaderValueOption - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `serviceName` | `string` | An optional service name parameter which will be sent to gRPC service in [grpc.health.v1.HealthCheckRequest](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto#L20) message. See [gRPC health-checking overview](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) for more information. | -| `authority` | `string` | The value of the :authority header in the gRPC health check request. If left empty (default value), the name of the cluster this health check is associated with will be used. | -| `initialMetadata` | [[]solo.io.envoy.api.v2.core.HeaderValueOption](../../../../../../../../../../solo-kit/api/external/envoy/api/v2/core/base.proto.sk/#headervalueoption) | Specifies a list of key-value pairs that should be added to the metadata of each GRPC call that is sent to the health checked cluster. | - - - - ---- -### CustomHealthCheck - - -Custom health check. - -```yaml -"name": string -"config": .google.protobuf.Struct -"typedConfig": .google.protobuf.Any - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | The registered name of the custom health checker. | -| `config` | [.google.protobuf.Struct](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/struct) | Only one of `config` or `typedConfig` can be set. | -| `typedConfig` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | Only one of `typedConfig` or `config` can be set. | - - - - -### HealthStatus - -Description: Endpoint health status. - -| Name | Description | -| ----- | ----------- | -| UNKNOWN | The health status is not known. This is interpreted by Envoy as *HEALTHY*. | -| HEALTHY | Healthy. | -| UNHEALTHY | Unhealthy. | -| DRAINING | Connection draining in progress. E.g., https://aws.amazon.com/blogs/aws/elb-connection-draining-remove-instances-from-service-with-care/ or https://cloud.google.com/compute/docs/load-balancing/enabling-connection-draining. This is interpreted by Envoy as *UNHEALTHY*. | -| TIMEOUT | Health check timed out. This is part of HDS and is interpreted by Envoy as *UNHEALTHY*. | -| DEGRADED | Degraded. | - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto.sk.md deleted file mode 100644 index 0479a5be108..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto.sk.md +++ /dev/null @@ -1,109 +0,0 @@ - ---- -title: "mutation_rules.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.common.mutation_rules.v3` -copied from https://github.com/envoyproxy/envoy/blob/ad89a587aa0177bfdad6b5c968a6aead5d9be7a4/api/envoy/config/common/mutation_rules/v3/mutation_rules.proto - - - -#### Types: - - -- [HeaderMutationRules](#headermutationrules) -- [HeaderMutation](#headermutation) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto) - - - - - ---- -### HeaderMutationRules - - -The HeaderMutationRules structure specifies what headers may be -manipulated by a processing filter. This set of rules makes it -possible to control which modifications a filter may make. - -By default, an external processing server may add, modify, or remove -any header except for an "Envoy internal" header (which is typically -denoted by an x-envoy prefix) or specific headers that may affect -further filter processing: - -* `host` -* `:authority` -* `:scheme` -* `:method` - -Every attempt to add, change, append, or remove a header will be -tested against the rules here. Disallowed header mutations will be -ignored unless `disallow_is_error` is set to true. - -Attempts to remove headers are further constrained -- regardless of the -settings, system-defined headers (that start with `:`) and the `host` -header may never be removed. - -In addition, a counter will be incremented whenever a mutation is -rejected. In the ext_proc filter, that counter is named -`rejected_header_mutations`. -[#next-free-field: 8] - -```yaml -"allowAllRouting": .google.protobuf.BoolValue -"allowEnvoy": .google.protobuf.BoolValue -"disallowSystem": .google.protobuf.BoolValue -"disallowAll": .google.protobuf.BoolValue -"allowExpression": .solo.io.envoy.type.matcher.v3.RegexMatcher -"disallowExpression": .solo.io.envoy.type.matcher.v3.RegexMatcher -"disallowIsError": .google.protobuf.BoolValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `allowAllRouting` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | By default, certain headers that could affect processing of subsequent filters or request routing cannot be modified. These headers are `host`, `:authority`, `:scheme`, and `:method`. Setting this parameter to true allows these headers to be modified as well. | -| `allowEnvoy` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If true, allow modification of envoy internal headers. By default, these start with `x-envoy` but this may be overridden in the `Bootstrap` configuration using the :ref:`header_prefix ` field. Default is false. | -| `disallowSystem` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If true, prevent modification of any system header, defined as a header that starts with a `:` character, regardless of any other settings. A processing server may still override the `:status` of an HTTP response using an `ImmediateResponse` message. Default is false. | -| `disallowAll` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If true, prevent modifications of all header values, regardless of any other settings. A processing server may still override the `:status` of an HTTP response using an `ImmediateResponse` message. Default is false. | -| `allowExpression` | [.solo.io.envoy.type.matcher.v3.RegexMatcher](../../../../../type/matcher/v3/regex.proto.sk/#regexmatcher) | If set, specifically allow any header that matches this regular expression. This overrides all other settings except for `disallow_expression`. | -| `disallowExpression` | [.solo.io.envoy.type.matcher.v3.RegexMatcher](../../../../../type/matcher/v3/regex.proto.sk/#regexmatcher) | If set, specifically disallow any header that matches this regular expression regardless of any other settings. | -| `disallowIsError` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If true, and if the rules in this list cause a header mutation to be disallowed, then the filter using this configuration will terminate the request with a 500 error. In addition, regardless of the setting of this parameter, any attempt to set, add, or modify a disallowed header will cause the `rejected_header_mutations` counter to be incremented. Default is false. | - - - - ---- -### HeaderMutation - - -The HeaderMutation structure specifies an action that may be taken on HTTP -headers. - -```yaml -"remove": string -"append": .solo.io.envoy.config.core.v3.HeaderValueOption - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `remove` | `string` | Remove the specified header if it exists. Only one of `remove` or `append` can be set. | -| `append` | [.solo.io.envoy.config.core.v3.HeaderValueOption](../../../../core/v3/base.proto.sk/#headervalueoption) | Append new header by the specified HeaderValueOption. Only one of `append` or `remove` can be set. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/address.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/address.proto.sk.md deleted file mode 100644 index 5c2b4de3304..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/address.proto.sk.md +++ /dev/null @@ -1,179 +0,0 @@ - ---- -title: "address.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.core.v3` -#### Types: - - -- [Pipe](#pipe) -- [SocketAddress](#socketaddress) -- [Protocol](#protocol) -- [TcpKeepalive](#tcpkeepalive) -- [BindConfig](#bindconfig) -- [Address](#address) -- [CidrRange](#cidrrange) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/address.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/core/v3/address.proto) - - - - - ---- -### Pipe - - - -```yaml -"path": string -"mode": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `path` | `string` | Unix Domain Socket path. On Linux, paths starting with '@' will use the abstract namespace. The starting '@' is replaced by a null byte by Envoy. Paths starting with '@' will result in an error in environments other than Linux. | -| `mode` | `int` | The mode for the Pipe. Not applicable for abstract sockets. | - - - - ---- -### SocketAddress - - -[#next-free-field: 7] - -```yaml -"protocol": .solo.io.envoy.config.core.v3.SocketAddress.Protocol -"address": string -"portValue": int -"namedPort": string -"resolverName": string -"ipv4Compat": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `protocol` | [.solo.io.envoy.config.core.v3.SocketAddress.Protocol](../address.proto.sk/#protocol) | | -| `address` | `string` | The address for this socket. Listeners will bind to the address. An empty address is not allowed. Specify `0.0.0.0` or `::` to bind to any address. [#comment:TODO(zuercher) reinstate when implemented: It is possible to distinguish a Listener address via the prefix/suffix matching in FilterChainMatch.] When used within an upstream BindConfig, the address controls the source address of outbound connections. For :ref:`clusters `, the cluster type determines whether the address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized via resolver_name. | -| `portValue` | `int` | Only one of `portValue` or `namedPort` can be set. | -| `namedPort` | `string` | This is only valid if :ref:`resolver_name ` is specified below and the named resolver is capable of named port resolution. Only one of `namedPort` or `portValue` can be set. | -| `resolverName` | `string` | The name of the custom resolver. This must have been registered with Envoy. If this is empty, a context dependent default applies. If the address is a concrete IP address, no resolution will occur. If address is a hostname this should be set for resolution other than DNS. Specifying a custom resolver with *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime. | -| `ipv4Compat` | `bool` | When binding to an IPv6 address above, this enables [IPv4 compatibility](https://datatracker.ietf.org/doc/html/rfc3493#page-11). Binding to `::` will allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into IPv6 space as `::FFFF:`. | - - - - ---- -### Protocol - - - -| Name | Description | -| ----- | ----------- | -| `TCP` | | -| `UDP` | | - - - - ---- -### TcpKeepalive - - - -```yaml -"keepaliveProbes": .google.protobuf.UInt32Value -"keepaliveTime": .google.protobuf.UInt32Value -"keepaliveInterval": .google.protobuf.UInt32Value - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `keepaliveProbes` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Maximum number of keepalive probes to send without response before deciding the connection is dead. Default is to use the OS level configuration (unless overridden, Linux defaults to 9.). | -| `keepaliveTime` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The number of seconds a connection needs to be idle before keep-alive probes start being sent. Default is to use the OS level configuration (unless overridden, Linux defaults to 7200s (i.e., 2 hours.). | -| `keepaliveInterval` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The number of seconds between keep-alive probes. Default is to use the OS level configuration (unless overridden, Linux defaults to 75s.). | - - - - ---- -### BindConfig - - - -```yaml -"sourceAddress": .solo.io.envoy.config.core.v3.SocketAddress -"freebind": .google.protobuf.BoolValue -"socketOptions": []solo.io.envoy.config.core.v3.SocketOption - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `sourceAddress` | [.solo.io.envoy.config.core.v3.SocketAddress](../address.proto.sk/#socketaddress) | The address to bind to when creating a socket. | -| `freebind` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Whether to set the *IP_FREEBIND* option when creating the socket. When this flag is set to true, allows the :ref:`source_address ` to be an IP address that is not configured on the system running Envoy. When this flag is set to false, the option *IP_FREEBIND* is disabled on the socket. When this flag is not set (default), the socket is not modified, i.e. the option is neither enabled nor disabled. | -| `socketOptions` | [[]solo.io.envoy.config.core.v3.SocketOption](../socket_option.proto.sk/#socketoption) | Additional socket options that may not be present in Envoy source code or precompiled binaries. | - - - - ---- -### Address - - -Addresses specify either a logical or physical address and port, which are -used to tell Envoy where to bind/listen, connect to upstream and find -management servers. - -```yaml -"socketAddress": .solo.io.envoy.config.core.v3.SocketAddress -"pipe": .solo.io.envoy.config.core.v3.Pipe - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `socketAddress` | [.solo.io.envoy.config.core.v3.SocketAddress](../address.proto.sk/#socketaddress) | Only one of `socketAddress` or `pipe` can be set. | -| `pipe` | [.solo.io.envoy.config.core.v3.Pipe](../address.proto.sk/#pipe) | Only one of `pipe` or `socketAddress` can be set. | - - - - ---- -### CidrRange - - -CidrRange specifies an IP Address and a prefix length to construct -the subnet mask for a [CIDR](https://datatracker.ietf.org/doc/html/rfc4632) range. - -```yaml -"addressPrefix": string -"prefixLen": .google.protobuf.UInt32Value - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `addressPrefix` | `string` | IPv4 or IPv6 address, e.g. `192.0.0.0` or `2001:db8::`. | -| `prefixLen` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Length of prefix, e.g. 0, 32. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/backoff.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/backoff.proto.sk.md deleted file mode 100644 index 4fe30370b79..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/backoff.proto.sk.md +++ /dev/null @@ -1,48 +0,0 @@ - ---- -title: "backoff.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.core.v3` -#### Types: - - -- [BackoffStrategy](#backoffstrategy) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/backoff.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/core/v3/backoff.proto) - - - - - ---- -### BackoffStrategy - - -Configuration defining a jittered exponential back off strategy. - -```yaml -"baseInterval": .google.protobuf.Duration -"maxInterval": .google.protobuf.Duration - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `baseInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The base interval to be used for the next back off computation. It should be greater than zero and less than or equal to :ref:`max_interval `. | -| `maxInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the maximum interval between retries. This parameter is optional, but must be greater than or equal to the :ref:`base_interval ` if set. The default is 10 times the :ref:`base_interval `. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/base.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/base.proto.sk.md deleted file mode 100644 index 07c4318d076..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/base.proto.sk.md +++ /dev/null @@ -1,516 +0,0 @@ - ---- -title: "base.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.core.v3` -#### Types: - - -- [Locality](#locality) -- [BuildVersion](#buildversion) -- [Extension](#extension) -- [Node](#node) -- [Metadata](#metadata) -- [RuntimeUInt32](#runtimeuint32) -- [RuntimeDouble](#runtimedouble) -- [RuntimeFeatureFlag](#runtimefeatureflag) -- [HeaderValue](#headervalue) -- [HeaderValueOption](#headervalueoption) -- [HeaderMap](#headermap) -- [DataSource](#datasource) -- [RetryPolicy](#retrypolicy) -- [RemoteDataSource](#remotedatasource) -- [AsyncDataSource](#asyncdatasource) -- [TransportSocket](#transportsocket) -- [RuntimeFractionalPercent](#runtimefractionalpercent) -- [ControlPlane](#controlplane) - - - - -##### Enums: - - - - [RoutingPriority](#routingpriority) - - [RequestMethod](#requestmethod) - - [TrafficDirection](#trafficdirection) - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/base.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/core/v3/base.proto) - - - - - ---- -### Locality - - -Identifies location of where either Envoy runs or where upstream hosts run. - -```yaml -"region": string -"zone": string -"subZone": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `region` | `string` | Region this zone belongs to. | -| `zone` | `string` | Defines the local service zone where Envoy is running. Though optional, it should be set if discovery service routing is used and the discovery service exposes zone data, either in this message or via `--service-zone`. The meaning of zone is context dependent, e.g. [Availability Zone (AZ)](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) on AWS, [Zone](https://cloud.google.com/compute/docs/regions-zones/) on GCP, etc. | -| `subZone` | `string` | When used for locality of upstream hosts, this field further splits zone into smaller chunks of sub-zones so they can be load balanced independently. | - - - - ---- -### BuildVersion - - -BuildVersion combines SemVer version of extension with free-form build information -(i.e. 'alpha', 'private-build') as a set of strings. - -```yaml -"version": .solo.io.envoy.type.v3.SemanticVersion -"metadata": .google.protobuf.Struct - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `version` | [.solo.io.envoy.type.v3.SemanticVersion](../../../../type/v3/semantic_version.proto.sk/#semanticversion) | SemVer version of extension. | -| `metadata` | [.google.protobuf.Struct](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/struct) | Free-form build information. Envoy defines several well known keys in the source/common/common/version.h file. | - - - - ---- -### Extension - - -Version and identification for an Envoy extension. -[#next-free-field: 6] - -```yaml -"name": string -"category": string -"typeDescriptor": string -"version": .solo.io.envoy.config.core.v3.BuildVersion -"disabled": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | This is the name of the Envoy filter as specified in the Envoy configuration, e.g. envoy.filters.http.router, com.acme.widget. | -| `category` | `string` | Category of the extension. Extension category names use reverse DNS notation. For instance "envoy.filters.listener" for Envoy's built-in listener filters or "com.acme.filters.http" for HTTP filters from acme.com vendor. [#comment:TODO(yanavlasov): Link to the doc with existing envoy category names.]. | -| `typeDescriptor` | `string` | [#not-implemented-hide:] Type descriptor of extension configuration proto. [#comment:TODO(yanavlasov): Link to the doc with existing configuration protos.] [#comment:TODO(yanavlasov): Add tests when PR #9391 lands.]. | -| `version` | [.solo.io.envoy.config.core.v3.BuildVersion](../base.proto.sk/#buildversion) | The version is a property of the extension and maintained independently of other extensions and the Envoy API. This field is not set when extension did not provide version information. | -| `disabled` | `bool` | Indicates that the extension is present but was disabled via dynamic configuration. | - - - - ---- -### Node - - -Identifies a specific Envoy instance. The node identifier is presented to the -management server, which may use this identifier to distinguish per Envoy -configuration for serving. -[#next-free-field: 12] - -```yaml -"id": string -"cluster": string -"metadata": .google.protobuf.Struct -"locality": .solo.io.envoy.config.core.v3.Locality -"userAgentName": string -"userAgentVersion": string -"userAgentBuildVersion": .solo.io.envoy.config.core.v3.BuildVersion -"extensions": []solo.io.envoy.config.core.v3.Extension -"clientFeatures": []string -"listeningAddresses": []solo.io.envoy.config.core.v3.Address - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `id` | `string` | An opaque node identifier for the Envoy node. This also provides the local service node name. It should be set if any of the following features are used: statsd, :ref:`CDS `, and :ref:`HTTP tracing `, either in this message or via `--service-node`. | -| `cluster` | `string` | Defines the local service cluster name where Envoy is running. Though optional, it should be set if any of the following features are used: statsd, :ref:`health check cluster verification `, runtime override directory, :ref:`user agent addition `, HTTP global rate limiting, CDS, and :ref:`HTTP tracing `, either in this message or via `--service-cluster`. | -| `metadata` | [.google.protobuf.Struct](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/struct) | Opaque metadata extending the node identifier. Envoy will pass this directly to the management server. | -| `locality` | [.solo.io.envoy.config.core.v3.Locality](../base.proto.sk/#locality) | Locality specifying where the Envoy instance is running. | -| `userAgentName` | `string` | Free-form string that identifies the entity requesting config. E.g. "envoy" or "grpc". | -| `userAgentVersion` | `string` | Free-form string that identifies the version of the entity requesting config. E.g. "1.12.2" or "abcd1234", or "SpecialEnvoyBuild". Only one of `userAgentVersion` or `userAgentBuildVersion` can be set. | -| `userAgentBuildVersion` | [.solo.io.envoy.config.core.v3.BuildVersion](../base.proto.sk/#buildversion) | Structured version of the entity requesting config. Only one of `userAgentBuildVersion` or `userAgentVersion` can be set. | -| `extensions` | [[]solo.io.envoy.config.core.v3.Extension](../base.proto.sk/#extension) | List of extensions and their versions supported by the node. | -| `clientFeatures` | `[]string` | Client feature support list. These are well known features described in the Envoy API repository for a given major version of an API. Client features use reverse DNS naming scheme, for example `com.acme.feature`. See the list of features that xDS client may support. | -| `listeningAddresses` | [[]solo.io.envoy.config.core.v3.Address](../address.proto.sk/#address) | Known listening ports on the node as a generic hint to the management server for filtering listeners to be returned. For example, if there is a listener bound to port 80, the list can optionally contain the SocketAddress `(0.0.0.0,80)`. The field is optional and just a hint. | - - - - ---- -### Metadata - - -Metadata provides additional inputs to filters based on matched listeners, -filter chains, routes and endpoints. It is structured as a map, usually from -filter name (in reverse DNS format) to metadata specific to the filter. Metadata -key-values for a filter are merged as connection and request handling occurs, -with later values for the same key overriding earlier values. - -An example use of metadata is providing additional values to -http_connection_manager in the envoy.http_connection_manager.access_log -namespace. - -Another example use of metadata is to per service config info in cluster metadata, which may get -consumed by multiple filters. - -For load balancing, Metadata provides a means to subset cluster endpoints. -Endpoints have a Metadata object associated and routes contain a Metadata -object to match against. There are some well defined metadata used today for -this purpose: - -* `{"envoy.lb": {"canary": }}` This indicates the canary status of an - endpoint and is also used during header processing - (x-envoy-upstream-canary) and for stats purposes. -[#next-major-version: move to type/metadata/v2] - -```yaml -"filterMetadata": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `filterMetadata` | `map` | Key is the reverse DNS filter name, e.g. com.acme.widget. The envoy.* namespace is reserved for Envoy's built-in filters. | - - - - ---- -### RuntimeUInt32 - - -Runtime derived uint32 with a default when not specified. - -```yaml -"defaultValue": int -"runtimeKey": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `defaultValue` | `int` | Default value if runtime value is not available. | -| `runtimeKey` | `string` | Runtime key to get value for comparison. This value is used if defined. | - - - - ---- -### RuntimeDouble - - -Runtime derived double with a default when not specified. - -```yaml -"defaultValue": float -"runtimeKey": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `defaultValue` | `float` | Default value if runtime value is not available. | -| `runtimeKey` | `string` | Runtime key to get value for comparison. This value is used if defined. | - - - - ---- -### RuntimeFeatureFlag - - -Runtime derived bool with a default when not specified. - -```yaml -"defaultValue": .google.protobuf.BoolValue -"runtimeKey": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `defaultValue` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Default value if runtime value is not available. | -| `runtimeKey` | `string` | Runtime key to get value for comparison. This value is used if defined. The boolean value must be represented via its [canonical JSON encoding](https://developers.google.com/protocol-buffers/docs/proto3#json). | - - - - ---- -### HeaderValue - - -Header name/value pair. - -```yaml -"key": string -"value": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `key` | `string` | Header name. | -| `value` | `string` | Header value. The same format specifier as used for HTTP access logging applies here, however unknown header values are replaced with the empty string instead of `-`. | - - - - ---- -### HeaderValueOption - - -Header name/value pair plus option to control append behavior. - -```yaml -"header": .solo.io.envoy.config.core.v3.HeaderValue -"append": .google.protobuf.BoolValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `header` | [.solo.io.envoy.config.core.v3.HeaderValue](../base.proto.sk/#headervalue) | Header name/value pair that this option applies to. | -| `append` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Should the value be appended? If true (default), the value is appended to existing values. | - - - - ---- -### HeaderMap - - -Wrapper for a set of headers. - -```yaml -"headers": []solo.io.envoy.config.core.v3.HeaderValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `headers` | [[]solo.io.envoy.config.core.v3.HeaderValue](../base.proto.sk/#headervalue) | | - - - - ---- -### DataSource - - -Data source consisting of either a file or an inline value. - -```yaml -"filename": string -"inlineBytes": bytes -"inlineString": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `filename` | `string` | Local filesystem data source. Only one of `filename`, `inlineBytes`, or `inlineString` can be set. | -| `inlineBytes` | `bytes` | Bytes inlined in the configuration. Only one of `inlineBytes`, `filename`, or `inlineString` can be set. | -| `inlineString` | `string` | String inlined in the configuration. Only one of `inlineString`, `filename`, or `inlineBytes` can be set. | - - - - ---- -### RetryPolicy - - -The message specifies the retry policy of remote data source when fetching fails. - -```yaml -"retryBackOff": .solo.io.envoy.config.core.v3.BackoffStrategy -"numRetries": .google.protobuf.UInt32Value - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `retryBackOff` | [.solo.io.envoy.config.core.v3.BackoffStrategy](../backoff.proto.sk/#backoffstrategy) | Specifies parameters that control retry backoff strategy. This parameter is optional, in which case the default base interval is 1000 milliseconds. The default maximum interval is 10 times the base interval. | -| `numRetries` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Specifies the allowed number of retries. This parameter is optional and defaults to 1. | - - - - ---- -### RemoteDataSource - - -The message specifies how to fetch data from remote and how to verify it. - -```yaml -"httpUri": .solo.io.envoy.config.core.v3.HttpUri -"sha256": string -"retryPolicy": .solo.io.envoy.config.core.v3.RetryPolicy - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `httpUri` | [.solo.io.envoy.config.core.v3.HttpUri](../http_uri.proto.sk/#httpuri) | The HTTP URI to fetch the remote data. | -| `sha256` | `string` | SHA256 string for verifying data. | -| `retryPolicy` | [.solo.io.envoy.config.core.v3.RetryPolicy](../base.proto.sk/#retrypolicy) | Retry policy for fetching remote data. | - - - - ---- -### AsyncDataSource - - -Async data source which support async data fetch. - -```yaml -"local": .solo.io.envoy.config.core.v3.DataSource -"remote": .solo.io.envoy.config.core.v3.RemoteDataSource - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `local` | [.solo.io.envoy.config.core.v3.DataSource](../base.proto.sk/#datasource) | Local async data source. Only one of `local` or `remote` can be set. | -| `remote` | [.solo.io.envoy.config.core.v3.RemoteDataSource](../base.proto.sk/#remotedatasource) | Remote async data source. Only one of `remote` or `local` can be set. | - - - - ---- -### TransportSocket - - -Configuration for transport socket in listeners and -clusters. If the configuration is -empty, a default transport socket implementation and configuration will be -chosen based on the platform and existence of tls_context. - -```yaml -"name": string -"typedConfig": .google.protobuf.Any - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | The name of the transport socket to instantiate. The name must match a supported transport socket implementation. | -| `typedConfig` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | | - - - - ---- -### RuntimeFractionalPercent - - -Runtime derived FractionalPercent with defaults for when the numerator or denominator is not -specified via a runtime key. - -**Note**: - - Parsing of the runtime key's data is implemented such that it may be represented as a - FractionalPercent proto represented as JSON/YAML - and may also be represented as an integer with the assumption that the value is an integral - percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse - as a `FractionalPercent` whose numerator is 42 and denominator is HUNDRED. - -```yaml -"defaultValue": .solo.io.envoy.type.v3.FractionalPercent -"runtimeKey": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `defaultValue` | [.solo.io.envoy.type.v3.FractionalPercent](../../../../type/v3/percent.proto.sk/#fractionalpercent) | Default value if the runtime value's for the numerator/denominator keys are not available. | -| `runtimeKey` | `string` | Runtime key for a YAML representation of a FractionalPercent. | - - - - ---- -### ControlPlane - - -Identifies a specific ControlPlane instance that Envoy is connected to. - -```yaml -"identifier": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `identifier` | `string` | An opaque control plane identifier that uniquely identifies an instance of control plane. This can be used to identify which control plane instance, the Envoy is connected to. | - - - - -### RoutingPriority - -Description: Envoy supports :ref:`upstream priority routing -` both at the route and the virtual -cluster level. The current priority implementation uses different connection -pool and circuit breaking settings for each priority level. This means that -even for HTTP/2 requests, two physical connections will be used to an -upstream host. In the future Envoy will likely support true HTTP/2 priority -over a single upstream connection. - -| Name | Description | -| ----- | ----------- | -| DEFAULT | | -| HIGH | | - -### RequestMethod - -Description: HTTP request method. - -| Name | Description | -| ----- | ----------- | -| METHOD_UNSPECIFIED | | -| GET | | -| HEAD | | -| POST | | -| PUT | | -| DELETE | | -| CONNECT | | -| OPTIONS | | -| TRACE | | -| PATCH | | - -### TrafficDirection - -Description: Identifies the direction of the traffic relative to the local Envoy. - -| Name | Description | -| ----- | ----------- | -| UNSPECIFIED | Default option is unspecified. | -| INBOUND | The transport is used for incoming traffic. | -| OUTBOUND | The transport is used for outgoing traffic. | - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/event_service_config.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/event_service_config.proto.sk.md deleted file mode 100644 index 09dbc6b4c80..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/event_service_config.proto.sk.md +++ /dev/null @@ -1,47 +0,0 @@ - ---- -title: "event_service_config.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.core.v3` -#### Types: - - -- [EventServiceConfig](#eventserviceconfig) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/event_service_config.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/core/v3/event_service_config.proto) - - - - - ---- -### EventServiceConfig - - -[#not-implemented-hide:] -Configuration of the event reporting service endpoint. - -```yaml -"grpcService": .solo.io.envoy.config.core.v3.GrpcService - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `grpcService` | [.solo.io.envoy.config.core.v3.GrpcService](../grpc_service.proto.sk/#grpcservice) | Specifies the gRPC service that hosts the event reporting service. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/extension.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/extension.proto.sk.md deleted file mode 100644 index 2b8115a580c..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/extension.proto.sk.md +++ /dev/null @@ -1,49 +0,0 @@ - ---- -title: "extension.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.core.v3` -#### Types: - - -- [TypedExtensionConfig](#typedextensionconfig) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/extension.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/core/v3/extension.proto) - - - - - ---- -### TypedExtensionConfig - - -Message type for extension configuration. -[#next-major-version: revisit all existing typed_config that doesn't use this wrapper.]. - -```yaml -"name": string -"typedConfig": .google.protobuf.Any - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | The name of an extension. This is not used to select the extension, instead it serves the role of an opaque identifier. | -| `typedConfig` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | The typed config for the extension. The type URL will be used to identify the extension. In the case that the type URL is *udpa.type.v1.TypedStruct*, the inner type URL of *TypedStruct* will be utilized. See the :ref:`extension configuration overview ` for further details. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/grpc_service.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/grpc_service.proto.sk.md deleted file mode 100644 index 20d42bdebfe..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/grpc_service.proto.sk.md +++ /dev/null @@ -1,343 +0,0 @@ - ---- -title: "grpc_service.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.core.v3` -#### Types: - - -- [GrpcService](#grpcservice) -- [EnvoyGrpc](#envoygrpc) -- [GoogleGrpc](#googlegrpc) -- [SslCredentials](#sslcredentials) -- [GoogleLocalCredentials](#googlelocalcredentials) -- [ChannelCredentials](#channelcredentials) -- [CallCredentials](#callcredentials) -- [ServiceAccountJWTAccessCredentials](#serviceaccountjwtaccesscredentials) -- [GoogleIAMCredentials](#googleiamcredentials) -- [MetadataCredentialsFromPlugin](#metadatacredentialsfromplugin) -- [StsService](#stsservice) -- [ChannelArgs](#channelargs) -- [Value](#value) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/grpc_service.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/core/v3/grpc_service.proto) - - - - - ---- -### GrpcService - - -gRPC service configuration. This is used by :ref:`ApiConfigSource -` and filter configurations. -[#next-free-field: 6] - -```yaml -"envoyGrpc": .solo.io.envoy.config.core.v3.GrpcService.EnvoyGrpc -"googleGrpc": .solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc -"timeout": .google.protobuf.Duration -"initialMetadata": []solo.io.envoy.config.core.v3.HeaderValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `envoyGrpc` | [.solo.io.envoy.config.core.v3.GrpcService.EnvoyGrpc](../grpc_service.proto.sk/#envoygrpc) | Envoy's in-built gRPC client. See the :ref:`gRPC services overview ` documentation for discussion on gRPC client selection. Only one of `envoyGrpc` or `googleGrpc` can be set. | -| `googleGrpc` | [.solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc](../grpc_service.proto.sk/#googlegrpc) | [Google C++ gRPC client](https://github.com/grpc/grpc) See the :ref:`gRPC services overview ` documentation for discussion on gRPC client selection. Only one of `googleGrpc` or `envoyGrpc` can be set. | -| `timeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The timeout for the gRPC request. This is the timeout for a specific request. | -| `initialMetadata` | [[]solo.io.envoy.config.core.v3.HeaderValue](../base.proto.sk/#headervalue) | Additional metadata to include in streams initiated to the GrpcService. This can be used for scenarios in which additional ad hoc authorization headers (e.g. `x-foo-bar: baz-key`) are to be injected. | - - - - ---- -### EnvoyGrpc - - - -```yaml -"clusterName": string -"authority": string -"retryPolicy": .solo.io.envoy.config.core.v3.RetryPolicy - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clusterName` | `string` | The name of the upstream gRPC cluster. SSL credentials will be supplied in the Cluster :ref:`transport_socket `. | -| `authority` | `string` | The `:authority` header in the grpc request. If this field is not set, the authority header value will be `cluster_name`. Note that this authority does not override the SNI. The SNI is provided by the transport socket of the cluster. | -| `retryPolicy` | [.solo.io.envoy.config.core.v3.RetryPolicy](../base.proto.sk/#retrypolicy) | Indicates the retry policy for re-establishing the gRPC stream This field is optional. If max interval is not provided, it will be set to ten times the provided base interval. Currently only supported for xDS gRPC streams. If not set, xDS gRPC streams default base interval:500ms, maximum interval:30s will be applied. | - - - - ---- -### GoogleGrpc - - -[#next-free-field: 9] - -```yaml -"targetUri": string -"channelCredentials": .solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelCredentials -"callCredentials": []solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials -"statPrefix": string -"credentialsFactoryName": string -"config": .google.protobuf.Struct -"perStreamBufferLimitBytes": .google.protobuf.UInt32Value -"channelArgs": .solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `targetUri` | `string` | The target URI when using the [Google C++ gRPC client](https://github.com/grpc/grpc). SSL credentials will be supplied in channel_credentials. | -| `channelCredentials` | [.solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelCredentials](../grpc_service.proto.sk/#channelcredentials) | | -| `callCredentials` | [[]solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials](../grpc_service.proto.sk/#callcredentials) | A set of call credentials that can be composed with [channel credentials](https://grpc.io/docs/guides/auth.html#credential-types). | -| `statPrefix` | `string` | The human readable prefix to use when emitting statistics for the gRPC service. .. csv-table:: :header: Name, Type, Description :widths: 1, 1, 2 streams_total, Counter, Total number of streams opened streams_closed_, Counter, Total streams closed with . | -| `credentialsFactoryName` | `string` | The name of the Google gRPC credentials factory to use. This must have been registered with Envoy. If this is empty, a default credentials factory will be used that sets up channel credentials based on other configuration parameters. | -| `config` | [.google.protobuf.Struct](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/struct) | Additional configuration for site-specific customizations of the Google gRPC library. | -| `perStreamBufferLimitBytes` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | How many bytes each stream can buffer internally. If not set an implementation defined default is applied (1MiB). | -| `channelArgs` | [.solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs](../grpc_service.proto.sk/#channelargs) | Custom channels args. | - - - - ---- -### SslCredentials - - -See https://grpc.io/grpc/cpp/structgrpc_1_1_ssl_credentials_options.html. - -```yaml -"rootCerts": .solo.io.envoy.config.core.v3.DataSource -"privateKey": .solo.io.envoy.config.core.v3.DataSource -"certChain": .solo.io.envoy.config.core.v3.DataSource - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `rootCerts` | [.solo.io.envoy.config.core.v3.DataSource](../base.proto.sk/#datasource) | PEM encoded server root certificates. | -| `privateKey` | [.solo.io.envoy.config.core.v3.DataSource](../base.proto.sk/#datasource) | PEM encoded client private key. | -| `certChain` | [.solo.io.envoy.config.core.v3.DataSource](../base.proto.sk/#datasource) | PEM encoded client certificate chain. | - - - - ---- -### GoogleLocalCredentials - - -Local channel credentials. Only UDS is supported for now. -See https://github.com/grpc/grpc/pull/15909. - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### ChannelCredentials - - -See https://grpc.io/docs/guides/auth.html#credential-types to understand Channel and Call -credential types. - -```yaml -"sslCredentials": .solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.SslCredentials -"googleDefault": .google.protobuf.Empty -"localCredentials": .solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.GoogleLocalCredentials - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `sslCredentials` | [.solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.SslCredentials](../grpc_service.proto.sk/#sslcredentials) | Only one of `sslCredentials`, `googleDefault`, or `localCredentials` can be set. | -| `googleDefault` | [.google.protobuf.Empty](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/empty) | https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61. Only one of `googleDefault`, `sslCredentials`, or `localCredentials` can be set. | -| `localCredentials` | [.solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.GoogleLocalCredentials](../grpc_service.proto.sk/#googlelocalcredentials) | Only one of `localCredentials`, `sslCredentials`, or `googleDefault` can be set. | - - - - ---- -### CallCredentials - - -[#next-free-field: 8] - -```yaml -"accessToken": string -"googleComputeEngine": .google.protobuf.Empty -"googleRefreshToken": string -"serviceAccountJwtAccess": .solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.ServiceAccountJWTAccessCredentials -"googleIam": .solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials -"fromPlugin": .solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.MetadataCredentialsFromPlugin -"stsService": .solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.StsService - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `accessToken` | `string` | Access token credentials. https://grpc.io/grpc/cpp/namespacegrpc.html#ad3a80da696ffdaea943f0f858d7a360d. Only one of `accessToken`, `googleComputeEngine`, `googleRefreshToken`, `serviceAccountJwtAccess`, `googleIam`, `fromPlugin`, or `stsService` can be set. | -| `googleComputeEngine` | [.google.protobuf.Empty](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/empty) | Google Compute Engine credentials. https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61. Only one of `googleComputeEngine`, `accessToken`, `googleRefreshToken`, `serviceAccountJwtAccess`, `googleIam`, `fromPlugin`, or `stsService` can be set. | -| `googleRefreshToken` | `string` | Google refresh token credentials. https://grpc.io/grpc/cpp/namespacegrpc.html#a96901c997b91bc6513b08491e0dca37c. Only one of `googleRefreshToken`, `accessToken`, `googleComputeEngine`, `serviceAccountJwtAccess`, `googleIam`, `fromPlugin`, or `stsService` can be set. | -| `serviceAccountJwtAccess` | [.solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.ServiceAccountJWTAccessCredentials](../grpc_service.proto.sk/#serviceaccountjwtaccesscredentials) | Service Account JWT Access credentials. https://grpc.io/grpc/cpp/namespacegrpc.html#a92a9f959d6102461f66ee973d8e9d3aa. Only one of `serviceAccountJwtAccess`, `accessToken`, `googleComputeEngine`, `googleRefreshToken`, `googleIam`, `fromPlugin`, or `stsService` can be set. | -| `googleIam` | [.solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials](../grpc_service.proto.sk/#googleiamcredentials) | Google IAM credentials. https://grpc.io/grpc/cpp/namespacegrpc.html#a9fc1fc101b41e680d47028166e76f9d0. Only one of `googleIam`, `accessToken`, `googleComputeEngine`, `googleRefreshToken`, `serviceAccountJwtAccess`, `fromPlugin`, or `stsService` can be set. | -| `fromPlugin` | [.solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.MetadataCredentialsFromPlugin](../grpc_service.proto.sk/#metadatacredentialsfromplugin) | Custom authenticator credentials. https://grpc.io/grpc/cpp/namespacegrpc.html#a823c6a4b19ffc71fb33e90154ee2ad07. https://grpc.io/docs/guides/auth.html#extending-grpc-to-support-other-authentication-mechanisms. Only one of `fromPlugin`, `accessToken`, `googleComputeEngine`, `googleRefreshToken`, `serviceAccountJwtAccess`, `googleIam`, or `stsService` can be set. | -| `stsService` | [.solo.io.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.StsService](../grpc_service.proto.sk/#stsservice) | Custom security token service which implements OAuth 2.0 token exchange. https://datatracker.ietf.org/doc/html/draft-ietf-oauth-token-exchange-16 See https://github.com/grpc/grpc/pull/19587. Only one of `stsService`, `accessToken`, `googleComputeEngine`, `googleRefreshToken`, `serviceAccountJwtAccess`, `googleIam`, or `fromPlugin` can be set. | - - - - ---- -### ServiceAccountJWTAccessCredentials - - - -```yaml -"jsonKey": string -"tokenLifetimeSeconds": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `jsonKey` | `string` | | -| `tokenLifetimeSeconds` | `int` | | - - - - ---- -### GoogleIAMCredentials - - - -```yaml -"authorizationToken": string -"authoritySelector": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `authorizationToken` | `string` | | -| `authoritySelector` | `string` | | - - - - ---- -### MetadataCredentialsFromPlugin - - - -```yaml -"name": string -"typedConfig": .google.protobuf.Any - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | | -| `typedConfig` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | | - - - - ---- -### StsService - - -Security token service configuration that allows Google gRPC to -fetch security token from an OAuth 2.0 authorization server. -See https://datatracker.ietf.org/doc/html/draft-ietf-oauth-token-exchange-16 and -https://github.com/grpc/grpc/pull/19587. -[#next-free-field: 10] - -```yaml -"tokenExchangeServiceUri": string -"resource": string -"audience": string -"scope": string -"requestedTokenType": string -"subjectTokenPath": string -"subjectTokenType": string -"actorTokenPath": string -"actorTokenType": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `tokenExchangeServiceUri` | `string` | URI of the token exchange service that handles token exchange requests. [#comment:TODO(asraa): Add URI validation when implemented. Tracked by https://github.com/envoyproxy/protoc-gen-validate/issues/303]. | -| `resource` | `string` | Location of the target service or resource where the client intends to use the requested security token. | -| `audience` | `string` | Logical name of the target service where the client intends to use the requested security token. | -| `scope` | `string` | The desired scope of the requested security token in the context of the service or resource where the token will be used. | -| `requestedTokenType` | `string` | Type of the requested security token. | -| `subjectTokenPath` | `string` | The path of subject token, a security token that represents the identity of the party on behalf of whom the request is being made. | -| `subjectTokenType` | `string` | Type of the subject token. | -| `actorTokenPath` | `string` | The path of actor token, a security token that represents the identity of the acting party. The acting party is authorized to use the requested security token and act on behalf of the subject. | -| `actorTokenType` | `string` | Type of the actor token. | - - - - ---- -### ChannelArgs - - -Channel arguments. - -```yaml -"args": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `args` | `map` | See grpc_types.h GRPC_ARG #defines for keys that work here. | - - - - ---- -### Value - - - -```yaml -"stringValue": string -"intValue": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `stringValue` | `string` | Only one of `stringValue` or `intValue` can be set. | -| `intValue` | `int` | Only one of `intValue` or `stringValue` can be set. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/health_check.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/health_check.proto.sk.md deleted file mode 100644 index 958dc4282ad..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/health_check.proto.sk.md +++ /dev/null @@ -1,270 +0,0 @@ - ---- -title: "health_check.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.core.v3` -#### Types: - - -- [HealthCheck](#healthcheck) -- [Payload](#payload) -- [HttpHealthCheck](#httphealthcheck) -- [TcpHealthCheck](#tcphealthcheck) -- [RedisHealthCheck](#redishealthcheck) -- [GrpcHealthCheck](#grpchealthcheck) -- [CustomHealthCheck](#customhealthcheck) -- [TlsOptions](#tlsoptions) - - - - -##### Enums: - - - - [HealthStatus](#healthstatus) - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/health_check.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/core/v3/health_check.proto) - - - - - ---- -### HealthCheck - - -[#next-free-field: 24] - -```yaml -"timeout": .google.protobuf.Duration -"interval": .google.protobuf.Duration -"initialJitter": .google.protobuf.Duration -"intervalJitter": .google.protobuf.Duration -"intervalJitterPercent": int -"unhealthyThreshold": .google.protobuf.UInt32Value -"healthyThreshold": .google.protobuf.UInt32Value -"altPort": .google.protobuf.UInt32Value -"reuseConnection": .google.protobuf.BoolValue -"httpHealthCheck": .solo.io.envoy.config.core.v3.HealthCheck.HttpHealthCheck -"tcpHealthCheck": .solo.io.envoy.config.core.v3.HealthCheck.TcpHealthCheck -"grpcHealthCheck": .solo.io.envoy.config.core.v3.HealthCheck.GrpcHealthCheck -"customHealthCheck": .solo.io.envoy.config.core.v3.HealthCheck.CustomHealthCheck -"noTrafficInterval": .google.protobuf.Duration -"unhealthyInterval": .google.protobuf.Duration -"unhealthyEdgeInterval": .google.protobuf.Duration -"healthyEdgeInterval": .google.protobuf.Duration -"eventLogPath": string -"eventService": .solo.io.envoy.config.core.v3.EventServiceConfig -"alwaysLogHealthCheckFailures": bool -"tlsOptions": .solo.io.envoy.config.core.v3.HealthCheck.TlsOptions -"transportSocketMatchCriteria": .google.protobuf.Struct - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `timeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The time to wait for a health check response. If the timeout is reached the health check attempt will be considered a failure. | -| `interval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The interval between health checks. | -| `initialJitter` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | An optional jitter amount in milliseconds. If specified, Envoy will start health checking after for a random time in ms between 0 and initial_jitter. This only applies to the first health check. | -| `intervalJitter` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | An optional jitter amount in milliseconds. If specified, during every interval Envoy will add interval_jitter to the wait time. | -| `intervalJitterPercent` | `int` | An optional jitter amount as a percentage of interval_ms. If specified, during every interval Envoy will add interval_ms * interval_jitter_percent / 100 to the wait time. If interval_jitter_ms and interval_jitter_percent are both set, both of them will be used to increase the wait time. | -| `unhealthyThreshold` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The number of unhealthy health checks required before a host is marked unhealthy. Note that for *http* health checking if a host responds with 503 this threshold is ignored and the host is considered unhealthy immediately. | -| `healthyThreshold` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The number of healthy health checks required before a host is marked healthy. Note that during startup, only a single successful health check is required to mark a host healthy. | -| `altPort` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | [#not-implemented-hide:] Non-serving port for health checking. | -| `reuseConnection` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Reuse health check connection between health checks. Default is true. | -| `httpHealthCheck` | [.solo.io.envoy.config.core.v3.HealthCheck.HttpHealthCheck](../health_check.proto.sk/#httphealthcheck) | HTTP health check. Only one of `httpHealthCheck`, `tcpHealthCheck`, `grpcHealthCheck`, or `customHealthCheck` can be set. | -| `tcpHealthCheck` | [.solo.io.envoy.config.core.v3.HealthCheck.TcpHealthCheck](../health_check.proto.sk/#tcphealthcheck) | TCP health check. Only one of `tcpHealthCheck`, `httpHealthCheck`, `grpcHealthCheck`, or `customHealthCheck` can be set. | -| `grpcHealthCheck` | [.solo.io.envoy.config.core.v3.HealthCheck.GrpcHealthCheck](../health_check.proto.sk/#grpchealthcheck) | gRPC health check. Only one of `grpcHealthCheck`, `httpHealthCheck`, `tcpHealthCheck`, or `customHealthCheck` can be set. | -| `customHealthCheck` | [.solo.io.envoy.config.core.v3.HealthCheck.CustomHealthCheck](../health_check.proto.sk/#customhealthcheck) | Custom health check. Only one of `customHealthCheck`, `httpHealthCheck`, `tcpHealthCheck`, or `grpcHealthCheck` can be set. | -| `noTrafficInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The "no traffic interval" is a special health check interval that is used when a cluster has never had traffic routed to it. This lower interval allows cluster information to be kept up to date, without sending a potentially large amount of active health checking traffic for no reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the standard health check interval that is defined. Note that this interval takes precedence over any other. The default value for "no traffic interval" is 60 seconds. | -| `unhealthyInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The "unhealthy interval" is a health check interval that is used for hosts that are marked as unhealthy. As soon as the host is marked as healthy, Envoy will shift back to using the standard health check interval that is defined. The default value for "unhealthy interval" is the same as "interval". | -| `unhealthyEdgeInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The "unhealthy edge interval" is a special health check interval that is used for the first health check right after a host is marked as unhealthy. For subsequent health checks Envoy will shift back to using either "unhealthy interval" if present or the standard health check interval that is defined. The default value for "unhealthy edge interval" is the same as "unhealthy interval". | -| `healthyEdgeInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The "healthy edge interval" is a special health check interval that is used for the first health check right after a host is marked as healthy. For subsequent health checks Envoy will shift back to using the standard health check interval that is defined. The default value for "healthy edge interval" is the same as the default interval. | -| `eventLogPath` | `string` | Specifies the path to the health check event log. If empty, no event log will be written. | -| `eventService` | [.solo.io.envoy.config.core.v3.EventServiceConfig](../event_service_config.proto.sk/#eventserviceconfig) | [#not-implemented-hide:] The gRPC service for the health check event service. If empty, health check events won't be sent to a remote endpoint. | -| `alwaysLogHealthCheckFailures` | `bool` | If set to true, health check failure events will always be logged. If set to false, only the initial health check failure event will be logged. The default value is false. | -| `tlsOptions` | [.solo.io.envoy.config.core.v3.HealthCheck.TlsOptions](../health_check.proto.sk/#tlsoptions) | This allows overriding the cluster TLS settings, just for health check connections. | -| `transportSocketMatchCriteria` | [.google.protobuf.Struct](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/struct) | Optional key/value pairs that will be used to match a transport socket from those specified in the cluster's tranport socket matches. For example, the following match criteria .. code-block:: yaml transport_socket_match_criteria: useMTLS: true Will match the following :ref:`cluster socket match ` .. code-block:: yaml transport_socket_matches: - name: "useMTLS" match: useMTLS: true transport_socket: name: envoy.transport_sockets.tls config: { ... } # tls socket configuration If this field is set, then for health checks it will supersede an entry of *envoy.transport_socket* in the LbEndpoint.Metadata. This allows using different transport socket capabilities for health checking versus proxying to the endpoint. If the key/values pairs specified do not match any transport socket matches, the cluster's :ref:`transport socket ` will be used for health check socket configuration. | - - - - ---- -### Payload - - -Describes the encoding of the payload bytes in the payload. - -```yaml -"text": string -"binary": bytes - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `text` | `string` | Hex encoded payload. E.g., "000000FF". Only one of `text` or `binary` can be set. | -| `binary` | `bytes` | [#not-implemented-hide:] Binary payload. Only one of `binary` or `text` can be set. | - - - - ---- -### HttpHealthCheck - - -[#next-free-field: 13] - -```yaml -"host": string -"path": string -"send": .solo.io.envoy.config.core.v3.HealthCheck.Payload -"receive": .solo.io.envoy.config.core.v3.HealthCheck.Payload -"requestHeadersToAdd": []solo.io.envoy.config.core.v3.HeaderValueOption -"requestHeadersToRemove": []string -"expectedStatuses": []solo.io.envoy.type.v3.Int64Range -"codecClientType": .solo.io.envoy.type.v3.CodecClientType -"serviceNameMatcher": .solo.io.envoy.type.matcher.v3.StringMatcher -"responseAssertions": .advancedhttp.options.gloo.solo.io.ResponseAssertions - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `host` | `string` | The value of the host header in the HTTP health check request. If left empty (default value), the name of the cluster this health check is associated with will be used. The host header can be customized for a specific endpoint by setting the hostname field. | -| `path` | `string` | Specifies the HTTP path that will be requested during health checking. For example */healthcheck*. | -| `send` | [.solo.io.envoy.config.core.v3.HealthCheck.Payload](../health_check.proto.sk/#payload) | [#not-implemented-hide:] HTTP specific payload. | -| `receive` | [.solo.io.envoy.config.core.v3.HealthCheck.Payload](../health_check.proto.sk/#payload) | [#not-implemented-hide:] HTTP specific response. | -| `requestHeadersToAdd` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../base.proto.sk/#headervalueoption) | Specifies a list of HTTP headers that should be added to each request that is sent to the health checked cluster. For more information, including details on header value syntax, see the documentation on :ref:`custom request headers `. | -| `requestHeadersToRemove` | `[]string` | Specifies a list of HTTP headers that should be removed from each request that is sent to the health checked cluster. | -| `expectedStatuses` | [[]solo.io.envoy.type.v3.Int64Range](../../../../type/v3/range.proto.sk/#int64range) | Specifies a list of HTTP response statuses considered healthy. If provided, replaces default 200-only policy - 200 must be included explicitly as needed. Ranges follow half-open semantics of Int64Range. The start and end of each range are required. Only statuses in the range [100, 600) are allowed. | -| `codecClientType` | [.solo.io.envoy.type.v3.CodecClientType](../../../../type/v3/http.proto.sk/#codecclienttype) | Use specified application protocol for health checks. | -| `serviceNameMatcher` | [.solo.io.envoy.type.matcher.v3.StringMatcher](../../../../type/matcher/v3/string.proto.sk/#stringmatcher) | An optional service name parameter which is used to validate the identity of the health checked cluster using a :ref:`StringMatcher `. See the :ref:`architecture overview ` for more information. | -| `responseAssertions` | [.advancedhttp.options.gloo.solo.io.ResponseAssertions](../../../../../../v1/options/advanced_http/advanced_http.proto.sk/#responseassertions) | (Enterprise Only): If defined, the response health check rules take precedence over the http `expected_statuses`. | - - - - ---- -### TcpHealthCheck - - - -```yaml -"send": .solo.io.envoy.config.core.v3.HealthCheck.Payload -"receive": []solo.io.envoy.config.core.v3.HealthCheck.Payload - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `send` | [.solo.io.envoy.config.core.v3.HealthCheck.Payload](../health_check.proto.sk/#payload) | Empty payloads imply a connect-only health check. | -| `receive` | [[]solo.io.envoy.config.core.v3.HealthCheck.Payload](../health_check.proto.sk/#payload) | When checking the response, “fuzzy” matching is performed such that each binary block must be found, and in the order specified, but not necessarily contiguous. | - - - - ---- -### RedisHealthCheck - - - -```yaml -"key": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `key` | `string` | If set, optionally perform `EXISTS ` instead of `PING`. A return value from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance by setting the specified key to any value and waiting for traffic to drain. | - - - - ---- -### GrpcHealthCheck - - -[grpc.health.v1.Health](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto)-based -healthcheck. See [gRPC doc](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) -for details. - -```yaml -"serviceName": string -"authority": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `serviceName` | `string` | An optional service name parameter which will be sent to gRPC service in [grpc.health.v1.HealthCheckRequest](https://github.com/grpc/grpc/blob/master/src/proto/grpc/health/v1/health.proto#L20). message. See [gRPC health-checking overview](https://github.com/grpc/grpc/blob/master/doc/health-checking.md) for more information. | -| `authority` | `string` | The value of the :authority header in the gRPC health check request. If left empty (default value), the name of the cluster this health check is associated with will be used. The authority header can be customized for a specific endpoint by setting the hostname field. | - - - - ---- -### CustomHealthCheck - - -Custom health check. - -```yaml -"name": string -"typedConfig": .google.protobuf.Any - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | The registered name of the custom health checker. | -| `typedConfig` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | | - - - - ---- -### TlsOptions - - -Health checks occur over the transport socket specified for the cluster. This implies that if a -cluster is using a TLS-enabled transport socket, the health check will also occur over TLS. - -This allows overriding the cluster TLS settings, just for health check connections. - -```yaml -"alpnProtocols": []string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `alpnProtocols` | `[]string` | Specifies the ALPN protocols for health check connections. This is useful if the corresponding upstream is using ALPN-based :ref:`FilterChainMatch ` along with different protocols for health checks versus data connections. If empty, no ALPN protocols will be set on health check connections. | - - - - -### HealthStatus - -Description: Endpoint health status. - -| Name | Description | -| ----- | ----------- | -| UNKNOWN | The health status is not known. This is interpreted by Envoy as *HEALTHY*. | -| HEALTHY | Healthy. | -| UNHEALTHY | Unhealthy. | -| DRAINING | Connection draining in progress. E.g., https://aws.amazon.com/blogs/aws/elb-connection-draining-remove-instances-from-service-with-care/ or https://cloud.google.com/compute/docs/load-balancing/enabling-connection-draining. This is interpreted by Envoy as *UNHEALTHY*. | -| TIMEOUT | Health check timed out. This is part of HDS and is interpreted by Envoy as *UNHEALTHY*. | -| DEGRADED | Degraded. | - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/http_uri.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/http_uri.proto.sk.md deleted file mode 100644 index a05282d6a63..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/http_uri.proto.sk.md +++ /dev/null @@ -1,50 +0,0 @@ - ---- -title: "http_uri.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.core.v3` -#### Types: - - -- [HttpUri](#httpuri) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/http_uri.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/core/v3/http_uri.proto) - - - - - ---- -### HttpUri - - -Envoy external URI descriptor - -```yaml -"uri": string -"cluster": string -"timeout": .google.protobuf.Duration - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `uri` | `string` | The HTTP server URI. It should be a full FQDN with protocol, host and path. Example: .. code-block:: yaml uri: https://www.googleapis.com/oauth2/v1/certs. | -| `cluster` | `string` | A cluster is created in the Envoy "cluster_manager" config section. This field specifies the cluster name. Example: .. code-block:: yaml cluster: jwks_cluster. | -| `timeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Sets the maximum duration in milliseconds that a response can take to arrive upon request. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/proxy_protocol.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/proxy_protocol.proto.sk.md deleted file mode 100644 index 8cb30452725..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/proxy_protocol.proto.sk.md +++ /dev/null @@ -1,95 +0,0 @@ - ---- -title: "proxy_protocol.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.core.v3` -#### Types: - - -- [ProxyProtocolPassThroughTLVs](#proxyprotocolpassthroughtlvs) -- [PassTLVsMatchType](#passtlvsmatchtype) -- [ProxyProtocolConfig](#proxyprotocolconfig) -- [Version](#version) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/proxy_protocol.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/core/v3/proxy_protocol.proto) - - - - - ---- -### ProxyProtocolPassThroughTLVs - - - -```yaml -"matchType": .solo.io.envoy.config.core.v3.ProxyProtocolPassThroughTLVs.PassTLVsMatchType -"tlvType": []int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `matchType` | [.solo.io.envoy.config.core.v3.ProxyProtocolPassThroughTLVs.PassTLVsMatchType](../proxy_protocol.proto.sk/#passtlvsmatchtype) | The strategy to pass through TLVs. Default is INCLUDE_ALL. If INCLUDE_ALL is set, all TLVs will be passed through no matter the tlv_type field. | -| `tlvType` | `[]int` | The TLV types that are applied based on match_type. TLV type is defined as uint8_t in proxy protocol. See [the spec](https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt) for details. | - - - - ---- -### PassTLVsMatchType - - - -| Name | Description | -| ----- | ----------- | -| `INCLUDE_ALL` | Pass all TLVs. | -| `INCLUDE` | Pass specific TLVs defined in tlv_type. | - - - - ---- -### ProxyProtocolConfig - - - -```yaml -"version": .solo.io.envoy.config.core.v3.ProxyProtocolConfig.Version -"passThroughTlvs": .solo.io.envoy.config.core.v3.ProxyProtocolPassThroughTLVs - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `version` | [.solo.io.envoy.config.core.v3.ProxyProtocolConfig.Version](../proxy_protocol.proto.sk/#version) | The PROXY protocol version to use. See https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt for details. | -| `passThroughTlvs` | [.solo.io.envoy.config.core.v3.ProxyProtocolPassThroughTLVs](../proxy_protocol.proto.sk/#proxyprotocolpassthroughtlvs) | This config controls which TLVs can be passed to filter state if it is Proxy Protocol V2 header. If there is no setting for this field, no TLVs will be passed through. | - - - - ---- -### Version - - - -| Name | Description | -| ----- | ----------- | -| `V1` | PROXY protocol version 1. Human readable format. | -| `V2` | PROXY protocol version 2. Binary format. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/resolver.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/resolver.proto.sk.md deleted file mode 100644 index 58928d76b91..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/resolver.proto.sk.md +++ /dev/null @@ -1,48 +0,0 @@ - ---- -title: "resolver.proto" -weight: 5 ---- - - - - -### Package: `solo.io.config.core.v3` -#### Types: - - -- [DnsResolverOptions](#dnsresolveroptions) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/resolver.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/core/v3/resolver.proto) - - - - - ---- -### DnsResolverOptions - - -Configuration of DNS resolver option flags which control the behavior of the DNS resolver. - -```yaml -"useTcpForDnsLookups": bool -"noDefaultSearchDomain": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `useTcpForDnsLookups` | `bool` | Use TCP for all DNS queries instead of the default protocol UDP. | -| `noDefaultSearchDomain` | `bool` | Do not use the default search domains; only query hostnames as-is or as aliases. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/socket_option.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/socket_option.proto.sk.md deleted file mode 100644 index fb497935ca0..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/socket_option.proto.sk.md +++ /dev/null @@ -1,73 +0,0 @@ - ---- -title: "socket_option.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.core.v3` -#### Types: - - -- [SocketOption](#socketoption) -- [SocketState](#socketstate) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/core/v3/socket_option.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/core/v3/socket_option.proto) - - - - - ---- -### SocketOption - - -Generic socket option message. This would be used to set socket options that -might not exist in upstream kernels or precompiled Envoy binaries. -[#next-free-field: 7] - -```yaml -"description": string -"level": int -"name": int -"intValue": int -"bufValue": bytes -"state": .solo.io.envoy.config.core.v3.SocketOption.SocketState - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `description` | `string` | An optional name to give this socket option for debugging, etc. Uniqueness is not required and no special meaning is assumed. | -| `level` | `int` | Corresponding to the level value passed to setsockopt, such as IPPROTO_TCP. | -| `name` | `int` | The numeric name as passed to setsockopt. | -| `intValue` | `int` | Because many sockopts take an int value. Only one of `intValue` or `bufValue` can be set. | -| `bufValue` | `bytes` | Otherwise it's a byte buffer. Only one of `bufValue` or `intValue` can be set. | -| `state` | [.solo.io.envoy.config.core.v3.SocketOption.SocketState](../socket_option.proto.sk/#socketstate) | The state in which the option will be applied. When used in BindConfig STATE_PREBIND is currently the only valid value. | - - - - ---- -### SocketState - - - -| Name | Description | -| ----- | ----------- | -| `STATE_PREBIND` | Socket options are applied after socket creation but before binding the socket to a port | -| `STATE_BOUND` | Socket options are applied after binding the socket to a port but before calling listen() | -| `STATE_LISTENING` | Socket options are applied after calling listen() | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/filter/http/gzip/v2/gzip.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/filter/http/gzip/v2/gzip.proto.sk.md deleted file mode 100644 index 1501050667e..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/filter/http/gzip/v2/gzip.proto.sk.md +++ /dev/null @@ -1,111 +0,0 @@ - ---- -title: "gzip.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.filter.http.gzip.v2` -copied from https://raw.githubusercontent.com/envoyproxy/envoy/bd637fc7aab5de06707e3e478f507c2e7aacad75/api/envoy/config/filter/http/gzip/v2/gzip.proto - - - -#### Types: - - -- [Gzip](#gzip) -- [CompressionLevel](#compressionlevel) -- [Enum](#enum) -- [CompressionStrategy](#compressionstrategy) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/filter/http/gzip/v2/gzip.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/filter/http/gzip/v2/gzip.proto) - - - - - ---- -### Gzip - - -[#next-free-field: 10] - -```yaml -"memoryLevel": .google.protobuf.UInt32Value -"contentLength": .google.protobuf.UInt32Value -"compressionLevel": .solo.io.envoy.config.filter.http.gzip.v2.Gzip.CompressionLevel.Enum -"compressionStrategy": .solo.io.envoy.config.filter.http.gzip.v2.Gzip.CompressionStrategy -"contentType": []string -"disableOnEtagHeader": bool -"removeAcceptEncodingHeader": bool -"windowBits": .google.protobuf.UInt32Value - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `memoryLevel` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Value from 1 to 9 that controls the amount of internal memory used by zlib. Higher values use more memory, but are faster and produce better compression results. The default value is 5. | -| `contentLength` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Minimum response length, in bytes, which will trigger compression. The default value is 30. | -| `compressionLevel` | [.solo.io.envoy.config.filter.http.gzip.v2.Gzip.CompressionLevel.Enum](../gzip.proto.sk/#enum) | A value used for selecting the zlib compression level. This setting will affect speed and amount of compression applied to the content. "BEST" provides higher compression at the cost of higher latency, "SPEED" provides lower compression with minimum impact on response time. "DEFAULT" provides an optimal result between speed and compression. This field will be set to "DEFAULT" if not specified. | -| `compressionStrategy` | [.solo.io.envoy.config.filter.http.gzip.v2.Gzip.CompressionStrategy](../gzip.proto.sk/#compressionstrategy) | A value used for selecting the zlib compression strategy which is directly related to the characteristics of the content. Most of the time "DEFAULT" will be the best choice, though there are situations which changing this parameter might produce better results. For example, run-length encoding (RLE) is typically used when the content is known for having sequences which same data occurs many consecutive times. For more information about each strategy, please refer to zlib manual. | -| `contentType` | `[]string` | Set of strings that allows specifying which mime-types yield compression; e.g., application/json, text/html, etc. When this field is not defined, compression will be applied to the following mime-types: "application/javascript", "application/json", "application/xhtml+xml", "image/svg+xml", "text/css", "text/html", "text/plain", "text/xml". | -| `disableOnEtagHeader` | `bool` | If true, disables compression when the response contains an etag header. When it is false, the filter will preserve weak etags and remove the ones that require strong validation. | -| `removeAcceptEncodingHeader` | `bool` | If true, removes accept-encoding from the request headers before dispatching it to the upstream so that responses do not get compressed before reaching the filter. | -| `windowBits` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Value from 9 to 15 that represents the base two logarithmic of the compressor's window size. Larger window results in better compression at the expense of memory usage. The default is 12 which will produce a 4096 bytes window. For more details about this parameter, please refer to zlib manual > deflateInit2. | - - - - ---- -### CompressionLevel - - - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### Enum - - - -| Name | Description | -| ----- | ----------- | -| `DEFAULT` | | -| `BEST` | | -| `SPEED` | | - - - - ---- -### CompressionStrategy - - - -| Name | Description | -| ----- | ----------- | -| `DEFAULT` | | -| `FILTERED` | | -| `HUFFMAN` | | -| `RLE` | | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/filter/listener/tls_cipher_inspector/v3/tls_cipher_inspector.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/filter/listener/tls_cipher_inspector/v3/tls_cipher_inspector.proto.sk.md deleted file mode 100644 index a8964782cb1..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/filter/listener/tls_cipher_inspector/v3/tls_cipher_inspector.proto.sk.md +++ /dev/null @@ -1,43 +0,0 @@ - ---- -title: "tls_cipher_inspector.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.filter.listener.tls_cipher_inspector.v3` -#### Types: - - -- [TlsCipherInspector](#tlscipherinspector) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/filter/listener/tls_cipher_inspector/v3/tls_cipher_inspector.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/filter/listener/tls_cipher_inspector/v3/tls_cipher_inspector.proto) - - - - - ---- -### TlsCipherInspector - - - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/matching/custom_matchers/server_name/v3/server_name_matcher.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/matching/custom_matchers/server_name/v3/server_name_matcher.proto.sk.md deleted file mode 100644 index 31131320b45..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/matching/custom_matchers/server_name/v3/server_name_matcher.proto.sk.md +++ /dev/null @@ -1,67 +0,0 @@ - ---- -title: "server_name_matcher.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.matching.custom_matchers.server_name.v3` -#### Types: - - -- [ServerNameMatcher](#servernamematcher) -- [ServerNameSetMatcher](#servernamesetmatcher) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/matching/custom_matchers/server_name/v3/server_name_matcher.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/matching/custom_matchers/server_name/v3/server_name_matcher.proto) - - - - - ---- -### ServerNameMatcher - - -Matches a specific server name provided in the client request against a set server names configured for the matcher to handle, with possible prefix wildcard. - -```yaml -"serverNameMatchers": []envoy.config.matching.custom_matchers.server_name.v3.ServerNameMatcher.ServerNameSetMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `serverNameMatchers` | [[]envoy.config.matching.custom_matchers.server_name.v3.ServerNameMatcher.ServerNameSetMatcher](../server_name_matcher.proto.sk/#servernamesetmatcher) | Match server names. Order doesn't matter, the most specific server name is matched. | - - - - ---- -### ServerNameSetMatcher - - -Specifies a list of server names and a match action. - -```yaml -"serverNames": []string -"onMatch": .xds.type.matcher.v3.Matcher.OnMatch - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `serverNames` | `[]string` | A non-empty set of server names. Server name can start with a wildcard prefix, e.g. "*.example.com". | -| `onMatch` | [.xds.type.matcher.v3.Matcher.OnMatch](../../../../../../../xds/type/matcher/v3/matcher.proto.sk/#onmatch) | Match action to apply when the input matches the server name. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/matching/inputs/cipher_detection_input/v3/cipher_detection_input.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/matching/inputs/cipher_detection_input/v3/cipher_detection_input.proto.sk.md deleted file mode 100644 index 2ef5c2d047d..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/matching/inputs/cipher_detection_input/v3/cipher_detection_input.proto.sk.md +++ /dev/null @@ -1,49 +0,0 @@ - ---- -title: "cipher_detection_input.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.matching.cipher_detection_input.v3` -#### Types: - - -- [CipherDetectionInput](#cipherdetectioninput) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/matching/inputs/cipher_detection_input/v3/cipher_detection_input.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/matching/inputs/cipher_detection_input/v3/cipher_detection_input.proto) - - - - - ---- -### CipherDetectionInput - - -Specifies that matching should be performed by the destination IP address. -[#extension: io.solo.matching.inputs.cipher_detection_input] - -```yaml -"passthroughCiphers": []int -"terminatingCiphers": []int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `passthroughCiphers` | `[]int` | List of TLS ciphers to send to the passthrough cipher chain. Ciphers must be provided using their 16-bit value. These numbers of IANA standardised values for all possible cipher suites and can be found here: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml example: to select the following cipher 0x00,0x3c TLS_RSA_WITH_AES_128_CBC_SHA256 this field should be set to 0x003c. | -| `terminatingCiphers` | `[]int` | Terminating ciphers are those that should be considered as supported. If not specified, defaults to whatever the current envoy implementation finds to be the default set of ciphers. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/route/v3/route_components.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/route/v3/route_components.proto.sk.md deleted file mode 100644 index 1a3360dded7..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/route/v3/route_components.proto.sk.md +++ /dev/null @@ -1,1332 +0,0 @@ - ---- -title: "route_components.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.route.v3` -#### Types: - - -- [VirtualHost](#virtualhost) -- [TlsRequirementType](#tlsrequirementtype) -- [FilterAction](#filteraction) -- [Route](#route) -- [WeightedCluster](#weightedcluster) -- [ClusterWeight](#clusterweight) -- [RouteMatch](#routematch) -- [GrpcRouteMatchOptions](#grpcroutematchoptions) -- [TlsContextMatchOptions](#tlscontextmatchoptions) -- [ConnectMatcher](#connectmatcher) -- [CorsPolicy](#corspolicy) -- [RouteAction](#routeaction) -- [RequestMirrorPolicy](#requestmirrorpolicy) -- [HashPolicy](#hashpolicy) -- [Header](#header) -- [Cookie](#cookie) -- [ConnectionProperties](#connectionproperties) -- [QueryParameter](#queryparameter) -- [FilterState](#filterstate) -- [UpgradeConfig](#upgradeconfig) -- [ConnectConfig](#connectconfig) -- [ClusterNotFoundResponseCode](#clusternotfoundresponsecode) -- [InternalRedirectAction](#internalredirectaction) -- [RetryPolicy](#retrypolicy) -- [RetryPriority](#retrypriority) -- [RetryHostPredicate](#retryhostpredicate) -- [RetryBackOff](#retrybackoff) -- [HedgePolicy](#hedgepolicy) -- [RedirectAction](#redirectaction) -- [RedirectResponseCode](#redirectresponsecode) -- [DirectResponseAction](#directresponseaction) -- [Decorator](#decorator) -- [Tracing](#tracing) -- [VirtualCluster](#virtualcluster) -- [RateLimit](#ratelimit) -- [Action](#action) -- [SourceCluster](#sourcecluster) -- [DestinationCluster](#destinationcluster) -- [RequestHeaders](#requestheaders) -- [RemoteAddress](#remoteaddress) -- [GenericKey](#generickey) -- [HeaderValueMatch](#headervaluematch) -- [DynamicMetaData](#dynamicmetadata) -- [Override](#override) -- [DynamicMetadata](#dynamicmetadata) -- [HeaderMatcher](#headermatcher) -- [QueryParameterMatcher](#queryparametermatcher) -- [InternalRedirectPolicy](#internalredirectpolicy) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/route/v3/route_components.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/route/v3/route_components.proto) - - - - - ---- -### VirtualHost - - -The top level element in the routing configuration is a virtual host. Each virtual host has -a logical name as well as a set of domains that get routed to it based on the incoming request's -host header. This allows a single listener to service multiple top level domain path trees. Once -a virtual host is selected based on the domain, the routes are processed in order to see which -upstream cluster to route to or whether to perform a redirect. -[#next-free-field: 21] - -```yaml -"name": string -"domains": []string -"routes": []solo.io.envoy.config.route.v3.Route -"requireTls": .solo.io.envoy.config.route.v3.VirtualHost.TlsRequirementType -"virtualClusters": []solo.io.envoy.config.route.v3.VirtualCluster -"rateLimits": []solo.io.envoy.config.route.v3.RateLimit -"requestHeadersToAdd": []solo.io.envoy.config.core.v3.HeaderValueOption -"requestHeadersToRemove": []string -"responseHeadersToAdd": []solo.io.envoy.config.core.v3.HeaderValueOption -"responseHeadersToRemove": []string -"cors": .solo.io.envoy.config.route.v3.CorsPolicy -"typedPerFilterConfig": map -"includeRequestAttemptCount": bool -"includeAttemptCountInResponse": bool -"retryPolicy": .solo.io.envoy.config.route.v3.RetryPolicy -"retryPolicyTypedConfig": .google.protobuf.Any -"hedgePolicy": .solo.io.envoy.config.route.v3.HedgePolicy -"perRequestBufferLimitBytes": .google.protobuf.UInt32Value - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | The logical name of the virtual host. This is used when emitting certain statistics but is not relevant for routing. | -| `domains` | `[]string` | A list of domains (host/authority header) that will be matched to this virtual host. Wildcard hosts are supported in the suffix or prefix form. Domain search order: 1. Exact domain names: `www.foo.com`. 2. Suffix domain wildcards: `*.foo.com` or `*-bar.foo.com`. 3. Prefix domain wildcards: `foo.*` or `foo-*`. 4. Special wildcard `*` matching any domain. **Note**: The wildcard will not match the empty string. e.g. `*-bar.foo.com` will match `baz-bar.foo.com` but not `-bar.foo.com`. The longest wildcards match first. Only a single virtual host in the entire route configuration can match on `*`. A domain must be unique across all virtual hosts or the config will fail to load. Domains cannot contain control characters. This is validated by the well_known_regex HTTP_HEADER_VALUE. | -| `routes` | [[]solo.io.envoy.config.route.v3.Route](../route_components.proto.sk/#route) | The list of routes that will be matched, in order, for incoming requests. The first route that matches will be used. | -| `requireTls` | [.solo.io.envoy.config.route.v3.VirtualHost.TlsRequirementType](../route_components.proto.sk/#tlsrequirementtype) | Specifies the type of TLS enforcement the virtual host expects. If this option is not specified, there is no TLS requirement for the virtual host. | -| `virtualClusters` | [[]solo.io.envoy.config.route.v3.VirtualCluster](../route_components.proto.sk/#virtualcluster) | A list of virtual clusters defined for this virtual host. Virtual clusters are used for additional statistics gathering. | -| `rateLimits` | [[]solo.io.envoy.config.route.v3.RateLimit](../route_components.proto.sk/#ratelimit) | Specifies a set of rate limit configurations that will be applied to the virtual host. | -| `requestHeadersToAdd` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../../../core/v3/base.proto.sk/#headervalueoption) | Specifies a list of HTTP headers that should be added to each request handled by this virtual host. Headers specified at this level are applied after headers from enclosed :ref:`envoy_api_msg_config.route.v3.Route` and before headers from the enclosing :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on header value syntax, see the documentation on :ref:`custom request headers `. | -| `requestHeadersToRemove` | `[]string` | Specifies a list of HTTP headers that should be removed from each request handled by this virtual host. | -| `responseHeadersToAdd` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../../../core/v3/base.proto.sk/#headervalueoption) | Specifies a list of HTTP headers that should be added to each response handled by this virtual host. Headers specified at this level are applied after headers from enclosed :ref:`envoy_api_msg_config.route.v3.Route` and before headers from the enclosing :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on header value syntax, see the documentation on :ref:`custom request headers `. | -| `responseHeadersToRemove` | `[]string` | Specifies a list of HTTP headers that should be removed from each response handled by this virtual host. | -| `cors` | [.solo.io.envoy.config.route.v3.CorsPolicy](../route_components.proto.sk/#corspolicy) | Indicates that the virtual host has a CORS policy. | -| `typedPerFilterConfig` | `map` | The per_filter_config field can be used to provide virtual host-specific configurations for filters. The key should match the filter name, such as *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter specific; see the :ref:`HTTP filter documentation ` for if and how it is utilized. | -| `includeRequestAttemptCount` | `bool` | Decides whether the :ref:`x-envoy-attempt-count ` header should be included in the upstream request. Setting this option will cause it to override any existing header value, so in the case of two Envoys on the request path with this option enabled, the upstream will see the attempt count as perceived by the second Envoy. Defaults to false. This header is unaffected by the :ref:`suppress_envoy_headers ` flag. [#next-major-version: rename to include_attempt_count_in_request.]. | -| `includeAttemptCountInResponse` | `bool` | Decides whether the :ref:`x-envoy-attempt-count ` header should be included in the downstream response. Setting this option will cause the router to override any existing header value, so in the case of two Envoys on the request path with this option enabled, the downstream will see the attempt count as perceived by the Envoy closest upstream from itself. Defaults to false. This header is unaffected by the :ref:`suppress_envoy_headers ` flag. | -| `retryPolicy` | [.solo.io.envoy.config.route.v3.RetryPolicy](../route_components.proto.sk/#retrypolicy) | Indicates the retry policy for all routes in this virtual host. Note that setting a route level entry will take precedence over this config and it'll be treated independently (e.g.: values are not inherited). | -| `retryPolicyTypedConfig` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | [#not-implemented-hide:] Specifies the configuration for retry policy extension. Note that setting a route level entry will take precedence over this config and it'll be treated independently (e.g.: values are not inherited). Retry policy should not be set if this field is used. | -| `hedgePolicy` | [.solo.io.envoy.config.route.v3.HedgePolicy](../route_components.proto.sk/#hedgepolicy) | Indicates the hedge policy for all routes in this virtual host. Note that setting a route level entry will take precedence over this config and it'll be treated independently (e.g.: values are not inherited). | -| `perRequestBufferLimitBytes` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The maximum bytes which will be buffered for retries and shadowing. If set and a route-specific limit is not set, the bytes actually buffered will be the minimum value of this and the listener per_connection_buffer_limit_bytes. | - - - - ---- -### TlsRequirementType - - - -| Name | Description | -| ----- | ----------- | -| `NONE` | No TLS requirement for the virtual host. | -| `EXTERNAL_ONLY` | External requests must use TLS. If a request is external and it is not using TLS, a 301 redirect will be sent telling the client to use HTTPS. | -| `ALL` | All requests must use TLS. If a request is not using TLS, a 301 redirect will be sent telling the client to use HTTPS. | - - - - ---- -### FilterAction - - -A filter-defined action type. - -```yaml -"action": .google.protobuf.Any - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `action` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | | - - - - ---- -### Route - - -A route is both a specification of how to match a request as well as an indication of what to do -next (e.g., redirect, forward, rewrite, etc.). - -**Attention**: - - Envoy supports routing on HTTP method via :ref:`header matching - `. -[#next-free-field: 18] - -```yaml -"name": string -"match": .solo.io.envoy.config.route.v3.RouteMatch -"route": .solo.io.envoy.config.route.v3.RouteAction -"redirect": .solo.io.envoy.config.route.v3.RedirectAction -"directResponse": .solo.io.envoy.config.route.v3.DirectResponseAction -"filterAction": .solo.io.envoy.config.route.v3.FilterAction -"metadata": .solo.io.envoy.config.core.v3.Metadata -"decorator": .solo.io.envoy.config.route.v3.Decorator -"typedPerFilterConfig": map -"requestHeadersToAdd": []solo.io.envoy.config.core.v3.HeaderValueOption -"requestHeadersToRemove": []string -"responseHeadersToAdd": []solo.io.envoy.config.core.v3.HeaderValueOption -"responseHeadersToRemove": []string -"tracing": .solo.io.envoy.config.route.v3.Tracing -"perRequestBufferLimitBytes": .google.protobuf.UInt32Value - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | Name for the route. | -| `match` | [.solo.io.envoy.config.route.v3.RouteMatch](../route_components.proto.sk/#routematch) | Route matching parameters. | -| `route` | [.solo.io.envoy.config.route.v3.RouteAction](../route_components.proto.sk/#routeaction) | Route request to some upstream cluster. Only one of `route`, `redirect`, `directResponse`, or `filterAction` can be set. | -| `redirect` | [.solo.io.envoy.config.route.v3.RedirectAction](../route_components.proto.sk/#redirectaction) | Return a redirect. Only one of `redirect`, `route`, `directResponse`, or `filterAction` can be set. | -| `directResponse` | [.solo.io.envoy.config.route.v3.DirectResponseAction](../route_components.proto.sk/#directresponseaction) | Return an arbitrary HTTP response directly, without proxying. Only one of `directResponse`, `route`, `redirect`, or `filterAction` can be set. | -| `filterAction` | [.solo.io.envoy.config.route.v3.FilterAction](../route_components.proto.sk/#filteraction) | [#not-implemented-hide:] If true, a filter will define the action (e.g., it could dynamically generate the RouteAction). [#comment: TODO(samflattery): Remove cleanup in route_fuzz_test.cc when implemented]. Only one of `filterAction`, `route`, `redirect`, or `directResponse` can be set. | -| `metadata` | [.solo.io.envoy.config.core.v3.Metadata](../../../core/v3/base.proto.sk/#metadata) | The Metadata field can be used to provide additional information about the route. It can be used for configuration, stats, and logging. The metadata should go under the filter namespace that will need it. For instance, if the metadata is intended for the Router filter, the filter name should be specified as *envoy.filters.http.router*. | -| `decorator` | [.solo.io.envoy.config.route.v3.Decorator](../route_components.proto.sk/#decorator) | Decorator for the matched route. | -| `typedPerFilterConfig` | `map` | The typed_per_filter_config field can be used to provide route-specific configurations for filters. The key should match the filter name, such as *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter specific; see the HTTP filter documentation for if and how it is utilized. | -| `requestHeadersToAdd` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../../../core/v3/base.proto.sk/#headervalueoption) | Specifies a set of headers that will be added to requests matching this route. Headers specified at this level are applied before headers from the enclosing :ref:`envoy_api_msg_config.route.v3.VirtualHost` and :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on header value syntax, see the documentation on :ref:`custom request headers `. | -| `requestHeadersToRemove` | `[]string` | Specifies a list of HTTP headers that should be removed from each request matching this route. | -| `responseHeadersToAdd` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../../../core/v3/base.proto.sk/#headervalueoption) | Specifies a set of headers that will be added to responses to requests matching this route. Headers specified at this level are applied before headers from the enclosing :ref:`envoy_api_msg_config.route.v3.VirtualHost` and :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on header value syntax, see the documentation on custom request headers. | -| `responseHeadersToRemove` | `[]string` | Specifies a list of HTTP headers that should be removed from each response to requests matching this route. | -| `tracing` | [.solo.io.envoy.config.route.v3.Tracing](../route_components.proto.sk/#tracing) | Presence of the object defines whether the connection manager's tracing configuration is overridden by this route specific instance. | -| `perRequestBufferLimitBytes` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The maximum bytes which will be buffered for retries and shadowing. If set, the bytes actually buffered will be the minimum value of this and the listener per_connection_buffer_limit_bytes. | - - - - ---- -### WeightedCluster - - -Compared to the cluster field that specifies a -single upstream cluster as the target of a request, the :ref:`weighted_clusters -` option allows for specification of -multiple upstream clusters along with weights that indicate the percentage of -traffic to be forwarded to each cluster. The router selects an upstream cluster based on the -weights. - -```yaml -"clusters": []solo.io.envoy.config.route.v3.WeightedCluster.ClusterWeight -"totalWeight": .google.protobuf.UInt32Value -"runtimeKeyPrefix": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clusters` | [[]solo.io.envoy.config.route.v3.WeightedCluster.ClusterWeight](../route_components.proto.sk/#clusterweight) | Specifies one or more upstream clusters associated with the route. | -| `totalWeight` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Specifies the total weight across all clusters. The sum of all cluster weights must equal this value, which must be greater than 0. Defaults to 100. | -| `runtimeKeyPrefix` | `string` | Specifies the runtime key prefix that should be used to construct the runtime keys associated with each cluster. When the *runtime_key_prefix* is specified, the router will look for weights associated with each upstream cluster under the key *runtime_key_prefix* + "." + *cluster[i].name* where *cluster[i]* denotes an entry in the clusters array field. If the runtime key for the cluster does not exist, the value specified in the configuration file will be used as the default weight. See the :ref:`runtime documentation ` for how key names map to the underlying implementation. | - - - - ---- -### ClusterWeight - - -[#next-free-field: 11] - -```yaml -"name": string -"weight": .google.protobuf.UInt32Value -"metadataMatch": .solo.io.envoy.config.core.v3.Metadata -"requestHeadersToAdd": []solo.io.envoy.config.core.v3.HeaderValueOption -"requestHeadersToRemove": []string -"responseHeadersToAdd": []solo.io.envoy.config.core.v3.HeaderValueOption -"responseHeadersToRemove": []string -"typedPerFilterConfig": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | Name of the upstream cluster. The cluster must exist in the cluster manager configuration. | -| `weight` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | An integer between 0 and :ref:`total_weight `. When a request matches the route, the choice of an upstream cluster is determined by its weight. The sum of weights across all entries in the clusters array must add up to the total_weight, which defaults to 100. | -| `metadataMatch` | [.solo.io.envoy.config.core.v3.Metadata](../../../core/v3/base.proto.sk/#metadata) | Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in the upstream cluster with metadata matching what is set in this field will be considered for load balancing. Note that this will be merged with what's provided in RouteAction.metadata_match, with values here taking precedence. The filter name should be specified as *envoy.lb*. | -| `requestHeadersToAdd` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../../../core/v3/base.proto.sk/#headervalueoption) | Specifies a list of headers to be added to requests when this cluster is selected through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. Headers specified at this level are applied before headers from the enclosing :ref:`envoy_api_msg_config.route.v3.Route`, :ref:`envoy_api_msg_config.route.v3.VirtualHost`, and :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on header value syntax, see the documentation on :ref:`custom request headers `. | -| `requestHeadersToRemove` | `[]string` | Specifies a list of HTTP headers that should be removed from each request when this cluster is selected through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. | -| `responseHeadersToAdd` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../../../core/v3/base.proto.sk/#headervalueoption) | Specifies a list of headers to be added to responses when this cluster is selected through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. Headers specified at this level are applied before headers from the enclosing :ref:`envoy_api_msg_config.route.v3.Route`, :ref:`envoy_api_msg_config.route.v3.VirtualHost`, and :ref:`envoy_api_msg_config.route.v3.RouteConfiguration`. For more information, including details on header value syntax, see the documentation on :ref:`custom request headers `. | -| `responseHeadersToRemove` | `[]string` | Specifies a list of headers to be removed from responses when this cluster is selected through the enclosing :ref:`envoy_api_msg_config.route.v3.RouteAction`. | -| `typedPerFilterConfig` | `map` | The per_filter_config field can be used to provide weighted cluster-specific configurations for filters. The key should match the filter name, such as *envoy.filters.http.buffer* for the HTTP buffer filter. Use of this field is filter specific; see the :ref:`HTTP filter documentation ` for if and how it is utilized. | - - - - ---- -### RouteMatch - - -[#next-free-field: 13] - -```yaml -"prefix": string -"path": string -"safeRegex": .solo.io.envoy.type.matcher.v3.RegexMatcher -"connectMatcher": .solo.io.envoy.config.route.v3.RouteMatch.ConnectMatcher -"caseSensitive": .google.protobuf.BoolValue -"runtimeFraction": .solo.io.envoy.config.core.v3.RuntimeFractionalPercent -"headers": []solo.io.envoy.config.route.v3.HeaderMatcher -"queryParameters": []solo.io.envoy.config.route.v3.QueryParameterMatcher -"grpc": .solo.io.envoy.config.route.v3.RouteMatch.GrpcRouteMatchOptions -"tlsContext": .solo.io.envoy.config.route.v3.RouteMatch.TlsContextMatchOptions - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `prefix` | `string` | If specified, the route is a prefix rule meaning that the prefix must match the beginning of the *:path* header. Only one of `prefix`, `path`, `safeRegex`, or `connectMatcher` can be set. | -| `path` | `string` | If specified, the route is an exact path rule meaning that the path must exactly match the *:path* header once the query string is removed. Only one of `path`, `prefix`, `safeRegex`, or `connectMatcher` can be set. | -| `safeRegex` | [.solo.io.envoy.type.matcher.v3.RegexMatcher](../../../../type/matcher/v3/regex.proto.sk/#regexmatcher) | If specified, the route is a regular expression rule meaning that the regex must match the *:path* header once the query string is removed. The entire path (without the query string) must match the regex. The rule will not match if only a subsequence of the *:path* header matches the regex. [#next-major-version: In the v3 API we should redo how path specification works such that we utilize StringMatcher, and additionally have consistent options around whether we strip query strings, do a case sensitive match, etc. In the interim it will be too disruptive to deprecate the existing options. We should even consider whether we want to do away with path_specifier entirely and just rely on a set of header matchers which can already match on :path, etc. The issue with that is it is unclear how to generically deal with query string stripping. This needs more thought.]. Only one of `safeRegex`, `prefix`, `path`, or `connectMatcher` can be set. | -| `connectMatcher` | [.solo.io.envoy.config.route.v3.RouteMatch.ConnectMatcher](../route_components.proto.sk/#connectmatcher) | If this is used as the matcher, the matcher will only match CONNECT requests. Note that this will not match HTTP/2 upgrade-style CONNECT requests (WebSocket and the like) as they are normalized in Envoy as HTTP/1.1 style upgrades. This is the only way to match CONNECT requests for HTTP/1.1. For HTTP/2, where CONNECT requests may have a path, the path matchers will work if there is a path present. Note that CONNECT support is currently considered alpha in Envoy. [#comment:TODO(htuch): Replace the above comment with an alpha tag. Only one of `connectMatcher`, `prefix`, `path`, or `safeRegex` can be set. | -| `caseSensitive` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Indicates that prefix/path matching should be case insensitive. The default is true. | -| `runtimeFraction` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../core/v3/base.proto.sk/#runtimefractionalpercent) | Indicates that the route should additionally match on a runtime key. Every time the route is considered for a match, it must also fall under the percentage of matches indicated by this field. For some fraction N/D, a random number in the range [0,D) is selected. If the number is <= the value of the numerator N, or if the key is not present, the default value, the router continues to evaluate the remaining match criteria. A runtime_fraction route configuration can be used to roll out route changes in a gradual manner without full code/config deploys. Refer to the :ref:`traffic shifting ` docs for additional documentation. **Note**: Parsing this field is implemented such that the runtime key's data may be represented as a FractionalPercent proto represented as JSON/YAML and may also be represented as an integer with the assumption that the value is an integral percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse as a FractionalPercent whose numerator is 42 and denominator is HUNDRED. This preserves legacy semantics. | -| `headers` | [[]solo.io.envoy.config.route.v3.HeaderMatcher](../route_components.proto.sk/#headermatcher) | Specifies a set of headers that the route should match on. The router will check the request’s headers against all the specified headers in the route config. A match will happen if all the headers in the route are present in the request with the same values (or based on presence if the value field is not in the config). | -| `queryParameters` | [[]solo.io.envoy.config.route.v3.QueryParameterMatcher](../route_components.proto.sk/#queryparametermatcher) | Specifies a set of URL query parameters on which the route should match. The router will check the query string from the *path* header against all the specified query parameters. If the number of specified query parameters is nonzero, they all must match the *path* header's query string for a match to occur. | -| `grpc` | [.solo.io.envoy.config.route.v3.RouteMatch.GrpcRouteMatchOptions](../route_components.proto.sk/#grpcroutematchoptions) | If specified, only gRPC requests will be matched. The router will check that the content-type header has a application/grpc or one of the various application/grpc+ values. | -| `tlsContext` | [.solo.io.envoy.config.route.v3.RouteMatch.TlsContextMatchOptions](../route_components.proto.sk/#tlscontextmatchoptions) | If specified, the client tls context will be matched against the defined match options. [#next-major-version: unify with RBAC]. | - - - - ---- -### GrpcRouteMatchOptions - - - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### TlsContextMatchOptions - - - -```yaml -"presented": .google.protobuf.BoolValue -"validated": .google.protobuf.BoolValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `presented` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If specified, the route will match against whether or not a certificate is presented. If not specified, certificate presentation status (true or false) will not be considered when route matching. | -| `validated` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If specified, the route will match against whether or not a certificate is validated. If not specified, certificate validation status (true or false) will not be considered when route matching. | - - - - ---- -### ConnectMatcher - - -An extensible message for matching CONNECT requests. - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### CorsPolicy - - -[#next-free-field: 12] - -```yaml -"allowOriginStringMatch": []solo.io.envoy.type.matcher.v3.StringMatcher -"allowMethods": string -"allowHeaders": string -"exposeHeaders": string -"maxAge": string -"allowCredentials": .google.protobuf.BoolValue -"filterEnabled": .solo.io.envoy.config.core.v3.RuntimeFractionalPercent -"shadowEnabled": .solo.io.envoy.config.core.v3.RuntimeFractionalPercent - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `allowOriginStringMatch` | [[]solo.io.envoy.type.matcher.v3.StringMatcher](../../../../type/matcher/v3/string.proto.sk/#stringmatcher) | Specifies string patterns that match allowed origins. An origin is allowed if any of the string matchers match. | -| `allowMethods` | `string` | Specifies the content for the *access-control-allow-methods* header. | -| `allowHeaders` | `string` | Specifies the content for the *access-control-allow-headers* header. | -| `exposeHeaders` | `string` | Specifies the content for the *access-control-expose-headers* header. | -| `maxAge` | `string` | Specifies the content for the *access-control-max-age* header. | -| `allowCredentials` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Specifies whether the resource allows credentials. | -| `filterEnabled` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../core/v3/base.proto.sk/#runtimefractionalpercent) | Specifies the % of requests for which the CORS filter is enabled. If neither `enabled`, `filter_enabled`, nor `shadow_enabled` are specified, the CORS filter will be enabled for 100% of the requests. If runtime_key is specified, Envoy will lookup the runtime key to get the percentage of requests to filter. | -| `shadowEnabled` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../core/v3/base.proto.sk/#runtimefractionalpercent) | Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not enforced. This field is intended to be used when `filter_enabled` and `enabled` are off. One of those fields have to explicitly disable the filter in order for this setting to take effect. If runtime_key is specified, Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate and track the request's *Origin* to determine if it's valid but will not enforce any policies. | - - - - ---- -### RouteAction - - -[#next-free-field: 35] - -```yaml -"cluster": string -"clusterHeader": string -"weightedClusters": .solo.io.envoy.config.route.v3.WeightedCluster -"clusterNotFoundResponseCode": .solo.io.envoy.config.route.v3.RouteAction.ClusterNotFoundResponseCode -"metadataMatch": .solo.io.envoy.config.core.v3.Metadata -"prefixRewrite": string -"regexRewrite": .solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute -"hostRewriteLiteral": string -"autoHostRewrite": .google.protobuf.BoolValue -"hostRewriteHeader": string -"timeout": .google.protobuf.Duration -"idleTimeout": .google.protobuf.Duration -"retryPolicy": .solo.io.envoy.config.route.v3.RetryPolicy -"retryPolicyTypedConfig": .google.protobuf.Any -"requestMirrorPolicies": []solo.io.envoy.config.route.v3.RouteAction.RequestMirrorPolicy -"priority": .solo.io.envoy.config.core.v3.RoutingPriority -"rateLimits": []solo.io.envoy.config.route.v3.RateLimit -"includeVhRateLimits": .google.protobuf.BoolValue -"hashPolicy": []solo.io.envoy.config.route.v3.RouteAction.HashPolicy -"cors": .solo.io.envoy.config.route.v3.CorsPolicy -"maxGrpcTimeout": .google.protobuf.Duration -"grpcTimeoutOffset": .google.protobuf.Duration -"upgradeConfigs": []solo.io.envoy.config.route.v3.RouteAction.UpgradeConfig -"internalRedirectPolicy": .solo.io.envoy.config.route.v3.InternalRedirectPolicy -"internalRedirectAction": .solo.io.envoy.config.route.v3.RouteAction.InternalRedirectAction -"maxInternalRedirects": .google.protobuf.UInt32Value -"hedgePolicy": .solo.io.envoy.config.route.v3.HedgePolicy - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cluster` | `string` | Indicates the upstream cluster to which the request should be routed to. Only one of `cluster`, `clusterHeader`, or `weightedClusters` can be set. | -| `clusterHeader` | `string` | Envoy will determine the cluster to route to by reading the value of the HTTP header named by cluster_header from the request headers. If the header is not found or the referenced cluster does not exist, Envoy will return a 404 response. **Attention**: Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead. Only one of `clusterHeader`, `cluster`, or `weightedClusters` can be set. | -| `weightedClusters` | [.solo.io.envoy.config.route.v3.WeightedCluster](../route_components.proto.sk/#weightedcluster) | Multiple upstream clusters can be specified for a given route. The request is routed to one of the upstream clusters based on weights assigned to each cluster. See :ref:`traffic splitting ` for additional documentation. Only one of `weightedClusters`, `cluster`, or `clusterHeader` can be set. | -| `clusterNotFoundResponseCode` | [.solo.io.envoy.config.route.v3.RouteAction.ClusterNotFoundResponseCode](../route_components.proto.sk/#clusternotfoundresponsecode) | The HTTP status code to use when configured cluster is not found. The default response code is 503 Service Unavailable. | -| `metadataMatch` | [.solo.io.envoy.config.core.v3.Metadata](../../../core/v3/base.proto.sk/#metadata) | Optional endpoint metadata match criteria used by the subset load balancer. Only endpoints in the upstream cluster with metadata matching what's set in this field will be considered for load balancing. If using :ref:`weighted_clusters `, metadata will be merged, with values provided there taking precedence. The filter name should be specified as *envoy.lb*. | -| `prefixRewrite` | `string` | Indicates that during forwarding, the matched prefix (or path) should be swapped with this value. This option allows application URLs to be rooted at a different path from those exposed at the reverse proxy layer. The router filter will place the original path before rewrite into the :ref:`x-envoy-original-path ` header. Only one of *prefix_rewrite* or :ref:`regex_rewrite ` may be specified. **Attention**: Pay careful attention to the use of trailing slashes in the route's match prefix value. Stripping a prefix from a path requires multiple Routes to handle all cases. For example, rewriting */prefix* to */* and */prefix/etc* to */etc* cannot be done in a single Route, as shown by the below config entries: .. code-block:: yaml - match: prefix: "/prefix/" route: prefix_rewrite: "/" - match: prefix: "/prefix" route: prefix_rewrite: "/" Having above entries in the config, requests to */prefix* will be stripped to */*, while requests to */prefix/etc* will be stripped to */etc*. | -| `regexRewrite` | [.solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute](../../../../type/matcher/v3/regex.proto.sk/#regexmatchandsubstitute) | Indicates that during forwarding, portions of the path that match the pattern should be rewritten, even allowing the substitution of capture groups from the pattern into the new path as specified by the rewrite substitution string. This is useful to allow application paths to be rewritten in a way that is aware of segments with variable content like identifiers. The router filter will place the original path as it was before the rewrite into the :ref:`x-envoy-original-path ` header. Only one of :ref:`prefix_rewrite ` or *regex_rewrite* may be specified. Examples using Google's [RE2](https://github.com/google/re2) engine: * The path pattern `^/service/([^/]+)(/.*)$` paired with a substitution string of `\2/instance/\1` would transform `/service/foo/v1/api` into `/v1/api/instance/foo`. * The pattern `one` paired with a substitution string of `two` would transform `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/two/zzz`. * The pattern `^(.*?)one(.*)$` paired with a substitution string of `\1two\2` would replace only the first occurrence of `one`, transforming path `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/one/zzz`. * The pattern `(?i)/xxx/` paired with a substitution string of `/yyy/` would do a case-insensitive match and transform path `/aaa/XxX/bbb` to `/aaa/yyy/bbb`. | -| `hostRewriteLiteral` | `string` | Indicates that during forwarding, the host header will be swapped with this value. Only one of `hostRewriteLiteral`, `autoHostRewrite`, or `hostRewriteHeader` can be set. | -| `autoHostRewrite` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Indicates that during forwarding, the host header will be swapped with the hostname of the upstream host chosen by the cluster manager. This option is applicable only when the destination cluster for a route is of type *strict_dns* or *logical_dns*. Setting this to true with other cluster types has no effect. Only one of `autoHostRewrite`, `hostRewriteLiteral`, or `hostRewriteHeader` can be set. | -| `hostRewriteHeader` | `string` | Indicates that during forwarding, the host header will be swapped with the content of given downstream or custom header. If header value is empty, host header is left intact. **Attention**: Pay attention to the potential security implications of using this option. Provided header must come from trusted source. Only one of `hostRewriteHeader`, `hostRewriteLiteral`, or `autoHostRewrite` can be set. | -| `timeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the upstream timeout for the route. If not specified, the default is 15s. This spans between the point at which the entire downstream request (i.e. end-of-stream) has been processed and when the upstream response has been completely processed. A value of 0 will disable the route's timeout. **Note**: This timeout includes all retries. See also :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the retry overview. | -| `idleTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the idle timeout for the route. If not specified, there is no per-route idle timeout, although the connection manager wide :ref:`stream_idle_timeout ` will still apply. A value of 0 will completely disable the route's idle timeout, even if a connection manager stream idle timeout is configured. The idle timeout is distinct to :ref:`timeout `, which provides an upper bound on the upstream response time; :ref:`idle_timeout ` instead bounds the amount of time the request's stream may be idle. After header decoding, the idle timeout will apply on downstream and upstream request events. Each time an encode/decode event for headers or data is processed for the stream, the timer will be reset. If the timeout fires, the stream is terminated with a 408 Request Timeout error code if no upstream response header has been received, otherwise a stream reset occurs. | -| `retryPolicy` | [.solo.io.envoy.config.route.v3.RetryPolicy](../route_components.proto.sk/#retrypolicy) | Indicates that the route has a retry policy. Note that if this is set, it'll take precedence over the virtual host level retry policy entirely (e.g.: policies are not merged, most internal one becomes the enforced policy). | -| `retryPolicyTypedConfig` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | [#not-implemented-hide:] Specifies the configuration for retry policy extension. Note that if this is set, it'll take precedence over the virtual host level retry policy entirely (e.g.: policies are not merged, most internal one becomes the enforced policy). :ref:`Retry policy ` should not be set if this field is used. | -| `requestMirrorPolicies` | [[]solo.io.envoy.config.route.v3.RouteAction.RequestMirrorPolicy](../route_components.proto.sk/#requestmirrorpolicy) | Indicates that the route has request mirroring policies. | -| `priority` | [.solo.io.envoy.config.core.v3.RoutingPriority](../../../core/v3/base.proto.sk/#routingpriority) | Optionally specifies the routing priority. | -| `rateLimits` | [[]solo.io.envoy.config.route.v3.RateLimit](../route_components.proto.sk/#ratelimit) | Specifies a set of rate limit configurations that could be applied to the route. | -| `includeVhRateLimits` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Specifies if the rate limit filter should include the virtual host rate limits. By default, if the route configured rate limits, the virtual host rate_limits are not applied to the request. | -| `hashPolicy` | [[]solo.io.envoy.config.route.v3.RouteAction.HashPolicy](../route_components.proto.sk/#hashpolicy) | Specifies a list of hash policies to use for ring hash load balancing. Each hash policy is evaluated individually and the combined result is used to route the request. The method of combination is deterministic such that identical lists of hash policies will produce the same hash. Since a hash policy examines specific parts of a request, it can fail to produce a hash (i.e. if the hashed header is not present). If (and only if) all configured hash policies fail to generate a hash, no hash will be produced for the route. In this case, the behavior is the same as if no hash policies were specified (i.e. the ring hash load balancer will choose a random backend). If a hash policy has the "terminal" attribute set to true, and there is already a hash generated, the hash is returned immediately, ignoring the rest of the hash policy list. | -| `cors` | [.solo.io.envoy.config.route.v3.CorsPolicy](../route_components.proto.sk/#corspolicy) | Indicates that the route has a CORS policy. | -| `maxGrpcTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | If present, and the request is a gRPC request, use the [grpc-timeout header](https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md), or its default value (infinity) instead of timeout, but limit the applied timeout to the maximum value specified here. If configured as 0, the maximum allowed timeout for gRPC requests is infinity. If not configured at all, the `grpc-timeout` header is not used and gRPC requests time out like any other requests using timeout or its default. This can be used to prevent unexpected upstream request timeouts due to potentially long time gaps between gRPC request and response in gRPC streaming mode. **Note**: If a timeout is specified using :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, it takes precedence over [grpc-timeout header](https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md), when both are present. See also :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`, :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the retry overview. | -| `grpcTimeoutOffset` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | If present, Envoy will adjust the timeout provided by the `grpc-timeout` header by subtracting the provided duration from the header. This is useful in allowing Envoy to set its global timeout to be less than that of the deadline imposed by the calling client, which makes it more likely that Envoy will handle the timeout instead of having the call canceled by the client. The offset will only be applied if the provided grpc_timeout is greater than the offset. This ensures that the offset will only ever decrease the timeout and never set it to 0 (meaning infinity). | -| `upgradeConfigs` | [[]solo.io.envoy.config.route.v3.RouteAction.UpgradeConfig](../route_components.proto.sk/#upgradeconfig) | | -| `internalRedirectPolicy` | [.solo.io.envoy.config.route.v3.InternalRedirectPolicy](../route_components.proto.sk/#internalredirectpolicy) | If present, Envoy will try to follow an upstream redirect response instead of proxying the response back to the downstream. An upstream redirect response is defined by :ref:`redirect_response_codes `. | -| `internalRedirectAction` | [.solo.io.envoy.config.route.v3.RouteAction.InternalRedirectAction](../route_components.proto.sk/#internalredirectaction) | | -| `maxInternalRedirects` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | An internal redirect is handled, iff the number of previous internal redirects that a downstream request has encountered is lower than this value, and :ref:`internal_redirect_action ` is set to :ref:`HANDLE_INTERNAL_REDIRECT ` In the case where a downstream request is bounced among multiple routes by internal redirect, the first route that hits this threshold, or has :ref:`internal_redirect_action ` set to :ref:`PASS_THROUGH_INTERNAL_REDIRECT ` will pass the redirect back to downstream. If not specified, at most one redirect will be followed. | -| `hedgePolicy` | [.solo.io.envoy.config.route.v3.HedgePolicy](../route_components.proto.sk/#hedgepolicy) | Indicates that the route has a hedge policy. Note that if this is set, it'll take precedence over the virtual host level hedge policy entirely (e.g.: policies are not merged, most internal one becomes the enforced policy). | - - - - ---- -### RequestMirrorPolicy - - -The router is capable of shadowing traffic from one cluster to another. The current -implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to -respond before returning the response from the primary cluster. All normal statistics are -collected for the shadow cluster making this feature useful for testing. - -During shadowing, the host/authority header is altered such that *-shadow* is appended. This is -useful for logging. For example, *cluster1* becomes *cluster1-shadow*. - -**Note**: - - Shadowing will not be triggered if the primary cluster does not exist. - -```yaml -"cluster": string -"runtimeFraction": .solo.io.envoy.config.core.v3.RuntimeFractionalPercent -"traceSampled": .google.protobuf.BoolValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cluster` | `string` | Specifies the cluster that requests will be mirrored to. The cluster must exist in the cluster manager configuration. | -| `runtimeFraction` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../core/v3/base.proto.sk/#runtimefractionalpercent) | If not specified, all requests to the target cluster will be mirrored. If specified, this field takes precedence over the `runtime_key` field and requests must also fall under the percentage of matches indicated by this field. For some fraction N/D, a random number in the range [0,D) is selected. If the number is <= the value of the numerator N, or if the key is not present, the default value, the request will be mirrored. | -| `traceSampled` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Determines if the trace span should be sampled. Defaults to true. | - - - - ---- -### HashPolicy - - -Specifies the route's hashing policy if the upstream cluster uses a hashing :ref:`load balancer -`. -[#next-free-field: 7] - -```yaml -"header": .solo.io.envoy.config.route.v3.RouteAction.HashPolicy.Header -"cookie": .solo.io.envoy.config.route.v3.RouteAction.HashPolicy.Cookie -"connectionProperties": .solo.io.envoy.config.route.v3.RouteAction.HashPolicy.ConnectionProperties -"queryParameter": .solo.io.envoy.config.route.v3.RouteAction.HashPolicy.QueryParameter -"filterState": .solo.io.envoy.config.route.v3.RouteAction.HashPolicy.FilterState -"terminal": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `header` | [.solo.io.envoy.config.route.v3.RouteAction.HashPolicy.Header](../route_components.proto.sk/#header) | Header hash policy. Only one of `header`, `cookie`, `connectionProperties`, `queryParameter`, or `filterState` can be set. | -| `cookie` | [.solo.io.envoy.config.route.v3.RouteAction.HashPolicy.Cookie](../route_components.proto.sk/#cookie) | Cookie hash policy. Only one of `cookie`, `header`, `connectionProperties`, `queryParameter`, or `filterState` can be set. | -| `connectionProperties` | [.solo.io.envoy.config.route.v3.RouteAction.HashPolicy.ConnectionProperties](../route_components.proto.sk/#connectionproperties) | Connection properties hash policy. Only one of `connectionProperties`, `header`, `cookie`, `queryParameter`, or `filterState` can be set. | -| `queryParameter` | [.solo.io.envoy.config.route.v3.RouteAction.HashPolicy.QueryParameter](../route_components.proto.sk/#queryparameter) | Query parameter hash policy. Only one of `queryParameter`, `header`, `cookie`, `connectionProperties`, or `filterState` can be set. | -| `filterState` | [.solo.io.envoy.config.route.v3.RouteAction.HashPolicy.FilterState](../route_components.proto.sk/#filterstate) | Filter state hash policy. Only one of `filterState`, `header`, `cookie`, `connectionProperties`, or `queryParameter` can be set. | -| `terminal` | `bool` | The flag that short-circuits the hash computing. This field provides a 'fallback' style of configuration: "if a terminal policy doesn't work, fallback to rest of the policy list", it saves time when the terminal policy works. If true, and there is already a hash computed, ignore rest of the list of hash polices. For example, if the following hash methods are configured: ========= ======== specifier terminal ========= ======== Header A true Header B false Header C false ========= ======== The generateHash process ends if policy "header A" generates a hash, as it's a terminal policy. | - - - - ---- -### Header - - - -```yaml -"headerName": string -"regexRewrite": .solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `headerName` | `string` | The name of the request header that will be used to obtain the hash key. If the request header is not present, no hash will be produced. | -| `regexRewrite` | [.solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute](../../../../type/matcher/v3/regex.proto.sk/#regexmatchandsubstitute) | If specified, the request header value will be rewritten and used to produce the hash key. | - - - - ---- -### Cookie - - -Envoy supports two types of cookie affinity: - -1. Passive. Envoy takes a cookie that's present in the cookies header and - hashes on its value. - -2. Generated. Envoy generates and sets a cookie with an expiration (TTL) - on the first request from the client in its response to the client, - based on the endpoint the request gets sent to. The client then - presents this on the next and all subsequent requests. The hash of - this is sufficient to ensure these requests get sent to the same - endpoint. The cookie is generated by hashing the source and - destination ports and addresses so that multiple independent HTTP2 - streams on the same connection will independently receive the same - cookie, even if they arrive at the Envoy simultaneously. - -```yaml -"name": string -"ttl": .google.protobuf.Duration -"path": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | The name of the cookie that will be used to obtain the hash key. If the cookie is not present and ttl below is not set, no hash will be produced. | -| `ttl` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | If specified, a cookie with the TTL will be generated if the cookie is not present. If the TTL is present and zero, the generated cookie will be a session cookie. | -| `path` | `string` | The name of the path for the cookie. If no path is specified here, no path will be set for the cookie. | - - - - ---- -### ConnectionProperties - - - -```yaml -"sourceIp": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `sourceIp` | `bool` | Hash on source IP address. | - - - - ---- -### QueryParameter - - - -```yaml -"name": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | The name of the URL query parameter that will be used to obtain the hash key. If the parameter is not present, no hash will be produced. Query parameter names are case-sensitive. | - - - - ---- -### FilterState - - - -```yaml -"key": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `key` | `string` | The name of the Object in the per-request filterState, which is an Envoy::Http::Hashable object. If there is no data associated with the key, or the stored object is not Envoy::Http::Hashable, no hash will be produced. | - - - - ---- -### UpgradeConfig - - -Allows enabling and disabling upgrades on a per-route basis. -This overrides any enabled/disabled upgrade filter chain specified in the -HttpConnectionManager -:ref:`upgrade_configs -` -but does not affect any custom filter chain specified there. - -```yaml -"upgradeType": string -"enabled": .google.protobuf.BoolValue -"connectConfig": .solo.io.envoy.config.route.v3.RouteAction.UpgradeConfig.ConnectConfig - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `upgradeType` | `string` | The case-insensitive name of this upgrade, e.g. "websocket". For each upgrade type present in upgrade_configs, requests with Upgrade: [upgrade_type] will be proxied upstream. | -| `enabled` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Determines if upgrades are available on this route. Defaults to true. | -| `connectConfig` | [.solo.io.envoy.config.route.v3.RouteAction.UpgradeConfig.ConnectConfig](../route_components.proto.sk/#connectconfig) | Configuration for sending data upstream as a raw data payload. This is used for CONNECT requests, when forwarding CONNECT payload as raw TCP. Note that CONNECT support is currently considered alpha in Envoy. [#comment:TODO(htuch): Replace the above comment with an alpha tag. | - - - - ---- -### ConnectConfig - - -Configuration for sending data upstream as a raw data payload. This is used for -CONNECT requests, when forwarding CONNECT payload as raw TCP. - -```yaml -"proxyProtocolConfig": .solo.io.envoy.config.core.v3.ProxyProtocolConfig - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `proxyProtocolConfig` | [.solo.io.envoy.config.core.v3.ProxyProtocolConfig](../../../core/v3/proxy_protocol.proto.sk/#proxyprotocolconfig) | If present, the proxy protocol header will be prepended to the CONNECT payload sent upstream. | - - - - ---- -### ClusterNotFoundResponseCode - - - -| Name | Description | -| ----- | ----------- | -| `SERVICE_UNAVAILABLE` | HTTP status code - 503 Service Unavailable. | -| `NOT_FOUND` | HTTP status code - 404 Not Found. | - - - - ---- -### InternalRedirectAction - - -Configures internal redirect behavior. -[#next-major-version: remove this definition - it's defined in the InternalRedirectPolicy message.] - -| Name | Description | -| ----- | ----------- | -| `PASS_THROUGH_INTERNAL_REDIRECT` | | -| `HANDLE_INTERNAL_REDIRECT` | | - - - - ---- -### RetryPolicy - - -HTTP retry architecture overview. -[#next-free-field: 11] - -```yaml -"retryOn": string -"numRetries": .google.protobuf.UInt32Value -"perTryTimeout": .google.protobuf.Duration -"retryPriority": .solo.io.envoy.config.route.v3.RetryPolicy.RetryPriority -"retryHostPredicate": []solo.io.envoy.config.route.v3.RetryPolicy.RetryHostPredicate -"hostSelectionRetryMaxAttempts": int -"retriableStatusCodes": []int -"retryBackOff": .solo.io.envoy.config.route.v3.RetryPolicy.RetryBackOff -"retriableHeaders": []solo.io.envoy.config.route.v3.HeaderMatcher -"retriableRequestHeaders": []solo.io.envoy.config.route.v3.HeaderMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `retryOn` | `string` | Specifies the conditions under which retry takes place. These are the same conditions documented for :ref:`config_http_filters_router_x-envoy-retry-on` and :ref:`config_http_filters_router_x-envoy-retry-grpc-on`. | -| `numRetries` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Specifies the allowed number of retries. This parameter is optional and defaults to 1. These are the same conditions documented for :ref:`config_http_filters_router_x-envoy-max-retries`. | -| `perTryTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies a non-zero upstream timeout per retry attempt. This parameter is optional. The same conditions documented for :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply. **Note**: If left unspecified, Envoy will use the global route timeout for the request. Consequently, when using a 5xx based retry policy, a request that times out will not be retried as the total timeout budget would have been exhausted. | -| `retryPriority` | [.solo.io.envoy.config.route.v3.RetryPolicy.RetryPriority](../route_components.proto.sk/#retrypriority) | Specifies an implementation of a RetryPriority which is used to determine the distribution of load across priorities used for retries. Refer to retry plugin configuration for more details. | -| `retryHostPredicate` | [[]solo.io.envoy.config.route.v3.RetryPolicy.RetryHostPredicate](../route_components.proto.sk/#retryhostpredicate) | Specifies a collection of RetryHostPredicates that will be consulted when selecting a host for retries. If any of the predicates reject the host, host selection will be reattempted. Refer to retry plugin configuration for more details. | -| `hostSelectionRetryMaxAttempts` | `int` | The maximum number of times host selection will be reattempted before giving up, at which point the host that was last selected will be routed to. If unspecified, this will default to retrying once. | -| `retriableStatusCodes` | `[]int` | HTTP status codes that should trigger a retry in addition to those specified by retry_on. | -| `retryBackOff` | [.solo.io.envoy.config.route.v3.RetryPolicy.RetryBackOff](../route_components.proto.sk/#retrybackoff) | Specifies parameters that control retry back off. This parameter is optional, in which case the default base interval is 25 milliseconds or, if set, the current value of the `upstream.base_retry_backoff_ms` runtime parameter. The default maximum interval is 10 times the base interval. The documentation for :ref:`config_http_filters_router_x-envoy-max-retries` describes Envoy's back-off algorithm. | -| `retriableHeaders` | [[]solo.io.envoy.config.route.v3.HeaderMatcher](../route_components.proto.sk/#headermatcher) | HTTP response headers that trigger a retry if present in the response. A retry will be triggered if any of the header matches match the upstream response headers. The field is only consulted if 'retriable-headers' retry policy is active. | -| `retriableRequestHeaders` | [[]solo.io.envoy.config.route.v3.HeaderMatcher](../route_components.proto.sk/#headermatcher) | HTTP headers which must be present in the request for retries to be attempted. | - - - - ---- -### RetryPriority - - - -```yaml -"name": string -"typedConfig": .google.protobuf.Any - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | | -| `typedConfig` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | | - - - - ---- -### RetryHostPredicate - - - -```yaml -"name": string -"typedConfig": .google.protobuf.Any - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | | -| `typedConfig` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | | - - - - ---- -### RetryBackOff - - - -```yaml -"baseInterval": .google.protobuf.Duration -"maxInterval": .google.protobuf.Duration - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `baseInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the base interval between retries. This parameter is required and must be greater than zero. Values less than 1 ms are rounded up to 1 ms. See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion of Envoy's back-off algorithm. | -| `maxInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the maximum interval between retries. This parameter is optional, but must be greater than or equal to the `base_interval` if set. The default is 10 times the `base_interval`. See :ref:`config_http_filters_router_x-envoy-max-retries` for a discussion of Envoy's back-off algorithm. | - - - - ---- -### HedgePolicy - - -HTTP request hedging architecture overview. - -```yaml -"initialRequests": .google.protobuf.UInt32Value -"additionalRequestChance": .solo.io.envoy.type.v3.FractionalPercent -"hedgeOnPerTryTimeout": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `initialRequests` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Specifies the number of initial requests that should be sent upstream. Must be at least 1. Defaults to 1. [#not-implemented-hide:]. | -| `additionalRequestChance` | [.solo.io.envoy.type.v3.FractionalPercent](../../../../type/v3/percent.proto.sk/#fractionalpercent) | Specifies a probability that an additional upstream request should be sent on top of what is specified by initial_requests. Defaults to 0. [#not-implemented-hide:]. | -| `hedgeOnPerTryTimeout` | `bool` | Indicates that a hedged request should be sent when the per-try timeout is hit. This will only occur if the retry policy also indicates that a timed out request should be retried. Once a timed out request is retried due to per try timeout, the router filter will ensure that it is not retried again even if the returned response headers would otherwise be retried according the specified RetryPolicy. Defaults to false. | - - - - ---- -### RedirectAction - - -[#next-free-field: 9] - -```yaml -"httpsRedirect": bool -"schemeRedirect": string -"hostRedirect": string -"portRedirect": int -"pathRedirect": string -"prefixRewrite": string -"responseCode": .solo.io.envoy.config.route.v3.RedirectAction.RedirectResponseCode -"stripQuery": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `httpsRedirect` | `bool` | The scheme portion of the URL will be swapped with "https". Only one of `httpsRedirect` or `schemeRedirect` can be set. | -| `schemeRedirect` | `string` | The scheme portion of the URL will be swapped with this value. Only one of `schemeRedirect` or `httpsRedirect` can be set. | -| `hostRedirect` | `string` | The host portion of the URL will be swapped with this value. | -| `portRedirect` | `int` | The port value of the URL will be swapped with this value. | -| `pathRedirect` | `string` | The path portion of the URL will be swapped with this value. Please note that query string in path_redirect will override the request's query string and will not be stripped. For example, let's say we have the following routes: - match: { path: "/old-path-1" } redirect: { path_redirect: "/new-path-1" } - match: { path: "/old-path-2" } redirect: { path_redirect: "/new-path-2", strip-query: "true" } - match: { path: "/old-path-3" } redirect: { path_redirect: "/new-path-3?foo=1", strip_query: "true" } 1. if request uri is "/old-path-1?bar=1", users will be redirected to "/new-path-1?bar=1" 2. if request uri is "/old-path-2?bar=1", users will be redirected to "/new-path-2" 3. if request uri is "/old-path-3?bar=1", users will be redirected to "/new-path-3?foo=1". Only one of `pathRedirect` or `prefixRewrite` can be set. | -| `prefixRewrite` | `string` | Indicates that during redirection, the matched prefix (or path) should be swapped with this value. This option allows redirect URLs be dynamically created based on the request. **Attention**: Pay attention to the use of trailing slashes as mentioned in RouteAction's prefix_rewrite. Only one of `prefixRewrite` or `pathRedirect` can be set. | -| `responseCode` | [.solo.io.envoy.config.route.v3.RedirectAction.RedirectResponseCode](../route_components.proto.sk/#redirectresponsecode) | The HTTP status code to use in the redirect response. The default response code is MOVED_PERMANENTLY (301). | -| `stripQuery` | `bool` | Indicates that during redirection, the query portion of the URL will be removed. Default value is false. | - - - - ---- -### RedirectResponseCode - - - -| Name | Description | -| ----- | ----------- | -| `MOVED_PERMANENTLY` | Moved Permanently HTTP Status Code - 301. | -| `FOUND` | Found HTTP Status Code - 302. | -| `SEE_OTHER` | See Other HTTP Status Code - 303. | -| `TEMPORARY_REDIRECT` | Temporary Redirect HTTP Status Code - 307. | -| `PERMANENT_REDIRECT` | Permanent Redirect HTTP Status Code - 308. | - - - - ---- -### DirectResponseAction - - - -```yaml -"status": int -"body": .solo.io.envoy.config.core.v3.DataSource - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `status` | `int` | Specifies the HTTP response status to be returned. | -| `body` | [.solo.io.envoy.config.core.v3.DataSource](../../../core/v3/base.proto.sk/#datasource) | Specifies the content of the response body. If this setting is omitted, no body is included in the generated response. **Note**: Headers can be specified using *response_headers_to_add* in the enclosing :ref:`envoy_api_msg_config.route.v3.Route`, :ref:`envoy_api_msg_config.route.v3.RouteConfiguration` or :ref:`envoy_api_msg_config.route.v3.VirtualHost`. | - - - - ---- -### Decorator - - - -```yaml -"operation": string -"propagate": .google.protobuf.BoolValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `operation` | `string` | The operation name associated with the request matched to this route. If tracing is enabled, this information will be used as the span name reported for this request. **Note**: For ingress (inbound) requests, or egress (outbound) responses, this value may be overridden by the :ref:`x-envoy-decorator-operation ` header. | -| `propagate` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Whether the decorated details should be propagated to the other party. The default is true. | - - - - ---- -### Tracing - - - -```yaml -"clientSampling": .solo.io.envoy.type.v3.FractionalPercent -"randomSampling": .solo.io.envoy.type.v3.FractionalPercent -"overallSampling": .solo.io.envoy.type.v3.FractionalPercent -"customTags": []solo.io.envoy.type.tracing.v3.CustomTag - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `clientSampling` | [.solo.io.envoy.type.v3.FractionalPercent](../../../../type/v3/percent.proto.sk/#fractionalpercent) | Target percentage of requests managed by this HTTP connection manager that will be force traced if the :ref:`x-client-trace-id ` header is set. This field is a direct analog for the runtime variable 'tracing.client_sampling' in the :ref:`HTTP Connection Manager `. Default: 100%. | -| `randomSampling` | [.solo.io.envoy.type.v3.FractionalPercent](../../../../type/v3/percent.proto.sk/#fractionalpercent) | Target percentage of requests managed by this HTTP connection manager that will be randomly selected for trace generation, if not requested by the client or not forced. This field is a direct analog for the runtime variable 'tracing.random_sampling' in the HTTP Connection Manager. Default: 100%. | -| `overallSampling` | [.solo.io.envoy.type.v3.FractionalPercent](../../../../type/v3/percent.proto.sk/#fractionalpercent) | Target percentage of requests managed by this HTTP connection manager that will be traced after all other sampling checks have been applied (client-directed, force tracing, random sampling). This field functions as an upper limit on the total configured sampling rate. For instance, setting client_sampling to 100% but overall_sampling to 1% will result in only 1% of client requests with the appropriate headers to be force traced. This field is a direct analog for the runtime variable 'tracing.global_enabled' in the HTTP Connection Manager. Default: 100%. | -| `customTags` | [[]solo.io.envoy.type.tracing.v3.CustomTag](../../../../type/tracing/v3/custom_tag.proto.sk/#customtag) | A list of custom tags with unique tag name to create tags for the active span. It will take effect after merging with the :ref:`corresponding configuration ` configured in the HTTP connection manager. If two tags with the same name are configured each in the HTTP connection manager and the route level, the one configured here takes priority. | - - - - ---- -### VirtualCluster - - -A virtual cluster is a way of specifying a regex matching rule against -certain important endpoints such that statistics are generated explicitly for -the matched requests. The reason this is useful is that when doing -prefix/path matching Envoy does not always know what the application -considers to be an endpoint. Thus, it’s impossible for Envoy to generically -emit per endpoint statistics. However, often systems have highly critical -endpoints that they wish to get “perfect” statistics on. Virtual cluster -statistics are perfect in the sense that they are emitted on the downstream -side such that they include network level failures. - -Documentation for virtual cluster statistics. - -**Note**: - - Virtual clusters are a useful tool, but we do not recommend setting up a virtual cluster for - every application endpoint. This is both not easily maintainable and as well the matching and - statistics output are not free. - -```yaml -"headers": []solo.io.envoy.config.route.v3.HeaderMatcher -"name": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `headers` | [[]solo.io.envoy.config.route.v3.HeaderMatcher](../route_components.proto.sk/#headermatcher) | Specifies a list of header matchers to use for matching requests. Each specified header must match. The pseudo-headers `:path` and `:method` can be used to match the request path and method, respectively. | -| `name` | `string` | Specifies the name of the virtual cluster. The virtual cluster name as well as the virtual host name are used when emitting statistics. The statistics are emitted by the router filter and are documented here. | - - - - ---- -### RateLimit - - -Global rate limiting architecture overview. - -```yaml -"stage": .google.protobuf.UInt32Value -"disableKey": string -"actions": []solo.io.envoy.config.route.v3.RateLimit.Action -"limit": .solo.io.envoy.config.route.v3.RateLimit.Override - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `stage` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Refers to the stage set in the filter. The rate limit configuration only applies to filters with the same stage number. The default stage number is 0. **Note**: The filter supports a range of 0 - 10 inclusively for stage numbers. | -| `disableKey` | `string` | The key to be set in runtime to disable this rate limit configuration. | -| `actions` | [[]solo.io.envoy.config.route.v3.RateLimit.Action](../route_components.proto.sk/#action) | A list of actions that are to be applied for this rate limit configuration. Order matters as the actions are processed sequentially and the descriptor is composed by appending descriptor entries in that sequence. If an action cannot append a descriptor entry, no descriptor is generated for the configuration. See :ref:`composing actions ` for additional documentation. | -| `limit` | [.solo.io.envoy.config.route.v3.RateLimit.Override](../route_components.proto.sk/#override) | An optional limit override to be appended to the descriptor produced by this rate limit configuration. If the override value is invalid or cannot be resolved from metadata, no override is provided. See :ref:`rate limit override ` for more information. | - - - - ---- -### Action - - -[#next-free-field: 8] - -```yaml -"sourceCluster": .solo.io.envoy.config.route.v3.RateLimit.Action.SourceCluster -"destinationCluster": .solo.io.envoy.config.route.v3.RateLimit.Action.DestinationCluster -"requestHeaders": .solo.io.envoy.config.route.v3.RateLimit.Action.RequestHeaders -"remoteAddress": .solo.io.envoy.config.route.v3.RateLimit.Action.RemoteAddress -"genericKey": .solo.io.envoy.config.route.v3.RateLimit.Action.GenericKey -"headerValueMatch": .solo.io.envoy.config.route.v3.RateLimit.Action.HeaderValueMatch -"dynamicMetadata": .solo.io.envoy.config.route.v3.RateLimit.Action.DynamicMetaData - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `sourceCluster` | [.solo.io.envoy.config.route.v3.RateLimit.Action.SourceCluster](../route_components.proto.sk/#sourcecluster) | Rate limit on source cluster. Only one of `sourceCluster`, `destinationCluster`, `requestHeaders`, `remoteAddress`, `genericKey`, `headerValueMatch`, or `dynamicMetadata` can be set. | -| `destinationCluster` | [.solo.io.envoy.config.route.v3.RateLimit.Action.DestinationCluster](../route_components.proto.sk/#destinationcluster) | Rate limit on destination cluster. Only one of `destinationCluster`, `sourceCluster`, `requestHeaders`, `remoteAddress`, `genericKey`, `headerValueMatch`, or `dynamicMetadata` can be set. | -| `requestHeaders` | [.solo.io.envoy.config.route.v3.RateLimit.Action.RequestHeaders](../route_components.proto.sk/#requestheaders) | Rate limit on request headers. Only one of `requestHeaders`, `sourceCluster`, `destinationCluster`, `remoteAddress`, `genericKey`, `headerValueMatch`, or `dynamicMetadata` can be set. | -| `remoteAddress` | [.solo.io.envoy.config.route.v3.RateLimit.Action.RemoteAddress](../route_components.proto.sk/#remoteaddress) | Rate limit on remote address. Only one of `remoteAddress`, `sourceCluster`, `destinationCluster`, `requestHeaders`, `genericKey`, `headerValueMatch`, or `dynamicMetadata` can be set. | -| `genericKey` | [.solo.io.envoy.config.route.v3.RateLimit.Action.GenericKey](../route_components.proto.sk/#generickey) | Rate limit on a generic key. Only one of `genericKey`, `sourceCluster`, `destinationCluster`, `requestHeaders`, `remoteAddress`, `headerValueMatch`, or `dynamicMetadata` can be set. | -| `headerValueMatch` | [.solo.io.envoy.config.route.v3.RateLimit.Action.HeaderValueMatch](../route_components.proto.sk/#headervaluematch) | Rate limit on the existence of request headers. Only one of `headerValueMatch`, `sourceCluster`, `destinationCluster`, `requestHeaders`, `remoteAddress`, `genericKey`, or `dynamicMetadata` can be set. | -| `dynamicMetadata` | [.solo.io.envoy.config.route.v3.RateLimit.Action.DynamicMetaData](../route_components.proto.sk/#dynamicmetadata) | Rate limit on dynamic metadata. Only one of `dynamicMetadata`, `sourceCluster`, `destinationCluster`, `requestHeaders`, `remoteAddress`, `genericKey`, or `headerValueMatch` can be set. | - - - - ---- -### SourceCluster - - -The following descriptor entry is appended to the descriptor: - -.. code-block:: cpp - - ("source_cluster", "") - - is derived from the `--service-cluster` option. - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### DestinationCluster - - -The following descriptor entry is appended to the descriptor: - -.. code-block:: cpp - - ("destination_cluster", "") - -Once a request matches against a route table rule, a routed cluster is determined by one of -the following :ref:`route table configuration ` -settings: - -* cluster indicates the upstream cluster - to route to. -* :ref:`weighted_clusters ` - chooses a cluster randomly from a set of clusters with attributed weight. -* cluster_header indicates which - header in the request contains the target cluster. - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### RequestHeaders - - -The following descriptor entry is appended when a header contains a key that matches the -*header_name*: - -.. code-block:: cpp - - ("", "") - -```yaml -"headerName": string -"descriptorKey": string -"skipIfAbsent": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `headerName` | `string` | The header name to be queried from the request headers. The header’s value is used to populate the value of the descriptor entry for the descriptor_key. | -| `descriptorKey` | `string` | The key to use in the descriptor entry. | -| `skipIfAbsent` | `bool` | If set to true, Envoy skips the descriptor while calling rate limiting service when header is not present in the request. By default it skips calling the rate limiting service if this header is not present in the request. | - - - - ---- -### RemoteAddress - - -The following descriptor entry is appended to the descriptor and is populated using the -trusted address from x-forwarded-for. - -.. code-block:: cpp - - ("remote_address", "") - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### GenericKey - - -The following descriptor entry is appended to the descriptor: - -.. code-block:: cpp - - ("generic_key", "") - -```yaml -"descriptorValue": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `descriptorValue` | `string` | The value to use in the descriptor entry. | - - - - ---- -### HeaderValueMatch - - -The following descriptor entry is appended to the descriptor: - -.. code-block:: cpp - - ("header_match", "") - -```yaml -"descriptorValue": string -"expectMatch": .google.protobuf.BoolValue -"headers": []solo.io.envoy.config.route.v3.HeaderMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `descriptorValue` | `string` | The value to use in the descriptor entry. | -| `expectMatch` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If set to true, the action will append a descriptor entry when the request matches the headers. If set to false, the action will append a descriptor entry when the request does not match the headers. The default value is true. | -| `headers` | [[]solo.io.envoy.config.route.v3.HeaderMatcher](../route_components.proto.sk/#headermatcher) | Specifies a set of headers that the rate limit action should match on. The action will check the request’s headers against all the specified headers in the config. A match will happen if all the headers in the config are present in the request with the same values (or based on presence if the value field is not in the config). | - - - - ---- -### DynamicMetaData - - -The following descriptor entry is appended when the dynamic metadata contains a key value: - -.. code-block:: cpp - - ("", "") - -```yaml -"descriptorKey": string -"metadataKey": .solo.io.envoy.type.metadata.v3.MetadataKey - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `descriptorKey` | `string` | The key to use in the descriptor entry. | -| `metadataKey` | [.solo.io.envoy.type.metadata.v3.MetadataKey](../../../../type/metadata/v3/metadata.proto.sk/#metadatakey) | Metadata struct that defines the key and path to retrieve the string value. A match will only happen if the value in the dynamic metadata is of type string. | - - - - ---- -### Override - - - -```yaml -"dynamicMetadata": .solo.io.envoy.config.route.v3.RateLimit.Override.DynamicMetadata - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `dynamicMetadata` | [.solo.io.envoy.config.route.v3.RateLimit.Override.DynamicMetadata](../route_components.proto.sk/#dynamicmetadata) | Limit override from dynamic metadata. | - - - - ---- -### DynamicMetadata - - -Fetches the override from the dynamic metadata. - -```yaml -"metadataKey": .solo.io.envoy.type.metadata.v3.MetadataKey - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `metadataKey` | [.solo.io.envoy.type.metadata.v3.MetadataKey](../../../../type/metadata/v3/metadata.proto.sk/#metadatakey) | Metadata struct that defines the key and path to retrieve the struct value. The value must be a struct containing an integer "requests_per_unit" property and a "unit" property with a value parseable to :ref:`RateLimitUnit enum `. | - - - - ---- -### HeaderMatcher - - -**Attention**: - - Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host* - header. Thus, if attempting to match on *Host*, match on *:authority* instead. - -**Attention**: - - To route on HTTP method, use the special HTTP/2 *:method* header. This works for both - HTTP/1 and HTTP/2 as Envoy normalizes headers. E.g., - - .. code-block:: json - - { - "name": ":method", - "exact_match": "POST" - } - -**Attention**: - In the absence of any header match specifier, match will default to :ref:`present_match - `. i.e, a request that has the :ref:`name - ` header will match, regardless of the header's - value. - - [#next-major-version: HeaderMatcher should be refactored to use StringMatcher.] -[#next-free-field: 12] - -```yaml -"name": string -"exactMatch": string -"safeRegexMatch": .solo.io.envoy.type.matcher.v3.RegexMatcher -"rangeMatch": .solo.io.envoy.type.v3.Int64Range -"presentMatch": bool -"prefixMatch": string -"suffixMatch": string -"invertMatch": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | Specifies the name of the header in the request. | -| `exactMatch` | `string` | If specified, header match will be performed based on the value of the header. Only one of `exactMatch`, `safeRegexMatch`, `rangeMatch`, `presentMatch`, `prefixMatch`, or `suffixMatch` can be set. | -| `safeRegexMatch` | [.solo.io.envoy.type.matcher.v3.RegexMatcher](../../../../type/matcher/v3/regex.proto.sk/#regexmatcher) | If specified, this regex string is a regular expression rule which implies the entire request header value must match the regex. The rule will not match if only a subsequence of the request header value matches the regex. Only one of `safeRegexMatch`, `exactMatch`, `rangeMatch`, `presentMatch`, `prefixMatch`, or `suffixMatch` can be set. | -| `rangeMatch` | [.solo.io.envoy.type.v3.Int64Range](../../../../type/v3/range.proto.sk/#int64range) | If specified, header match will be performed based on range. The rule will match if the request header value is within this range. The entire request header value must represent an integer in base 10 notation: consisting of an optional plus or minus sign followed by a sequence of digits. The rule will not match if the header value does not represent an integer. Match will fail for empty values, floating point numbers or if only a subsequence of the header value is an integer. Examples: * For range [-10,0), route will match for header value -1, but not for 0, "somestring", 10.9, "-1somestring". Only one of `rangeMatch`, `exactMatch`, `safeRegexMatch`, `presentMatch`, `prefixMatch`, or `suffixMatch` can be set. | -| `presentMatch` | `bool` | If specified, header match will be performed based on whether the header is in the request. Only one of `presentMatch`, `exactMatch`, `safeRegexMatch`, `rangeMatch`, `prefixMatch`, or `suffixMatch` can be set. | -| `prefixMatch` | `string` | If specified, header match will be performed based on the prefix of the header value. Note: empty prefix is not allowed, please use present_match instead. Examples: * The prefix *abcd* matches the value *abcdxyz*, but not for *abcxyz*. Only one of `prefixMatch`, `exactMatch`, `safeRegexMatch`, `rangeMatch`, `presentMatch`, or `suffixMatch` can be set. | -| `suffixMatch` | `string` | If specified, header match will be performed based on the suffix of the header value. Note: empty suffix is not allowed, please use present_match instead. Examples: * The suffix *abcd* matches the value *xyzabcd*, but not for *xyzbcd*. Only one of `suffixMatch`, `exactMatch`, `safeRegexMatch`, `rangeMatch`, `presentMatch`, or `prefixMatch` can be set. | -| `invertMatch` | `bool` | If specified, the match result will be inverted before checking. Defaults to false. Examples: * The regex `\d{3}` does not match the value *1234*, so it will match when inverted. * The range [-10,0) will match the value -1, so it will not match when inverted. | - - - - ---- -### QueryParameterMatcher - - -Query parameter matching treats the query string of a request's :path header -as an ampersand-separated list of keys and/or key=value elements. -[#next-free-field: 7] - -```yaml -"name": string -"stringMatch": .solo.io.envoy.type.matcher.v3.StringMatcher -"presentMatch": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | Specifies the name of a key that must be present in the requested *path*'s query string. | -| `stringMatch` | [.solo.io.envoy.type.matcher.v3.StringMatcher](../../../../type/matcher/v3/string.proto.sk/#stringmatcher) | Specifies whether a query parameter value should match against a string. Only one of `stringMatch` or `presentMatch` can be set. | -| `presentMatch` | `bool` | Specifies whether a query parameter should be present. Only one of `presentMatch` or `stringMatch` can be set. | - - - - ---- -### InternalRedirectPolicy - - -HTTP Internal Redirect architecture overview. - -```yaml -"maxInternalRedirects": .google.protobuf.UInt32Value -"redirectResponseCodes": []int -"predicates": []solo.io.envoy.config.core.v3.TypedExtensionConfig -"allowCrossSchemeRedirect": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `maxInternalRedirects` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | An internal redirect is not handled, unless the number of previous internal redirects that a downstream request has encountered is lower than this value. In the case where a downstream request is bounced among multiple routes by internal redirect, the first route that hits this threshold, or does not set :ref:`internal_redirect_policy ` will pass the redirect back to downstream. If not specified, at most one redirect will be followed. | -| `redirectResponseCodes` | `[]int` | Defines what upstream response codes are allowed to trigger internal redirect. If unspecified, only 302 will be treated as internal redirect. Only 301, 302, 303, 307 and 308 are valid values. Any other codes will be ignored. | -| `predicates` | [[]solo.io.envoy.config.core.v3.TypedExtensionConfig](../../../core/v3/extension.proto.sk/#typedextensionconfig) | Specifies a list of predicates that are queried when an upstream response is deemed to trigger an internal redirect by all other criteria. Any predicate in the list can reject the redirect, causing the response to be proxied to downstream. | -| `allowCrossSchemeRedirect` | `bool` | Allow internal redirect to follow a target URI with a different scheme than the value of x-forwarded-proto. The default is false. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/tap/output_sink/v3/grpc_output_sink.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/tap/output_sink/v3/grpc_output_sink.proto.sk.md deleted file mode 100644 index c46ca6c93f7..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/tap/output_sink/v3/grpc_output_sink.proto.sk.md +++ /dev/null @@ -1,46 +0,0 @@ - ---- -title: "grpc_output_sink.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.tap.output_sink.v3` -#### Types: - - -- [GrpcOutputSink](#grpcoutputsink) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/tap/output_sink/v3/grpc_output_sink.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/tap/output_sink/v3/grpc_output_sink.proto) - - - - - ---- -### GrpcOutputSink - - -GRPC output sink definition - -```yaml -"grpcService": .solo.io.envoy.config.core.v3.GrpcService - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `grpcService` | [.solo.io.envoy.config.core.v3.GrpcService](../../../../core/v3/grpc_service.proto.sk/#grpcservice) | Location of the GRPC service to which output traces should be submitted. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/tap/output_sink/v3/http_output_sink.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/tap/output_sink/v3/http_output_sink.proto.sk.md deleted file mode 100644 index 10e0d2e06ef..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/tap/output_sink/v3/http_output_sink.proto.sk.md +++ /dev/null @@ -1,46 +0,0 @@ - ---- -title: "http_output_sink.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.tap.output_sink.v3` -#### Types: - - -- [HttpOutputSink](#httpoutputsink) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/tap/output_sink/v3/http_output_sink.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/tap/output_sink/v3/http_output_sink.proto) - - - - - ---- -### HttpOutputSink - - -HTTP output sink definition - -```yaml -"serverUri": .solo.io.envoy.config.core.v3.HttpUri - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `serverUri` | [.solo.io.envoy.config.core.v3.HttpUri](../../../../core/v3/http_uri.proto.sk/#httpuri) | URI of the HTTP server to which output traces should be submitted. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/datadog.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/datadog.proto.sk.md deleted file mode 100644 index f280d9a210e..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/datadog.proto.sk.md +++ /dev/null @@ -1,76 +0,0 @@ - ---- -title: "datadog.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.trace.v3` -#### Types: - - -- [DatadogRemoteConfig](#datadogremoteconfig) -- [DatadogConfig](#datadogconfig) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/datadog.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/trace/v3/datadog.proto) - - - - - ---- -### DatadogRemoteConfig - - -Configuration for the Remote Configuration feature. - -```yaml -"pollingInterval": .google.protobuf.Duration -"disabled": .google.protobuf.BoolValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `pollingInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Frequency at which new configuration updates are queried. If no value is provided, the default value is delegated to the Datadog tracing library. | -| `disabled` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Disabled remote config. This field does not exist in envoy's config but allow us to preserve the default behavior when upgrading to envoy v1.31. | - - - - ---- -### DatadogConfig - - -Configuration for the Datadog tracer. -[#extension: envoy.tracers.datadog] - -```yaml -"collectorUpstreamRef": .core.solo.io.ResourceRef -"clusterName": string -"serviceName": .google.protobuf.StringValue -"collectorHostname": string -"remoteConfig": .solo.io.envoy.config.trace.v3.DatadogRemoteConfig - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `collectorUpstreamRef` | [.core.solo.io.ResourceRef](../../../../../../../../../../solo-kit/api/v1/ref.proto.sk/#resourceref) | The upstream to use for submitting traces to the Datadog agent. Only one of `collectorUpstreamRef` or `clusterName` can be set. | -| `clusterName` | `string` | The name of the cluster to use for submitting traces to the Datadog agent. Note that the cluster must be defined in the :ref:`Bootstrap static cluster resources `. Only one of `clusterName` or `collectorUpstreamRef` can be set. | -| `serviceName` | [.google.protobuf.StringValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/string-value) | The name used for the service when traces are generated by envoy. | -| `collectorHostname` | `string` | Optional hostname to use when sending spans to the collector_cluster. Useful for collectors that require a specific hostname. Defaults to collector_cluster above. | -| `remoteConfig` | [.solo.io.envoy.config.trace.v3.DatadogRemoteConfig](../datadog.proto.sk/#datadogremoteconfig) | Configures remote configuration. Remote Configuration allows to configure the tracer from Datadog's user interface. This feature can drastically increase the number of connections to the Datadog Agent. Each tracer regularly polls for configuration updates, and the number of tracers is the product of the number of listeners and worker threads. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/opencensus.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/opencensus.proto.sk.md deleted file mode 100644 index 7d27f55bb99..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/opencensus.proto.sk.md +++ /dev/null @@ -1,204 +0,0 @@ - ---- -title: "opencensus.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.trace.v3` -#### Types: - - -- [OpenCensusConfig](#opencensusconfig) -- [OcagentGrpcAddress](#ocagentgrpcaddress) -- [TraceContext](#tracecontext) -- [TraceConfig](#traceconfig) -- [ProbabilitySampler](#probabilitysampler) -- [ConstantSampler](#constantsampler) -- [ConstantDecision](#constantdecision) -- [RateLimitingSampler](#ratelimitingsampler) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/opencensus.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/trace/v3/opencensus.proto) - - - - - ---- -### OpenCensusConfig - - -Configuration for the OpenCensus tracer. - -The OpenCensus tracer is capable of reporting metadata to a collector using W3C-standard Trace Context: https://www.w3.org/TR/trace-context/ -WARNING: users should take care to note that this plugin has a serious limitation that can cause a configuration freeze of Envoy's dynamic listeners. This plugin can be initialised once after Envoy has started. In order to change this plugin's configuration, users must first apply the new configuration, and then restart Envoy. Users should also be aware that once the new configuration is applied, Envoy will reject any changes to its dynamic listeners configuration until after it has been restarted. -[#extension: envoy.tracers.opencensus] - -```yaml -"traceConfig": .solo.io.envoy.config.trace.v3.TraceConfig -"ocagentExporterEnabled": bool -"httpAddress": string -"grpcAddress": .solo.io.envoy.config.trace.v3.OpenCensusConfig.OcagentGrpcAddress -"incomingTraceContext": []solo.io.envoy.config.trace.v3.OpenCensusConfig.TraceContext -"outgoingTraceContext": []solo.io.envoy.config.trace.v3.OpenCensusConfig.TraceContext - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `traceConfig` | [.solo.io.envoy.config.trace.v3.TraceConfig](../opencensus.proto.sk/#traceconfig) | Configuration of when to submit traces to the collector. See https://github.com/census-instrumentation/opencensus-proto/blob/3619b5dda8bff26ff1974714c24de8f6d4953811/src/opencensus/proto/trace/v1/trace_config.proto#L29 for full documentation. | -| `ocagentExporterEnabled` | `bool` | Enables the OpenCensus agent if set to true. | -| `httpAddress` | `string` | Send to upstream over http. Only one of `httpAddress` or `grpcAddress` can be set. | -| `grpcAddress` | [.solo.io.envoy.config.trace.v3.OpenCensusConfig.OcagentGrpcAddress](../opencensus.proto.sk/#ocagentgrpcaddress) | Send to upstream over GRPC. Only one of `grpcAddress` or `httpAddress` can be set. | -| `incomingTraceContext` | [[]solo.io.envoy.config.trace.v3.OpenCensusConfig.TraceContext](../opencensus.proto.sk/#tracecontext) | List of incoming trace context headers to accept. First one found wins. | -| `outgoingTraceContext` | [[]solo.io.envoy.config.trace.v3.OpenCensusConfig.TraceContext](../opencensus.proto.sk/#tracecontext) | List of outgoing trace context headers we will produce. | - - - - ---- -### OcagentGrpcAddress - - - -```yaml -"targetUri": string -"statPrefix": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `targetUri` | `string` | URI of the target address. | -| `statPrefix` | `string` | Prefix for statistical measurements. | - - - - ---- -### TraceContext - - - -| Name | Description | -| ----- | ----------- | -| `NONE` | No-op default, no trace context is utilized. | -| `TRACE_CONTEXT` | W3C Trace-Context format "traceparent:" header. | -| `GRPC_TRACE_BIN` | Binary "grpc-trace-bin:" header. | -| `CLOUD_TRACE_CONTEXT` | "X-Cloud-Trace-Context:" header. | -| `B3` | X-B3-* headers. | - - - - ---- -### TraceConfig - - - -```yaml -"probabilitySampler": .solo.io.envoy.config.trace.v3.ProbabilitySampler -"constantSampler": .solo.io.envoy.config.trace.v3.ConstantSampler -"rateLimitingSampler": .solo.io.envoy.config.trace.v3.RateLimitingSampler -"maxNumberOfAttributes": int -"maxNumberOfAnnotations": int -"maxNumberOfMessageEvents": int -"maxNumberOfLinks": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `probabilitySampler` | [.solo.io.envoy.config.trace.v3.ProbabilitySampler](../opencensus.proto.sk/#probabilitysampler) | Only one of `probabilitySampler`, `constantSampler`, or `rateLimitingSampler` can be set. | -| `constantSampler` | [.solo.io.envoy.config.trace.v3.ConstantSampler](../opencensus.proto.sk/#constantsampler) | Only one of `constantSampler`, `probabilitySampler`, or `rateLimitingSampler` can be set. | -| `rateLimitingSampler` | [.solo.io.envoy.config.trace.v3.RateLimitingSampler](../opencensus.proto.sk/#ratelimitingsampler) | Only one of `rateLimitingSampler`, `probabilitySampler`, or `constantSampler` can be set. | -| `maxNumberOfAttributes` | `int` | The global default max number of attributes per span. | -| `maxNumberOfAnnotations` | `int` | The global default max number of annotation events per span. | -| `maxNumberOfMessageEvents` | `int` | The global default max number of message events per span. | -| `maxNumberOfLinks` | `int` | The global default max number of link entries per span. | - - - - ---- -### ProbabilitySampler - - -Sampler that tries to uniformly sample traces with a given probability. -The probability of sampling a trace is equal to that of the specified probability. - -```yaml -"samplingProbability": float - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `samplingProbability` | `float` | The desired probability of sampling. Must be within [0.0, 1.0]. | - - - - ---- -### ConstantSampler - - -Sampler that always makes a constant decision on span sampling. - -```yaml -"decision": .solo.io.envoy.config.trace.v3.ConstantSampler.ConstantDecision - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `decision` | [.solo.io.envoy.config.trace.v3.ConstantSampler.ConstantDecision](../opencensus.proto.sk/#constantdecision) | | - - - - ---- -### ConstantDecision - - -How spans should be sampled: -- Always off -- Always on -- Always follow the parent Span's decision (off if no parent). - -| Name | Description | -| ----- | ----------- | -| `ALWAYS_OFF` | | -| `ALWAYS_ON` | | -| `ALWAYS_PARENT` | | - - - - ---- -### RateLimitingSampler - - -Sampler that tries to sample with a rate per time window. - -```yaml -"qps": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `qps` | `int` | Rate per second. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/opentelemetry.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/opentelemetry.proto.sk.md deleted file mode 100644 index c854ace4d37..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/opentelemetry.proto.sk.md +++ /dev/null @@ -1,49 +0,0 @@ - ---- -title: "opentelemetry.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.trace.v3` -#### Types: - - -- [OpenTelemetryConfig](#opentelemetryconfig) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/opentelemetry.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/trace/v3/opentelemetry.proto) - - - - - ---- -### OpenTelemetryConfig - - -Configuration for the OpenTelemetry tracer. -[#extension: envoy.tracers.opentelemetry] - -```yaml -"collectorUpstreamRef": .core.solo.io.ResourceRef -"clusterName": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `collectorUpstreamRef` | [.core.solo.io.ResourceRef](../../../../../../../../../../solo-kit/api/v1/ref.proto.sk/#resourceref) | The upstream to use for submitting traces to the OpenTelemetry agent. Only one of `collectorUpstreamRef` or `clusterName` can be set. | -| `clusterName` | `string` | The name of the Envoy cluster to use for submitting traces to the OpenTelemetry agent. Only one of `clusterName` or `collectorUpstreamRef` can be set. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/zipkin.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/zipkin.proto.sk.md deleted file mode 100644 index 8a330e6e487..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/zipkin.proto.sk.md +++ /dev/null @@ -1,74 +0,0 @@ - ---- -title: "zipkin.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.config.trace.v3` -#### Types: - - -- [ZipkinConfig](#zipkinconfig) -- [CollectorEndpointVersion](#collectorendpointversion) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/trace/v3/zipkin.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/config/trace/v3/zipkin.proto) - - - - - ---- -### ZipkinConfig - - -Configuration for the Zipkin tracer. -[#extension: envoy.tracers.zipkin] -[#next-free-field: 6] - -```yaml -"collectorUpstreamRef": .core.solo.io.ResourceRef -"clusterName": string -"collectorEndpoint": string -"traceId128Bit": .google.protobuf.BoolValue -"sharedSpanContext": .google.protobuf.BoolValue -"collectorEndpointVersion": .solo.io.envoy.config.trace.v3.ZipkinConfig.CollectorEndpointVersion - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `collectorUpstreamRef` | [.core.solo.io.ResourceRef](../../../../../../../../../../solo-kit/api/v1/ref.proto.sk/#resourceref) | The upstream that hosts the Zipkin collectors. Only one of `collectorUpstreamRef` or `clusterName` can be set. | -| `clusterName` | `string` | The name of the cluster that hosts the Zipkin collectors. Note that the Zipkin cluster must be defined in the :ref:`Bootstrap static cluster resources `. Only one of `clusterName` or `collectorUpstreamRef` can be set. | -| `collectorEndpoint` | `string` | The API endpoint of the Zipkin service where the spans will be sent. When using a standard Zipkin installation, the API endpoint is typically /api/v1/spans, which is the default value. | -| `traceId128Bit` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Determines whether a 128bit trace id will be used when creating a new trace instance. The default value is false, which will result in a 64 bit trace id being used. | -| `sharedSpanContext` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Determines whether client and server spans will share the same span context. The default value is true. | -| `collectorEndpointVersion` | [.solo.io.envoy.config.trace.v3.ZipkinConfig.CollectorEndpointVersion](../zipkin.proto.sk/#collectorendpointversion) | Determines the selected collector endpoint version. By default, the `HTTP_JSON_V1` will be used. | - - - - ---- -### CollectorEndpointVersion - - -Available Zipkin collector endpoint versions. - -| Name | Description | -| ----- | ----------- | -| `DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE` | Zipkin API v1, JSON over HTTP. [#comment: The default implementation of Zipkin client before this field is added was only v1 and the way user configure this was by not explicitly specifying the version. Consequently, before this is added, the corresponding Zipkin collector expected to receive v1 payload. Hence the motivation of adding HTTP_JSON_V1 as the default is to avoid a breaking change when user upgrading Envoy with this change. Furthermore, we also immediately deprecate this field, since in Zipkin realm this v1 version is considered to be not preferable anymore.] | -| `HTTP_JSON` | Zipkin API v2, JSON over HTTP. | -| `HTTP_PROTO` | Zipkin API v2, protobuf over HTTP. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/advanced_http/advanced_http.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/advanced_http/advanced_http.proto.sk.md deleted file mode 100644 index efc97dd789f..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/advanced_http/advanced_http.proto.sk.md +++ /dev/null @@ -1,178 +0,0 @@ - ---- -title: "advanced_http.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.health_checker.advanced_http.v2` -#### Types: - - -- [AdvancedHttp](#advancedhttp) -- [ResponseAssertions](#responseassertions) -- [ResponseMatcher](#responsematcher) -- [ResponseMatch](#responsematch) -- [JsonKey](#jsonkey) -- [PathSegment](#pathsegment) - - - - -##### Enums: - - - - [HealthCheckResult](#healthcheckresult) - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/advanced_http/advanced_http.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/advanced_http/advanced_http.proto) - - - - - ---- -### AdvancedHttp - - -Same as envoy's default HTTP health checker, but with some additions: -- allows a custom path and method on the health check request per endpoint. - The http path to use can be overridden using endpoint metadata. The endpoint-specific - path should be in the "io.solo.health_checkers.advanced_http" namespace, under a string - value named "path". The same can be done for the method by setting a string value - named "method". -- allows for health check responses to leverage the response body rather than just - the http status code returned. The response body can be parsed as json and complex - assertions can be made on fields parsed from the json or plaintext response body. - -```yaml -"httpHealthCheck": .solo.io.envoy.config.core.v3.HealthCheck.HttpHealthCheck -"responseAssertions": .envoy.config.health_checker.advanced_http.v2.ResponseAssertions - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `httpHealthCheck` | [.solo.io.envoy.config.core.v3.HealthCheck.HttpHealthCheck](../../../config/core/v3/health_check.proto.sk/#httphealthcheck) | Http health check. | -| `responseAssertions` | [.envoy.config.health_checker.advanced_http.v2.ResponseAssertions](../advanced_http.proto.sk/#responseassertions) | If defined, the response health check rules take precedence over the http status settings defined in `http_health_check`. | - - - - ---- -### ResponseAssertions - - - -```yaml -"responseMatchers": []envoy.config.health_checker.advanced_http.v2.ResponseMatcher -"noMatchHealth": .envoy.config.health_checker.advanced_http.v2.HealthCheckResult - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `responseMatchers` | [[]envoy.config.health_checker.advanced_http.v2.ResponseMatcher](../advanced_http.proto.sk/#responsematcher) | A bunch of match rules, the first match wins out and short-circuits. | -| `noMatchHealth` | [.envoy.config.health_checker.advanced_http.v2.HealthCheckResult](../advanced_http.proto.sk/#healthcheckresult) | The default health response if none of the response health checks were matches. If omitted, defaults to healthy. Note for devs: we'd probably prefer this default to unhealthy, but since the version of protoc we're on doesn't support optional scalars without an experimental flag, we cannot have the `no_match_health` field default to unhealthy while the `match_health` field defaults to healthy. As such, we offload this defaulting behavior to the control plane. For more reading, see https://github.com/protocolbuffers/protobuf/issues/1606#issuecomment-618687169. | - - - - ---- -### ResponseMatcher - - -Defines a transformation template. - -```yaml -"responseMatch": .envoy.config.health_checker.advanced_http.v2.ResponseMatch -"matchHealth": .envoy.config.health_checker.advanced_http.v2.HealthCheckResult - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `responseMatch` | [.envoy.config.health_checker.advanced_http.v2.ResponseMatch](../advanced_http.proto.sk/#responsematch) | Defines the parameters to determine a single match. | -| `matchHealth` | [.envoy.config.health_checker.advanced_http.v2.HealthCheckResult](../advanced_http.proto.sk/#healthcheckresult) | The health response if this response_match is a match. If omitted, defaults to healthy. | - - - - ---- -### ResponseMatch - - -ResponseMatches can be used to extract information from the request/response. - -```yaml -"jsonKey": .envoy.config.health_checker.advanced_http.v2.JsonKey -"ignoreErrorOnParse": bool -"header": string -"body": .google.protobuf.Empty -"regex": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `jsonKey` | [.envoy.config.health_checker.advanced_http.v2.JsonKey](../advanced_http.proto.sk/#jsonkey) | Configuration to get the json key. Treats the body as raw text if omitted. | -| `ignoreErrorOnParse` | `bool` | If set to true, Envoy will not throw an exception in case the json body parsing fails. | -| `header` | `string` | Extract information from headers. Only one of `header` or `body` can be set. | -| `body` | [.google.protobuf.Empty](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/empty) | Extract information from the request/response body. Only one of `body` or `header` can be set. | -| `regex` | `string` | Only strings matching this regular expression will be considered a match. The most simple value for this field is '.*', which matches the whole source. The field is required. | - - - - ---- -### JsonKey - - - -```yaml -"path": []envoy.config.health_checker.advanced_http.v2.JsonKey.PathSegment - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `path` | [[]envoy.config.health_checker.advanced_http.v2.JsonKey.PathSegment](../advanced_http.proto.sk/#pathsegment) | The path to retrieve the Value. | - - - - ---- -### PathSegment - - -Specifies the segment in a path to retrieve value. - -```yaml -"key": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `key` | `string` | If specified, use the key to retrieve the value. If the key is not found, the value defaults to empty string. | - - - - -### HealthCheckResult - -Description: - -| Name | Description | -| ----- | ----------- | -| healthy | | -| degraded | | -| unhealthy | | - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/aws/filter.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/aws/filter.proto.sk.md deleted file mode 100644 index c00d3e51b2b..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/aws/filter.proto.sk.md +++ /dev/null @@ -1,156 +0,0 @@ - ---- -title: "filter.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.filter.http.aws_lambda.v2` -#### Types: - - -- [AWSLambdaPerRoute](#awslambdaperroute) -- [AWSLambdaProtocolExtension](#awslambdaprotocolextension) -- [AWSLambdaConfig](#awslambdaconfig) -- [ServiceAccountCredentials](#serviceaccountcredentials) -- [ApiGatewayTransformation](#apigatewaytransformation) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/aws/filter.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/aws/filter.proto) - - - - - ---- -### AWSLambdaPerRoute - - -AWS Lambda contains the configuration necessary to perform transform regular -http calls to AWS Lambda invocations. - -```yaml -"name": string -"qualifier": string -"async": bool -"emptyBodyOverride": .google.protobuf.StringValue -"unwrapAsAlb": bool -"transformerConfig": .solo.io.envoy.config.core.v3.TypedExtensionConfig -"requestTransformerConfig": .solo.io.envoy.config.core.v3.TypedExtensionConfig - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | The name of the function. | -| `qualifier` | `string` | The qualifier of the function (defaults to $LATEST if not specified). | -| `async` | `bool` | Invocation type - async or regular. | -| `emptyBodyOverride` | [.google.protobuf.StringValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/string-value) | Optional default body if the body is empty. By default on default body is used if the body empty, and an empty body will be sent upstream. | -| `unwrapAsAlb` | `bool` | Deprecated. Use transformer_config to specify an AWS Lambda response transformer instead. Unwrap responses as AWS ALB does. Expects json lambda responses to construct response. Intended to ease migration when previously using alb to invoke Lambdas. When set on a route the filter will not stream data on the encoding step. For further information see below link for the expected format when true. https://docs.aws.amazon.com/elasticloadbalancing/latest/application/lambda-functions.html Defaults to false. | -| `transformerConfig` | [.solo.io.envoy.config.core.v3.TypedExtensionConfig](../../../config/core/v3/extension.proto.sk/#typedextensionconfig) | transformer configuration used to process response data cannot be configured simultaneously with unwrap_as_alb. | -| `requestTransformerConfig` | [.solo.io.envoy.config.core.v3.TypedExtensionConfig](../../../config/core/v3/extension.proto.sk/#typedextensionconfig) | This is a transformer config, as defined in api.envoy.config.filter.http.transformation.v2 used to process request data. | - - - - ---- -### AWSLambdaProtocolExtension - - - -```yaml -"host": string -"region": string -"accessKey": string -"secretKey": string -"sessionToken": string -"roleArn": string -"disableRoleChaining": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `host` | `string` | The host header for AWS this cluster. | -| `region` | `string` | The region for this cluster. | -| `accessKey` | `string` | The access_key for AWS this cluster. | -| `secretKey` | `string` | The secret_key for AWS this cluster. | -| `sessionToken` | `string` | The session_token for AWS this cluster. | -| `roleArn` | `string` | The role_arn to use when generating credentials for the mounted projected SA token. | -| `disableRoleChaining` | `bool` | Optional override to disable role chaining;. | - - - - ---- -### AWSLambdaConfig - - - -```yaml -"useDefaultCredentials": .google.protobuf.BoolValue -"serviceAccountCredentials": .envoy.config.filter.http.aws_lambda.v2.AWSLambdaConfig.ServiceAccountCredentials -"propagateOriginalRouting": bool -"credentialRefreshDelay": .google.protobuf.Duration - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `useDefaultCredentials` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Use AWS default credentials chain to get credentials. This will search environment variables, ECS metadata and instance metadata to get the credentials. credentials will be rotated automatically. If credentials are provided on the cluster (using the AWSLambdaProtocolExtension), it will override these credentials. This defaults to false, but may change in the future to true. Only one of `useDefaultCredentials` or `serviceAccountCredentials` can be set. | -| `serviceAccountCredentials` | [.envoy.config.filter.http.aws_lambda.v2.AWSLambdaConfig.ServiceAccountCredentials](../filter.proto.sk/#serviceaccountcredentials) | Use projected service account token, and role arn to create temporary credentials with which to authenticate lambda requests. This functionality is meant to work along side EKS service account to IAM binding functionality as outlined here: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html If the following environment values are not present, this option cannot be used. 1. AWS_WEB_IDENTITY_TOKEN_FILE 2. AWS_ROLE_ARN If they are not specified envoy will NACK the config update, which will show up in the logs when running OS Gloo. When running Gloo enterprise it will be reflected in the prometheus stat: "glooe.solo.io/xds/nack" The role arn may also be specified in the `AWSLambdaProtocolExtension` on the cluster level, to override the environment variable. Only one of `serviceAccountCredentials` or `useDefaultCredentials` can be set. | -| `propagateOriginalRouting` | `bool` | Send downstream path and method as `x-envoy-original-path` and `x-envoy-original-method` headers on the request to AWS lambda. Defaults to false. | -| `credentialRefreshDelay` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Sets cadence for refreshing credentials for Service Account. Does nothing if Service account is not set. Does not affect the default filewatch for service account only augments it. Defaults to not refreshing on time period. Suggested is 15 minutes. | - - - - ---- -### ServiceAccountCredentials - - -In order to specify the aws sts endpoint, both the cluster and uri must be set. -This is due to an envoy limitation which cannot infer the host or path from the cluster, -and therefore must be explicitly specified via the uri - -```yaml -"cluster": string -"uri": string -"timeout": .google.protobuf.Duration -"region": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cluster` | `string` | The name of the envoy cluster which represents the desired aws sts endpoint. | -| `uri` | `string` | The full uri of the aws sts endpoint. | -| `timeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | timeout for the request. | -| `region` | `string` | Region for the sts endpoint. Defaults to us-east-1. | - - - - ---- -### ApiGatewayTransformation - - - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/cache/grpc/config.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/cache/grpc/config.proto.sk.md deleted file mode 100644 index e23200f190e..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/cache/grpc/config.proto.sk.md +++ /dev/null @@ -1,50 +0,0 @@ - ---- -title: "config.proto" -weight: 5 ---- - - - - -### Package: `envoy.extensions.cache.grpc.v2` -#### Types: - - -- [GrpcCacheConfig](#grpccacheconfig) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/cache/grpc/config.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/cache/grpc/config.proto) - - - - - ---- -### GrpcCacheConfig - - -[#proto-status: experimental] - -```yaml -"service": .solo.io.envoy.config.core.v3.GrpcService -"timeout": .google.protobuf.Duration -"maxPayloadSize": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `service` | [.solo.io.envoy.config.core.v3.GrpcService](../../../../config/core/v3/grpc_service.proto.sk/#grpcservice) | A GRPC service: this maps exactly to envoy GRPC service defintions. | -| `timeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Connection timeout for retrieval from cache. | -| `maxPayloadSize` | `int` | Max payload size to cache. This may be set to protect against large requests or responses by not caching them. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/extauth/sanitize.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/extauth/sanitize.proto.sk.md deleted file mode 100644 index e49331d5848..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/extauth/sanitize.proto.sk.md +++ /dev/null @@ -1,65 +0,0 @@ - ---- -title: "sanitize.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.filter.http.sanitize.v2` -#### Types: - - -- [Sanitize](#sanitize) -- [SanitizePerRoute](#sanitizeperroute) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/extauth/sanitize.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/extauth/sanitize.proto) - - - - - ---- -### Sanitize - - - -```yaml -"headersToRemove": []string -"customAuthServerName": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `headersToRemove` | `[]string` | | -| `customAuthServerName` | `string` | The name of the custom ext auth server This is only set in the case where multiple auth servers exist. | - - - - ---- -### SanitizePerRoute - - - -```yaml -"customAuthServerName": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `customAuthServerName` | `string` | The name of the custom ext auth server This is only set in the case where multiple auth servers exist. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/buffer/v3/buffer.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/buffer/v3/buffer.proto.sk.md deleted file mode 100644 index dabaad457f3..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/buffer/v3/buffer.proto.sk.md +++ /dev/null @@ -1,69 +0,0 @@ - ---- -title: "buffer.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.extensions.filters.http.buffer.v3` -copied from https://github.com/envoyproxy/envoy/blob/3b52fc36373272902d9817f0db97dd2fccc40784/api/envoy/extensions/filters/http/buffer/v3/buffer.proto - - - -#### Types: - - -- [Buffer](#buffer) -- [BufferPerRoute](#bufferperroute) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/buffer/v3/buffer.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/filters/http/buffer/v3/buffer.proto) - - - - - ---- -### Buffer - - - -```yaml -"maxRequestBytes": .google.protobuf.UInt32Value - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `maxRequestBytes` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | The maximum request size that the filter will buffer before the connection manager will stop buffering and return a 413 response. | - - - - ---- -### BufferPerRoute - - - -```yaml -"disabled": bool -"buffer": .solo.io.envoy.extensions.filters.http.buffer.v3.Buffer - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `disabled` | `bool` | Disable the buffer filter for this particular vhost or route. Only one of `disabled` or `buffer` can be set. | -| `buffer` | [.solo.io.envoy.extensions.filters.http.buffer.v3.Buffer](../buffer.proto.sk/#buffer) | Override the global configuration of the buffer filter with this new config. Note: If you have not set a global config (at the gateway level), this override will not do anything by itself. Only one of `buffer` or `disabled` can be set. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/csrf/v3/csrf.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/csrf/v3/csrf.proto.sk.md deleted file mode 100644 index 529b0c37825..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/csrf/v3/csrf.proto.sk.md +++ /dev/null @@ -1,54 +0,0 @@ - ---- -title: "csrf.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.extensions.filters.http.csrf.v3` -copied from https://github.com/envoyproxy/envoy/blob/main/api/envoy/extensions/filters/http/csrf/v3/csrf.proto - - - -#### Types: - - -- [CsrfPolicy](#csrfpolicy) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/csrf/v3/csrf.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/filters/http/csrf/v3/csrf.proto) - - - - - ---- -### CsrfPolicy - - -CSRF filter config. - -```yaml -"filterEnabled": .solo.io.envoy.config.core.v3.RuntimeFractionalPercent -"shadowEnabled": .solo.io.envoy.config.core.v3.RuntimeFractionalPercent -"additionalOrigins": []solo.io.envoy.type.matcher.v3.StringMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `filterEnabled` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../../../../config/core/v3/base.proto.sk/#runtimefractionalpercent) | Specifies the % of requests for which the CSRF filter is enabled. If runtime_key is specified, Envoy will lookup the runtime key to get the percentage of requests to filter. **Note**: This field defaults to 100/:ref:`HUNDRED `. | -| `shadowEnabled` | [.solo.io.envoy.config.core.v3.RuntimeFractionalPercent](../../../../../../config/core/v3/base.proto.sk/#runtimefractionalpercent) | Specifies that CSRF policies will be evaluated and tracked, but not enforced. This is intended to be used when `filter_enabled` is off and will be ignored otherwise. If runtime_key is specified, Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate and track the request's *Origin* and *Destination* to determine if it's valid, but will not enforce any policies. | -| `additionalOrigins` | [[]solo.io.envoy.type.matcher.v3.StringMatcher](../../../../../../type/matcher/v3/string.proto.sk/#stringmatcher) | Specifies additional source origins that will be allowed in addition to the destination origin. More information on how this can be configured via runtime can be found here. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/ext_proc/v3/processing_mode.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/ext_proc/v3/processing_mode.proto.sk.md deleted file mode 100644 index 111cd67c021..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/ext_proc/v3/processing_mode.proto.sk.md +++ /dev/null @@ -1,93 +0,0 @@ - ---- -title: "processing_mode.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.extensions.filters.http.ext_proc.v3` -copied from https://github.com/envoyproxy/envoy/blob/ad89a587aa0177bfdad6b5c968a6aead5d9be7a4/api/envoy/extensions/filters/http/ext_proc/v3/processing_mode.proto - - - -#### Types: - - -- [ProcessingMode](#processingmode) -- [HeaderSendMode](#headersendmode) -- [BodySendMode](#bodysendmode) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/ext_proc/v3/processing_mode.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/filters/http/ext_proc/v3/processing_mode.proto) - - - - - ---- -### ProcessingMode - - -[#next-free-field: 7] - -```yaml -"requestHeaderMode": .solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode.HeaderSendMode -"responseHeaderMode": .solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode.HeaderSendMode -"requestBodyMode": .solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode.BodySendMode -"responseBodyMode": .solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode.BodySendMode -"requestTrailerMode": .solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode.HeaderSendMode -"responseTrailerMode": .solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode.HeaderSendMode - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `requestHeaderMode` | [.solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode.HeaderSendMode](../processing_mode.proto.sk/#headersendmode) | How to handle the request header. Default is "SEND". | -| `responseHeaderMode` | [.solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode.HeaderSendMode](../processing_mode.proto.sk/#headersendmode) | How to handle the response header. Default is "SEND". | -| `requestBodyMode` | [.solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode.BodySendMode](../processing_mode.proto.sk/#bodysendmode) | How to handle the request body. Default is "NONE". | -| `responseBodyMode` | [.solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode.BodySendMode](../processing_mode.proto.sk/#bodysendmode) | How do handle the response body. Default is "NONE". | -| `requestTrailerMode` | [.solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode.HeaderSendMode](../processing_mode.proto.sk/#headersendmode) | How to handle the request trailers. Default is "SKIP". | -| `responseTrailerMode` | [.solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode.HeaderSendMode](../processing_mode.proto.sk/#headersendmode) | How to handle the response trailers. Default is "SKIP". | - - - - ---- -### HeaderSendMode - - -Control how headers and trailers are handled - -| Name | Description | -| ----- | ----------- | -| `DEFAULT` | The default HeaderSendMode depends on which part of the message is being processed. By default, request and response headers are sent, while trailers are skipped. | -| `SEND` | Send the header or trailer. | -| `SKIP` | Do not send the header or trailer. | - - - - ---- -### BodySendMode - - -Control how the request and response bodies are handled - -| Name | Description | -| ----- | ----------- | -| `NONE` | Do not send the body at all. This is the default. | -| `STREAMED` | Stream the body to the server in pieces as they arrive at the proxy. | -| `BUFFERED` | Buffer the message body in memory and send the entire body at once. If the body exceeds the configured buffer limit, then the downstream system will receive an error. | -| `BUFFERED_PARTIAL` | Buffer the message body in memory and send the entire body in one chunk. If the body exceeds the configured buffer limit, then the body contents up to the buffer limit will be sent. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.proto.sk.md deleted file mode 100644 index 96dea070dee..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.proto.sk.md +++ /dev/null @@ -1,476 +0,0 @@ - ---- -title: "config.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.extensions.filters.http.jwt_authn.v3` -#### Types: - - -- [JwtProvider](#jwtprovider) -- [RemoteJwks](#remotejwks) -- [JwksAsyncFetch](#jwksasyncfetch) -- [JwtHeader](#jwtheader) -- [ProviderWithAudiences](#providerwithaudiences) -- [JwtRequirement](#jwtrequirement) -- [JwtRequirementOrList](#jwtrequirementorlist) -- [JwtRequirementAndList](#jwtrequirementandlist) -- [RequirementRule](#requirementrule) -- [FilterStateRule](#filterstaterule) -- [JwtAuthentication](#jwtauthentication) -- [PerRouteConfig](#perrouteconfig) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/filters/http/jwt_authn/v3/config.proto) - - - - - ---- -### JwtProvider - - -Please see following for JWT authentication flow: - -* [JSON Web Token (JWT)](https://datatracker.ietf.org/doc/html/rfc7519) -* [The OAuth 2.0 Authorization Framework](https://datatracker.ietf.org/doc/html/rfc6749) -* [OpenID Connect](http://openid.net/connect) - -A JwtProvider message specifies how a JSON Web Token (JWT) can be verified. It specifies: - -* issuer: the principal that issues the JWT. If specified, it has to match the *iss* field in JWT. -* allowed audiences: the ones in the token have to be listed here. -* how to fetch public key JWKS to verify the token signature. -* how to extract JWT token in the request. -* how to pass successfully verified token payload. - -Example: - -.. code-block:: yaml - - issuer: https://example.com - audiences: - - bookstore_android.apps.googleusercontent.com - - bookstore_web.apps.googleusercontent.com - remote_jwks: - http_uri: - uri: https://example.com/.well-known/jwks.json - cluster: example_jwks_cluster - timeout: 1s - cache_duration: - seconds: 300 - -[#next-free-field: 11] - -```yaml -"issuer": string -"audiences": []string -"remoteJwks": .solo.io.envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks -"localJwks": .solo.io.envoy.config.core.v3.DataSource -"forward": bool -"fromHeaders": []solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtHeader -"fromParams": []string -"forwardPayloadHeader": string -"payloadInMetadata": string -"clockSkewSeconds": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `issuer` | `string` | Specify the [principal](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.1) that issued the JWT, usually a URL or an email address. It is optional. If specified, it has to match the *iss* field in JWT. If a JWT has *iss* field and this field is specified, they have to match, otherwise the JWT *iss* field is not checked. Note: *JwtRequirement* :ref:`allow_missing ` and :ref:`allow_missing_or_failed ` are implemented differently than other *JwtRequirements*. Hence the usage of this field is different as follows if *allow_missing* or *allow_missing_or_failed* is used: * If a JWT has *iss* field, it needs to be specified by this field in one of *JwtProviders*. * If a JWT doesn't have *iss* field, one of *JwtProviders* should fill this field empty. * Multiple *JwtProviders* should not have same value in this field. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com. | -| `audiences` | `[]string` | The list of JWT [audiences](https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3) are allowed to access. A JWT containing any of these audiences will be accepted. If not specified, will not check audiences in the token. Example: .. code-block:: yaml audiences: - bookstore_android.apps.googleusercontent.com - bookstore_web.apps.googleusercontent.com. | -| `remoteJwks` | [.solo.io.envoy.extensions.filters.http.jwt_authn.v3.RemoteJwks](../config.proto.sk/#remotejwks) | JWKS can be fetched from remote server via HTTP/HTTPS. This field specifies the remote HTTP URI and how the fetched JWKS should be cached. Example: .. code-block:: yaml remote_jwks: http_uri: uri: https://www.googleapis.com/oauth2/v1/certs cluster: jwt.www.googleapis.com|443 timeout: 1s cache_duration: seconds: 300. Only one of `remoteJwks` or `localJwks` can be set. | -| `localJwks` | [.solo.io.envoy.config.core.v3.DataSource](../../../../../../config/core/v3/base.proto.sk/#datasource) | JWKS is in local data source. It could be either in a local file or embedded in the inline_string. Example: local file .. code-block:: yaml local_jwks: filename: /etc/envoy/jwks/jwks1.txt Example: inline_string .. code-block:: yaml local_jwks: inline_string: ACADADADADA. Only one of `localJwks` or `remoteJwks` can be set. | -| `forward` | `bool` | If false, the JWT is removed in the request after a success verification. If true, the JWT is not removed in the request. Default value is false. | -| `fromHeaders` | [[]solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtHeader](../config.proto.sk/#jwtheader) | Two fields below define where to extract the JWT from an HTTP request. If no explicit location is specified, the following default locations are tried in order: 1. The Authorization header using the [Bearer schema](https://datatracker.ietf.org/doc/html/rfc6750#section-2.1). Example:: Authorization: Bearer . 2. [access_token](https://datatracker.ietf.org/doc/html/rfc6750#section-2.3) query parameter. Multiple JWTs can be verified for a request. Each JWT has to be extracted from the locations its provider specified or from the default locations. Specify the HTTP headers to extract JWT token. For examples, following config: .. code-block:: yaml from_headers: - name: x-goog-iap-jwt-assertion can be used to extract token from header:: `x-goog-iap-jwt-assertion: `. | -| `fromParams` | `[]string` | JWT is sent in a query parameter. `jwt_params` represents the query parameter names. For example, if config is: .. code-block:: yaml from_params: - jwt_token The JWT format in query parameter is:: /path?jwt_token=. | -| `forwardPayloadHeader` | `string` | This field specifies the header name to forward a successfully verified JWT payload to the backend. The forwarded data is:: base64url_encoded(jwt_payload_in_JSON) If it is not specified, the payload will not be forwarded. | -| `payloadInMetadata` | `string` | If non empty, successfully verified JWT payloads will be written to StreamInfo DynamicMetadata in the format as: *namespace* is the jwt_authn filter name as **envoy.filters.http.jwt_authn** The value is the *protobuf::Struct*. The value of this field will be the key for its *fields* and the value is the *protobuf::Struct* converted from JWT JSON payload. For example, if payload_in_metadata is *my_payload*: .. code-block:: yaml envoy.filters.http.jwt_authn: my_payload: iss: https://example.com sub: test@example.com aud: https://example.com exp: 1501281058. | -| `clockSkewSeconds` | `int` | Specify the clock skew in seconds when verifying JWT time constraint, such as `exp`, and `nbf`. If not specified, default is 60 seconds. | - - - - ---- -### RemoteJwks - - -This message specifies how to fetch JWKS from remote and how to cache it. - -```yaml -"httpUri": .solo.io.envoy.config.core.v3.HttpUri -"cacheDuration": .google.protobuf.Duration -"asyncFetch": .solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwksAsyncFetch - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `httpUri` | [.solo.io.envoy.config.core.v3.HttpUri](../../../../../../config/core/v3/http_uri.proto.sk/#httpuri) | The HTTP URI to fetch the JWKS. For example: .. code-block:: yaml http_uri: uri: https://www.googleapis.com/oauth2/v1/certs cluster: jwt.www.googleapis.com|443 timeout: 1s. | -| `cacheDuration` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Duration after which the cached JWKS should be expired. If not specified, default cache duration is 5 minutes. | -| `asyncFetch` | [.solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwksAsyncFetch](../config.proto.sk/#jwksasyncfetch) | Fetch Jwks asynchronously in the main thread before the listener is activated. Fetched Jwks can be used by all worker threads. If this feature is not enabled: * The Jwks is fetched on-demand when the requests come. During the fetching, first few requests are paused until the Jwks is fetched. * Each worker thread fetches its own Jwks since Jwks cache is per worker thread. If this feature is enabled: * Fetched Jwks is done in the main thread before the listener is activated. Its fetched Jwks can be used by all worker threads. Each worker thread doesn't need to fetch its own. * Jwks is ready when the requests come, not need to wait for the Jwks fetching. | - - - - ---- -### JwksAsyncFetch - - -Fetch Jwks asynchronously in the main thread when the filter config is parsed. -The listener is activated only after the Jwks is fetched. -When the Jwks is expired in the cache, it is fetched again in the main thread. -The fetched Jwks from the main thread can be used by all worker threads. - -```yaml -"fastListener": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `fastListener` | `bool` | If false, the listener is activated after the initial fetch is completed. The initial fetch result can be either successful or failed. If true, it is activated without waiting for the initial fetch to complete. Default is false. | - - - - ---- -### JwtHeader - - -This message specifies a header location to extract JWT token. - -```yaml -"name": string -"valuePrefix": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | The HTTP header name. | -| `valuePrefix` | `string` | The value prefix. The value format is "value_prefix" For example, for "Authorization: Bearer ", value_prefix="Bearer " with a space at the end. | - - - - ---- -### ProviderWithAudiences - - -Specify a required provider with audiences. - -```yaml -"providerName": string -"audiences": []string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `providerName` | `string` | Specify a required provider name. | -| `audiences` | `[]string` | This field overrides the one specified in the JwtProvider. | - - - - ---- -### JwtRequirement - - -This message specifies a Jwt requirement. An empty message means JWT verification is not -required. Here are some config examples: - -.. code-block:: yaml - - # Example 1: not required with an empty message - - # Example 2: require A - provider_name: provider-A - - # Example 3: require A or B - requires_any: - requirements: - - provider_name: provider-A - - provider_name: provider-B - - # Example 4: require A and B - requires_all: - requirements: - - provider_name: provider-A - - provider_name: provider-B - - # Example 5: require A and (B or C) - requires_all: - requirements: - - provider_name: provider-A - - requires_any: - requirements: - - provider_name: provider-B - - provider_name: provider-C - - # Example 6: require A or (B and C) - requires_any: - requirements: - - provider_name: provider-A - - requires_all: - requirements: - - provider_name: provider-B - - provider_name: provider-C - - # Example 7: A is optional (if token from A is provided, it must be valid, but also allows - missing token.) - requires_any: - requirements: - - provider_name: provider-A - - allow_missing: {} - - # Example 8: A is optional and B is required. - requires_all: - requirements: - - requires_any: - requirements: - - provider_name: provider-A - - allow_missing: {} - - provider_name: provider-B - -[#next-free-field: 7] - -```yaml -"providerName": string -"providerAndAudiences": .solo.io.envoy.extensions.filters.http.jwt_authn.v3.ProviderWithAudiences -"requiresAny": .solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtRequirementOrList -"requiresAll": .solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtRequirementAndList -"allowMissingOrFailed": .google.protobuf.Empty -"allowMissing": .google.protobuf.Empty - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `providerName` | `string` | Specify a required provider name. Only one of `providerName`, `providerAndAudiences`, `requiresAny`, `requiresAll`, `allowMissingOrFailed`, or `allowMissing` can be set. | -| `providerAndAudiences` | [.solo.io.envoy.extensions.filters.http.jwt_authn.v3.ProviderWithAudiences](../config.proto.sk/#providerwithaudiences) | Specify a required provider with audiences. Only one of `providerAndAudiences`, `providerName`, `requiresAny`, `requiresAll`, `allowMissingOrFailed`, or `allowMissing` can be set. | -| `requiresAny` | [.solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtRequirementOrList](../config.proto.sk/#jwtrequirementorlist) | Specify list of JwtRequirement. Their results are OR-ed. If any one of them passes, the result is passed. Only one of `requiresAny`, `providerName`, `providerAndAudiences`, `requiresAll`, `allowMissingOrFailed`, or `allowMissing` can be set. | -| `requiresAll` | [.solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtRequirementAndList](../config.proto.sk/#jwtrequirementandlist) | Specify list of JwtRequirement. Their results are AND-ed. All of them must pass, if one of them fails or missing, it fails. Only one of `requiresAll`, `providerName`, `providerAndAudiences`, `requiresAny`, `allowMissingOrFailed`, or `allowMissing` can be set. | -| `allowMissingOrFailed` | [.google.protobuf.Empty](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/empty) | The requirement is always satisfied even if JWT is missing or the JWT verification fails. A typical usage is: this filter is used to only verify JWTs and pass the verified JWT payloads to another filter, the other filter will make decision. In this mode, all JWT tokens will be verified. Only one of `allowMissingOrFailed`, `providerName`, `providerAndAudiences`, `requiresAny`, `requiresAll`, or `allowMissing` can be set. | -| `allowMissing` | [.google.protobuf.Empty](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/empty) | The requirement is satisfied if JWT is missing, but failed if JWT is presented but invalid. Similar to allow_missing_or_failed, this is used to only verify JWTs and pass the verified payload to another filter. The different is this mode will reject requests with invalid tokens. Only one of `allowMissing`, `providerName`, `providerAndAudiences`, `requiresAny`, `requiresAll`, or `allowMissingOrFailed` can be set. | - - - - ---- -### JwtRequirementOrList - - -This message specifies a list of RequiredProvider. -Their results are OR-ed; if any one of them passes, the result is passed - -```yaml -"requirements": []solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtRequirement - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `requirements` | [[]solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtRequirement](../config.proto.sk/#jwtrequirement) | Specify a list of JwtRequirement. | - - - - ---- -### JwtRequirementAndList - - -This message specifies a list of RequiredProvider. -Their results are AND-ed; all of them must pass, if one of them fails or missing, it fails. - -```yaml -"requirements": []solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtRequirement - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `requirements` | [[]solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtRequirement](../config.proto.sk/#jwtrequirement) | Specify a list of JwtRequirement. | - - - - ---- -### RequirementRule - - -This message specifies a Jwt requirement for a specific Route condition. -Example 1: - -.. code-block:: yaml - - - match: - prefix: /healthz - -In above example, "requires" field is empty for /healthz prefix match, -it means that requests matching the path prefix don't require JWT authentication. - -Example 2: - -.. code-block:: yaml - - - match: - prefix: / - requires: { provider_name: provider-A } - -In above example, all requests matched the path prefix require jwt authentication -from "provider-A". - -```yaml -"match": .solo.io.envoy.config.route.v3.RouteMatch -"requires": .solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtRequirement -"requirementName": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `match` | [.solo.io.envoy.config.route.v3.RouteMatch](../../../../../../config/route/v3/route_components.proto.sk/#routematch) | The route matching parameter. Only when the match is satisfied, the "requires" field will apply. For example: following match will match all requests. .. code-block:: yaml match: prefix: /. | -| `requires` | [.solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtRequirement](../config.proto.sk/#jwtrequirement) | Specify a Jwt requirement. Please see detail comment in message JwtRequirement. Only one of `requires` or `requirementName` can be set. | -| `requirementName` | `string` | Use requirement_name to specify a Jwt requirement. This requirement_name MUST be specified at the :ref:`requirement_map ` in `JwtAuthentication`. Only one of `requirementName` or `requires` can be set. | - - - - ---- -### FilterStateRule - - -This message specifies Jwt requirements based on stream_info.filterState. -This FilterState should use `Router::StringAccessor` object to set a string value. -Other HTTP filters can use it to specify Jwt requirements dynamically. - -Example: - -.. code-block:: yaml - - name: jwt_selector - requires: - issuer_1: - provider_name: issuer1 - issuer_2: - provider_name: issuer2 - -If a filter set "jwt_selector" with "issuer_1" to FilterState for a request, -jwt_authn filter will use JwtRequirement{"provider_name": "issuer1"} to verify. - -```yaml -"name": string -"requires": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | The filter state name to retrieve the `Router::StringAccessor` object. | -| `requires` | `map` | A map of string keys to requirements. The string key is the string value in the FilterState with the name specified in the *name* field above. | - - - - ---- -### JwtAuthentication - - -This is the Envoy HTTP filter config for JWT authentication. - -For example: - -.. code-block:: yaml - - providers: - provider1: - issuer: issuer1 - audiences: - - audience1 - - audience2 - remote_jwks: - http_uri: - uri: https://example.com/.well-known/jwks.json - cluster: example_jwks_cluster - timeout: 1s - provider2: - issuer: issuer2 - local_jwks: - inline_string: jwks_string - - rules: - # Not jwt verification is required for /health path - - match: - prefix: /health - - # Jwt verification for provider1 is required for path prefixed with "prefix" - - match: - prefix: /prefix - requires: - provider_name: provider1 - - # Jwt verification for either provider1 or provider2 is required for all other requests. - - match: - prefix: / - requires: - requires_any: - requirements: - - provider_name: provider1 - - provider_name: provider2 - -[#next-free-field: 6] - -```yaml -"providers": map -"rules": []solo.io.envoy.extensions.filters.http.jwt_authn.v3.RequirementRule -"filterStateRules": .solo.io.envoy.extensions.filters.http.jwt_authn.v3.FilterStateRule -"bypassCorsPreflight": bool -"requirementMap": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `providers` | `map` | Map of provider names to JwtProviders. .. code-block:: yaml providers: provider1: issuer: issuer1 audiences: - audience1 - audience2 remote_jwks: http_uri: uri: https://example.com/.well-known/jwks.json cluster: example_jwks_cluster timeout: 1s provider2: issuer: provider2 local_jwks: inline_string: jwks_string. | -| `rules` | [[]solo.io.envoy.extensions.filters.http.jwt_authn.v3.RequirementRule](../config.proto.sk/#requirementrule) | Specifies requirements based on the route matches. The first matched requirement will be applied. If there are overlapped match conditions, please put the most specific match first. Examples .. code-block:: yaml rules: - match: prefix: /healthz - match: prefix: /baz requires: provider_name: provider1 - match: prefix: /foo requires: requires_any: requirements: - provider_name: provider1 - provider_name: provider2 - match: prefix: /bar requires: requires_all: requirements: - provider_name: provider1 - provider_name: provider2. | -| `filterStateRules` | [.solo.io.envoy.extensions.filters.http.jwt_authn.v3.FilterStateRule](../config.proto.sk/#filterstaterule) | This message specifies Jwt requirements based on stream_info.filterState. Other HTTP filters can use it to specify Jwt requirements dynamically. The *rules* field above is checked first, if it could not find any matches, check this one. | -| `bypassCorsPreflight` | `bool` | When set to true, bypass the [CORS preflight request](http://www.w3.org/TR/cors/#cross-origin-request-with-preflight) regardless of JWT requirements specified in the rules. | -| `requirementMap` | `map` | A map of unique requirement_names to JwtRequirements. :ref:`requirement_name ` in `PerRouteConfig` uses this map to specify a JwtRequirement. | - - - - ---- -### PerRouteConfig - - -Specify per-route config. - -```yaml -"disabled": bool -"requirementName": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `disabled` | `bool` | Disable Jwt Authentication for this route. Only one of `disabled` or `requirementName` can be set. | -| `requirementName` | `string` | Use requirement_name to specify a JwtRequirement. This requirement_name MUST be specified at the :ref:`requirement_map ` in `JwtAuthentication`. If no, the requests using this route will be rejected with 403. Only one of `requirementName` or `disabled` can be set. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/wasm/v3/wasm.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/wasm/v3/wasm.proto.sk.md deleted file mode 100644 index 003599e2918..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/wasm/v3/wasm.proto.sk.md +++ /dev/null @@ -1,49 +0,0 @@ - ---- -title: "wasm.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.extensions.filters.http.wasm.v3` -copied from https://github.com/envoyproxy/envoy-wasm/blob/2721ee7897207c87c6cd2d26cccda6cc805e826b/api/envoy/extensions/filters/http/wasm/v3/wasm.proto - - - -#### Types: - - -- [Wasm](#wasm) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/filters/http/wasm/v3/wasm.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/filters/http/wasm/v3/wasm.proto) - - - - - ---- -### Wasm - - - -```yaml -"config": .solo.io.envoy.extensions.wasm.v3.PluginConfig - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `config` | [.solo.io.envoy.extensions.wasm.v3.PluginConfig](../../../../../wasm/v3/wasm.proto.sk/#pluginconfig) | General Plugin configuration. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/graphql/graphql.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/graphql/graphql.proto.sk.md deleted file mode 100644 index 042f9d13348..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/graphql/graphql.proto.sk.md +++ /dev/null @@ -1,814 +0,0 @@ - ---- -title: "graphql.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.filter.http.graphql.v2` -#### Types: - - -- [PathSegment](#pathsegment) -- [Path](#path) -- [TemplatedPath](#templatedpath) -- [ValueProvider](#valueprovider) -- [GraphQLArgExtraction](#graphqlargextraction) -- [GraphQLParentExtraction](#graphqlparentextraction) -- [TypedValueProvider](#typedvalueprovider) -- [Type](#type) -- [Provider](#provider) -- [JsonValueList](#jsonvaluelist) -- [JsonValue](#jsonvalue) -- [JsonKeyValue](#jsonkeyvalue) -- [JsonNode](#jsonnode) -- [RequestTemplate](#requesttemplate) -- [ResponseTemplate](#responsetemplate) -- [RESTResolver](#restresolver) -- [GrpcRequestTemplate](#grpcrequesttemplate) -- [GrpcDescriptorRegistry](#grpcdescriptorregistry) -- [GrpcResolver](#grpcresolver) -- [StaticResolver](#staticresolver) -- [AsyncResponse](#asyncresponse) -- [AbstractTypeResolver](#abstracttyperesolver) -- [QueryMatcher](#querymatcher) -- [FieldMatcher](#fieldmatcher) -- [Resolution](#resolution) -- [CacheControl](#cachecontrol) -- [CacheControlScope](#cachecontrolscope) -- [GraphQLConfig](#graphqlconfig) -- [GraphQLRouteConfig](#graphqlrouteconfig) -- [PersistedQueryCacheConfig](#persistedquerycacheconfig) -- [ExecutableSchema](#executableschema) -- [Executor](#executor) -- [Local](#local) -- [Remote](#remote) -- [Extraction](#extraction) -- [DynamicMetadataExtraction](#dynamicmetadataextraction) -- [RemoteSchemaRequest](#remoteschemarequest) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/graphql/graphql.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/graphql/graphql.proto) - - - - - ---- -### PathSegment - - -used to reference into json structures by key(s) - -```yaml -"key": string -"index": int -"all": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `key` | `string` | This will extract a key from a Map value. Only one of `key`, `index`, or `all` can be set. | -| `index` | `int` | Extract element at list. Only one of `index`, `key`, or `all` can be set. | -| `all` | `bool` | Extracts all elements from a map or a list. Only one of `all`, `key`, or `index` can be set. | - - - - ---- -### Path - - - -```yaml -"segments": []envoy.config.filter.http.graphql.v2.PathSegment - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `segments` | [[]envoy.config.filter.http.graphql.v2.PathSegment](../graphql.proto.sk/#pathsegment) | | - - - - ---- -### TemplatedPath - - - -```yaml -"pathTemplate": string -"namedPaths": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `pathTemplate` | `string` | If non-empty, Inserts named paths into a template string. For example, if the template is '/api/{apiVersionPath}/pet/{petIdPath}' and we have two named paths defined in `named_paths`, apiVersionPath and petIdPath, with extracted values 'v2' and '123' respectively, the final resulting value will be '/api/v2/pet/123' Use {PATH_NAME} as the interpolation notation (even repeated) regardless of the type of the provided value. If an undefined PATH_NAME is used in the template, this will nack during configuration. If this is empty, only the value of the first provider will be used as the resulting value. | -| `namedPaths` | `map` | | - - - - ---- -### ValueProvider - - -In the future we may add support for regex and subgroups - -```yaml -"providers": map -"providerTemplate": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `providers` | `map` | Map of provider name to provider definition. The name will be used to insert the provider value in the provider_template. | -| `providerTemplate` | `string` | If non-empty, Inserts named providers into a template string. For example, if the provider_template is '/api/{apiVersionProvider}/pet/{petIdProvider}' and we have two named providers defined in `providers`, apiVersionProvider and petIdProvider, with extracted values 'v2' and '123' respectively, the final resulting value will be '/api/v2/pet/123' Use {PROVIDER_NAME} as the interpolation notation (even repeated) regardless of the type of the provided value. If an undefined PROVIDER_NAME is used in the provider_template, this will nack during configuration. If this is empty, only the value of the first provider will be used as the resulting value. | - - - - ---- -### GraphQLArgExtraction - - - -```yaml -"argName": string -"path": []envoy.config.filter.http.graphql.v2.PathSegment - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `argName` | `string` | The argument name to fetch. The argument value fetched will have a type from the schema that we validate in envoy. If the name is invalid, returns the zero-value primitive or null. | -| `path` | [[]envoy.config.filter.http.graphql.v2.PathSegment](../graphql.proto.sk/#pathsegment) | Optional: fetches the value in the argument selected at this key. If the key is invalid, returns the zero-value primitive or null. | - - - - ---- -### GraphQLParentExtraction - - -Does not do type coercion, but instead if the type does not match the -expected primitive type we throw an error. -In the future we may add support for type coercion. - -```yaml -"path": []envoy.config.filter.http.graphql.v2.PathSegment - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `path` | [[]envoy.config.filter.http.graphql.v2.PathSegment](../graphql.proto.sk/#pathsegment) | Fetches the value in the graphql parent at this key. The value will always be accepted since the parent object is not strongly-typed. If the key is invalid, returns null. | - - - - ---- -### TypedValueProvider - - - -```yaml -"type": .envoy.config.filter.http.graphql.v2.ValueProvider.TypedValueProvider.Type -"header": string -"value": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `type` | [.envoy.config.filter.http.graphql.v2.ValueProvider.TypedValueProvider.Type](../graphql.proto.sk/#type) | Type that the value will be coerced into. For example if the extracted value is "9", and type is INT, this value will be cast to an int type. | -| `header` | `string` | Fetches the request/response header's value. If not found, uses empty string. Only one of `header` or `value` can be set. | -| `value` | `string` | inline value, use as provided rather than extracting from another source. Only one of `value` or `header` can be set. | - - - - ---- -### Type - - -if empty, defaults to string. similar to typeUrl in other envoy config - -| Name | Description | -| ----- | ----------- | -| `STRING` | | -| `INT` | | -| `FLOAT` | | -| `BOOLEAN` | | - - - - ---- -### Provider - - - -```yaml -"graphqlArg": .envoy.config.filter.http.graphql.v2.ValueProvider.GraphQLArgExtraction -"typedProvider": .envoy.config.filter.http.graphql.v2.ValueProvider.TypedValueProvider -"graphqlParent": .envoy.config.filter.http.graphql.v2.ValueProvider.GraphQLParentExtraction - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `graphqlArg` | [.envoy.config.filter.http.graphql.v2.ValueProvider.GraphQLArgExtraction](../graphql.proto.sk/#graphqlargextraction) | type inferred from schema, no need to provide it. Only one of `graphqlArg`, `typedProvider`, or `graphqlParent` can be set. | -| `typedProvider` | [.envoy.config.filter.http.graphql.v2.ValueProvider.TypedValueProvider](../graphql.proto.sk/#typedvalueprovider) | Only one of `typedProvider`, `graphqlArg`, or `graphqlParent` can be set. | -| `graphqlParent` | [.envoy.config.filter.http.graphql.v2.ValueProvider.GraphQLParentExtraction](../graphql.proto.sk/#graphqlparentextraction) | Fetch value from the graphql_parent of the current field. Only one of `graphqlParent`, `graphqlArg`, or `typedProvider` can be set. | - - - - ---- -### JsonValueList - - - -```yaml -"values": []envoy.config.filter.http.graphql.v2.JsonValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `values` | [[]envoy.config.filter.http.graphql.v2.JsonValue](../graphql.proto.sk/#jsonvalue) | | - - - - ---- -### JsonValue - - - -```yaml -"node": .envoy.config.filter.http.graphql.v2.JsonNode -"valueProvider": .envoy.config.filter.http.graphql.v2.ValueProvider -"list": .envoy.config.filter.http.graphql.v2.JsonValueList - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `node` | [.envoy.config.filter.http.graphql.v2.JsonNode](../graphql.proto.sk/#jsonnode) | Only one of `node`, `valueProvider`, or `list` can be set. | -| `valueProvider` | [.envoy.config.filter.http.graphql.v2.ValueProvider](../graphql.proto.sk/#valueprovider) | Only one of `valueProvider`, `node`, or `list` can be set. | -| `list` | [.envoy.config.filter.http.graphql.v2.JsonValueList](../graphql.proto.sk/#jsonvaluelist) | Only one of `list`, `node`, or `valueProvider` can be set. | - - - - ---- -### JsonKeyValue - - - -```yaml -"key": string -"value": .envoy.config.filter.http.graphql.v2.JsonValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `key` | `string` | PARTIALLY IMPLEMENTED if empty, the value will be parsed as json and replace the entire previously-parsed json value --> this part is only needed for gRPC and thus not implemented yet. | -| `value` | [.envoy.config.filter.http.graphql.v2.JsonValue](../graphql.proto.sk/#jsonvalue) | | - - - - ---- -### JsonNode - - -Represents a typed JSON structure - -```yaml -"keyValues": []envoy.config.filter.http.graphql.v2.JsonKeyValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `keyValues` | [[]envoy.config.filter.http.graphql.v2.JsonKeyValue](../graphql.proto.sk/#jsonkeyvalue) | if keys repeat, the latest one replaces any earlier values associated with that key. repeated list, rather than a map, to have ordering to allow for merge semantics within the data plane, for example: - gRPC input uses special empty string for input key to set entire body - gRPC wants to replace a certain field in parsed body from GraphQL arg. | - - - - ---- -### RequestTemplate - - -Defines a configuration for generating outgoing requests for a resolver. - -```yaml -"headers": map -"queryParams": map -"outgoingBody": .envoy.config.filter.http.graphql.v2.JsonValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `headers` | `map` | Use this attribute to set request headers to your REST service. It consists of a map of strings to value providers. The string key determines the name of the resulting header, the value provided will be the value. at least need ":method" and ":path". | -| `queryParams` | `map` | Use this attribute to set query parameters to your REST service. It consists of a map of strings to value providers. The string key determines the name of the query param, the provided value will be the value. This value is appended to any value set to the :path header in `headers`. Interpolation is done in envoy rather than the control plane to prevent escaped character issues. Additionally, we may be providing values not known until the request is being executed (e.g., graphql parent info). | -| `outgoingBody` | [.envoy.config.filter.http.graphql.v2.JsonValue](../graphql.proto.sk/#jsonvalue) | implementation specific, gRPC will want gRPC message and struct to instantiate. | - - - - ---- -### ResponseTemplate - - -Defines a response transformation template. -modify JSON response from upstream before it is processed by execution engine. - -```yaml -"resultRoot": []envoy.config.filter.http.graphql.v2.PathSegment -"setters": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `resultRoot` | [[]envoy.config.filter.http.graphql.v2.PathSegment](../graphql.proto.sk/#pathsegment) | In cases where the data to populate the graphql type is not in the root object of the result, use result root to specify the path of the response we should use as the root. If {"a": {"b": [1,2,3]}} is the response from the api, setting resultroot as `a.b` will pass on [1,2,3] to the execution engine rather than the whole api response. | -| `setters` | `map` | Example: ``` type Query { getSimple: Simple } type Simple { name String address String }``` if we do `getsimple` and the response we get back from the upstream is ``` {"data": { "people": { "name": "John Doe", "details": { "address": "123 Turnip Rd" } } } } ``` the following response transform would let the graphql execution engine correctly marshal the upstream resposne into the expected graphql response: ` responseTransform: result_root: segments: - key: data - key: people setters: address: segments: - key: details - key: address `yaml. | - - - - ---- -### RESTResolver - - - -```yaml -"serverUri": .solo.io.envoy.config.core.v3.HttpUri -"requestTransform": .envoy.config.filter.http.graphql.v2.RequestTemplate -"preExecutionTransform": .envoy.config.filter.http.graphql.v2.ResponseTemplate -"spanName": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `serverUri` | [.solo.io.envoy.config.core.v3.HttpUri](../../../config/core/v3/http_uri.proto.sk/#httpuri) | | -| `requestTransform` | [.envoy.config.filter.http.graphql.v2.RequestTemplate](../graphql.proto.sk/#requesttemplate) | configuration used to compose the outgoing request to a REST API. | -| `preExecutionTransform` | [.envoy.config.filter.http.graphql.v2.ResponseTemplate](../graphql.proto.sk/#responsetemplate) | pre-execution engine transformations Request flow: GraphQL request -> request_transform (instantiate REST request) -> REST API resp -> pre_execution_transform -> execution engine -> complete GraphQL field response. | -| `spanName` | `string` | | - - - - ---- -### GrpcRequestTemplate - - -Defines a configuration for generating outgoing requests for a resolver. - -```yaml -"outgoingMessageJson": .envoy.config.filter.http.graphql.v2.JsonValue -"serviceName": string -"methodName": string -"requestMetadata": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `outgoingMessageJson` | [.envoy.config.filter.http.graphql.v2.JsonValue](../graphql.proto.sk/#jsonvalue) | json representation of outgoing gRPC message to be sent to gRPC service. | -| `serviceName` | `string` | request has shape matching service with name registered in registry is the full_name(), e.g. main.Bookstore. | -| `methodName` | `string` | make request to method with this name on the grpc service defined above is just the name(), e.g. GetBook. | -| `requestMetadata` | `map` | in the future, we may want to make this a map once we know better what the use cases are. | - - - - ---- -### GrpcDescriptorRegistry - - -Defines a configuration for serializing and deserializing requests for a gRPC resolver. -Is a Schema Extension - -```yaml -"protoDescriptors": .solo.io.envoy.config.core.v3.DataSource - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `protoDescriptors` | [.solo.io.envoy.config.core.v3.DataSource](../../../config/core/v3/base.proto.sk/#datasource) | | - - - - ---- -### GrpcResolver - - - -```yaml -"serverUri": .solo.io.envoy.config.core.v3.HttpUri -"requestTransform": .envoy.config.filter.http.graphql.v2.GrpcRequestTemplate -"spanName": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `serverUri` | [.solo.io.envoy.config.core.v3.HttpUri](../../../config/core/v3/http_uri.proto.sk/#httpuri) | | -| `requestTransform` | [.envoy.config.filter.http.graphql.v2.GrpcRequestTemplate](../graphql.proto.sk/#grpcrequesttemplate) | configuration used to compose the outgoing request to a gRPC endpoint. | -| `spanName` | `string` | pre-execution engine transformations Request flow: GraphQL request -> request_transform (instantiate gRPC request) -> gRPC API resp -> pre_execution_transform -> execution engine -> complete GraphQL field response ResponseTemplate pre_execution_transform = 3;. | - - - - ---- -### StaticResolver - - -Only meant for integration testing - -```yaml -"syncResponse": string -"asyncResponse": .envoy.config.filter.http.graphql.v2.StaticResolver.AsyncResponse -"errorResponse": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `syncResponse` | `string` | Responds synchronously (on the same dispatch loop as the resolve call). Only one of `syncResponse`, `asyncResponse`, or `errorResponse` can be set. | -| `asyncResponse` | [.envoy.config.filter.http.graphql.v2.StaticResolver.AsyncResponse](../graphql.proto.sk/#asyncresponse) | Responds asynchronously after delay_ms. Only one of `asyncResponse`, `syncResponse`, or `errorResponse` can be set. | -| `errorResponse` | `string` | Only one of `errorResponse`, `syncResponse`, or `asyncResponse` can be set. | - - - - ---- -### AsyncResponse - - - -```yaml -"response": string -"delayMs": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `response` | `string` | | -| `delayMs` | `int` | | - - - - ---- -### AbstractTypeResolver - - -NOT IMPLEMENTED -Resolve an abstract type (union or interface) to a real type. -When implemented, this message will be a field in the Resolution message. - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### QueryMatcher - - - -```yaml -"fieldMatcher": .envoy.config.filter.http.graphql.v2.QueryMatcher.FieldMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `fieldMatcher` | [.envoy.config.filter.http.graphql.v2.QueryMatcher.FieldMatcher](../graphql.proto.sk/#fieldmatcher) | | - - - - ---- -### FieldMatcher - - - -```yaml -"type": string -"field": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `type` | `string` | Object type. For example, Query. | -| `field` | `string` | Field within the object. | - - - - ---- -### Resolution - - -This is the resolver map for the schema. -For each Type.Field, we can define a resolver. -if a field does not have resolver, the default resolver will be used. -the default resolver takes the field with the same name from the parent, and -uses that value to resolve the field. if a field with the same name does not -exist in the parent, null will be used. - -```yaml -"matcher": .envoy.config.filter.http.graphql.v2.QueryMatcher -"resolver": .solo.io.envoy.config.core.v3.TypedExtensionConfig -"statPrefix": string -"cacheControl": .envoy.config.filter.http.graphql.v2.CacheControl - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `matcher` | [.envoy.config.filter.http.graphql.v2.QueryMatcher](../graphql.proto.sk/#querymatcher) | Match an object type and field. | -| `resolver` | [.solo.io.envoy.config.core.v3.TypedExtensionConfig](../../../config/core/v3/extension.proto.sk/#typedextensionconfig) | The resolver to use. | -| `statPrefix` | `string` | The stats prefix which will be used for this resolver. | -| `cacheControl` | [.envoy.config.filter.http.graphql.v2.CacheControl](../graphql.proto.sk/#cachecontrol) | caching configuration, defaults to no caching. | - - - - ---- -### CacheControl - - -Resolvers for scalar, non-root fields rarely fetch data and instead usually populate data via the parent argument. -Consequently, these fields inherit their default maxAge from their parent to reduce schema clutter. - -TODO: Talk with product -- apollo does not do this, but we could factor in upstream Cache-Control header -response into our inheritance model. - -```yaml -"maxAge": .google.protobuf.UInt32Value -"scope": .envoy.config.filter.http.graphql.v2.CacheControl.CacheControlScope -"inheritMaxAge": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `maxAge` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | number of seconds to cache result for. the max_age used for a single graphql request is the minimum of all fields requested. default max_age rules work as follows: - root fields (i.e. Query, Mutation, Subscription) default to 0s - non-root, non-scalar fields (i.e. object, interface, or union; or a list of those types) default to 0s - all other fields inherit the max_age from their parent. | -| `scope` | [.envoy.config.filter.http.graphql.v2.CacheControl.CacheControlScope](../graphql.proto.sk/#cachecontrolscope) | provide controls to which users can access cached content. | -| `inheritMaxAge` | `bool` | whether or not to inherit the caching configuration of any parent fields. | - - - - ---- -### CacheControlScope - - - -| Name | Description | -| ----- | ----------- | -| `UNSET` | | -| `PUBLIC` | Responses for requests with Authorization header fields must not be stored in a shared cache. But the public directive will cause such responses to be stored in a shared cache. In general, when pages are under Basic Auth or Digest Auth, the browser sends requests with the Authorization header. That means the response is access-controlled for restricted users (who have accounts), and it's fundamentally not shared-cacheable, even if it has max-age. You can use the public directive to unlock that restriction. | -| `PRIVATE` | You should add the private directive for user-personalized content — in particular, responses received after login, and sessions managed via cookies. If you forget to add private to a response with personalized content, then that response can be stored in a shared cache and end up being reused for multiple users, which can cause personal information to leak. | - - - - ---- -### GraphQLConfig - - -Filter Listener config. Empty as the filter must be configured on the route -level. - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### GraphQLRouteConfig - - -Filter Route config. Routes that have this config will execute graphql -queries, and will not make it to the router filter. i.e. this filter will -terminate the request for these routes. - -```yaml -"executableSchema": .envoy.config.filter.http.graphql.v2.ExecutableSchema -"statPrefix": string -"persistedQueryCacheConfig": .envoy.config.filter.http.graphql.v2.PersistedQueryCacheConfig -"allowedQueryHashes": []string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `executableSchema` | [.envoy.config.filter.http.graphql.v2.ExecutableSchema](../graphql.proto.sk/#executableschema) | | -| `statPrefix` | `string` | The stats prefix which will be used for this route config. | -| `persistedQueryCacheConfig` | [.envoy.config.filter.http.graphql.v2.PersistedQueryCacheConfig](../graphql.proto.sk/#persistedquerycacheconfig) | Configuration settings for persisted query cache. | -| `allowedQueryHashes` | `[]string` | Safelist: only allow queries to be executed that match these sha256 hashes. The hash can be computed from the query string or provided (i.e. persisted queries). | - - - - ---- -### PersistedQueryCacheConfig - - -This message specifies Persisted Query Cache configuration. - -```yaml -"cacheSize": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `cacheSize` | `int` | The unit is number of queries to store, default to 1000. | - - - - ---- -### ExecutableSchema - - - -```yaml -"schemaDefinition": .solo.io.envoy.config.core.v3.DataSource -"executor": .envoy.config.filter.http.graphql.v2.Executor -"extensions": map -"logRequestResponseInfo": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `schemaDefinition` | [.solo.io.envoy.config.core.v3.DataSource](../../../config/core/v3/base.proto.sk/#datasource) | Schema to use in string format. | -| `executor` | [.envoy.config.filter.http.graphql.v2.Executor](../graphql.proto.sk/#executor) | how to execute the schema. | -| `extensions` | `map` | Schema extensions. | -| `logRequestResponseInfo` | `bool` | Logs request / response sensitive information By default, this is false so no request or response sensitive information is logged. | - - - - ---- -### Executor - - - -```yaml -"local": .envoy.config.filter.http.graphql.v2.Executor.Local -"remote": .envoy.config.filter.http.graphql.v2.Executor.Remote - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `local` | [.envoy.config.filter.http.graphql.v2.Executor.Local](../graphql.proto.sk/#local) | Only one of `local` or `remote` can be set. | -| `remote` | [.envoy.config.filter.http.graphql.v2.Executor.Remote](../graphql.proto.sk/#remote) | Only one of `remote` or `local` can be set. | - - - - ---- -### Local - - -Execute schema using resolvers. - -```yaml -"resolutions": []envoy.config.filter.http.graphql.v2.Resolution -"enableIntrospection": bool -"maxDepth": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `resolutions` | [[]envoy.config.filter.http.graphql.v2.Resolution](../graphql.proto.sk/#resolution) | The resolver map to use to resolve the schema. | -| `enableIntrospection` | `bool` | Do we enable introspection for the schema? general recommendation is to disable this for production and hence it defaults to false. | -| `maxDepth` | `int` | The max amount of nesting a query can be executed against this schema. e.g. the following query has these depths: query { # Depth: 0 me { # Depth: 1 friends { # Depth: 2 friends # Depth: 3 } } } If the max_depth is set to 2, then the query at depth 3 will receive an error as a response. The max_depth value of 0 (set by default) will allow an unbounded query depth. | - - - - ---- -### Remote - - -Execute schema by querying a graphql upstream. - -```yaml -"serverUri": .solo.io.envoy.config.core.v3.HttpUri -"request": .envoy.config.filter.http.graphql.v2.Executor.Remote.RemoteSchemaRequest -"spanName": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `serverUri` | [.solo.io.envoy.config.core.v3.HttpUri](../../../config/core/v3/http_uri.proto.sk/#httpuri) | Server URI of the remote graphql cluster. | -| `request` | [.envoy.config.filter.http.graphql.v2.Executor.Remote.RemoteSchemaRequest](../graphql.proto.sk/#remoteschemarequest) | | -| `spanName` | `string` | | - - - - ---- -### Extraction - - - -```yaml -"value": string -"header": string -"dynamicMetadata": .envoy.config.filter.http.graphql.v2.Executor.Remote.Extraction.DynamicMetadataExtraction - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `value` | `string` | Set the extraction type to use a static value. Only one of `value`, `header`, or `dynamicMetadata` can be set. | -| `header` | `string` | Set the extraction type to use a header value. Specify the name of the header to extract the value from on the original request. Only one of `header`, `value`, or `dynamicMetadata` can be set. | -| `dynamicMetadata` | [.envoy.config.filter.http.graphql.v2.Executor.Remote.Extraction.DynamicMetadataExtraction](../graphql.proto.sk/#dynamicmetadataextraction) | Set the extraction type to use a dynamic metadata value. Only one of `dynamicMetadata`, `value`, or `header` can be set. | - - - - ---- -### DynamicMetadataExtraction - - - -```yaml -"metadataNamespace": string -"key": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `metadataNamespace` | `string` | The namespace that the dynamic metadata is stored in. | -| `key` | `string` | The key in the namespace that the dynamic metadata is stored under. | - - - - ---- -### RemoteSchemaRequest - - - -```yaml -"headers": map -"queryParams": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `headers` | `map` | Map of headers to header value which will be included in the request to the remote graphql server. | -| `queryParams` | `map` | Query params to set on the request to the remote graphql server. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/graphql/stitching.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/graphql/stitching.proto.sk.md deleted file mode 100644 index 3583f6de550..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/graphql/stitching.proto.sk.md +++ /dev/null @@ -1,249 +0,0 @@ - ---- -title: "stitching.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.resolver.stitching.v2` -#### Types: - - -- [FieldNode](#fieldnode) -- [FieldNodeMap](#fieldnodemap) -- [FieldNodes](#fieldnodes) -- [ResolverConfig](#resolverconfig) -- [Schemas](#schemas) -- [ArgPath](#argpath) -- [ResolverInfo](#resolverinfo) -- [MergedTypeConfig](#mergedtypeconfig) -- [StitchingInfo](#stitchinginfo) -- [SubschemaConfig](#subschemaconfig) -- [StitchingResolver](#stitchingresolver) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/graphql/stitching.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/graphql/stitching.proto) - - - - - ---- -### FieldNode - - - -```yaml -"name": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | | - - - - ---- -### FieldNodeMap - - - -```yaml -"nodes": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `nodes` | `map` | | - - - - ---- -### FieldNodes - - - -```yaml -"fieldNodes": []envoy.config.resolver.stitching.v2.FieldNode - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `fieldNodes` | [[]envoy.config.resolver.stitching.v2.FieldNode](../stitching.proto.sk/#fieldnode) | | - - - - ---- -### ResolverConfig - - - -```yaml -"selectionSet": string -"fieldName": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `selectionSet` | `string` | | -| `fieldName` | `string` | | - - - - ---- -### Schemas - - - -```yaml -"schemas": []string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `schemas` | `[]string` | | - - - - ---- -### ArgPath - - - -```yaml -"setterPath": []string -"extractionPath": []string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `setterPath` | `[]string` | Setter Path. | -| `extractionPath` | `[]string` | Extraction path. | - - - - ---- -### ResolverInfo - - - -```yaml -"fieldName": string -"args": []envoy.config.resolver.stitching.v2.ArgPath - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `fieldName` | `string` | | -| `args` | [[]envoy.config.resolver.stitching.v2.ArgPath](../stitching.proto.sk/#argpath) | | - - - - ---- -### MergedTypeConfig - - - -```yaml -"typeName": string -"selectionSets": map -"uniqueFieldsToSubschemaName": map -"nonUniqueFieldsToSubschemaNames": map -"declarativeTargetSubschemas": map -"subschemaNameToResolverInfo": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `typeName` | `string` | | -| `selectionSets` | `map` | map of subschema name to selection set string e.g. name_subschema: '{ id }'. | -| `uniqueFieldsToSubschemaName` | `map` | field name -> scema name. | -| `nonUniqueFieldsToSubschemaNames` | `map` | | -| `declarativeTargetSubschemas` | `map` | schema -> subschemas. | -| `subschemaNameToResolverInfo` | `map` | | - - - - ---- -### StitchingInfo - - -Data plane stitching info extension message - -```yaml -"fieldNodesByType": map -"fieldNodesByField": map -"mergedTypes": map -"subschemaNameToSubschemaConfig": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `fieldNodesByType` | `map` | | -| `fieldNodesByField` | `map` | | -| `mergedTypes` | `map` | | -| `subschemaNameToSubschemaConfig` | `map` | | - - - - ---- -### SubschemaConfig - - - -```yaml -"executableSchema": .envoy.config.filter.http.graphql.v2.ExecutableSchema - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `executableSchema` | [.envoy.config.filter.http.graphql.v2.ExecutableSchema](../graphql.proto.sk/#executableschema) | | - - - - ---- -### StitchingResolver - - -Config for the stitching resolver - -```yaml -"subschemaName": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `subschemaName` | `string` | Each query field comes from a specific subschema, this is the name of the subschema that the query field comes from. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/http_path/http_path.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/http_path/http_path.proto.sk.md deleted file mode 100644 index 3609817cc99..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/http_path/http_path.proto.sk.md +++ /dev/null @@ -1,48 +0,0 @@ - ---- -title: "http_path.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.health_checker.http_path.v2` -#### Types: - - -- [HttpPath](#httppath) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/http_path/http_path.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/http_path/http_path.proto) - - - - - ---- -### HttpPath - - -Same as HTTP health checker, but allows a custom path per endpoint -The http path to use can be overriden using endpoint metadata. The endpoint specific path should -be in the "io.solo.health_checkers.http_path" namespace, under a string value named "path". - -```yaml -"httpHealthCheck": .solo.io.envoy.config.core.v3.HealthCheck.HttpHealthCheck - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `httpHealthCheck` | [.solo.io.envoy.config.core.v3.HealthCheck.HttpHealthCheck](../../../config/core/v3/health_check.proto.sk/#httphealthcheck) | Http health check. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/jwt/solo_jwt_authn.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/jwt/solo_jwt_authn.proto.sk.md deleted file mode 100644 index 6137ebc9601..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/jwt/solo_jwt_authn.proto.sk.md +++ /dev/null @@ -1,131 +0,0 @@ - ---- -title: "solo_jwt_authn.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.filter.http.solo_jwt_authn.v2` -#### Types: - - -- [JwtWithStage](#jwtwithstage) -- [SoloJwtAuthnPerRoute](#solojwtauthnperroute) -- [ClaimToHeader](#claimtoheader) -- [ClaimToHeaders](#claimtoheaders) -- [StagedJwtAuthnPerRoute](#stagedjwtauthnperroute) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/jwt/solo_jwt_authn.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/jwt/solo_jwt_authn.proto) - - - - - ---- -### JwtWithStage - - - -```yaml -"jwtAuthn": .solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication -"stage": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `jwtAuthn` | [.solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication](../../filters/http/jwt_authn/v3/config.proto.sk/#jwtauthentication) | The JwtAuthentication config for this filter. | -| `stage` | `int` | Only SoloJwtAuthnPerRoute.JwtAuthnPerRoute with matching stage will be used with this filter. | - - - - ---- -### SoloJwtAuthnPerRoute - - - -```yaml -"requirement": string -"claimsToHeaders": map -"clearRouteCache": bool -"payloadInMetadata": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `requirement` | `string` | | -| `claimsToHeaders` | `map` | Copy the claims from the payload field is the key. non-existant fields are ignored. | -| `clearRouteCache` | `bool` | clear the route cache if claims were added to the header. | -| `payloadInMetadata` | `string` | To easly integrate with other filters, this will copy the payload to this name in the dynamic metadata. The payload will only be copied if one payload is present (i.e. or match). | - - - - ---- -### ClaimToHeader - - -If this is specified, one of the claims will be copied to a header -and the route cache will be cleared. - -```yaml -"claim": string -"header": string -"append": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `claim` | `string` | | -| `header` | `string` | | -| `append` | `bool` | | - - - - ---- -### ClaimToHeaders - - - -```yaml -"claims": []envoy.config.filter.http.solo_jwt_authn.v2.SoloJwtAuthnPerRoute.ClaimToHeader - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `claims` | [[]envoy.config.filter.http.solo_jwt_authn.v2.SoloJwtAuthnPerRoute.ClaimToHeader](../solo_jwt_authn.proto.sk/#claimtoheader) | | - - - - ---- -### StagedJwtAuthnPerRoute - - - -```yaml -"jwtConfigs": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `jwtConfigs` | `map` | Map from stage number to jwt config This jwt config will only be processed by filters with the same stage number. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/network/dns_resolver/apple/v3/apple_dns_resolver.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/network/dns_resolver/apple/v3/apple_dns_resolver.proto.sk.md deleted file mode 100644 index d425f4a0bd8..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/network/dns_resolver/apple/v3/apple_dns_resolver.proto.sk.md +++ /dev/null @@ -1,44 +0,0 @@ - ---- -title: "apple_dns_resolver.proto" -weight: 5 ---- - - - - -### Package: `solo.io.extensions.network.dns_resolver.apple.v3` -#### Types: - - -- [AppleDnsResolverConfig](#applednsresolverconfig) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/network/dns_resolver/apple/v3/apple_dns_resolver.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/network/dns_resolver/apple/v3/apple_dns_resolver.proto) - - - - - ---- -### AppleDnsResolverConfig - - -Configuration for apple DNS resolver. - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/network/dns_resolver/cares/v3/cares_dns_resolver.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/network/dns_resolver/cares/v3/cares_dns_resolver.proto.sk.md deleted file mode 100644 index c5a1b2a20ca..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/network/dns_resolver/cares/v3/cares_dns_resolver.proto.sk.md +++ /dev/null @@ -1,48 +0,0 @@ - ---- -title: "cares_dns_resolver.proto" -weight: 5 ---- - - - - -### Package: `solo.io.extensions.network.dns_resolver.cares.v3` -#### Types: - - -- [CaresDnsResolverConfig](#caresdnsresolverconfig) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/network/dns_resolver/cares/v3/cares_dns_resolver.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/network/dns_resolver/cares/v3/cares_dns_resolver.proto) - - - - - ---- -### CaresDnsResolverConfig - - -Configuration for c-ares DNS resolver. - -```yaml -"resolvers": []solo.io.envoy.config.core.v3.Address -"dnsResolverOptions": .solo.io.config.core.v3.DnsResolverOptions - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `resolvers` | [[]solo.io.envoy.config.core.v3.Address](../../../../../../config/core/v3/address.proto.sk/#address) | A list of dns resolver addresses. :ref:`use_resolvers_as_fallback` below dictates if the DNS client should override system defaults or only use the provided resolvers if the system defaults are not available, i.e., as a fallback. | -| `dnsResolverOptions` | [.solo.io.config.core.v3.DnsResolverOptions](../../../../../../config/core/v3/resolver.proto.sk/#dnsresolveroptions) | Configuration of DNS resolver option flags which control the behavior of the DNS resolver. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/proxylatency/proxylatency.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/proxylatency/proxylatency.proto.sk.md deleted file mode 100644 index 9a433b33418..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/proxylatency/proxylatency.proto.sk.md +++ /dev/null @@ -1,83 +0,0 @@ - ---- -title: "proxylatency.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.filter.http.proxylatency.v2` -#### Types: - - -- [ProxyLatency](#proxylatency) -- [Measurement](#measurement) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/proxylatency/proxylatency.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/proxylatency/proxylatency.proto) - - - - - ---- -### ProxyLatency - - -Configure the proxy latency filter. This filter measures the latency -incurred by the filter chain in a histogram. -The filter fields are similar to the settings for [`COMMON_DURATION`](https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage.html), -introduced in Envoy 1.31. -The filter also emits the following additional dynamic metadata fields, -which you can use to augment the existing upstream options for access logging: -- request_out_internal: first_byte_processed_millis -- request_out: firstUpstreamTxByteSent -- response_out: firstDownstreamTxByteSent - -```yaml -"request": .envoy.config.filter.http.proxylatency.v2.ProxyLatency.Measurement -"measureRequestInternally": bool -"response": .envoy.config.filter.http.proxylatency.v2.ProxyLatency.Measurement -"chargeClusterStat": .google.protobuf.BoolValue -"chargeListenerStat": .google.protobuf.BoolValue -"emitDynamicMetadata": .google.protobuf.BoolValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `request` | [.envoy.config.filter.http.proxylatency.v2.ProxyLatency.Measurement](../proxylatency.proto.sk/#measurement) | How to measure the request. Affects the output stats. Does not affect metadata. | -| `measureRequestInternally` | `bool` | When FIRST_OUTGOING (i.e. LAST_INCOMING_FIRST_OUTGOING or FIRST_INCOMING_FIRST_OUTGOING) is instead of when the first byte is sent upstream. This has the advantage of not measuring the time selected for request measurment, finish measuring proxy latency when decodeHeader for this it takes a connection to form, which may skew the P99. filter is hit instead of when the first byte is sent upstream. This has the advantage of not for this to work the filter should be inserted last, just before the router filter. measuring the time it takes a connection to form, which may skew the P99. For this to work this filter should be inserted last, just before the router filter. This has no effect if other measurement type is selected, and has no effect on how response is measured. | -| `response` | [.envoy.config.filter.http.proxylatency.v2.ProxyLatency.Measurement](../proxylatency.proto.sk/#measurement) | How measure the response. | -| `chargeClusterStat` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Charge a stat per upstream cluster. If not specified, defaults to true. | -| `chargeListenerStat` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Charge a stat per listener. If not specified, defaults to true. | -| `emitDynamicMetadata` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Whether request timing is emitted to dynamic metadata. If enabled, defaults to true. | - - - - ---- -### Measurement - - -How to perform the latency measurement. Given an incoming request from downstream and -outging request to upstream; or incoming response from upstream and outgoing repsonse to -downstream, This outlines how to measure the latency used by the proxy. - -| Name | Description | -| ----- | ----------- | -| `LAST_INCOMING_FIRST_OUTGOING` | Count from the last byte of the incoming request\response to the first byte of the outgoing request\response. | -| `FIRST_INCOMING_FIRST_OUTGOING` | Count from the first byte of the incoming request\response to the first byte of the outgoing request\response. | -| `LAST_INCOMING_LAST_OUTGOING` | Count from the last byte of the incoming request\response to the last byte of the outgoing request\response. | -| `FIRST_INCOMING_LAST_OUTGOING` | Count from the first byte of the incoming request\response to the last byte of the outgoing request\response. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/proxyprotocol/proxyprotocol.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/proxyprotocol/proxyprotocol.proto.sk.md deleted file mode 100644 index f16712df010..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/proxyprotocol/proxyprotocol.proto.sk.md +++ /dev/null @@ -1,90 +0,0 @@ - ---- -title: "proxyprotocol.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.listener.proxy_protocol.v3` -#### Types: - - -- [CustomProxyProtocol](#customproxyprotocol) -- [KeyValuePair](#keyvaluepair) -- [Rule](#rule) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/proxyprotocol/proxyprotocol.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/proxyprotocol/proxyprotocol.proto) - - - - - ---- -### CustomProxyProtocol - - - -```yaml -"rules": []envoy.config.listener.proxy_protocol.v3.CustomProxyProtocol.Rule -"allowRequestsWithoutProxyProtocol": bool -"passThroughTlvs": .solo.io.envoy.config.core.v3.ProxyProtocolPassThroughTLVs - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `rules` | [[]envoy.config.listener.proxy_protocol.v3.CustomProxyProtocol.Rule](../proxyprotocol.proto.sk/#rule) | The list of rules to apply to requests. | -| `allowRequestsWithoutProxyProtocol` | `bool` | Allow requests through that don't use proxy protocol. Defaults to false. .. attention:: This breaks conformance with the specification. Only enable if ALL traffic to the listener comes from a trusted source. For more information on the security implications of this feature, see https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt. | -| `passThroughTlvs` | [.solo.io.envoy.config.core.v3.ProxyProtocolPassThroughTLVs](../../../../../../../../../../../envoy/config/core/v3/proxy_protocol.proto.sk/#proxyprotocolpassthroughtlvs) | This config controls which TLVs can be passed to filter state if it is Proxy Protocol V2 header. If there is no setting for this field, no TLVs will be passed through. .. note:: If this is configured, you likely also want to set :ref:`core.v3.ProxyProtocolConfig.pass_through_tlvs `, which controls pass-through for the upstream. | - - - - ---- -### KeyValuePair - - - -```yaml -"metadataNamespace": string -"key": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `metadataNamespace` | `string` | The namespace — if this is empty, the filter's namespace will be used. | -| `key` | `string` | The key to use within the namespace. | - - - - ---- -### Rule - - -A Rule defines what metadata to apply when a header is present or missing. - -```yaml -"tlvType": int -"onTlvPresent": .envoy.config.listener.proxy_protocol.v3.CustomProxyProtocol.KeyValuePair - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `tlvType` | `int` | The type that triggers the rule - required TLV type is defined as uint8_t in proxy protocol. See `the spec `_ for details. | -| `onTlvPresent` | [.envoy.config.listener.proxy_protocol.v3.CustomProxyProtocol.KeyValuePair](../proxyprotocol.proto.sk/#keyvaluepair) | If the TLV type is present, apply this metadata KeyValuePair. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/span_decorators/span_decorators.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/span_decorators/span_decorators.proto.sk.md deleted file mode 100644 index e5e78cf4395..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/span_decorators/span_decorators.proto.sk.md +++ /dev/null @@ -1,44 +0,0 @@ - ---- -title: "span_decorators.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.filter.http.span_decorators.v3` -#### Types: - - -- [SpanDecorators](#spandecorators) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/span_decorators/span_decorators.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/span_decorators/span_decorators.proto) - - - - - ---- -### SpanDecorators - - -Envoy filter configuration for the SpanDecorator plugin - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/transformation/transformation.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/transformation/transformation.proto.sk.md deleted file mode 100644 index 2803f9270be..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/transformation/transformation.proto.sk.md +++ /dev/null @@ -1,547 +0,0 @@ - ---- -title: "transformation.proto" -weight: 5 ---- - - - - -### Package: `envoy.api.v2.filter.http` -#### Types: - - -- [FilterTransformations](#filtertransformations) -- [TransformationRule](#transformationrule) -- [Transformations](#transformations) -- [RouteTransformations](#routetransformations) -- [RouteTransformation](#routetransformation) -- [RequestMatch](#requestmatch) -- [ResponseMatch](#responsematch) -- [ResponseMatcher](#responsematcher) -- [ResponseTransformationRule](#responsetransformationrule) -- [Transformation](#transformation) -- [Extraction](#extraction) -- [Mode](#mode) -- [TransformationTemplate](#transformationtemplate) -- [HeaderToAppend](#headertoappend) -- [DynamicMetadataValue](#dynamicmetadatavalue) -- [SpanTransformer](#spantransformer) -- [RequestBodyParse](#requestbodyparse) -- [InjaTemplate](#injatemplate) -- [Passthrough](#passthrough) -- [MergeExtractorsToBody](#mergeextractorstobody) -- [MergeJsonKeys](#mergejsonkeys) -- [OverridableTemplate](#overridabletemplate) -- [HeaderBodyTransform](#headerbodytransform) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/transformation/transformation.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/transformation/transformation.proto) - - - - - ---- -### FilterTransformations - - - -```yaml -"transformations": []envoy.api.v2.filter.http.TransformationRule -"stage": int -"logRequestResponseInfo": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `transformations` | [[]envoy.api.v2.filter.http.TransformationRule](../transformation.proto.sk/#transformationrule) | Specifies transformations based on the route matches. The first matched transformation will be applied. If there are overlapped match conditions, please put the most specific match first. | -| `stage` | `int` | Only RouteTransformations.RouteTransformation with matching stage will be used with this filter. | -| `logRequestResponseInfo` | `bool` | Logs request/response sensitive information By default, this is false so no request or response sensitive information is logged. If set to true, the filter will log the request/response body and headers before and after any transformation is applied. | - - - - ---- -### TransformationRule - - - -```yaml -"match": .solo.io.envoy.config.route.v3.RouteMatch -"routeTransformations": .envoy.api.v2.filter.http.TransformationRule.Transformations - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `match` | [.solo.io.envoy.config.route.v3.RouteMatch](../../../config/route/v3/route_components.proto.sk/#routematch) | The route matching parameter. Only when the match is satisfied, the "requires" field will apply. For example: following match will match all requests. .. code-block:: yaml match: prefix: /. | -| `routeTransformations` | [.envoy.api.v2.filter.http.TransformationRule.Transformations](../transformation.proto.sk/#transformations) | transformation to perform. | - - - - ---- -### Transformations - - - -```yaml -"requestTransformation": .envoy.api.v2.filter.http.Transformation -"clearRouteCache": bool -"responseTransformation": .envoy.api.v2.filter.http.Transformation -"onStreamCompletionTransformation": .envoy.api.v2.filter.http.Transformation - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `requestTransformation` | [.envoy.api.v2.filter.http.Transformation](../transformation.proto.sk/#transformation) | Apply a transformation to requests. | -| `clearRouteCache` | `bool` | Clear the route cache if the request transformation was applied. | -| `responseTransformation` | [.envoy.api.v2.filter.http.Transformation](../transformation.proto.sk/#transformation) | Apply a transformation to responses. | -| `onStreamCompletionTransformation` | [.envoy.api.v2.filter.http.Transformation](../transformation.proto.sk/#transformation) | Apply a transformation in the onStreamComplete callback (for modifying headers and dynamic metadata for access logs). | - - - - ---- -### RouteTransformations - - - -```yaml -"requestTransformation": .envoy.api.v2.filter.http.Transformation -"responseTransformation": .envoy.api.v2.filter.http.Transformation -"clearRouteCache": bool -"transformations": []envoy.api.v2.filter.http.RouteTransformations.RouteTransformation - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `requestTransformation` | [.envoy.api.v2.filter.http.Transformation](../transformation.proto.sk/#transformation) | deprecated. Use transformations[].request_match.request_transformation instead. | -| `responseTransformation` | [.envoy.api.v2.filter.http.Transformation](../transformation.proto.sk/#transformation) | deprecated. Use transformations[].request_match.response_transformation instead. | -| `clearRouteCache` | `bool` | deprecated. Use transformations[].request_match.clear_route_cache instead. | -| `transformations` | [[]envoy.api.v2.filter.http.RouteTransformations.RouteTransformation](../transformation.proto.sk/#routetransformation) | | - - - - ---- -### RouteTransformation - - - -```yaml -"stage": int -"requestMatch": .envoy.api.v2.filter.http.RouteTransformations.RouteTransformation.RequestMatch -"responseMatch": .envoy.api.v2.filter.http.RouteTransformations.RouteTransformation.ResponseMatch - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `stage` | `int` | Stage number. This transformation will only be processed by filters with the same stage number. | -| `requestMatch` | [.envoy.api.v2.filter.http.RouteTransformations.RouteTransformation.RequestMatch](../transformation.proto.sk/#requestmatch) | Only one of `requestMatch` or `responseMatch` can be set. | -| `responseMatch` | [.envoy.api.v2.filter.http.RouteTransformations.RouteTransformation.ResponseMatch](../transformation.proto.sk/#responsematch) | Only one of `responseMatch` or `requestMatch` can be set. | - - - - ---- -### RequestMatch - - - -```yaml -"match": .solo.io.envoy.config.route.v3.RouteMatch -"requestTransformation": .envoy.api.v2.filter.http.Transformation -"responseTransformation": .envoy.api.v2.filter.http.Transformation -"clearRouteCache": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `match` | [.solo.io.envoy.config.route.v3.RouteMatch](../../../config/route/v3/route_components.proto.sk/#routematch) | if no match is specified, will match all. | -| `requestTransformation` | [.envoy.api.v2.filter.http.Transformation](../transformation.proto.sk/#transformation) | transformation to perform. | -| `responseTransformation` | [.envoy.api.v2.filter.http.Transformation](../transformation.proto.sk/#transformation) | | -| `clearRouteCache` | `bool` | clear the route cache if the request transformation was applied. | - - - - ---- -### ResponseMatch - - - -```yaml -"match": .envoy.api.v2.filter.http.ResponseMatcher -"responseTransformation": .envoy.api.v2.filter.http.Transformation - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `match` | [.envoy.api.v2.filter.http.ResponseMatcher](../transformation.proto.sk/#responsematcher) | | -| `responseTransformation` | [.envoy.api.v2.filter.http.Transformation](../transformation.proto.sk/#transformation) | transformation to perform. | - - - - ---- -### ResponseMatcher - - - -```yaml -"headers": []solo.io.envoy.config.route.v3.HeaderMatcher -"responseCodeDetails": .solo.io.envoy.type.matcher.v3.StringMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `headers` | [[]solo.io.envoy.config.route.v3.HeaderMatcher](../../../config/route/v3/route_components.proto.sk/#headermatcher) | Specifies a set of headers that the route should match on. The router will check the response headers against all the specified headers in the route config. A match will happen if all the headers in the route are present in the request with the same values (or based on presence if the value field is not in the config). | -| `responseCodeDetails` | [.solo.io.envoy.type.matcher.v3.StringMatcher](../../../type/matcher/v3/string.proto.sk/#stringmatcher) | Only match responses with non empty response code details (this usually implies a local reply). | - - - - ---- -### ResponseTransformationRule - - - -```yaml -"match": .envoy.api.v2.filter.http.ResponseMatcher -"responseTransformation": .envoy.api.v2.filter.http.Transformation - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `match` | [.envoy.api.v2.filter.http.ResponseMatcher](../transformation.proto.sk/#responsematcher) | | -| `responseTransformation` | [.envoy.api.v2.filter.http.Transformation](../transformation.proto.sk/#transformation) | transformation to perform. | - - - - ---- -### Transformation - - -This message defines a transformation. -This proto is for envoy filter config, not user-facing API. - -```yaml -"transformationTemplate": .envoy.api.v2.filter.http.TransformationTemplate -"headerBodyTransform": .envoy.api.v2.filter.http.HeaderBodyTransform -"transformerConfig": .solo.io.envoy.config.core.v3.TypedExtensionConfig -"logRequestResponseInfo": .google.protobuf.BoolValue - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `transformationTemplate` | [.envoy.api.v2.filter.http.TransformationTemplate](../transformation.proto.sk/#transformationtemplate) | Apply transformation templates. Only one of `transformationTemplate`, `headerBodyTransform`, or `transformerConfig` can be set. | -| `headerBodyTransform` | [.envoy.api.v2.filter.http.HeaderBodyTransform](../transformation.proto.sk/#headerbodytransform) | This type of transformation will make all the headers available in the response body. The resulting JSON body will consist of two attributes: 'headers', containing the headers, and 'body', containing the original body. Only one of `headerBodyTransform`, `transformationTemplate`, or `transformerConfig` can be set. | -| `transformerConfig` | [.solo.io.envoy.config.core.v3.TypedExtensionConfig](../../../config/core/v3/extension.proto.sk/#typedextensionconfig) | Configuration for an externally implemented transformer, used by envoy transformation filter. Only one of `transformerConfig`, `transformationTemplate`, or `headerBodyTransform` can be set. | -| `logRequestResponseInfo` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Logs request/response sensitive information By default, this is false so no request or response sensitive information is logged. If set to true, the filter will log the request/response body and headers before and after this transformation is applied. | - - - - ---- -### Extraction - - -Extractions can be used to extract information from the request/response. -The extracted information can then be referenced in template fields. - -```yaml -"header": string -"body": .google.protobuf.Empty -"regex": string -"subgroup": int -"replacementText": .google.protobuf.StringValue -"mode": .envoy.api.v2.filter.http.Extraction.Mode - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `header` | `string` | Extract information from headers. Only one of `header` or `body` can be set. | -| `body` | [.google.protobuf.Empty](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/empty) | Extract information from the request/response body. Only one of `body` or `header` can be set. | -| `regex` | `string` | The regex field specifies the regular expression used for matching against the source content. - In EXTRACT mode, the entire source must match the regex. `subgroup` selects the n-th capturing group, which determines the part of the match that you want to extract. If the regex does not match the source, the result of the extraction will be an empty value. - In SINGLE_REPLACE mode, the regex also needs to match the entire source. `subgroup` selects the n-th capturing group that is replaced with the content of `replacement_text`. If the regex does not match the source, the result of the replacement will be the source itself. - In REPLACE_ALL mode, the regex is applied repeatedly to find all occurrences within the source that match. Each matching occurrence is replaced with the value in `replacement_text`. In this mode, the configuration is rejected if `subgroup` is set. If the regex does not match the source, the result of the replacement will be the source itself. | -| `subgroup` | `int` | If your regex contains capturing groups, use this field to determine the group that you want to select. Defaults to 0. If set in `EXTRACT` and `SINGLE_REPLACE` modes, the subgroup represents the capturing group that you want to extract or replace in the source. The configuration is rejected if you set subgroup to a non-zero value when using thev `REPLACE_ALL` mode. | -| `replacementText` | [.google.protobuf.StringValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/string-value) | The value `replacement_text` is used to format the substitution for matched sequences in in an input string. This value is only legal in `SINGLE_REPLACE` and `REPLACE_ALL` modes. - In `SINGLE_REPLACE` mode, the `subgroup` selects the n-th capturing group, which represents the value that you want to replace with the string provided in `replacement_text`. - In `REPLACE_ALL` mode, each sequence that matches the specified regex in the input is replaced with the value in`replacement_text`. The `replacement_text` can include special syntax, such as $1, $2, etc., to refer to capturing groups within the regular expression. The value that is specified in `replacement_text` is treated as a string, and is passed to `std::regex_replace` as the replacement string. For more informatino, see https://en.cppreference.com/w/cpp/regex/regex_replace. | -| `mode` | [.envoy.api.v2.filter.http.Extraction.Mode](../transformation.proto.sk/#mode) | The mode of operation for the extraction. Defaults to EXTRACT. | - - - - ---- -### Mode - - -The mode of operation for the extraction. - -| Name | Description | -| ----- | ----------- | -| `EXTRACT` | Default mode. Extract the content of a specified capturing group. In this mode, `subgroup` selects the n-th capturing group, which represents the value that you want to extract. | -| `SINGLE_REPLACE` | Replace the content of a specified capturing group. In this mode, `subgroup` selects the n-th capturing group, which represents the value that you want to replace with the string provided in `replacement_text`. Note: `replacement_text` must be set for this mode. | -| `REPLACE_ALL` | Replace all regex matches with the value provided in `replacement_text`. Note: `replacement_text` must be set for this mode. Note: The configuration fails if `subgroup` is set to a non-zero value. Note: restrictions on the regex are different for this mode. See the regex field for more details. | - - - - ---- -### TransformationTemplate - - -Defines a transformation template. - -```yaml -"advancedTemplates": bool -"extractors": map -"headers": map -"headersToAppend": []envoy.api.v2.filter.http.TransformationTemplate.HeaderToAppend -"headersToRemove": []string -"body": .envoy.api.v2.filter.http.InjaTemplate -"passthrough": .envoy.api.v2.filter.http.Passthrough -"mergeExtractorsToBody": .envoy.api.v2.filter.http.MergeExtractorsToBody -"mergeJsonKeys": .envoy.api.v2.filter.http.MergeJsonKeys -"parseBodyBehavior": .envoy.api.v2.filter.http.TransformationTemplate.RequestBodyParse -"ignoreErrorOnParse": bool -"dynamicMetadataValues": []envoy.api.v2.filter.http.TransformationTemplate.DynamicMetadataValue -"escapeCharacters": bool -"spanTransformer": .envoy.api.v2.filter.http.TransformationTemplate.SpanTransformer - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `advancedTemplates` | `bool` | If set to true, use JSON pointer notation (e.g. "time/start") instead of dot notation (e.g. "time.start") to access JSON elements. Defaults to false. Please note that, if set to 'true', you will need to use the `extraction` function to access extractors in the template (e.g. '{{ extraction("my_extractor") }}'); if the default value of 'false' is used, extractors will simply be available by their name (e.g. '{{ my_extractor }}'). | -| `extractors` | `map` | Use this attribute to extract information from the request. It consists of a map of strings to extractors. The extractor will defines which information will be extracted, while the string key will provide the extractor with a name. You can reference extractors by their name in templates, e.g. "{{ my-extractor }}" will render to the value of the "my-extractor" extractor. | -| `headers` | `map` | Use this attribute to transform request/response headers. It consists of a map of strings to templates. The string key determines the name of the resulting header, the rendered template will determine the value. Any existing headers with the same header name will be replaced by the transformed header. If a header name is included in `headers` and `headers_to_append`, it will first be replaced the template in `headers`, then additional header values will be appended by the templates defined in `headers_to_append`. For example, the following header transformation configuration: ```yaml headers: x-header-one: {"text": "first {{inja}} template"} x-header-one: {"text": "second {{inja}} template"} headersToAppend: - key: x-header-one value: {"text": "first appended {{inja}} template"} - key: x-header-one value: {"text": "second appended {{inja}} template"} ``` will result in the following headers on the HTTP message: ``` x-header-one: first inja template x-header-one: first appended inja template x-header-one: second appended inja template ```. | -| `headersToAppend` | [[]envoy.api.v2.filter.http.TransformationTemplate.HeaderToAppend](../transformation.proto.sk/#headertoappend) | Use this attribute to transform request/response headers. It consists of an array of string/template objects. Use this attribute to define multiple templates for a single header. Header template(s) defined here will be appended to any existing headers with the same header name, not replace existing ones. See `headers` documentation to see an example of usage. | -| `headersToRemove` | `[]string` | Attribute to remove headers from requests. If a header is present multiple times, all instances of the header will be removed. | -| `body` | [.envoy.api.v2.filter.http.InjaTemplate](../transformation.proto.sk/#injatemplate) | Apply a template to the body. Only one of `body`, `passthrough`, `mergeExtractorsToBody`, or `mergeJsonKeys` can be set. | -| `passthrough` | [.envoy.api.v2.filter.http.Passthrough](../transformation.proto.sk/#passthrough) | This will cause the transformation filter not to buffer the body. Use this setting if the response body is large and you don't need to transform nor extract information from it. Only one of `passthrough`, `body`, `mergeExtractorsToBody`, or `mergeJsonKeys` can be set. | -| `mergeExtractorsToBody` | [.envoy.api.v2.filter.http.MergeExtractorsToBody](../transformation.proto.sk/#mergeextractorstobody) | Merge all defined extractors to the request/response body. If you want to nest elements inside the body, use dot separator in the extractor name. Only one of `mergeExtractorsToBody`, `body`, `passthrough`, or `mergeJsonKeys` can be set. | -| `mergeJsonKeys` | [.envoy.api.v2.filter.http.MergeJsonKeys](../transformation.proto.sk/#mergejsonkeys) | A set of key-value pairs to merge into the JSON body. Each value will be rendered separately, and then placed into the JSON body at the specified key. There are a number of important caveats to using this feature: * This can only be used when the body is parsed as JSON. * This option does NOT work with advanced templates currently. Only one of `mergeJsonKeys`, `body`, `passthrough`, or `mergeExtractorsToBody` can be set. | -| `parseBodyBehavior` | [.envoy.api.v2.filter.http.TransformationTemplate.RequestBodyParse](../transformation.proto.sk/#requestbodyparse) | Determines how the body will be parsed. Defaults to ParseAsJson. | -| `ignoreErrorOnParse` | `bool` | If set to true, Envoy will not throw an exception in case the body parsing fails. | -| `dynamicMetadataValues` | [[]envoy.api.v2.filter.http.TransformationTemplate.DynamicMetadataValue](../transformation.proto.sk/#dynamicmetadatavalue) | Use this field to set Dynamic Metadata. | -| `escapeCharacters` | `bool` | Use this field to set Inja behavior when rendering strings which contain characters that would need to be escaped to be valid JSON. Note that this sets the behavior for the entire transformation. Use raw_strings function for fine-grained control within a template. | -| `spanTransformer` | [.envoy.api.v2.filter.http.TransformationTemplate.SpanTransformer](../transformation.proto.sk/#spantransformer) | Use this field to modify the span of the trace. | - - - - ---- -### HeaderToAppend - - -Defines a header-template pair to be used in `headers_to_append` - -```yaml -"key": string -"value": .envoy.api.v2.filter.http.InjaTemplate - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `key` | `string` | Header name. | -| `value` | [.envoy.api.v2.filter.http.InjaTemplate](../transformation.proto.sk/#injatemplate) | Apply a template to the header value. | - - - - ---- -### DynamicMetadataValue - - -Defines an [Envoy Dynamic -Metadata](https://www.envoyproxy.io/docs/envoy/latest/configuration/advanced/well_known_dynamic_metadata) -entry. - -```yaml -"metadataNamespace": string -"key": string -"value": .envoy.api.v2.filter.http.InjaTemplate -"jsonToProto": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `metadataNamespace` | `string` | The metadata namespace. Defaults to the filter namespace. | -| `key` | `string` | The metadata key. | -| `value` | [.envoy.api.v2.filter.http.InjaTemplate](../transformation.proto.sk/#injatemplate) | A template that determines the metadata value. | -| `jsonToProto` | `bool` | Instruct the filter to parse the rendered value as a proto Struct message before setting it as the metadata value. | - - - - ---- -### SpanTransformer - - - -```yaml -"name": .envoy.api.v2.filter.http.InjaTemplate - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | [.envoy.api.v2.filter.http.InjaTemplate](../transformation.proto.sk/#injatemplate) | A template that sets the span name. | - - - - ---- -### RequestBodyParse - - -Determines how the body will be parsed. - -| Name | Description | -| ----- | ----------- | -| `ParseAsJson` | Will attempt to parse the request/response body as JSON | -| `DontParse` | The request/response body will be treated as plain text | - - - - ---- -### InjaTemplate - - -Defines an [Inja template](https://github.com/pantor/inja) that will be -rendered by Gloo. In addition to the core template functions, the Gloo -transformation filter defines the following custom functions: -- header(header_name): returns the value of the header with the given name. -- extraction(extractor_name): returns the value of the extractor with the -given name. -- env(env_var_name): returns the value of the environment variable with the -given name. -- body(): returns the request/response body. -- context(): returns the base JSON context (allowing for example to range on -a JSON body that is an array). -- request_header(header_name): returns the value of the request header with -the given name. Use this option when you want to include request header values in response -transformations. -- base64_encode(string): encodes the input string to base64. -- base64_decode(string): decodes the input string from base64. -- substring(string, start_pos, substring_len): returns a substring of the -input string, starting at `start_pos` and extending for `substring_len` -characters. If no `substring_len` is provided or `substring_len` is <= 0, the -substring extends to the end of the input string. - -```yaml -"text": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `text` | `string` | | - - - - ---- -### Passthrough - - - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### MergeExtractorsToBody - - - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### MergeJsonKeys - - - -```yaml -"jsonKeys": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `jsonKeys` | `map` | Map of key name -> template to render into the JSON body. Specified keys which don't exist in the JSON body will be set, keys which do exist will be overriden. For example, given the following JSON body: { "key1": "value1" } and the following MergeJsonKeys: { "key1": "{{ header("header1") }}", "key2": "{{ header("header2") }}" } The resulting JSON body will be: { "key1": "header1_value", "key2": "header2_value" }. | - - - - ---- -### OverridableTemplate - - - -```yaml -"tmpl": .envoy.api.v2.filter.http.InjaTemplate -"overrideEmpty": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `tmpl` | [.envoy.api.v2.filter.http.InjaTemplate](../transformation.proto.sk/#injatemplate) | Template to render. | -| `overrideEmpty` | `bool` | If set to true, the template will be set even if the rendered value is empty. | - - - - ---- -### HeaderBodyTransform - - - -```yaml -"addRequestMetadata": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `addRequestMetadata` | `bool` | When transforming a request, setting this to true will additionally add "queryString", "queryStringParameters", "multiValueQueryStringParameters", "httpMethod", "path", and "multiValueHeaders" to the body. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/transformation_ee/transformation.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/transformation_ee/transformation.proto.sk.md deleted file mode 100644 index 23762b3de53..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/transformation_ee/transformation.proto.sk.md +++ /dev/null @@ -1,244 +0,0 @@ - ---- -title: "transformation.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.filter.http.transformation_ee.v2` -#### Types: - - -- [FilterTransformations](#filtertransformations) -- [TransformationRule](#transformationrule) -- [RouteTransformations](#routetransformations) -- [Transformation](#transformation) -- [DlpTransformation](#dlptransformation) -- [Action](#action) -- [RegexMatcher](#regexmatcher) -- [KeyValueMatcher](#keyvaluematcher) -- [DlpMatcher](#dlpmatcher) -- [RegexAction](#regexaction) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/transformation_ee/transformation.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/transformation_ee/transformation.proto) - - - - - ---- -### FilterTransformations - - - -```yaml -"transformations": []envoy.config.filter.http.transformation_ee.v2.TransformationRule - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `transformations` | [[]envoy.config.filter.http.transformation_ee.v2.TransformationRule](../transformation.proto.sk/#transformationrule) | Specifies transformations based on the route matches. The first matched transformation will be applied. If there are overlapped match conditions, please put the most specific match first. | - - - - ---- -### TransformationRule - - - -```yaml -"match": .solo.io.envoy.api.v2.route.RouteMatch -"matchV3": .solo.io.envoy.config.route.v3.RouteMatch -"routeTransformations": .envoy.config.filter.http.transformation_ee.v2.RouteTransformations - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `match` | [.solo.io.envoy.api.v2.route.RouteMatch](../../../../../../../../../../../envoy/api/v2/route/route.proto.sk/#routematch) | The route matching parameter. Only when the match is satisfied, the "requires" field will apply. For example: following match will match all requests. .. code-block:: yaml match: prefix: /. | -| `matchV3` | [.solo.io.envoy.config.route.v3.RouteMatch](../../../config/route/v3/route_components.proto.sk/#routematch) | | -| `routeTransformations` | [.envoy.config.filter.http.transformation_ee.v2.RouteTransformations](../transformation.proto.sk/#routetransformations) | transformation to perform. | - - - - ---- -### RouteTransformations - - - -```yaml -"requestTransformation": .envoy.config.filter.http.transformation_ee.v2.Transformation -"clearRouteCache": bool -"responseTransformation": .envoy.config.filter.http.transformation_ee.v2.Transformation -"onStreamCompletionTransformation": .envoy.config.filter.http.transformation_ee.v2.Transformation - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `requestTransformation` | [.envoy.config.filter.http.transformation_ee.v2.Transformation](../transformation.proto.sk/#transformation) | | -| `clearRouteCache` | `bool` | clear the route cache if the request transformation was applied. | -| `responseTransformation` | [.envoy.config.filter.http.transformation_ee.v2.Transformation](../transformation.proto.sk/#transformation) | | -| `onStreamCompletionTransformation` | [.envoy.config.filter.http.transformation_ee.v2.Transformation](../transformation.proto.sk/#transformation) | Apply a transformation in the onStreamComplete callback (for modifying headers and dynamic metadata for access logs). | - - - - ---- -### Transformation - - - -```yaml -"dlpTransformation": .envoy.config.filter.http.transformation_ee.v2.DlpTransformation - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `dlpTransformation` | [.envoy.config.filter.http.transformation_ee.v2.DlpTransformation](../transformation.proto.sk/#dlptransformation) | | - - - - ---- -### DlpTransformation - - - -```yaml -"actions": []envoy.config.filter.http.transformation_ee.v2.Action -"enableHeaderTransformation": bool -"enableDynamicMetadataTransformation": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `actions` | [[]envoy.config.filter.http.transformation_ee.v2.Action](../transformation.proto.sk/#action) | list of actions to apply. | -| `enableHeaderTransformation` | `bool` | If true, headers will be transformed. Should only be true for the on_stream_complete_transformation route transformation type. | -| `enableDynamicMetadataTransformation` | `bool` | If true, dynamic metadata will be transformed. Should only be used for the on_stream_complete_transformation route transformation type. | - - - - ---- -### Action - - - -```yaml -"name": string -"regex": []string -"regexActions": []envoy.config.filter.http.transformation_ee.v2.RegexAction -"shadow": bool -"percent": .solo.io.envoy.type.Percent -"maskChar": string -"matcher": .envoy.config.filter.http.transformation_ee.v2.Action.DlpMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | Identifier for this action. Used mostly to help ID specific actions in logs. If left null will default to unknown. | -| `regex` | `[]string` | Deprecated in favor of DlpMatcher List of regexes to apply to the response body to match data which should be masked They will be applied iteratively in the order which they are specified. | -| `regexActions` | [[]envoy.config.filter.http.transformation_ee.v2.RegexAction](../transformation.proto.sk/#regexaction) | Deprecated in favor of DlpMatcher List of regexes to apply to the response body to match data which should be masked. They will be applied iteratively in the order which they are specified. If this field and `regex` are both provided, all the regexes will be applied iteratively in the order provided, starting with the ones from `regex`. | -| `shadow` | `bool` | If specified, this rule will not actually be applied, but only logged. | -| `percent` | [.solo.io.envoy.type.Percent](../../../../../../../../../solo-kit/api/external/envoy/type/percent.proto.sk/#percent) | The percent of the string which should be masked. If not set, defaults to 75%. | -| `maskChar` | `string` | The character which should overwrite the masked data If left empty, defaults to "X". | -| `matcher` | [.envoy.config.filter.http.transformation_ee.v2.Action.DlpMatcher](../transformation.proto.sk/#dlpmatcher) | The matcher used to determine which values will be masked by this action. | - - - - ---- -### RegexMatcher - - -List of regexes to apply to the response body to match data which should be -masked. They will be applied iteratively in the order which they are -specified. - -```yaml -"regexActions": []envoy.config.filter.http.transformation_ee.v2.RegexAction - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `regexActions` | [[]envoy.config.filter.http.transformation_ee.v2.RegexAction](../transformation.proto.sk/#regexaction) | | - - - - ---- -### KeyValueMatcher - - -List of headers for which associated values will be masked. -Note that enable_header_transformation must be set for this to take effect. -Note that if enable_dynamic_metadata_transformation is set, proto struct dynamic metadata -(i.e., the values matching any JSON keys specified in `keys`; primarily for json-formatted WAF audit logs) will also be masked accordingly. - -```yaml -"keys": []string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `keys` | `[]string` | | - - - - ---- -### DlpMatcher - - - -```yaml -"regexMatcher": .envoy.config.filter.http.transformation_ee.v2.Action.RegexMatcher -"keyValueMatcher": .envoy.config.filter.http.transformation_ee.v2.Action.KeyValueMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `regexMatcher` | [.envoy.config.filter.http.transformation_ee.v2.Action.RegexMatcher](../transformation.proto.sk/#regexmatcher) | Only one of `regexMatcher` or `keyValueMatcher` can be set. | -| `keyValueMatcher` | [.envoy.config.filter.http.transformation_ee.v2.Action.KeyValueMatcher](../transformation.proto.sk/#keyvaluematcher) | Only one of `keyValueMatcher` or `regexMatcher` can be set. | - - - - ---- -### RegexAction - - - -```yaml -"regex": string -"subgroup": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `regex` | `string` | The regex to match for masking. | -| `subgroup` | `int` | If provided and not 0, only this specific subgroup of the regex will be masked. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/transformers/xslt/xslt_transformer.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/transformers/xslt/xslt_transformer.proto.sk.md deleted file mode 100644 index fadfe6592b4..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/transformers/xslt/xslt_transformer.proto.sk.md +++ /dev/null @@ -1,50 +0,0 @@ - ---- -title: "xslt_transformer.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.transformer.xslt.v2` -#### Types: - - -- [XsltTransformation](#xslttransformation) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/transformers/xslt/xslt_transformer.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/transformers/xslt/xslt_transformer.proto) - - - - - ---- -### XsltTransformation - - -Defines an XSLT Transformation. - -```yaml -"xslt": string -"setContentType": string -"nonXmlTransform": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `xslt` | `string` | XSLT transformation template which you want to transform requests/responses with. Invalid XSLT transformation templates will result will result in a NACK during envoy configuration-time and the configuration will not be loaded. | -| `setContentType` | `string` | Changes the content-type header of the HTTP request/response to what is set here. This is useful in situations where an XSLT transformation is used to transform XML to JSON and the content-type should be changed from `application/xml` to `application/json`. If left empty, the content-type header remains unmodified by default. | -| `nonXmlTransform` | `bool` | This should be set to true if the content being transformed is not XML. For example, if the content being transformed is from JSON to XML, this should be set to true. XSLT transformations can only take valid XML as input to be transformed. If the body is not a valid XML (e.g. using JSON as input in a JSON-to-XML transformation), setting `non_xml_transform` to true will allow the XSLT to accept the non-XML input without throwing an error by passing the input as XML CDATA. defaults to false. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/upstream_wait/upstream_wait_filter.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/upstream_wait/upstream_wait_filter.proto.sk.md deleted file mode 100644 index 59f368869ac..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/upstream_wait/upstream_wait_filter.proto.sk.md +++ /dev/null @@ -1,43 +0,0 @@ - ---- -title: "upstream_wait_filter.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.filter.http.upstream_wait.v2` -#### Types: - - -- [UpstreamWaitFilterConfig](#upstreamwaitfilterconfig) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/upstream_wait/upstream_wait_filter.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/upstream_wait/upstream_wait_filter.proto) - - - - - ---- -### UpstreamWaitFilterConfig - - - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/waf/waf.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/waf/waf.proto.sk.md deleted file mode 100644 index e056e2ad55a..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/waf/waf.proto.sk.md +++ /dev/null @@ -1,160 +0,0 @@ - ---- -title: "waf.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.filter.http.modsecurity.v2` -#### Types: - - -- [AuditLogging](#auditlogging) -- [AuditLogAction](#auditlogaction) -- [AuditLogLocation](#auditloglocation) -- [ModSecurity](#modsecurity) -- [RuleSet](#ruleset) -- [ModSecurityPerRoute](#modsecurityperroute) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/waf/waf.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/waf/waf.proto) - - - - - ---- -### AuditLogging - - - -```yaml -"action": .envoy.config.filter.http.modsecurity.v2.AuditLogging.AuditLogAction -"location": .envoy.config.filter.http.modsecurity.v2.AuditLogging.AuditLogLocation - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `action` | [.envoy.config.filter.http.modsecurity.v2.AuditLogging.AuditLogAction](../waf.proto.sk/#auditlogaction) | | -| `location` | [.envoy.config.filter.http.modsecurity.v2.AuditLogging.AuditLogLocation](../waf.proto.sk/#auditloglocation) | | - - - - ---- -### AuditLogAction - - - -| Name | Description | -| ----- | ----------- | -| `NEVER` | Never generate audit logs. | -| `RELEVANT_ONLY` | When set to RELEVANT_ONLY, this will have similar behavior to `SecAuditEngine RelevantOnly`. | -| `ALWAYS` | Always generate an audit log entry (as long as the filter is not disabled). | - - - - ---- -### AuditLogLocation - - - -| Name | Description | -| ----- | ----------- | -| `FILTER_STATE` | Add the audit log to the filter state. it will be under the key "io.solo.modsecurity.audit_log". You can use this formatter in the access log: %FILTER_STATE(io.solo.modsecurity.audit_log)% | -| `DYNAMIC_METADATA` | Add the audit log to the dynamic metadata. it will be under the filter name "io.solo.filters.http.modsecurity". with "audit_log" as the key. You can use this formatter in the access log: %DYNAMIC_METADATA("io.solo.filters.http.modsecurity:audit_log")% | - - - - ---- -### ModSecurity - - - -```yaml -"disabled": bool -"ruleSets": []envoy.config.filter.http.modsecurity.v2.RuleSet -"customInterventionMessage": string -"auditLogging": .envoy.config.filter.http.modsecurity.v2.AuditLogging -"requestHeadersOnly": bool -"responseHeadersOnly": bool -"regressionLogs": bool -"dlpTransformation": .envoy.config.filter.http.transformation_ee.v2.DlpTransformation - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `disabled` | `bool` | Disable all rules on the current route. | -| `ruleSets` | [[]envoy.config.filter.http.modsecurity.v2.RuleSet](../waf.proto.sk/#ruleset) | Global rule sets for the current http connection manager. | -| `customInterventionMessage` | `string` | Custom message to display when an intervention occurs. | -| `auditLogging` | [.envoy.config.filter.http.modsecurity.v2.AuditLogging](../waf.proto.sk/#auditlogging) | This instructs the filter what to do with the transaction's audit log. | -| `requestHeadersOnly` | `bool` | If set, the body will not be buffered and fed to ModSecurity. Only the headers will. This can help improve performance. | -| `responseHeadersOnly` | `bool` | | -| `regressionLogs` | `bool` | log in a format suited for the OWASP regression tests. this format is a multiline log format, so it is disabled for regular use. do not enable this in production!. | -| `dlpTransformation` | [.envoy.config.filter.http.transformation_ee.v2.DlpTransformation](../../transformation_ee/transformation.proto.sk/#dlptransformation) | | - - - - ---- -### RuleSet - - - -```yaml -"ruleStr": string -"files": []string -"directory": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `ruleStr` | `string` | String of rules which are added directly. | -| `files` | `[]string` | Array of files with rules to include. Any subsequent changes to the rules in these files are not automatically updated. To update rules from files, version and update the file name. If you want dynamically updated rules, use the `configMapRuleSets` option instead. | -| `directory` | `string` | A directory to include. all *.conf files in this directory will be included. sub directories will NOT be checked. | - - - - ---- -### ModSecurityPerRoute - - - -```yaml -"disabled": bool -"ruleSets": []envoy.config.filter.http.modsecurity.v2.RuleSet -"customInterventionMessage": string -"auditLogging": .envoy.config.filter.http.modsecurity.v2.AuditLogging -"requestHeadersOnly": bool -"responseHeadersOnly": bool -"dlpTransformation": .envoy.config.filter.http.transformation_ee.v2.DlpTransformation - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `disabled` | `bool` | Disable all rules on the current route. | -| `ruleSets` | [[]envoy.config.filter.http.modsecurity.v2.RuleSet](../waf.proto.sk/#ruleset) | Overwrite the global rules on this route. | -| `customInterventionMessage` | `string` | Custom message to display when an intervention occurs. | -| `auditLogging` | [.envoy.config.filter.http.modsecurity.v2.AuditLogging](../waf.proto.sk/#auditlogging) | This instructs the filter what to do with the transaction's audit log. | -| `requestHeadersOnly` | `bool` | If set, the body will not be buffered and fed to ModSecurity. Only the headers will. This can help improve performance. | -| `responseHeadersOnly` | `bool` | | -| `dlpTransformation` | [.envoy.config.filter.http.transformation_ee.v2.DlpTransformation](../../transformation_ee/transformation.proto.sk/#dlptransformation) | | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/wasm/v3/wasm.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/wasm/v3/wasm.proto.sk.md deleted file mode 100644 index f70df564401..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/wasm/v3/wasm.proto.sk.md +++ /dev/null @@ -1,111 +0,0 @@ - ---- -title: "wasm.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.extensions.wasm.v3` -Copied from https://github.com/envoyproxy/envoy/blob/26eaa2e85cee69e5c32ab6bf4c5ae3d338fa462f/api/envoy/extensions/wasm/v3/wasm.proto - - - -#### Types: - - -- [VmConfig](#vmconfig) -- [PluginConfig](#pluginconfig) -- [WasmService](#wasmservice) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/wasm/v3/wasm.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/wasm/v3/wasm.proto) - - - - - ---- -### VmConfig - - -Configuration for a Wasm VM. -[#next-free-field: 7] - -```yaml -"vmId": string -"runtime": string -"code": .solo.io.envoy.config.core.v3.AsyncDataSource -"configuration": .google.protobuf.Any -"allowPrecompiled": bool -"nackOnCodeCacheMiss": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `vmId` | `string` | An ID which will be used along with a hash of the wasm code (or the name of the registered Null VM plugin) to determine which VM will be used for the plugin. All plugins which use the same *vm_id* and code will use the same VM. May be left blank. Sharing a VM between plugins can reduce memory utilization and make sharing of data easier which may have security implications. See ref: "TODO: add ref" for details. | -| `runtime` | `string` | The Wasm runtime type (either "v8" or "null" for code compiled into Envoy). | -| `code` | [.solo.io.envoy.config.core.v3.AsyncDataSource](../../../../config/core/v3/base.proto.sk/#asyncdatasource) | The Wasm code that Envoy will execute. | -| `configuration` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | The Wasm configuration used in initialization of a new VM (proxy_on_start). `google.protobuf.Struct` is serialized as JSON before passing it to the plugin. `google.protobuf.BytesValue` and `google.protobuf.StringValue` are passed directly without the wrapper. | -| `allowPrecompiled` | `bool` | Allow the wasm file to include pre-compiled code on VMs which support it. Warning: this should only be enable for trusted sources as the precompiled code is not verified. | -| `nackOnCodeCacheMiss` | `bool` | If true and the code needs to be remotely fetched and it is not in the cache then NACK the configuration update and do a background fetch to fill the cache, otherwise fetch the code asynchronously and enter warming state. | - - - - ---- -### PluginConfig - - -Base Configuration for Wasm Plugins e.g. filters and services. -[#next-free-field: 6] - -```yaml -"name": string -"rootId": string -"vmConfig": .solo.io.envoy.extensions.wasm.v3.VmConfig -"configuration": .google.protobuf.Any -"failOpen": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | A unique name for a filters/services in a VM for use in identifying the filter/service if multiple filters/services are handled by the same *vm_id* and *root_id* and for logging/debugging. | -| `rootId` | `string` | A unique ID for a set of filters/services in a VM which will share a RootContext and Contexts if applicable (e.g. an Wasm HttpFilter and an Wasm AccessLog). If left blank, all filters/services with a blank root_id with the same *vm_id* will share Context(s). | -| `vmConfig` | [.solo.io.envoy.extensions.wasm.v3.VmConfig](../wasm.proto.sk/#vmconfig) | | -| `configuration` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | Filter/service configuration used to configure or reconfigure a plugin (proxy_on_configuration). `google.protobuf.Struct` is serialized as JSON before passing it to the plugin. `google.protobuf.BytesValue` and `google.protobuf.StringValue` are passed directly without the wrapper. | -| `failOpen` | `bool` | If there is a fatal error on the VM (e.g. exception, abort(), on_start or on_configure return false), then all plugins associated with the VM will either fail closed (by default), e.g. by returning an HTTP 503 error, or fail open (if 'fail_open' is set to true) by bypassing the filter. Note: when on_start or on_configure return false during xDS updates the xDS configuration will be rejected and when on_start or on_configuration return false on initial startup the proxy will not start. | - - - - ---- -### WasmService - - -WasmService is configured as a built-in *envoy.wasm_service* :ref:`WasmService -` This opaque configuration will be used to create a Wasm Service. - -```yaml -"config": .solo.io.envoy.extensions.wasm.v3.PluginConfig -"singleton": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `config` | [.solo.io.envoy.extensions.wasm.v3.PluginConfig](../wasm.proto.sk/#pluginconfig) | General plugin configuration. | -| `singleton` | `bool` | If true, create a single VM rather than creating one VM per worker. Such a singleton can not be used with filters. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/xff_offset/solo_xff_offset_filter.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/xff_offset/solo_xff_offset_filter.proto.sk.md deleted file mode 100644 index 2a1cacb912b..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/xff_offset/solo_xff_offset_filter.proto.sk.md +++ /dev/null @@ -1,46 +0,0 @@ - ---- -title: "solo_xff_offset_filter.proto" -weight: 5 ---- - - - - -### Package: `envoy.config.filter.http.solo_xff_offset.v2` -#### Types: - - -- [SoloXffOffset](#soloxffoffset) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/extensions/xff_offset/solo_xff_offset_filter.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/extensions/xff_offset/solo_xff_offset_filter.proto) - - - - - ---- -### SoloXffOffset - - -Envoy filter configuration for the solo_xff_offset filter, not set by the user. - -```yaml -"offset": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `offset` | `int` | The amount of addresses from the left of x-forwarded-for (xff) header which should be skipped to get the client address. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/service/ext_proc/v3/external_processor.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/service/ext_proc/v3/external_processor.proto.sk.md deleted file mode 100644 index 06fa1253038..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/service/ext_proc/v3/external_processor.proto.sk.md +++ /dev/null @@ -1,362 +0,0 @@ - ---- -title: "external_processor.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.service.ext_proc.v3` -#### Types: - - -- [ProcessingRequest](#processingrequest) -- [ProcessingResponse](#processingresponse) -- [HttpHeaders](#httpheaders) -- [HttpBody](#httpbody) -- [HttpTrailers](#httptrailers) -- [HeadersResponse](#headersresponse) -- [TrailersResponse](#trailersresponse) -- [BodyResponse](#bodyresponse) -- [CommonResponse](#commonresponse) -- [ResponseStatus](#responsestatus) -- [ImmediateResponse](#immediateresponse) -- [GrpcStatus](#grpcstatus) -- [HeaderMutation](#headermutation) -- [BodyMutation](#bodymutation) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/service/ext_proc/v3/external_processor.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/service/ext_proc/v3/external_processor.proto) - - - - - ---- -### ProcessingRequest - - -This represents the different types of messages that Envoy can send -to an external processing server. -[#next-free-field: 11] - -```yaml -"requestHeaders": .solo.io.envoy.service.ext_proc.v3.HttpHeaders -"responseHeaders": .solo.io.envoy.service.ext_proc.v3.HttpHeaders -"requestBody": .solo.io.envoy.service.ext_proc.v3.HttpBody -"responseBody": .solo.io.envoy.service.ext_proc.v3.HttpBody -"requestTrailers": .solo.io.envoy.service.ext_proc.v3.HttpTrailers -"responseTrailers": .solo.io.envoy.service.ext_proc.v3.HttpTrailers -"metadataContext": .solo.io.envoy.config.core.v3.Metadata -"attributes": map -"observabilityMode": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `requestHeaders` | [.solo.io.envoy.service.ext_proc.v3.HttpHeaders](../external_processor.proto.sk/#httpheaders) | Information about the HTTP request headers, as well as peer info and additional properties. Unless `observability_mode` is `true`, the server must send back a HeaderResponse message, an ImmediateResponse message, or close the stream. Only one of `requestHeaders`, `responseHeaders`, `requestBody`, `responseBody`, `requestTrailers`, or `responseTrailers` can be set. | -| `responseHeaders` | [.solo.io.envoy.service.ext_proc.v3.HttpHeaders](../external_processor.proto.sk/#httpheaders) | Information about the HTTP response headers, as well as peer info and additional properties. Unless `observability_mode` is `true`, the server must send back a HeaderResponse message or close the stream. Only one of `responseHeaders`, `requestHeaders`, `requestBody`, `responseBody`, `requestTrailers`, or `responseTrailers` can be set. | -| `requestBody` | [.solo.io.envoy.service.ext_proc.v3.HttpBody](../external_processor.proto.sk/#httpbody) | A chunk of the HTTP request body. Unless `observability_mode` is true, the server must send back a BodyResponse message, an ImmediateResponse message, or close the stream. Only one of `requestBody`, `requestHeaders`, `responseHeaders`, `responseBody`, `requestTrailers`, or `responseTrailers` can be set. | -| `responseBody` | [.solo.io.envoy.service.ext_proc.v3.HttpBody](../external_processor.proto.sk/#httpbody) | A chunk of the HTTP response body. Unless `observability_mode` is `true`, the server must send back a BodyResponse message or close the stream. Only one of `responseBody`, `requestHeaders`, `responseHeaders`, `requestBody`, `requestTrailers`, or `responseTrailers` can be set. | -| `requestTrailers` | [.solo.io.envoy.service.ext_proc.v3.HttpTrailers](../external_processor.proto.sk/#httptrailers) | The HTTP trailers for the request path. Unless `observability_mode` is `true`, the server must send back a TrailerResponse message or close the stream. This message is only sent if the trailers processing mode is set to `SEND` and the original downstream request has trailers. Only one of `requestTrailers`, `requestHeaders`, `responseHeaders`, `requestBody`, `responseBody`, or `responseTrailers` can be set. | -| `responseTrailers` | [.solo.io.envoy.service.ext_proc.v3.HttpTrailers](../external_processor.proto.sk/#httptrailers) | The HTTP trailers for the response path. Unless `observability_mode` is `true`, the server must send back a TrailerResponse message or close the stream. This message is only sent if the trailers processing mode is set to `SEND` and the original upstream response has trailers. Only one of `responseTrailers`, `requestHeaders`, `responseHeaders`, `requestBody`, `responseBody`, or `requestTrailers` can be set. | -| `metadataContext` | [.solo.io.envoy.config.core.v3.Metadata](../../../../config/core/v3/base.proto.sk/#metadata) | Dynamic metadata associated with the request. | -| `attributes` | `map` | The values of properties selected by the `request_attributes` or `response_attributes` list in the configuration. Each entry in the list is populated from the standard attributes supported across Envoy. | -| `observabilityMode` | `bool` | Specify whether the filter that sent this request is running in :ref:`observability_mode ` and defaults to false. * A value of `false` indicates that the server must respond to this message by either sending back a matching ProcessingResponse message, or by closing the stream. * A value of `true` indicates that the server should not respond to this message, as any responses will be ignored. However, it may still close the stream to indicate that no more messages are needed. | - - - - ---- -### ProcessingResponse - - -For every ProcessingRequest received by the server with the `observability_mode` field -set to false, the server must send back exactly one ProcessingResponse message. -[#next-free-field: 11] - -```yaml -"requestHeaders": .solo.io.envoy.service.ext_proc.v3.HeadersResponse -"responseHeaders": .solo.io.envoy.service.ext_proc.v3.HeadersResponse -"requestBody": .solo.io.envoy.service.ext_proc.v3.BodyResponse -"responseBody": .solo.io.envoy.service.ext_proc.v3.BodyResponse -"requestTrailers": .solo.io.envoy.service.ext_proc.v3.TrailersResponse -"responseTrailers": .solo.io.envoy.service.ext_proc.v3.TrailersResponse -"immediateResponse": .solo.io.envoy.service.ext_proc.v3.ImmediateResponse -"dynamicMetadata": .google.protobuf.Struct -"modeOverride": .solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode -"overrideMessageTimeout": .google.protobuf.Duration - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `requestHeaders` | [.solo.io.envoy.service.ext_proc.v3.HeadersResponse](../external_processor.proto.sk/#headersresponse) | The server must send back this message in response to a message with the `request_headers` field set. Only one of `requestHeaders`, `responseHeaders`, `requestBody`, `responseBody`, `requestTrailers`, `responseTrailers`, or `immediateResponse` can be set. | -| `responseHeaders` | [.solo.io.envoy.service.ext_proc.v3.HeadersResponse](../external_processor.proto.sk/#headersresponse) | The server must send back this message in response to a message with the `response_headers` field set. Only one of `responseHeaders`, `requestHeaders`, `requestBody`, `responseBody`, `requestTrailers`, `responseTrailers`, or `immediateResponse` can be set. | -| `requestBody` | [.solo.io.envoy.service.ext_proc.v3.BodyResponse](../external_processor.proto.sk/#bodyresponse) | The server must send back this message in response to a message with the `request_body` field set. Only one of `requestBody`, `requestHeaders`, `responseHeaders`, `responseBody`, `requestTrailers`, `responseTrailers`, or `immediateResponse` can be set. | -| `responseBody` | [.solo.io.envoy.service.ext_proc.v3.BodyResponse](../external_processor.proto.sk/#bodyresponse) | The server must send back this message in response to a message with the `response_body` field set. Only one of `responseBody`, `requestHeaders`, `responseHeaders`, `requestBody`, `requestTrailers`, `responseTrailers`, or `immediateResponse` can be set. | -| `requestTrailers` | [.solo.io.envoy.service.ext_proc.v3.TrailersResponse](../external_processor.proto.sk/#trailersresponse) | The server must send back this message in response to a message with the `request_trailers` field set. Only one of `requestTrailers`, `requestHeaders`, `responseHeaders`, `requestBody`, `responseBody`, `responseTrailers`, or `immediateResponse` can be set. | -| `responseTrailers` | [.solo.io.envoy.service.ext_proc.v3.TrailersResponse](../external_processor.proto.sk/#trailersresponse) | The server must send back this message in response to a message with the `response_trailers` field set. Only one of `responseTrailers`, `requestHeaders`, `responseHeaders`, `requestBody`, `responseBody`, `requestTrailers`, or `immediateResponse` can be set. | -| `immediateResponse` | [.solo.io.envoy.service.ext_proc.v3.ImmediateResponse](../external_processor.proto.sk/#immediateresponse) | If specified, attempt to create a locally generated response, send it downstream, and stop processing additional filters and ignore any additional messages received from the remote server for this request or response. If a response has already started -- for example, if this message is sent response to a `response_body` message -- then this will either ship the reply directly to the downstream codec, or reset the stream. Only one of `immediateResponse`, `requestHeaders`, `responseHeaders`, `requestBody`, `responseBody`, `requestTrailers`, or `responseTrailers` can be set. | -| `dynamicMetadata` | [.google.protobuf.Struct](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/struct) | Optional metadata that will be emitted as dynamic metadata to be consumed by following filters. This metadata will be placed in the namespace(s) specified by the top-level field name(s) of the struct. | -| `modeOverride` | [.solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode](../../../../extensions/filters/http/ext_proc/v3/processing_mode.proto.sk/#processingmode) | Override how parts of the HTTP request and response are processed for the duration of this particular request/response only. Servers may use this to intelligently control how requests are processed based on the headers and other metadata that they see. This field is only applicable when servers responding to the header requests. If it is set in the response to the body or trailer requests, it will be ignored by Envoy. It is also ignored by Envoy when the ext_proc filter config :ref:`allow_mode_override ` is set to false. | -| `overrideMessageTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | When ext_proc server receives a request message, in case it needs more time to process the message, it sends back a ProcessingResponse message with a new timeout value. When Envoy receives this response message, it ignores other fields in the response, just stop the original timer, which has the timeout value specified in :ref:`message_timeout ` and start a new timer with this `override_message_timeout` value and keep the Envoy ext_proc filter state machine intact. Has to be >= 1ms and <= :ref:`max_message_timeout ` Such message can be sent at most once in a particular Envoy ext_proc filter processing state. To enable this API, one has to set `max_message_timeout` to a number >= 1ms. | - - - - ---- -### HttpHeaders - - -This message is sent to the external server when the HTTP request and responses -are first received. - -```yaml -"headers": .solo.io.envoy.config.core.v3.HeaderMap -"attributes": map -"endOfStream": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `headers` | [.solo.io.envoy.config.core.v3.HeaderMap](../../../../config/core/v3/base.proto.sk/#headermap) | The HTTP request headers. All header keys will be lower-cased, because HTTP header keys are case-insensitive. The `headers` encoding is based on the runtime guard envoy_reloadable_features_send_header_raw_value setting. When it is true, the header value is encoded in the raw_value field. When it is false, the header value is encoded in the value field. | -| `attributes` | `map` | [#not-implemented-hide:] This field is deprecated and not implemented. Attributes will be sent in the top-level :ref:`attributes ` is set to CONTINUE_AND_REPLACE. | -| `trailers` | [.solo.io.envoy.config.core.v3.HeaderMap](../../../../config/core/v3/base.proto.sk/#headermap) | [#not-implemented-hide:] Add new trailers to the message. This may be used when responding to either a HttpHeaders or HttpBody message, but only if this message is returned along with the CONTINUE_AND_REPLACE status. The `trailers` encoding is based on the runtime guard envoy_reloadable_features_send_header_raw_value setting. When it is true, the header value is encoded in the raw_value field. When it is false, the header value is encoded in the value field. | -| `clearRouteCache` | `bool` | Clear the route cache for the current client request. This is necessary if the remote server modified headers that are used to calculate the route. This field is ignored in the response direction. This field is also ignored if the Envoy ext_proc filter is in the upstream filter chain. | - - - - ---- -### ResponseStatus - - - -| Name | Description | -| ----- | ----------- | -| `CONTINUE` | Apply the mutation instructions in this message to the request or response, and then continue processing the filter stream as normal. This is the default. | -| `CONTINUE_AND_REPLACE` | Apply the specified header mutation, replace the body with the body specified in the body mutation (if present), and do not send any further messages for this request or response even if the processing mode is configured to do so. When used in response to a request_headers or response_headers message, this status makes it possible to either completely replace the body while discarding the original body, or to add a body to a message that formerly did not have one. In other words, this response makes it possible to turn an HTTP GET into a POST, PUT, or PATCH. | - - - - ---- -### ImmediateResponse - - -This message causes the filter to attempt to create a locally -generated response, send it downstream, stop processing -additional filters, and ignore any additional messages received -from the remote server for this request or response. If a response -has already started, then this will either ship the reply directly -to the downstream codec, or reset the stream. -[#next-free-field: 6] - -```yaml -"status": .solo.io.envoy.type.v3.HttpStatus -"headers": .solo.io.envoy.service.ext_proc.v3.HeaderMutation -"body": bytes -"grpcStatus": .solo.io.envoy.service.ext_proc.v3.GrpcStatus -"details": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `status` | [.solo.io.envoy.type.v3.HttpStatus](../../../../type/v3/http_status.proto.sk/#httpstatus) | The response code to return. | -| `headers` | [.solo.io.envoy.service.ext_proc.v3.HeaderMutation](../external_processor.proto.sk/#headermutation) | Apply changes to the default headers, which will include content-type. | -| `body` | `bytes` | The message body to return with the response which is sent using the text/plain content type, or encoded in the grpc-message header. | -| `grpcStatus` | [.solo.io.envoy.service.ext_proc.v3.GrpcStatus](../external_processor.proto.sk/#grpcstatus) | If set, then include a gRPC status trailer. | -| `details` | `string` | A string detailing why this local reply was sent, which may be included in log and debug output (e.g. this populates the %RESPONSE_CODE_DETAILS% command operator field for use in access logging). | - - - - ---- -### GrpcStatus - - -This message specifies a gRPC status for an ImmediateResponse message. - -```yaml -"status": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `status` | `int` | The actual gRPC status. | - - - - ---- -### HeaderMutation - - -Change HTTP headers or trailers by appending, replacing, or removing -headers. - -```yaml -"setHeaders": []solo.io.envoy.config.core.v3.HeaderValueOption -"removeHeaders": []string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `setHeaders` | [[]solo.io.envoy.config.core.v3.HeaderValueOption](../../../../config/core/v3/base.proto.sk/#headervalueoption) | Add or replace HTTP headers. Attempts to set the value of any `x-envoy` header, and attempts to set the `:method`, `:authority`, `:scheme`, or `host` headers will be ignored. The `set_headers` encoding is based on the runtime guard envoy_reloadable_features_send_header_raw_value setting. When it is true, the header value is encoded in the raw_value field. When it is false, the header value is encoded in the value field. | -| `removeHeaders` | `[]string` | Remove these HTTP headers. Attempts to remove system headers -- any header starting with `:`, plus `host` -- will be ignored. | - - - - ---- -### BodyMutation - - -Replace the entire message body chunk received in the corresponding -HttpBody message with this new body, or clear the body. - -```yaml -"body": bytes -"clearBody": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `body` | `bytes` | The entire body to replace. Only one of `body` or `clearBody` can be set. | -| `clearBody` | `bool` | Clear the corresponding body chunk. Only one of `clearBody` or `body` can be set. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/matcher/v3/regex.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/matcher/v3/regex.proto.sk.md deleted file mode 100644 index b21f7570e87..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/matcher/v3/regex.proto.sk.md +++ /dev/null @@ -1,101 +0,0 @@ - ---- -title: "regex.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.type.matcher.v3` -#### Types: - - -- [RegexMatcher](#regexmatcher) -- [GoogleRE2](#googlere2) -- [RegexMatchAndSubstitute](#regexmatchandsubstitute) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/matcher/v3/regex.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/type/matcher/v3/regex.proto) - - - - - ---- -### RegexMatcher - - -A regex matcher designed for safety when used with untrusted input. - -```yaml -"googleRe2": .solo.io.envoy.type.matcher.v3.RegexMatcher.GoogleRE2 -"regex": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `googleRe2` | [.solo.io.envoy.type.matcher.v3.RegexMatcher.GoogleRE2](../regex.proto.sk/#googlere2) | Google's RE2 regex engine. | -| `regex` | `string` | The regex match string. The string must be supported by the configured engine. | - - - - ---- -### GoogleRE2 - - -Google's [RE2](https://github.com/google/re2) regex engine. The regex string must adhere to -the documented [syntax](https://github.com/google/re2/wiki/Syntax). The engine is designed -to complete execution in linear time as well as limit the amount of memory used. - -Envoy supports program size checking via runtime. The runtime keys `re2.max_program_size.error_level` -and `re2.max_program_size.warn_level` can be set to integers as the maximum program size or -complexity that a compiled regex can have before an exception is thrown or a warning is -logged, respectively. `re2.max_program_size.error_level` defaults to 100, and -`re2.max_program_size.warn_level` has no default if unset (will not check/log a warning). - -Envoy emits two stats for tracking the program size of regexes: the histogram `re2.program_size`, -which records the program size, and the counter `re2.exceeded_warn_level`, which is incremented -each time the program size exceeds the warn level threshold. - -```yaml -"maxProgramSize": .google.protobuf.UInt32Value - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `maxProgramSize` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | This field controls the RE2 "program size" which is a rough estimate of how complex a compiled regex is to evaluate. A regex that has a program size greater than the configured value will fail to compile. In this case, the configured max program size can be increased or the regex can be simplified. If not specified, the default is 100. This field is deprecated; regexp validation should be performed on the management server instead of being done by each individual client. | - - - - ---- -### RegexMatchAndSubstitute - - -Describes how to match a string and then produce a new string using a regular -expression and a substitution string. - -```yaml -"pattern": .solo.io.envoy.type.matcher.v3.RegexMatcher -"substitution": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `pattern` | [.solo.io.envoy.type.matcher.v3.RegexMatcher](../regex.proto.sk/#regexmatcher) | The regular expression used to find portions of a string (hereafter called the "subject string") that should be replaced. When a new string is produced during the substitution operation, the new string is initially the same as the subject string, but then all matches in the subject string are replaced by the substitution string. If replacing all matches isn't desired, regular expression anchors can be used to ensure a single match, so as to replace just one occurrence of a pattern. Capture groups can be used in the pattern to extract portions of the subject string, and then referenced in the substitution string. | -| `substitution` | `string` | The string that should be substituted into matching portions of the subject string during a substitution operation to produce a new string. Capture groups in the pattern can be referenced in the substitution string. Note, however, that the syntax for referring to capture groups is defined by the chosen regular expression engine. Google's [RE2](https://github.com/google/re2) regular expression engine uses a backslash followed by the capture group number to denote a numbered capture group. E.g., `\1` refers to capture group 1, and `\2` refers to capture group 2. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/matcher/v3/string.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/matcher/v3/string.proto.sk.md deleted file mode 100644 index 080f67510d9..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/matcher/v3/string.proto.sk.md +++ /dev/null @@ -1,74 +0,0 @@ - ---- -title: "string.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.type.matcher.v3` -#### Types: - - -- [StringMatcher](#stringmatcher) -- [ListStringMatcher](#liststringmatcher) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/matcher/v3/string.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/type/matcher/v3/string.proto) - - - - - ---- -### StringMatcher - - -Specifies the way to match a string. -[#next-free-field: 7] - -```yaml -"exact": string -"prefix": string -"suffix": string -"safeRegex": .solo.io.envoy.type.matcher.v3.RegexMatcher -"ignoreCase": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `exact` | `string` | The input string must match exactly the string specified here. Examples: * *abc* only matches the value *abc*. Only one of `exact`, `prefix`, `suffix`, or `safeRegex` can be set. | -| `prefix` | `string` | The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * *abc* matches the value *abc.xyz*. Only one of `prefix`, `exact`, `suffix`, or `safeRegex` can be set. | -| `suffix` | `string` | The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * *abc* matches the value *xyz.abc*. Only one of `suffix`, `exact`, `prefix`, or `safeRegex` can be set. | -| `safeRegex` | [.solo.io.envoy.type.matcher.v3.RegexMatcher](../regex.proto.sk/#regexmatcher) | The input string must match the regular expression specified here. Only one of `safeRegex`, `exact`, `prefix`, or `suffix` can be set. | -| `ignoreCase` | `bool` | If true, indicates the exact/prefix/suffix matching should be case insensitive. This has no effect for the safe_regex match. For example, the matcher *data* will match both input string *Data* and *data* if set to true. | - - - - ---- -### ListStringMatcher - - -Specifies a list of ways to match a string. - -```yaml -"patterns": []solo.io.envoy.type.matcher.v3.StringMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `patterns` | [[]solo.io.envoy.type.matcher.v3.StringMatcher](../string.proto.sk/#stringmatcher) | | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/metadata/v3/metadata.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/metadata/v3/metadata.proto.sk.md deleted file mode 100644 index 7f3d9898d03..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/metadata/v3/metadata.proto.sk.md +++ /dev/null @@ -1,183 +0,0 @@ - ---- -title: "metadata.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.type.metadata.v3` -#### Types: - - -- [MetadataKey](#metadatakey) -- [PathSegment](#pathsegment) -- [MetadataKind](#metadatakind) -- [Request](#request) -- [Route](#route) -- [Cluster](#cluster) -- [Host](#host) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/metadata/v3/metadata.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/type/metadata/v3/metadata.proto) - - - - - ---- -### MetadataKey - - -MetadataKey provides a general interface using `key` and `path` to retrieve value from -Metadata. - -For example, for the following Metadata: - -.. code-block:: yaml - - filter_metadata: - envoy.xxx: - prop: - foo: bar - xyz: - hello: envoy - -The following MetadataKey will retrieve a string value "bar" from the Metadata. - -.. code-block:: yaml - - key: envoy.xxx - path: - - key: prop - - key: foo - -```yaml -"key": string -"path": []solo.io.envoy.type.metadata.v3.MetadataKey.PathSegment - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `key` | `string` | The key name of Metadata to retrieve the Struct from the metadata. Typically, it represents a builtin subsystem or custom extension. | -| `path` | [[]solo.io.envoy.type.metadata.v3.MetadataKey.PathSegment](../metadata.proto.sk/#pathsegment) | The path to retrieve the Value from the Struct. It can be a prefix or a full path, e.g. `[prop, xyz]` for a struct or `[prop, foo]` for a string in the example, which depends on the particular scenario. Note: Due to that only the key type segment is supported, the path can not specify a list unless the list is the last segment. | - - - - ---- -### PathSegment - - -Specifies the segment in a path to retrieve value from Metadata. -Currently it is only supported to specify the key, i.e. field name, as one segment of a path. - -```yaml -"key": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `key` | `string` | If specified, use the key to retrieve the value in a Struct. | - - - - ---- -### MetadataKind - - -Describes what kind of metadata. - -```yaml -"request": .solo.io.envoy.type.metadata.v3.MetadataKind.Request -"route": .solo.io.envoy.type.metadata.v3.MetadataKind.Route -"cluster": .solo.io.envoy.type.metadata.v3.MetadataKind.Cluster -"host": .solo.io.envoy.type.metadata.v3.MetadataKind.Host - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `request` | [.solo.io.envoy.type.metadata.v3.MetadataKind.Request](../metadata.proto.sk/#request) | Request kind of metadata. Only one of `request`, `route`, `cluster`, or `host` can be set. | -| `route` | [.solo.io.envoy.type.metadata.v3.MetadataKind.Route](../metadata.proto.sk/#route) | Route kind of metadata. Only one of `route`, `request`, `cluster`, or `host` can be set. | -| `cluster` | [.solo.io.envoy.type.metadata.v3.MetadataKind.Cluster](../metadata.proto.sk/#cluster) | Cluster kind of metadata. Only one of `cluster`, `request`, `route`, or `host` can be set. | -| `host` | [.solo.io.envoy.type.metadata.v3.MetadataKind.Host](../metadata.proto.sk/#host) | Host kind of metadata. Only one of `host`, `request`, `route`, or `cluster` can be set. | - - - - ---- -### Request - - -Represents dynamic metadata associated with the request. - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### Route - - -Represents metadata from :ref:`the route`. - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### Cluster - - -Represents metadata from :ref:`the upstream cluster`. - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - ---- -### Host - - -Represents metadata from :ref:`the upstream -host`. - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/range.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/range.proto.sk.md deleted file mode 100644 index 7232b0eb14a..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/range.proto.sk.md +++ /dev/null @@ -1,71 +0,0 @@ - ---- -title: "range.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.type` -#### Types: - - -- [Int64Range](#int64range) -- [DoubleRange](#doublerange) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/range.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/type/range.proto) - - - - - ---- -### Int64Range - - -Specifies the int64 start and end of the range using half-open interval semantics [start, -end). - -```yaml -"start": int -"end": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `start` | `int` | start of the range (inclusive). | -| `end` | `int` | end of the range (exclusive). | - - - - ---- -### DoubleRange - - -Specifies the double start and end of the range using half-open interval semantics [start, -end). - -```yaml -"start": float -"end": float - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `start` | `float` | start of the range (inclusive). | -| `end` | `float` | end of the range (exclusive). | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/tracing/v3/custom_tag.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/tracing/v3/custom_tag.proto.sk.md deleted file mode 100644 index f3e866e97d8..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/tracing/v3/custom_tag.proto.sk.md +++ /dev/null @@ -1,143 +0,0 @@ - ---- -title: "custom_tag.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.type.tracing.v3` -#### Types: - - -- [CustomTag](#customtag) -- [Literal](#literal) -- [Environment](#environment) -- [Header](#header) -- [Metadata](#metadata) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/tracing/v3/custom_tag.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/type/tracing/v3/custom_tag.proto) - - - - - ---- -### CustomTag - - -Describes custom tags for the active span. -[#next-free-field: 6] - -```yaml -"tag": string -"literal": .solo.io.envoy.type.tracing.v3.CustomTag.Literal -"environment": .solo.io.envoy.type.tracing.v3.CustomTag.Environment -"requestHeader": .solo.io.envoy.type.tracing.v3.CustomTag.Header -"metadata": .solo.io.envoy.type.tracing.v3.CustomTag.Metadata - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `tag` | `string` | Used to populate the tag name. | -| `literal` | [.solo.io.envoy.type.tracing.v3.CustomTag.Literal](../custom_tag.proto.sk/#literal) | A literal custom tag. Only one of `literal`, `environment`, `requestHeader`, or `metadata` can be set. | -| `environment` | [.solo.io.envoy.type.tracing.v3.CustomTag.Environment](../custom_tag.proto.sk/#environment) | An environment custom tag. Only one of `environment`, `literal`, `requestHeader`, or `metadata` can be set. | -| `requestHeader` | [.solo.io.envoy.type.tracing.v3.CustomTag.Header](../custom_tag.proto.sk/#header) | A request header custom tag. Only one of `requestHeader`, `literal`, `environment`, or `metadata` can be set. | -| `metadata` | [.solo.io.envoy.type.tracing.v3.CustomTag.Metadata](../custom_tag.proto.sk/#metadata) | A custom tag to obtain tag value from the metadata. Only one of `metadata`, `literal`, `environment`, or `requestHeader` can be set. | - - - - ---- -### Literal - - -Literal type custom tag with static value for the tag value. - -```yaml -"value": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `value` | `string` | Static literal value to populate the tag value. | - - - - ---- -### Environment - - -Environment type custom tag with environment name and default value. - -```yaml -"name": string -"defaultValue": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | Environment variable name to obtain the value to populate the tag value. | -| `defaultValue` | `string` | When the environment variable is not found, the tag value will be populated with this default value if specified, otherwise no tag will be populated. | - - - - ---- -### Header - - -Header type custom tag with header name and default value. - -```yaml -"name": string -"defaultValue": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | Header name to obtain the value to populate the tag value. | -| `defaultValue` | `string` | When the header does not exist, the tag value will be populated with this default value if specified, otherwise no tag will be populated. | - - - - ---- -### Metadata - - -Metadata type custom tag using -MetadataKey to retrieve the protobuf value -from Metadata, and populate the tag value with -[the canonical JSON](https://developers.google.com/protocol-buffers/docs/proto3#json) -representation of it. - -```yaml -"kind": .solo.io.envoy.type.metadata.v3.MetadataKind -"metadataKey": .solo.io.envoy.type.metadata.v3.MetadataKey -"defaultValue": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `kind` | [.solo.io.envoy.type.metadata.v3.MetadataKind](../../../metadata/v3/metadata.proto.sk/#metadatakind) | Specify what kind of metadata to obtain tag value from. | -| `metadataKey` | [.solo.io.envoy.type.metadata.v3.MetadataKey](../../../metadata/v3/metadata.proto.sk/#metadatakey) | Metadata key to define the path to retrieve the tag value. | -| `defaultValue` | `string` | When no valid metadata is found, the tag value would be populated with this default value if specified, otherwise no tag would be populated. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/http.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/http.proto.sk.md deleted file mode 100644 index a2a15b80993..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/http.proto.sk.md +++ /dev/null @@ -1,38 +0,0 @@ - ---- -title: "http.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.type.v3` - -##### Enums: - - - - [CodecClientType](#codecclienttype) - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/http.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/type/v3/http.proto) - - - - - -### CodecClientType - -Description: - -| Name | Description | -| ----- | ----------- | -| HTTP1 | | -| HTTP2 | | -| HTTP3 | [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient to distinguish HTTP1 and HTTP2 traffic. | - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/http_status.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/http_status.proto.sk.md deleted file mode 100644 index 8d817e06fb9..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/http_status.proto.sk.md +++ /dev/null @@ -1,118 +0,0 @@ - ---- -title: "http_status.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.type.v3` -#### Types: - - -- [HttpStatus](#httpstatus) - - - - -##### Enums: - - - - [StatusCode](#statuscode) - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/http_status.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/type/v3/http_status.proto) - - - - - ---- -### HttpStatus - - -HTTP status. - -```yaml -"code": .solo.io.envoy.type.v3.StatusCode - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `code` | [.solo.io.envoy.type.v3.StatusCode](../http_status.proto.sk/#statuscode) | Supplies HTTP response code. | - - - - -### StatusCode - -Description: HTTP response codes supported in Envoy. -For more details: https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml - -| Name | Description | -| ----- | ----------- | -| Empty | Empty - This code not part of the HTTP status code specification, but it is needed for proto `enum` type. | -| Continue | | -| OK | | -| Created | | -| Accepted | | -| NonAuthoritativeInformation | | -| NoContent | | -| ResetContent | | -| PartialContent | | -| MultiStatus | | -| AlreadyReported | | -| IMUsed | | -| MultipleChoices | | -| MovedPermanently | | -| Found | | -| SeeOther | | -| NotModified | | -| UseProxy | | -| TemporaryRedirect | | -| PermanentRedirect | | -| BadRequest | | -| Unauthorized | | -| PaymentRequired | | -| Forbidden | | -| NotFound | | -| MethodNotAllowed | | -| NotAcceptable | | -| ProxyAuthenticationRequired | | -| RequestTimeout | | -| Conflict | | -| Gone | | -| LengthRequired | | -| PreconditionFailed | | -| PayloadTooLarge | | -| URITooLong | | -| UnsupportedMediaType | | -| RangeNotSatisfiable | | -| ExpectationFailed | | -| MisdirectedRequest | | -| UnprocessableEntity | | -| Locked | | -| FailedDependency | | -| UpgradeRequired | | -| PreconditionRequired | | -| TooManyRequests | | -| RequestHeaderFieldsTooLarge | | -| InternalServerError | | -| NotImplemented | | -| BadGateway | | -| ServiceUnavailable | | -| GatewayTimeout | | -| HTTPVersionNotSupported | | -| VariantAlsoNegotiates | | -| InsufficientStorage | | -| LoopDetected | | -| NotExtended | | -| NetworkAuthenticationRequired | | - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/percent.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/percent.proto.sk.md deleted file mode 100644 index 5eb7afb180b..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/percent.proto.sk.md +++ /dev/null @@ -1,88 +0,0 @@ - ---- -title: "percent.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.type.v3` -#### Types: - - -- [Percent](#percent) -- [FractionalPercent](#fractionalpercent) -- [DenominatorType](#denominatortype) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/percent.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/type/v3/percent.proto) - - - - - ---- -### Percent - - -Identifies a percentage, in the range [0.0, 100.0]. - -```yaml -"value": float - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `value` | `float` | | - - - - ---- -### FractionalPercent - - -A fractional percentage is used in cases in which for performance reasons performing floating -point to integer conversions during randomness calculations is undesirable. The message includes -both a numerator and denominator that together determine the final fractional value. - -* **Example**: 1/100 = 1%. -* **Example**: 3/10000 = 0.03%. - -```yaml -"numerator": int -"denominator": .solo.io.envoy.type.v3.FractionalPercent.DenominatorType - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `numerator` | `int` | Specifies the numerator. Defaults to 0. | -| `denominator` | [.solo.io.envoy.type.v3.FractionalPercent.DenominatorType](../percent.proto.sk/#denominatortype) | Specifies the denominator. If the denominator specified is less than the numerator, the final fractional percentage is capped at 1 (100%). | - - - - ---- -### DenominatorType - - -Fraction percentages support several fixed denominator values. - -| Name | Description | -| ----- | ----------- | -| `HUNDRED` | 100. **Example**: 1/100 = 1%. | -| `TEN_THOUSAND` | 10,000. **Example**: 1/10000 = 0.01%. | -| `MILLION` | 1,000,000. **Example**: 1/1000000 = 0.0001%. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/range.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/range.proto.sk.md deleted file mode 100644 index 5ed220509f6..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/range.proto.sk.md +++ /dev/null @@ -1,93 +0,0 @@ - ---- -title: "range.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.type.v3` -#### Types: - - -- [Int64Range](#int64range) -- [Int32Range](#int32range) -- [DoubleRange](#doublerange) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/range.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/type/v3/range.proto) - - - - - ---- -### Int64Range - - -Specifies the int64 start and end of the range using half-open interval semantics [start, -end). - -```yaml -"start": int -"end": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `start` | `int` | start of the range (inclusive). | -| `end` | `int` | end of the range (exclusive). | - - - - ---- -### Int32Range - - -Specifies the int32 start and end of the range using half-open interval semantics [start, -end). - -```yaml -"start": int -"end": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `start` | `int` | start of the range (inclusive). | -| `end` | `int` | end of the range (exclusive). | - - - - ---- -### DoubleRange - - -Specifies the double start and end of the range using half-open interval semantics [start, -end). - -```yaml -"start": float -"end": float - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `start` | `float` | start of the range (inclusive). | -| `end` | `float` | end of the range (exclusive). | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/semantic_version.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/semantic_version.proto.sk.md deleted file mode 100644 index 47d872d97b6..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/semantic_version.proto.sk.md +++ /dev/null @@ -1,52 +0,0 @@ - ---- -title: "semantic_version.proto" -weight: 5 ---- - - - - -### Package: `solo.io.envoy.type.v3` -#### Types: - - -- [SemanticVersion](#semanticversion) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/envoy/type/v3/semantic_version.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/envoy/type/v3/semantic_version.proto) - - - - - ---- -### SemanticVersion - - -Envoy uses SemVer (https://semver.org/). Major/minor versions indicate -expected behaviors and APIs, the patch version field is used only -for security fixes and can be generally ignored. - -```yaml -"majorNumber": int -"minorNumber": int -"patch": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `majorNumber` | `int` | | -| `minorNumber` | `int` | | -| `patch` | `int` | | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/migrate.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/migrate.proto.sk.md deleted file mode 100644 index 9b3554d2e66..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/migrate.proto.sk.md +++ /dev/null @@ -1,83 +0,0 @@ - ---- -title: "migrate.proto" -weight: 5 ---- - - - - -### Package: `solo.io.udpa.annotations` -#### Types: - - -- [MigrateAnnotation](#migrateannotation) -- [FieldMigrateAnnotation](#fieldmigrateannotation) -- [FileMigrateAnnotation](#filemigrateannotation) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/migrate.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/udpa/annotations/migrate.proto) - - - - - ---- -### MigrateAnnotation - - - -```yaml -"rename": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `rename` | `string` | Rename the message/enum/enum value in next version. | - - - - ---- -### FieldMigrateAnnotation - - - -```yaml -"rename": string -"oneofPromotion": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `rename` | `string` | Rename the field in next version. | -| `oneofPromotion` | `string` | Add the field to a named oneof in next version. If this already exists, the field will join its siblings under the oneof, otherwise a new oneof will be created with the given name. | - - - - ---- -### FileMigrateAnnotation - - - -```yaml -"moveToPackage": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `moveToPackage` | `string` | Move all types in the file to another package, this implies changing proto file path. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/sensitive.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/sensitive.proto.sk.md deleted file mode 100644 index 5bd370a4afa..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/sensitive.proto.sk.md +++ /dev/null @@ -1,21 +0,0 @@ - ---- -title: "sensitive.proto" -weight: 5 ---- - - - - -### Package: `solo.io.udpa.annotations` - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/sensitive.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/udpa/annotations/sensitive.proto) - - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/status.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/status.proto.sk.md deleted file mode 100644 index 5044bc5ab9f..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/status.proto.sk.md +++ /dev/null @@ -1,65 +0,0 @@ - ---- -title: "status.proto" -weight: 5 ---- - - - - -### Package: `solo.io.udpa.annotations` -#### Types: - - -- [StatusAnnotation](#statusannotation) - - - - -##### Enums: - - - - [PackageVersionStatus](#packageversionstatus) - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/status.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/udpa/annotations/status.proto) - - - - - ---- -### StatusAnnotation - - - -```yaml -"workInProgress": bool -"packageVersionStatus": .solo.io.udpa.annotations.PackageVersionStatus - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `workInProgress` | `bool` | The entity is work-in-progress and subject to breaking changes. | -| `packageVersionStatus` | [.solo.io.udpa.annotations.PackageVersionStatus](../status.proto.sk/#packageversionstatus) | The entity belongs to a package with the given version status. | - - - - -### PackageVersionStatus - -Description: - -| Name | Description | -| ----- | ----------- | -| UNKNOWN | Unknown package version status. | -| FROZEN | This version of the package is frozen. | -| ACTIVE | This version of the package is the active development version. | -| NEXT_MAJOR_VERSION_CANDIDATE | This version of the package is the candidate for the next major version. It is typically machine generated from the active development version. | - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/versioning.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/versioning.proto.sk.md deleted file mode 100644 index 12c8f7ce83b..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/versioning.proto.sk.md +++ /dev/null @@ -1,45 +0,0 @@ - ---- -title: "versioning.proto" -weight: 5 ---- - - - - -### Package: `solo.io.udpa.annotations` -#### Types: - - -- [VersioningAnnotation](#versioningannotation) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/udpa/annotations/versioning.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/udpa/annotations/versioning.proto) - - - - - ---- -### VersioningAnnotation - - - -```yaml -"previousMessageType": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `previousMessageType` | `string` | Track the previous message type. E.g. this message might be udpa.foo.v3alpha.Foo and it was previously udpa.bar.v2.Bar. This information is consumed by UDPA via proto descriptors. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/migrate.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/migrate.proto.sk.md deleted file mode 100644 index cdec3b72fae..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/migrate.proto.sk.md +++ /dev/null @@ -1,83 +0,0 @@ - ---- -title: "migrate.proto" -weight: 5 ---- - - - - -### Package: `xds.annotations.v3` -#### Types: - - -- [MigrateAnnotation](#migrateannotation) -- [FieldMigrateAnnotation](#fieldmigrateannotation) -- [FileMigrateAnnotation](#filemigrateannotation) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/migrate.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/annotations/v3/migrate.proto) - - - - - ---- -### MigrateAnnotation - - - -```yaml -"rename": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `rename` | `string` | Rename the message/enum/enum value in next version. | - - - - ---- -### FieldMigrateAnnotation - - - -```yaml -"rename": string -"oneofPromotion": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `rename` | `string` | Rename the field in next version. | -| `oneofPromotion` | `string` | Add the field to a named oneof in next version. If this already exists, the field will join its siblings under the oneof, otherwise a new oneof will be created with the given name. | - - - - ---- -### FileMigrateAnnotation - - - -```yaml -"moveToPackage": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `moveToPackage` | `string` | Move all types in the file to another package, this implies changing proto file path. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/security.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/security.proto.sk.md deleted file mode 100644 index 4d996f0e248..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/security.proto.sk.md +++ /dev/null @@ -1,49 +0,0 @@ - ---- -title: "security.proto" -weight: 5 ---- - - - - -### Package: `xds.annotations.v3` -#### Types: - - -- [FieldSecurityAnnotation](#fieldsecurityannotation) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/security.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/annotations/v3/security.proto) - - - - - ---- -### FieldSecurityAnnotation - - -These annotations indicate metadata for the purpose of understanding the -security significance of fields. - -```yaml -"configureForUntrustedDownstream": bool -"configureForUntrustedUpstream": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `configureForUntrustedDownstream` | `bool` | Field should be set in the presence of untrusted downstreams. | -| `configureForUntrustedUpstream` | `bool` | Field should be set in the presence of untrusted upstreams. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/sensitive.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/sensitive.proto.sk.md deleted file mode 100644 index 17cc62546bb..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/sensitive.proto.sk.md +++ /dev/null @@ -1,21 +0,0 @@ - ---- -title: "sensitive.proto" -weight: 5 ---- - - - - -### Package: `xds.annotations.v3` - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/sensitive.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/annotations/v3/sensitive.proto) - - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/status.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/status.proto.sk.md deleted file mode 100644 index b4748f8ee97..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/status.proto.sk.md +++ /dev/null @@ -1,119 +0,0 @@ - ---- -title: "status.proto" -weight: 5 ---- - - - - -### Package: `xds.annotations.v3` -#### Types: - - -- [FileStatusAnnotation](#filestatusannotation) -- [MessageStatusAnnotation](#messagestatusannotation) -- [FieldStatusAnnotation](#fieldstatusannotation) -- [StatusAnnotation](#statusannotation) - - - - -##### Enums: - - - - [PackageVersionStatus](#packageversionstatus) - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/status.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/annotations/v3/status.proto) - - - - - ---- -### FileStatusAnnotation - - - -```yaml -"workInProgress": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `workInProgress` | `bool` | The entity is work-in-progress and subject to breaking changes. | - - - - ---- -### MessageStatusAnnotation - - - -```yaml -"workInProgress": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `workInProgress` | `bool` | The entity is work-in-progress and subject to breaking changes. | - - - - ---- -### FieldStatusAnnotation - - - -```yaml -"workInProgress": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `workInProgress` | `bool` | The entity is work-in-progress and subject to breaking changes. | - - - - ---- -### StatusAnnotation - - - -```yaml -"workInProgress": bool -"packageVersionStatus": .xds.annotations.v3.PackageVersionStatus - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `workInProgress` | `bool` | The entity is work-in-progress and subject to breaking changes. | -| `packageVersionStatus` | [.xds.annotations.v3.PackageVersionStatus](../status.proto.sk/#packageversionstatus) | The entity belongs to a package with the given version status. | - - - - -### PackageVersionStatus - -Description: - -| Name | Description | -| ----- | ----------- | -| UNKNOWN | Unknown package version status. | -| FROZEN | This version of the package is frozen. | -| ACTIVE | This version of the package is the active development version. | -| NEXT_MAJOR_VERSION_CANDIDATE | This version of the package is the candidate for the next major version. It is typically machine generated from the active development version. | - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/versioning.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/versioning.proto.sk.md deleted file mode 100644 index d83e2eeea04..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/versioning.proto.sk.md +++ /dev/null @@ -1,45 +0,0 @@ - ---- -title: "versioning.proto" -weight: 5 ---- - - - - -### Package: `xds.annotations.v3` -#### Types: - - -- [VersioningAnnotation](#versioningannotation) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/annotations/v3/versioning.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/annotations/v3/versioning.proto) - - - - - ---- -### VersioningAnnotation - - - -```yaml -"previousMessageType": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `previousMessageType` | `string` | Track the previous message type. E.g. this message might be xds.foo.v3alpha.Foo and it was previously xds.bar.v2.Bar. This information is consumed by UDPA via proto descriptors. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/authority.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/authority.proto.sk.md deleted file mode 100644 index d3030ed96a6..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/authority.proto.sk.md +++ /dev/null @@ -1,46 +0,0 @@ - ---- -title: "authority.proto" -weight: 5 ---- - - - - -### Package: `xds.core.v3` -#### Types: - - -- [Authority](#authority) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/authority.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/core/v3/authority.proto) - - - - - ---- -### Authority - - -xDS authority information. - -```yaml -"name": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/cidr.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/cidr.proto.sk.md deleted file mode 100644 index efaeda855e2..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/cidr.proto.sk.md +++ /dev/null @@ -1,49 +0,0 @@ - ---- -title: "cidr.proto" -weight: 5 ---- - - - - -### Package: `xds.core.v3` -#### Types: - - -- [CidrRange](#cidrrange) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/cidr.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/core/v3/cidr.proto) - - - - - ---- -### CidrRange - - -CidrRange specifies an IP Address and a prefix length to construct -the subnet mask for a [CIDR](https://datatracker.ietf.org/doc/html/rfc4632) range. - -```yaml -"addressPrefix": string -"prefixLen": .google.protobuf.UInt32Value - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `addressPrefix` | `string` | IPv4 or IPv6 address, e.g. `192.0.0.0` or `2001:db8::`. | -| `prefixLen` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Length of prefix, e.g. 0, 32. Defaults to 0 when unset. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/context_params.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/context_params.proto.sk.md deleted file mode 100644 index 2973b9a7e41..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/context_params.proto.sk.md +++ /dev/null @@ -1,52 +0,0 @@ - ---- -title: "context_params.proto" -weight: 5 ---- - - - - -### Package: `xds.core.v3` -#### Types: - - -- [ContextParams](#contextparams) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/context_params.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/core/v3/context_params.proto) - - - - - ---- -### ContextParams - - -Additional parameters that can be used to select resource variants. These include any -global context parameters, per-resource type client feature capabilities and per-resource -type functional attributes. All per-resource type attributes will be `xds.resource.` -prefixed and some of these are documented below: - -`xds.resource.listening_address`: The value is "IP:port" (e.g. "10.1.1.3:8080") which is - the listening address of a Listener. Used in a Listener resource query. - -```yaml -"params": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `params` | `map` | | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/extension.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/extension.proto.sk.md deleted file mode 100644 index 0b672daf179..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/extension.proto.sk.md +++ /dev/null @@ -1,48 +0,0 @@ - ---- -title: "extension.proto" -weight: 5 ---- - - - - -### Package: `xds.core.v3` -#### Types: - - -- [TypedExtensionConfig](#typedextensionconfig) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/extension.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/core/v3/extension.proto) - - - - - ---- -### TypedExtensionConfig - - -Message type for extension configuration. - -```yaml -"name": string -"typedConfig": .google.protobuf.Any - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | `string` | The name of an extension. This is not used to select the extension, instead it serves the role of an opaque identifier. | -| `typedConfig` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | The typed config for the extension. The type URL will be used to identify the extension. In the case that the type URL is *xds.type.v3.TypedStruct* (or, for historical reasons, *udpa.type.v1.TypedStruct*), the inner type URL of *TypedStruct* will be utilized. See the :ref:`extension configuration overview ` for further details. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/resource.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/resource.proto.sk.md deleted file mode 100644 index dda96d09aec..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/resource.proto.sk.md +++ /dev/null @@ -1,51 +0,0 @@ - ---- -title: "resource.proto" -weight: 5 ---- - - - - -### Package: `xds.core.v3` -#### Types: - - -- [Resource](#resource) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/resource.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/core/v3/resource.proto) - - - - - ---- -### Resource - - -xDS resource wrapper. This encapsulates a xDS resource when appearing in an -xDS transport discovery response or when accessed as a filesystem object. - -```yaml -"name": .xds.core.v3.ResourceName -"version": string -"resource": .google.protobuf.Any - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `name` | [.xds.core.v3.ResourceName](../resource_name.proto.sk/#resourcename) | Resource name. This may be omitted for filesystem resources. | -| `version` | `string` | The resource's logical version. It is illegal to have the same named xDS resource name at a given version with different resource payloads. | -| `resource` | [.google.protobuf.Any](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/any) | The resource payload, including type URL. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/resource_locator.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/resource_locator.proto.sk.md deleted file mode 100644 index 0000264116f..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/resource_locator.proto.sk.md +++ /dev/null @@ -1,127 +0,0 @@ - ---- -title: "resource_locator.proto" -weight: 5 ---- - - - - -### Package: `xds.core.v3` -#### Types: - - -- [ResourceLocator](#resourcelocator) -- [Directive](#directive) -- [Scheme](#scheme) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/resource_locator.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/core/v3/resource_locator.proto) - - - - - ---- -### ResourceLocator - - -xDS resource locators identify a xDS resource name and instruct the -data-plane load balancer on how the resource may be located. - -Resource locators have a canonical xdstp:// URI representation: - - xdstp://{authority}/{type_url}/{id}?{context_params}{#directive,*} - -where context_params take the form of URI query parameters. - -Resource locators have a similar canonical http:// URI representation: - - http://{authority}/{type_url}/{id}?{context_params}{#directive,*} - -Resource locators also have a simplified file:// URI representation: - - file:///{id}{#directive,*} - -```yaml -"scheme": .xds.core.v3.ResourceLocator.Scheme -"id": string -"authority": string -"resourceType": string -"exactContext": .xds.core.v3.ContextParams -"directives": []xds.core.v3.ResourceLocator.Directive - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `scheme` | [.xds.core.v3.ResourceLocator.Scheme](../resource_locator.proto.sk/#scheme) | URI scheme. | -| `id` | `string` | Opaque identifier for the resource. Any '/' will not be escaped during URI encoding and will form part of the URI path. This may end with ‘*’ for glob collection references. | -| `authority` | `string` | Logical authority for resource (not necessarily transport network address). Authorities are opaque in the xDS API, data-plane load balancers will map them to concrete network transports such as an xDS management server, e.g. via envoy.config.core.v3.ConfigSource. | -| `resourceType` | `string` | Fully qualified resource type (as in type URL without types.googleapis.com/ prefix). | -| `exactContext` | [.xds.core.v3.ContextParams](../context_params.proto.sk/#contextparams) | Additional parameters that can be used to select resource variants. Matches must be exact, i.e. all context parameters must match exactly and there must be no additional context parameters set on the matched resource. | -| `directives` | [[]xds.core.v3.ResourceLocator.Directive](../resource_locator.proto.sk/#directive) | A list of directives that appear in the xDS resource locator #fragment. When encoding to URI form, directives are percent encoded with comma separation. | - - - - ---- -### Directive - - -Directives provide information to data-plane load balancers on how xDS -resource names are to be interpreted and potentially further resolved. For -example, they may provide alternative resource locators for when primary -resolution fails. Directives are not part of resource names and do not -appear in a xDS transport discovery request. - -When encoding to URIs, directives take the form: - -= - -For example, we can have alt=xdstp://foo/bar or entry=some%20thing. Each -directive value type may have its own string encoding, in the case of -ResourceLocator there is a recursive URI encoding. - -Percent encoding applies to the URI encoding of the directive value. -Multiple directives are comma-separated, so the reserved characters that -require percent encoding in a directive value are [',', '#', '[', ']', -'%']. These are the RFC3986 fragment reserved characters with the addition -of the xDS scheme specific ','. See -https://datatracker.ietf.org/doc/html/rfc3986#page-49 for further details on URI ABNF -and reserved characters. - -```yaml -"alt": .xds.core.v3.ResourceLocator -"entry": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `alt` | [.xds.core.v3.ResourceLocator](../resource_locator.proto.sk/#resourcelocator) | An alternative resource locator for fallback if the resource is unavailable. For example, take the resource locator: xdstp://foo/some-type/some-route-table#alt=xdstp://bar/some-type/another-route-table If the data-plane load balancer is unable to reach `foo` to fetch the resource, it will fallback to `bar`. Alternative resources do not need to have equivalent content, but they should be functional substitutes. Only one of `alt` or `entry` can be set. | -| `entry` | `string` | List collections support inlining of resources via the entry field in Resource. These inlined Resource objects may have an optional name field specified. When specified, the entry directive allows ResourceLocator to directly reference these inlined resources, e.g. xdstp://.../foo#entry=bar. Only one of `entry` or `alt` can be set. | - - - - ---- -### Scheme - - - -| Name | Description | -| ----- | ----------- | -| `XDSTP` | | -| `HTTP` | | -| `FILE` | | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/resource_name.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/resource_name.proto.sk.md deleted file mode 100644 index 7f09d65a413..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/resource_name.proto.sk.md +++ /dev/null @@ -1,60 +0,0 @@ - ---- -title: "resource_name.proto" -weight: 5 ---- - - - - -### Package: `xds.core.v3` -#### Types: - - -- [ResourceName](#resourcename) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/core/v3/resource_name.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/core/v3/resource_name.proto) - - - - - ---- -### ResourceName - - -xDS resource name. This has a canonical xdstp:// URI representation: - - xdstp://{authority}/{type_url}/{id}?{context_params} - -where context_params take the form of URI query parameters. - -A xDS resource name fully identifies a network resource for transport -purposes. xDS resource names in this form appear only in discovery -request/response messages used with the xDS transport. - -```yaml -"id": string -"authority": string -"resourceType": string -"context": .xds.core.v3.ContextParams - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `id` | `string` | Opaque identifier for the resource. Any '/' will not be escaped during URI encoding and will form part of the URI path. | -| `authority` | `string` | Logical authority for resource (not necessarily transport network address). Authorities are opaque in the xDS API, data-plane load balancers will map them to concrete network transports such as an xDS management server. | -| `resourceType` | `string` | Fully qualified resource type (as in type URL without types.googleapis.com/ prefix). | -| `context` | [.xds.core.v3.ContextParams](../context_params.proto.sk/#contextparams) | Additional parameters that can be used to select resource variants. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/service/orca/v3/orca.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/service/orca/v3/orca.proto.sk.md deleted file mode 100644 index 8f4034cd809..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/service/orca/v3/orca.proto.sk.md +++ /dev/null @@ -1,47 +0,0 @@ - ---- -title: "orca.proto" -weight: 5 ---- - - - - -### Package: `xds.service.orca.v3` -#### Types: - - -- [OrcaLoadReportRequest](#orcaloadreportrequest) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/service/orca/v3/orca.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/service/orca/v3/orca.proto) - - - - - ---- -### OrcaLoadReportRequest - - - -```yaml -"reportInterval": .google.protobuf.Duration -"requestCostNames": []string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `reportInterval` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Interval for generating Open RCA core metric responses. | -| `requestCostNames` | `[]string` | Request costs to collect. If this is empty, all known requests costs tracked by the load reporting agent will be returned. This provides an opportunity for the client to selectively obtain a subset of tracked costs. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/domain.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/domain.proto.sk.md deleted file mode 100644 index 6e1c551b9ca..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/domain.proto.sk.md +++ /dev/null @@ -1,71 +0,0 @@ - ---- -title: "domain.proto" -weight: 5 ---- - - - - -### Package: `xds.type.matcher.v3` -#### Types: - - -- [ServerNameMatcher](#servernamematcher) -- [DomainMatcher](#domainmatcher) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/domain.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/type/matcher/v3/domain.proto) - - - - - ---- -### ServerNameMatcher - - -Matches a fully qualified server name against a set of domain -names with optional wildcards. - -```yaml -"domainMatchers": []xds.type.matcher.v3.ServerNameMatcher.DomainMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `domainMatchers` | [[]xds.type.matcher.v3.ServerNameMatcher.DomainMatcher](../domain.proto.sk/#domainmatcher) | Match a server name by multiple domain matchers. Each domain, exact or wildcard, must appear at most once across all the domain matchers. The server name will be matched against all wildcard domains starting from the longest suffix, i.e. `www.example.com` input will be first matched against `www.example.com`, then `*.example.com`, then `*.com`, then `*`, until the associated matcher action accepts the input. Note that wildcards must be on a dot border, and values like `*w.example.com` are invalid. | - - - - ---- -### DomainMatcher - - -Specifies a set of exact and wildcard domains and a match action. The -wildcard symbol `*` must appear at most once as the left-most part of -the domain on a dot border. The wildcard matches one or more non-empty -domain parts. - -```yaml -"domains": []string -"onMatch": .xds.type.matcher.v3.Matcher.OnMatch - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `domains` | `[]string` | A non-empty set of domain names with optional wildcards, e.g. `www.example.com`, `*.com`, or `*`. | -| `onMatch` | [.xds.type.matcher.v3.Matcher.OnMatch](../matcher.proto.sk/#onmatch) | Match action to apply when the server name matches any of the domain names in the matcher. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/http_inputs.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/http_inputs.proto.sk.md deleted file mode 100644 index 553f471dad2..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/http_inputs.proto.sk.md +++ /dev/null @@ -1,52 +0,0 @@ - ---- -title: "http_inputs.proto" -weight: 5 ---- - - - - -### Package: `xds.type.matcher.v3` -#### Types: - - -- [HttpAttributesCelMatchInput](#httpattributescelmatchinput) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/http_inputs.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/type/matcher/v3/http_inputs.proto) - - - - - ---- -### HttpAttributesCelMatchInput - - -Specifies that matching should be performed on the set of :ref:`HTTP attributes -`. - -The attributes will be exposed via [Common Expression Language](https://github.com/google/cel-spec) runtime to associated CEL matcher. - -Refer to Unified Matcher API documentation -for usage details. - -[#comment:TODO(sergiitk): When implemented, add the extension tag.] - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/ip.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/ip.proto.sk.md deleted file mode 100644 index 63551d485b7..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/ip.proto.sk.md +++ /dev/null @@ -1,69 +0,0 @@ - ---- -title: "ip.proto" -weight: 5 ---- - - - - -### Package: `xds.type.matcher.v3` -#### Types: - - -- [IPMatcher](#ipmatcher) -- [IPRangeMatcher](#iprangematcher) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/ip.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/type/matcher/v3/ip.proto) - - - - - ---- -### IPMatcher - - -Matches a specific IP address against a set of possibly overlapping subnets using a trie. - -```yaml -"rangeMatchers": []xds.type.matcher.v3.IPMatcher.IPRangeMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `rangeMatchers` | [[]xds.type.matcher.v3.IPMatcher.IPRangeMatcher](../ip.proto.sk/#iprangematcher) | Match IP address by CIDR ranges. | - - - - ---- -### IPRangeMatcher - - -Specifies a list of IP address ranges and a match action. - -```yaml -"ranges": []xds.core.v3.CidrRange -"onMatch": .xds.type.matcher.v3.Matcher.OnMatch -"exclusive": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `ranges` | [[]xds.core.v3.CidrRange](../../../../core/v3/cidr.proto.sk/#cidrrange) | A non-empty set of CIDR ranges. | -| `onMatch` | [.xds.type.matcher.v3.Matcher.OnMatch](../matcher.proto.sk/#onmatch) | Match action to apply when the IP address is within one of the CIDR ranges. | -| `exclusive` | `bool` | Indicates whether this match option should be considered if there is a more specific matcher. Exclusive matchers are not selected whenever a more specific matcher exists (e.g. matcher with a longer prefix) even when the more specific matcher fails its nested match condition. Non-exclusive matchers are considered if the more specific matcher exists but its nested match condition does not entirely match. Non-exclusive matchers are selected in the order of their specificity first (longest prefix first), then the order of declaration next. For example, consider two range matchers: an exclusive matcher *X* on `0.0.0.0/0` and a matcher *Y* on `192.0.0.0/2` with a nested match condition *Z*. For the input IP `192.168.0.1` matcher *Y* is the most specific. If its nested match condition *Z* does not accept the input, then the less specific matcher *X* does not apply either despite the input being within the range, because matcher *X* is exclusive. The opposite is true if matcher *X* is not marked as exclusive. In that case matcher *X* always matches whenever matcher "*Y* rejects the input. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/matcher.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/matcher.proto.sk.md deleted file mode 100644 index 4c8da525437..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/matcher.proto.sk.md +++ /dev/null @@ -1,227 +0,0 @@ - ---- -title: "matcher.proto" -weight: 5 ---- - - - - -### Package: `xds.type.matcher.v3` -#### Types: - - -- [Matcher](#matcher) -- [OnMatch](#onmatch) -- [MatcherList](#matcherlist) -- [Predicate](#predicate) -- [SinglePredicate](#singlepredicate) -- [PredicateList](#predicatelist) -- [FieldMatcher](#fieldmatcher) -- [MatcherTree](#matchertree) -- [MatchMap](#matchmap) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/matcher.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/type/matcher/v3/matcher.proto) - - - - - ---- -### Matcher - - -A matcher, which may traverse a matching tree in order to result in a match action. -During matching, the tree will be traversed until a match is found, or if no match -is found the action specified by the most specific on_no_match will be evaluated. -As an on_no_match might result in another matching tree being evaluated, this process -might repeat several times until the final OnMatch (or no match) is decided. - -```yaml -"matcherList": .xds.type.matcher.v3.Matcher.MatcherList -"matcherTree": .xds.type.matcher.v3.Matcher.MatcherTree -"onNoMatch": .xds.type.matcher.v3.Matcher.OnMatch - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `matcherList` | [.xds.type.matcher.v3.Matcher.MatcherList](../matcher.proto.sk/#matcherlist) | A linear list of matchers to evaluate. Only one of `matcherList` or `matcherTree` can be set. | -| `matcherTree` | [.xds.type.matcher.v3.Matcher.MatcherTree](../matcher.proto.sk/#matchertree) | A match tree to evaluate. Only one of `matcherTree` or `matcherList` can be set. | -| `onNoMatch` | [.xds.type.matcher.v3.Matcher.OnMatch](../matcher.proto.sk/#onmatch) | Optional OnMatch to use if no matcher above matched (e.g., if there are no matchers specified above, or if none of the matches specified above succeeded). If no matcher above matched and this field is not populated, the match will be considered unsuccessful. | - - - - ---- -### OnMatch - - -What to do if a match is successful. - -```yaml -"matcher": .xds.type.matcher.v3.Matcher -"action": .xds.core.v3.TypedExtensionConfig - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `matcher` | [.xds.type.matcher.v3.Matcher](../matcher.proto.sk/#matcher) | Nested matcher to evaluate. If the nested matcher does not match and does not specify on_no_match, then this matcher is considered not to have matched, even if a predicate at this level or above returned true. Only one of `matcher` or `action` can be set. | -| `action` | [.xds.core.v3.TypedExtensionConfig](../../../../core/v3/extension.proto.sk/#typedextensionconfig) | Protocol-specific action to take. Only one of `action` or `matcher` can be set. | - - - - ---- -### MatcherList - - -A linear list of field matchers. -The field matchers are evaluated in order, and the first match -wins. - -```yaml -"matchers": []xds.type.matcher.v3.Matcher.MatcherList.FieldMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `matchers` | [[]xds.type.matcher.v3.Matcher.MatcherList.FieldMatcher](../matcher.proto.sk/#fieldmatcher) | A list of matchers. First match wins. | - - - - ---- -### Predicate - - -Predicate to determine if a match is successful. - -```yaml -"singlePredicate": .xds.type.matcher.v3.Matcher.MatcherList.Predicate.SinglePredicate -"orMatcher": .xds.type.matcher.v3.Matcher.MatcherList.Predicate.PredicateList -"andMatcher": .xds.type.matcher.v3.Matcher.MatcherList.Predicate.PredicateList -"notMatcher": .xds.type.matcher.v3.Matcher.MatcherList.Predicate - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `singlePredicate` | [.xds.type.matcher.v3.Matcher.MatcherList.Predicate.SinglePredicate](../matcher.proto.sk/#singlepredicate) | A single predicate to evaluate. Only one of `singlePredicate`, `orMatcher`, `andMatcher`, or `notMatcher` can be set. | -| `orMatcher` | [.xds.type.matcher.v3.Matcher.MatcherList.Predicate.PredicateList](../matcher.proto.sk/#predicatelist) | A list of predicates to be OR-ed together. Only one of `orMatcher`, `singlePredicate`, `andMatcher`, or `notMatcher` can be set. | -| `andMatcher` | [.xds.type.matcher.v3.Matcher.MatcherList.Predicate.PredicateList](../matcher.proto.sk/#predicatelist) | A list of predicates to be AND-ed together. Only one of `andMatcher`, `singlePredicate`, `orMatcher`, or `notMatcher` can be set. | -| `notMatcher` | [.xds.type.matcher.v3.Matcher.MatcherList.Predicate](../matcher.proto.sk/#predicate) | The invert of a predicate. Only one of `notMatcher`, `singlePredicate`, `orMatcher`, or `andMatcher` can be set. | - - - - ---- -### SinglePredicate - - -Predicate for a single input field. - -```yaml -"input": .xds.core.v3.TypedExtensionConfig -"valueMatch": .xds.type.matcher.v3.StringMatcher -"customMatch": .xds.core.v3.TypedExtensionConfig - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `input` | [.xds.core.v3.TypedExtensionConfig](../../../../core/v3/extension.proto.sk/#typedextensionconfig) | Protocol-specific specification of input field to match on. [#extension-category: envoy.matching.common_inputs]. | -| `valueMatch` | [.xds.type.matcher.v3.StringMatcher](../string.proto.sk/#stringmatcher) | Built-in string matcher. Only one of `valueMatch` or `customMatch` can be set. | -| `customMatch` | [.xds.core.v3.TypedExtensionConfig](../../../../core/v3/extension.proto.sk/#typedextensionconfig) | Extension for custom matching logic. [#extension-category: envoy.matching.input_matchers]. Only one of `customMatch` or `valueMatch` can be set. | - - - - ---- -### PredicateList - - -A list of two or more matchers. Used to allow using a list within a oneof. - -```yaml -"predicate": []xds.type.matcher.v3.Matcher.MatcherList.Predicate - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `predicate` | [[]xds.type.matcher.v3.Matcher.MatcherList.Predicate](../matcher.proto.sk/#predicate) | | - - - - ---- -### FieldMatcher - - -An individual matcher. - -```yaml -"predicate": .xds.type.matcher.v3.Matcher.MatcherList.Predicate -"onMatch": .xds.type.matcher.v3.Matcher.OnMatch - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `predicate` | [.xds.type.matcher.v3.Matcher.MatcherList.Predicate](../matcher.proto.sk/#predicate) | Determines if the match succeeds. | -| `onMatch` | [.xds.type.matcher.v3.Matcher.OnMatch](../matcher.proto.sk/#onmatch) | What to do if the match succeeds. | - - - - ---- -### MatcherTree - - - -```yaml -"input": .xds.core.v3.TypedExtensionConfig -"exactMatchMap": .xds.type.matcher.v3.Matcher.MatcherTree.MatchMap -"prefixMatchMap": .xds.type.matcher.v3.Matcher.MatcherTree.MatchMap -"customMatch": .xds.core.v3.TypedExtensionConfig - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `input` | [.xds.core.v3.TypedExtensionConfig](../../../../core/v3/extension.proto.sk/#typedextensionconfig) | Protocol-specific specification of input field to match on. | -| `exactMatchMap` | [.xds.type.matcher.v3.Matcher.MatcherTree.MatchMap](../matcher.proto.sk/#matchmap) | Only one of `exactMatchMap`, `prefixMatchMap`, or `customMatch` can be set. | -| `prefixMatchMap` | [.xds.type.matcher.v3.Matcher.MatcherTree.MatchMap](../matcher.proto.sk/#matchmap) | Longest matching prefix wins. Only one of `prefixMatchMap`, `exactMatchMap`, or `customMatch` can be set. | -| `customMatch` | [.xds.core.v3.TypedExtensionConfig](../../../../core/v3/extension.proto.sk/#typedextensionconfig) | Extension for custom matching logic. Only one of `customMatch`, `exactMatchMap`, or `prefixMatchMap` can be set. | - - - - ---- -### MatchMap - - -A map of configured matchers. Used to allow using a map within a oneof. - -```yaml -"map": map - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `map` | `map` | | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/range.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/range.proto.sk.md deleted file mode 100644 index ca45ae9f4dc..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/range.proto.sk.md +++ /dev/null @@ -1,150 +0,0 @@ - ---- -title: "range.proto" -weight: 5 ---- - - - - -### Package: `xds.type.matcher.v3` -#### Types: - - -- [Int64RangeMatcher](#int64rangematcher) -- [RangeMatcher](#rangematcher) -- [Int32RangeMatcher](#int32rangematcher) -- [RangeMatcher](#rangematcher) -- [DoubleRangeMatcher](#doublerangematcher) -- [RangeMatcher](#rangematcher) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/range.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/type/matcher/v3/range.proto) - - - - - ---- -### Int64RangeMatcher - - -Specifies a set of ranges for matching an int64 number and the associated -match actions. - -```yaml -"rangeMatchers": []xds.type.matcher.v3.Int64RangeMatcher.RangeMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `rangeMatchers` | [[]xds.type.matcher.v3.Int64RangeMatcher.RangeMatcher](../range.proto.sk/#rangematcher) | Match a number by a list of number ranges. If multiple ranges contain the input number, then the first action in this list is taken. | - - - - ---- -### RangeMatcher - - -Specifies a list of number ranges and a match action. - -```yaml -"ranges": []xds.type.v3.Int64Range -"onMatch": .xds.type.matcher.v3.Matcher.OnMatch - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `ranges` | [[]xds.type.v3.Int64Range](../../../v3/range.proto.sk/#int64range) | A non-empty set of int64 ranges. | -| `onMatch` | [.xds.type.matcher.v3.Matcher.OnMatch](../matcher.proto.sk/#onmatch) | Match action to apply when the input number is within one of the ranges. | - - - - ---- -### Int32RangeMatcher - - -Specifies a set of ranges for matching an int32 number and the associated -match actions. - -```yaml -"rangeMatchers": []xds.type.matcher.v3.Int32RangeMatcher.RangeMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `rangeMatchers` | [[]xds.type.matcher.v3.Int32RangeMatcher.RangeMatcher](../range.proto.sk/#rangematcher) | Match a number by a list of number ranges. If multiple ranges contain the input number, then the first action in this list is taken. | - - - - ---- -### RangeMatcher - - -Specifies a list of number ranges and a match action. - -```yaml -"ranges": []xds.type.v3.Int32Range -"onMatch": .xds.type.matcher.v3.Matcher.OnMatch - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `ranges` | [[]xds.type.v3.Int32Range](../../../v3/range.proto.sk/#int32range) | A non-empty set of int32 ranges. | -| `onMatch` | [.xds.type.matcher.v3.Matcher.OnMatch](../matcher.proto.sk/#onmatch) | Match action to apply when the input number is within one of the ranges. | - - - - ---- -### DoubleRangeMatcher - - -Specifies a set of ranges for matching a double number and the associated -match actions. - -```yaml -"rangeMatchers": []xds.type.matcher.v3.DoubleRangeMatcher.RangeMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `rangeMatchers` | [[]xds.type.matcher.v3.DoubleRangeMatcher.RangeMatcher](../range.proto.sk/#rangematcher) | Match a number by a list of number ranges. If multiple ranges contain the input number, then the first action in this list is taken. | - - - - ---- -### RangeMatcher - - -Specifies a list of number ranges and a match action. - -```yaml -"ranges": []xds.type.v3.DoubleRange -"onMatch": .xds.type.matcher.v3.Matcher.OnMatch - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `ranges` | [[]xds.type.v3.DoubleRange](../../../v3/range.proto.sk/#doublerange) | A non-empty set of double ranges. | -| `onMatch` | [.xds.type.matcher.v3.Matcher.OnMatch](../matcher.proto.sk/#onmatch) | Match action to apply when the input number is within one of the ranges. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/regex.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/regex.proto.sk.md deleted file mode 100644 index ee3d486fd02..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/regex.proto.sk.md +++ /dev/null @@ -1,81 +0,0 @@ - ---- -title: "regex.proto" -weight: 5 ---- - - - - -### Package: `xds.type.matcher.v3` -#### Types: - - -- [RegexMatcher](#regexmatcher) -- [GoogleRE2](#googlere2) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/regex.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/type/matcher/v3/regex.proto) - - - - - ---- -### RegexMatcher - - -A regex matcher designed for safety when used with untrusted input. - -```yaml -"googleRe2": .xds.type.matcher.v3.RegexMatcher.GoogleRE2 -"regex": string - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `googleRe2` | [.xds.type.matcher.v3.RegexMatcher.GoogleRE2](../regex.proto.sk/#googlere2) | Google's RE2 regex engine. | -| `regex` | `string` | The regex match string. The string must be supported by the configured engine. | - - - - ---- -### GoogleRE2 - - -Google's [RE2](https://github.com/google/re2) regex engine. The regex -string must adhere to the documented [syntax](https://github.com/google/re2/wiki/Syntax). The engine is designed to -complete execution in linear time as well as limit the amount of memory -used. - -Envoy supports program size checking via runtime. The runtime keys -`re2.max_program_size.error_level` and `re2.max_program_size.warn_level` -can be set to integers as the maximum program size or complexity that a -compiled regex can have before an exception is thrown or a warning is -logged, respectively. `re2.max_program_size.error_level` defaults to 100, -and `re2.max_program_size.warn_level` has no default if unset (will not -check/log a warning). - -Envoy emits two stats for tracking the program size of regexes: the -histogram `re2.program_size`, which records the program size, and the -counter `re2.exceeded_warn_level`, which is incremented each time the -program size exceeds the warn level threshold. - -```yaml - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/string.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/string.proto.sk.md deleted file mode 100644 index d934292e7b9..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/string.proto.sk.md +++ /dev/null @@ -1,76 +0,0 @@ - ---- -title: "string.proto" -weight: 5 ---- - - - - -### Package: `xds.type.matcher.v3` -#### Types: - - -- [StringMatcher](#stringmatcher) -- [ListStringMatcher](#liststringmatcher) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/type/matcher/v3/string.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/type/matcher/v3/string.proto) - - - - - ---- -### StringMatcher - - -Specifies the way to match a string. -[#next-free-field: 8] - -```yaml -"exact": string -"prefix": string -"suffix": string -"safeRegex": .xds.type.matcher.v3.RegexMatcher -"contains": string -"ignoreCase": bool - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `exact` | `string` | The input string must match exactly the string specified here. Examples: * *abc* only matches the value *abc*. Only one of `exact`, `prefix`, `suffix`, `safeRegex`, or `contains` can be set. | -| `prefix` | `string` | The input string must have the prefix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * *abc* matches the value *abc.xyz*. Only one of `prefix`, `exact`, `suffix`, `safeRegex`, or `contains` can be set. | -| `suffix` | `string` | The input string must have the suffix specified here. Note: empty prefix is not allowed, please use regex instead. Examples: * *abc* matches the value *xyz.abc*. Only one of `suffix`, `exact`, `prefix`, `safeRegex`, or `contains` can be set. | -| `safeRegex` | [.xds.type.matcher.v3.RegexMatcher](../regex.proto.sk/#regexmatcher) | The input string must match the regular expression specified here. Only one of `safeRegex`, `exact`, `prefix`, `suffix`, or `contains` can be set. | -| `contains` | `string` | The input string must have the substring specified here. Note: empty contains match is not allowed, please use regex instead. Examples: * *abc* matches the value *xyz.abc.def*. Only one of `contains`, `exact`, `prefix`, `suffix`, or `safeRegex` can be set. | -| `ignoreCase` | `bool` | If true, indicates the exact/prefix/suffix matching should be case insensitive. This has no effect for the safe_regex match. For example, the matcher *data* will match both input string *Data* and *data* if set to true. | - - - - ---- -### ListStringMatcher - - -Specifies a list of ways to match a string. - -```yaml -"patterns": []xds.type.matcher.v3.StringMatcher - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `patterns` | [[]xds.type.matcher.v3.StringMatcher](../string.proto.sk/#stringmatcher) | | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/v3/range.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/v3/range.proto.sk.md deleted file mode 100644 index afcc44cb939..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/v3/range.proto.sk.md +++ /dev/null @@ -1,93 +0,0 @@ - ---- -title: "range.proto" -weight: 5 ---- - - - - -### Package: `xds.type.v3` -#### Types: - - -- [Int64Range](#int64range) -- [Int32Range](#int32range) -- [DoubleRange](#doublerange) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/type/v3/range.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/type/v3/range.proto) - - - - - ---- -### Int64Range - - -Specifies the int64 start and end of the range using half-open interval -semantics [start, end). - -```yaml -"start": int -"end": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `start` | `int` | start of the range (inclusive). | -| `end` | `int` | end of the range (exclusive). | - - - - ---- -### Int32Range - - -Specifies the int32 start and end of the range using half-open interval -semantics [start, end). - -```yaml -"start": int -"end": int - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `start` | `int` | start of the range (inclusive). | -| `end` | `int` | end of the range (exclusive). | - - - - ---- -### DoubleRange - - -Specifies the double start and end of the range using half-open interval -semantics [start, end). - -```yaml -"start": float -"end": float - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `start` | `float` | start of the range (inclusive). | -| `end` | `float` | end of the range (exclusive). | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/v3/typed_struct.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/v3/typed_struct.proto.sk.md deleted file mode 100644 index 8479726b061..00000000000 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external/xds/type/v3/typed_struct.proto.sk.md +++ /dev/null @@ -1,71 +0,0 @@ - ---- -title: "typed_struct.proto" -weight: 5 ---- - - - - -### Package: `xds.type.v3` -#### Types: - - -- [TypedStruct](#typedstruct) - - - - -##### Source File: [github.com/solo-io/gloo/projects/gloo/api/external/xds/type/v3/typed_struct.proto](https://github.com/solo-io/gloo/blob/main/projects/gloo/api/external/xds/type/v3/typed_struct.proto) - - - - - ---- -### TypedStruct - - -A TypedStruct contains an arbitrary JSON serialized protocol buffer message with a URL that -describes the type of the serialized message. This is very similar to google.protobuf.Any, -instead of having protocol buffer binary, this employs google.protobuf.Struct as value. - -This message is intended to be embedded inside Any, so it shouldn't be directly referred -from other UDPA messages. - -When packing an opaque extension config, packing the expected type into Any is preferred -wherever possible for its efficiency. TypedStruct should be used only if a proto descriptor -is not available, for example if: - -- A control plane sends opaque message that is originally from external source in human readable - format such as JSON or YAML. -- The control plane doesn't have the knowledge of the protocol buffer schema hence it cannot - serialize the message in protocol buffer binary format. -- The DPLB doesn't have have the knowledge of the protocol buffer schema its plugin or extension - uses. This has to be indicated in the DPLB capability negotiation. - -When a DPLB receives a TypedStruct in Any, it should: -- Check if the type_url of the TypedStruct matches the type the extension expects. -- Convert value to the type described in type_url and perform validation. - -TODO(lizan): Figure out how TypeStruct should be used with DPLB extensions that doesn't link -protobuf descriptor with DPLB itself, (e.g. gRPC LB Plugin, Envoy WASM extensions). - -```yaml -"typeUrl": string -"value": .google.protobuf.Struct - -``` - -| Field | Type | Description | -| ----- | ---- | ----------- | -| `typeUrl` | `string` | A URL that uniquely identifies the type of the serialize protocol buffer message. This has same semantics and format described in google.protobuf.Any: https://github.com/protocolbuffers/protobuf/blob/master/src/google/protobuf/any.proto. | -| `value` | [.google.protobuf.Struct](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/struct) | A JSON representation of the above specified type. | - - - - - - - - diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/caching/caching.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/caching/caching.proto.sk.md index 285a871b7a4..6253b5409bc 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/caching/caching.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/caching/caching.proto.sk.md @@ -38,7 +38,7 @@ weight: 5 | Field | Type | Description | | ----- | ---- | ----------- | | `cachingServiceRef` | [.core.solo.io.ResourceRef](../../../../../../../../../solo-kit/api/v1/ref.proto.sk/#resourceref) | The basic reference for the service. Details name and namespace. | -| `allowedVaryHeaders` | [[]solo.io.envoy.type.matcher.v3.StringMatcher](../../../../../external/envoy/type/matcher/v3/string.proto.sk/#stringmatcher) | A list of string matchers that state what headers are allowed to vary and still be cached. Per upstream envoy allowed vary headers. | +| `allowedVaryHeaders` | []solo.io.envoy.type.matcher.v3.StringMatcher | A list of string matchers that state what headers are allowed to vary and still be cached. Per upstream envoy allowed vary headers. | | `timeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Connection timeout for retrieval from an sync cache. | | `maxPayloadSize` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Max payload size to cache. If unset defaults to a reasonable value. If explicitly set to 0 will prevent anything with a body from being cached. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/dlp/dlp.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/dlp/dlp.proto.sk.md index 84f5bd1a7c4..df12d0d737e 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/dlp/dlp.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/dlp/dlp.proto.sk.md @@ -270,7 +270,7 @@ If the mask_char, and percent were left to default, the result would be: | `regex` | `[]string` | The list of regex strings which will be applied in order. | | `maskChar` | `string` | The masking character for the sensitive data. default value: X. | | `percent` | [.solo.io.envoy.type.Percent](../../../../../../../../../solo-kit/api/external/envoy/type/percent.proto.sk/#percent) | The percent of the string which will be masked by the mask_char default value: 75% rounds ratio (percent/100) by std::round http://www.cplusplus.com/reference/cmath/round/. | -| `regexActions` | [[]envoy.config.filter.http.transformation_ee.v2.RegexAction](../../../../../external/envoy/extensions/transformation_ee/transformation.proto.sk/#regexaction) | List of regexes to apply to the response body to match data which should be masked. They will be applied iteratively in the order which they are specified. If this field and `regex` are both provided, all the regexes will be applied iteratively in the order provided, starting with the ones from `regex`. | +| `regexActions` | []envoy.config.filter.http.transformation_ee.v2.RegexAction | List of regexes to apply to the response body to match data which should be masked. They will be applied iteratively in the order which they are specified. If this field and `regex` are both provided, all the regexes will be applied iteratively in the order provided, starting with the ones from `regex`. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/extproc/extproc.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/extproc/extproc.proto.sk.md index de49a683ff8..23c7e0df958 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/extproc/extproc.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/extproc/extproc.proto.sk.md @@ -63,13 +63,13 @@ Users should take care to understand the risks of using this extension before pr | `grpcService` | [.extproc.options.gloo.solo.io.GrpcService](../extproc.proto.sk/#grpcservice) | Required. Configuration for the gRPC service that the filter will communicate with. | | `filterStage` | [.filters.gloo.solo.io.FilterStage](../../../../filters/stages.proto.sk/#filterstage) | Required. Where in the HTTP filter chain to insert the filter. | | `failureModeAllow` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | By default, if the gRPC stream cannot be established, or if it is closed prematurely with an error, the filter will fail. Specifically, if the response headers have not yet been delivered, then it will return a 500 error downstream. If they have been delivered, then instead the HTTP stream to the downstream client will be reset. With this parameter set to true, however, then if the gRPC stream is prematurely closed or could not be opened, processing continues without error. | -| `processingMode` | [.solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode](../../../../../external/envoy/extensions/filters/http/ext_proc/v3/processing_mode.proto.sk/#processingmode) | Specifies default options for how HTTP headers, trailers, and bodies are sent. | +| `processingMode` | .solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode | Specifies default options for how HTTP headers, trailers, and bodies are sent. | | `asyncMode` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | NOT CURRENTLY IMPLEMENTED. If true, send each part of the HTTP request or response specified by ProcessingMode asynchronously -- in other words, send the message on the gRPC stream and then continue filter processing. If false, which is the default, suspend filter execution after each message is sent to the remote service and wait up to "message_timeout" for a reply. | | `requestAttributes` | `[]string` | NOT CURRENTLY IMPLEMENTED. Envoy provides a number of [attributes](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes#arch-overview-attributes) for expressive policies. Each attribute name provided in this field will be matched against that list and populated in the request_headers message. See the [request attribute documentation](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes#request-attributes) for the list of supported attributes and their types. | | `responseAttributes` | `[]string` | NOT CURRENTLY IMPLEMENTED. Envoy provides a number of [attributes](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes#arch-overview-attributes) for expressive policies. Each attribute name provided in this field will be matched against that list and populated in the response_headers message. See the [response attribute documentation](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes#response-attributes) for the list of supported attributes and their types. | | `messageTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the timeout for each individual message sent on the stream when the filter is running in synchronous mode. Whenever the proxy sends a message on the stream that requires a response, it will reset this timer, and will stop processing and return an error (subject to the processing mode) if the timer expires before a matching response is received. There is no timeout when the filter is running in asynchronous mode. Value must be at least 0 seconds, and less than or equal to 3600 seconds. Zero is a valid value which means the timer will be triggered immediately. If not configured, default is 200 milliseconds. | | `statPrefix` | [.google.protobuf.StringValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/string-value) | Optional additional prefix to use when emitting statistics. This allows distinguishing between statistics emitted by multiple *ext_proc* filters in an HTTP filter chain. | -| `mutationRules` | [.solo.io.envoy.config.common.mutation_rules.v3.HeaderMutationRules](../../../../../external/envoy/config/common/mutation_rules/v3/mutation_rules.proto.sk/#headermutationrules) | Rules that determine what modifications an external processing server may make to message headers. If not set, all headers may be modified except for "host", ":authority", ":scheme", ":method", and headers that start with the header prefix set via [header_prefix](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/bootstrap/v3/bootstrap.proto#envoy-v3-api-field-config-bootstrap-v3-bootstrap-header-prefix) (which is usually "x-envoy"). Note that changing headers such as "host" or ":authority" may not in itself change Envoy's routing decision, as routes can be cached. To also force the route to be recomputed, set the [clear_route_cache](https://www.envoyproxy.io/docs/envoy/latest/api-v3/service/ext_proc/v3/external_processor.proto#envoy-v3-api-field-service-ext-proc-v3-commonresponse-clear-route-cache) field to true in the same response. | +| `mutationRules` | .solo.io.envoy.config.common.mutation_rules.v3.HeaderMutationRules | Rules that determine what modifications an external processing server may make to message headers. If not set, all headers may be modified except for "host", ":authority", ":scheme", ":method", and headers that start with the header prefix set via [header_prefix](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/bootstrap/v3/bootstrap.proto#envoy-v3-api-field-config-bootstrap-v3-bootstrap-header-prefix) (which is usually "x-envoy"). Note that changing headers such as "host" or ":authority" may not in itself change Envoy's routing decision, as routes can be cached. To also force the route to be recomputed, set the [clear_route_cache](https://www.envoyproxy.io/docs/envoy/latest/api-v3/service/ext_proc/v3/external_processor.proto#envoy-v3-api-field-service-ext-proc-v3-commonresponse-clear-route-cache) field to true in the same response. | | `maxMessageTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specify the upper bound of [override_message_timeout](https://www.envoyproxy.io/docs/envoy/latest/api-v3/service/ext_proc/v3/external_processor.proto#envoy-v3-api-field-service-ext-proc-v3-processingresponse-override-message-timeout). If not specified, by default it is 0, which will effectively disable the `override_message_timeout` API. Value must be greater than or equal to the `messageTimeout` and less than or equal to 3600 seconds. | | `disableClearRouteCache` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Prevents clearing the route-cache when the [clear_route_cache](https://www.envoyproxy.io/docs/envoy/latest/api-v3/service/ext_proc/v3/external_processor.proto#envoy-v3-api-field-service-ext-proc-v3-commonresponse-clear-route-cache) field is set in an external processor response. | | `forwardRules` | [.extproc.options.gloo.solo.io.HeaderForwardingRules](../extproc.proto.sk/#headerforwardingrules) | Allow headers matching the `forward_rules` to be forwarded to the external processing server. If not set, all headers are forwarded to the external processing server. | @@ -119,9 +119,9 @@ External processor settings that can be configured on a virtual host or route. | ----- | ---- | ----------- | | `extProcServerRef` | [.core.solo.io.ResourceRef](../../../../../../../../../solo-kit/api/v1/ref.proto.sk/#resourceref) | A reference to the Upstream representing the external processor gRPC server. See https://www.envoyproxy.io/docs/envoy/latest/api-v3/service/ext_proc/v3/external_processor.proto for details. | | `authority` | [.google.protobuf.StringValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/string-value) | The `:authority` header in the grpc request. If this field is not set, the authority header value will be the cluster name. Note that this authority does not override the SNI. The SNI is provided by the transport socket of the cluster. | -| `retryPolicy` | [.solo.io.envoy.config.core.v3.RetryPolicy](../../../../../external/envoy/config/core/v3/base.proto.sk/#retrypolicy) | Indicates the retry policy for re-establishing the gRPC stream This field is optional. If max interval is not provided, it will be set to ten times the provided base interval. Currently only supported for xDS gRPC streams. If not set, xDS gRPC streams default base interval:500ms, maximum interval:30s will be applied. | +| `retryPolicy` | .solo.io.envoy.config.core.v3.RetryPolicy | Indicates the retry policy for re-establishing the gRPC stream This field is optional. If max interval is not provided, it will be set to ten times the provided base interval. Currently only supported for xDS gRPC streams. If not set, xDS gRPC streams default base interval:500ms, maximum interval:30s will be applied. | | `timeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The timeout for the gRPC request. This is the timeout for a specific request. | -| `initialMetadata` | [[]solo.io.envoy.config.core.v3.HeaderValue](../../../../../external/envoy/config/core/v3/base.proto.sk/#headervalue) | Additional metadata to include in streams initiated to the GrpcService. This can be used for scenarios in which additional ad hoc authorization headers (e.g. `x-foo-bar: baz-key`) are to be injected. For more information, including details on header value syntax, see the documentation on [custom request headers](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_conn_man/headers#config-http-conn-man-headers-custom-request-headers). | +| `initialMetadata` | []solo.io.envoy.config.core.v3.HeaderValue | Additional metadata to include in streams initiated to the GrpcService. This can be used for scenarios in which additional ad hoc authorization headers (e.g. `x-foo-bar: baz-key`) are to be injected. For more information, including details on header value syntax, see the documentation on [custom request headers](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_conn_man/headers#config-http-conn-man-headers-custom-request-headers). | @@ -144,7 +144,7 @@ External processor settings that can be configured on a virtual host or route. | Field | Type | Description | | ----- | ---- | ----------- | -| `processingMode` | [.solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode](../../../../../external/envoy/extensions/filters/http/ext_proc/v3/processing_mode.proto.sk/#processingmode) | Set a different processing mode for this virtual host or route than the default. | +| `processingMode` | .solo.io.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode | Set a different processing mode for this virtual host or route than the default. | | `asyncMode` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | NOT CURRENTLY IMPLEMENTED. Set a different asynchronous processing option than the default. | | `requestAttributes` | `[]string` | NOT FINALIZED UPSTREAM use at your own upgrade risk Set different optional attributes than the default setting of the `request_attributes` field. | | `responseAttributes` | `[]string` | NOT FINALIZED UPSTREAM use at your own upgrade risk Set different optional properties than the default setting of the `response_attributes` field. | @@ -172,8 +172,8 @@ for details. | Field | Type | Description | | ----- | ---- | ----------- | -| `allowedHeaders` | [.solo.io.envoy.type.matcher.v3.ListStringMatcher](../../../../../external/envoy/type/matcher/v3/string.proto.sk/#liststringmatcher) | If set, specifically allow any header in this list to be forwarded to the external processing server. This can be overridden by the below `disallowed_headers`. | -| `disallowedHeaders` | [.solo.io.envoy.type.matcher.v3.ListStringMatcher](../../../../../external/envoy/type/matcher/v3/string.proto.sk/#liststringmatcher) | If set, specifically disallow any header in this list to be forwarded to the external processing server. This overrides the above `allowed_headers` if a header matches both. NOT CURRENTLY IMPLEMENTED. | +| `allowedHeaders` | .solo.io.envoy.type.matcher.v3.ListStringMatcher | If set, specifically allow any header in this list to be forwarded to the external processing server. This can be overridden by the below `disallowed_headers`. | +| `disallowedHeaders` | .solo.io.envoy.type.matcher.v3.ListStringMatcher | If set, specifically disallow any header in this list to be forwarded to the external processing server. This overrides the above `allowed_headers` if a header matches both. NOT CURRENTLY IMPLEMENTED. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/jwt/jwt.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/jwt/jwt.proto.sk.md index d938f07e645..b55f2354f34 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/jwt/jwt.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/jwt/jwt.proto.sk.md @@ -209,7 +209,7 @@ weight: 5 | `url` | `string` | The url used when accessing the upstream for Json Web Key Set. This is used to set the host and path in the request. | | `upstreamRef` | [.core.solo.io.ResourceRef](../../../../../../../../../solo-kit/api/v1/ref.proto.sk/#resourceref) | The Upstream representing the Json Web Key Set server. | | `cacheDuration` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Duration after which the cached JWKS should be expired. If not specified, default cache duration is 5 minutes. | -| `asyncFetch` | [.solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwksAsyncFetch](../../../../../external/envoy/extensions/filters/http/jwt_authn/v3/config.proto.sk/#jwksasyncfetch) | Fetch Jwks asynchronously in the main thread before the listener is activated. Fetched Jwks can be used by all worker threads. If this feature is not enabled: * The Jwks is fetched on-demand when the requests come. During the fetching, first few requests are paused until the Jwks is fetched. * Each worker thread fetches its own Jwks since Jwks cache is per worker thread. If this feature is enabled: * Fetched Jwks is done in the main thread before the listener is activated. Its fetched Jwks can be used by all worker threads. Each worker thread doesn't need to fetch its own. * Jwks is ready when the requests come, not need to wait for the Jwks fetching. | +| `asyncFetch` | .solo.io.envoy.extensions.filters.http.jwt_authn.v3.JwksAsyncFetch | Fetch Jwks asynchronously in the main thread before the listener is activated. Fetched Jwks can be used by all worker threads. If this feature is not enabled: * The Jwks is fetched on-demand when the requests come. During the fetching, first few requests are paused until the Jwks is fetched. * Each worker thread fetches its own Jwks since Jwks cache is per worker thread. If this feature is enabled: * Fetched Jwks is done in the main thread before the listener is activated. Its fetched Jwks can be used by all worker threads. Each worker thread doesn't need to fetch its own. * Jwks is ready when the requests come, not need to wait for the Jwks fetching. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/waf/waf.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/waf/waf.proto.sk.md index 35766803b23..4b36a3ddebb 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/waf/waf.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/waf/waf.proto.sk.md @@ -46,9 +46,9 @@ weight: 5 | `disabled` | `bool` | Disable waf on this resource (if omitted defaults to false). If a route/virtual host is configured with WAF, you must explicitly disable its WAF, i.e., it will not inherit the disabled status of its parent. | | `customInterventionMessage` | `string` | Custom massage to display if an intervention occurs. | | `coreRuleSet` | [.waf.options.gloo.solo.io.CoreRuleSet](../waf.proto.sk/#coreruleset) | Add OWASP core rule set if nil will not be added. | -| `ruleSets` | [[]envoy.config.filter.http.modsecurity.v2.RuleSet](../../../../../external/envoy/extensions/waf/waf.proto.sk/#ruleset) | Custom rule sets to add. Any subsequent changes to the rules in these files are not automatically updated. To update rules from files, version and update the file name. If you want dynamically updated rules, use the `configMapRuleSets` option instead. | +| `ruleSets` | []envoy.config.filter.http.modsecurity.v2.RuleSet | Custom rule sets to add. Any subsequent changes to the rules in these files are not automatically updated. To update rules from files, version and update the file name. If you want dynamically updated rules, use the `configMapRuleSets` option instead. | | `configMapRuleSets` | [[]waf.options.gloo.solo.io.RuleSetFromConfigMap](../waf.proto.sk/#rulesetfromconfigmap) | Kubernetes configmaps with the rule sets that you want to use. The rules must be in the value of the key-value mappings in the `data` field of the configmap. Subsequent updates to the configmap values are dynamically updated in the configuration. | -| `auditLogging` | [.envoy.config.filter.http.modsecurity.v2.AuditLogging](../../../../../external/envoy/extensions/waf/waf.proto.sk/#auditlogging) | Audit Log settings. | +| `auditLogging` | .envoy.config.filter.http.modsecurity.v2.AuditLogging | Audit Log settings. | | `requestHeadersOnly` | `bool` | Only process request headers, not buffering the request body. | | `responseHeadersOnly` | `bool` | Only process response headers, not buffering the response body. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/http_listener_options.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/http_listener_options.proto.sk.md index 4154e54cfda..a31fa279b72 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/http_listener_options.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/http_listener_options.proto.sk.md @@ -73,10 +73,10 @@ Optional, feature-specific configuration that lives on http listeners | `caching` | [.caching.options.gloo.solo.io.Settings](../enterprise/options/caching/caching.proto.sk/#settings) | Enterprise-only: Settings for the cache server itself. | | `disableExtProc` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Enterprise-only: Set to true to disable the External Processing filter for this listener. This can be overridden by child VirtualHostOptions or RouteOptions. Only one of `disableExtProc` or `extProc` can be set. | | `extProc` | [.extproc.options.gloo.solo.io.Settings](../enterprise/options/extproc/extproc.proto.sk/#settings) | Enterprise-only: External Processing filter settings for the listener. This can be used to override the defaults from the global settings (via shallow merge). Some of the settings on the listener can be overridden by child VirtualHostOptions or RouteOptions. Only one of `extProc` or `disableExtProc` can be set. | -| `gzip` | [.solo.io.envoy.config.filter.http.gzip.v2.Gzip](../../external/envoy/config/filter/http/gzip/v2/gzip.proto.sk/#gzip) | Gzip is an HTTP option which enables Gloo to compress data returned from an upstream service upon client request. Compression is useful in situations where large payloads need to be transmitted without compromising the response time. Example: ``` gzip: contentType: - "application/json" compressionLevel: BEST ```. | -| `proxyLatency` | [.envoy.config.filter.http.proxylatency.v2.ProxyLatency](../../external/envoy/extensions/proxylatency/proxylatency.proto.sk/#proxylatency) | Enterprise-only: Proxy latency. | -| `buffer` | [.solo.io.envoy.extensions.filters.http.buffer.v3.Buffer](../../external/envoy/extensions/filters/http/buffer/v3/buffer.proto.sk/#buffer) | Buffer can be used to set the maximum request size that the filter will buffer before the connection manager will stop buffering and return a 413 response. | -| `csrf` | [.solo.io.envoy.extensions.filters.http.csrf.v3.CsrfPolicy](../../external/envoy/extensions/filters/http/csrf/v3/csrf.proto.sk/#csrfpolicy) | Csrf can be used to set percent of requests for which the CSRF filter is enabled, enable shadow-only mode where policies will be evaluated and tracked, but not enforced and add additional source origins that will be allowed in addition to the destination origin. For more, see https://www.envoyproxy.io/docs/envoy/latest/api-v2/config/filter/http/csrf/v2/csrf.proto. | +| `gzip` | .solo.io.envoy.config.filter.http.gzip.v2.Gzip | Gzip is an HTTP option which enables Gloo to compress data returned from an upstream service upon client request. Compression is useful in situations where large payloads need to be transmitted without compromising the response time. Example: ``` gzip: contentType: - "application/json" compressionLevel: BEST ```. | +| `proxyLatency` | .envoy.config.filter.http.proxylatency.v2.ProxyLatency | Enterprise-only: Proxy latency. | +| `buffer` | .solo.io.envoy.extensions.filters.http.buffer.v3.Buffer | Buffer can be used to set the maximum request size that the filter will buffer before the connection manager will stop buffering and return a 413 response. | +| `csrf` | .solo.io.envoy.extensions.filters.http.csrf.v3.CsrfPolicy | Csrf can be used to set percent of requests for which the CSRF filter is enabled, enable shadow-only mode where policies will be evaluated and tracked, but not enforced and add additional source origins that will be allowed in addition to the destination origin. For more, see https://www.envoyproxy.io/docs/envoy/latest/api-v2/config/filter/http/csrf/v2/csrf.proto. | | `grpcJsonTranscoder` | [.grpc_json.options.gloo.solo.io.GrpcJsonTranscoder](../options/grpc_json/grpc_json.proto.sk/#grpcjsontranscoder) | Exposed envoy config for the gRPC to JSON transcoding filter, envoy.filters.http.grpc_json_transcoder. For more, see https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/http/grpc_json_transcoder/v3/transcoder.proto. | | `sanitizeClusterHeader` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Enterprise-only: If using the HTTP header specified by cluster_header to direct traffic to a cluster, this option will sanitize that header from downstream traffic. Defaults to false. | | `leftmostXffAddress` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Enterprise-only: Setting this value to true will grab the leftmost IP address from the x-forwarded-for header and set it as the downstream address. It is worth noting that the x-forwarded-for header can be tampered with by clients and should therefore be sanitized by any preceding proxies / load balancers if this option is to be used. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/als/als.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/als/als.proto.sk.md index 171755815ab..b92d3ffaf02 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/als/als.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/als/als.proto.sk.md @@ -175,7 +175,7 @@ Filter on an integer comparison. | Field | Type | Description | | ----- | ---- | ----------- | | `op` | [.als.options.gloo.solo.io.ComparisonFilter.Op](../als.proto.sk/#op) | Comparison operator. | -| `value` | [.solo.io.envoy.config.core.v3.RuntimeUInt32](../../../../external/envoy/config/core/v3/base.proto.sk/#runtimeuint32) | Value to compare against. Note that the `defaultValue` field must be defined unless the `runtimeKey` matches a key that is defined in Envoy's [runtime configuration layer](https://www.envoyproxy.io/docs/envoy/v1.30.0/configuration/operations/runtime#config-runtime-bootstrap). Gloo Gateway does not include a key by default. To specify a key-value pair, use the [gatewayProxies.NAME.customStaticLayer]({{< versioned_link_path fromRoot="/reference/helm_chart_values/" >}}) Helm value or set the key at runtime by using the gateway proxy admin interface. | +| `value` | .solo.io.envoy.config.core.v3.RuntimeUInt32 | Value to compare against. Note that the `defaultValue` field must be defined unless the `runtimeKey` matches a key that is defined in Envoy's [runtime configuration layer](https://www.envoyproxy.io/docs/envoy/v1.30.0/configuration/operations/runtime#config-runtime-bootstrap). Gloo Gateway does not include a key by default. To specify a key-value pair, use the [gatewayProxies.NAME.customStaticLayer]({{< versioned_link_path fromRoot="/reference/helm_chart_values/" >}}) Helm value or set the key at runtime by using the gateway proxy admin interface. | @@ -280,7 +280,7 @@ Filters for random sampling of requests. | Field | Type | Description | | ----- | ---- | ----------- | | `runtimeKey` | `string` | Runtime key to get an optional overridden numerator for use in the `percent_sampled` field. If found in runtime, this value will replace the default numerator. | -| `percentSampled` | [.solo.io.envoy.type.v3.FractionalPercent](../../../../external/envoy/type/v3/percent.proto.sk/#fractionalpercent) | The default sampling percentage. If not specified, defaults to 0% with denominator of 100. | +| `percentSampled` | .solo.io.envoy.type.v3.FractionalPercent | The default sampling percentage. If not specified, defaults to 0% with denominator of 100. | | `useIndependentRandomness` | `bool` | By default, sampling pivots on the header :ref:`x-request-id` being present. If :ref:`x-request-id` is present, the filter will consistently sample across multiple hosts based on the runtime key value and the value extracted from :ref:`x-request-id`. If it is missing, or `use_independent_randomness` is set to true, the filter will randomly sample based on the runtime key value alone. `use_independent_randomness` can be used for logging kill switches within complex nested :ref:`AndFilter ` and :ref:`OrFilter ` blocks that are easier to reason about from a probability perspective (i.e., setting to true will cause the filter to behave like an independent random variable when composed within logical operator filters). | @@ -339,7 +339,7 @@ Filters requests based on the presence or value of a request header. | Field | Type | Description | | ----- | ---- | ----------- | -| `header` | [.solo.io.envoy.config.route.v3.HeaderMatcher](../../../../external/envoy/config/route/v3/route_components.proto.sk/#headermatcher) | Only requests with a header which matches the specified HeaderMatcher will pass the filter check. | +| `header` | .solo.io.envoy.config.route.v3.HeaderMatcher | Only requests with a header which matches the specified HeaderMatcher will pass the filter check. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.proto.sk.md index c02d37c1947..25fc4a0d0fc 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/dynamic_forward_proxy/dynamic_forward_proxy.proto.sk.md @@ -110,7 +110,7 @@ Configuration for the dynamic forward proxy DNS cache. See the :ref:`architectur | `dnsCacheCircuitBreaker` | [.dfp.options.gloo.solo.io.DnsCacheCircuitBreakers](../dynamic_forward_proxy.proto.sk/#dnscachecircuitbreakers) | The config of circuit breakers for resolver. It provides a configurable threshold. Envoy will use dns cache circuit breakers with default settings even if this value is not set. | | `caresDns` | [.dfp.options.gloo.solo.io.CaresDnsResolverConfig](../dynamic_forward_proxy.proto.sk/#caresdnsresolverconfig) | Only one of `caresDns` or `appleDns` can be set. | | `appleDns` | [.dfp.options.gloo.solo.io.AppleDnsResolverConfig](../dynamic_forward_proxy.proto.sk/#applednsresolverconfig) | Only one of `appleDns` or `caresDns` can be set. | -| `preresolveHostnames` | [[]solo.io.envoy.config.core.v3.SocketAddress](../../../../external/envoy/config/core/v3/address.proto.sk/#socketaddress) | Hostnames that should be preresolved into the cache upon creation. This might provide a performance improvement, in the form of cache hits, for hostnames that are going to be resolved during steady state and are known at config load time. | +| `preresolveHostnames` | []solo.io.envoy.config.core.v3.SocketAddress | Hostnames that should be preresolved into the cache upon creation. This might provide a performance improvement, in the form of cache hits, for hostnames that are going to be resolved during steady state and are known at config load time. | | `dnsQueryTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | The timeout used for DNS queries. This timeout is independent of any timeout and retry policy used by the underlying DNS implementation (e.g., c-areas and Apple DNS) which are opaque. Setting this timeout will ensure that queries succeed or fail within the specified time frame and are then retried using the standard refresh rates. Defaults to 5s if not set. | @@ -189,7 +189,7 @@ Configuration for c-ares DNS resolver. | Field | Type | Description | | ----- | ---- | ----------- | -| `resolvers` | [[]solo.io.envoy.config.core.v3.Address](../../../../external/envoy/config/core/v3/address.proto.sk/#address) | A list of dns resolver addresses. :ref:`use_resolvers_as_fallback` below dictates if the DNS client should override system defaults or only use the provided resolvers if the system defaults are not available, i.e., as a fallback. | +| `resolvers` | []solo.io.envoy.config.core.v3.Address | A list of dns resolver addresses. :ref:`use_resolvers_as_fallback` below dictates if the DNS client should override system defaults or only use the provided resolvers if the system defaults are not available, i.e., as a fallback. | | `dnsResolverOptions` | [.dfp.options.gloo.solo.io.DnsResolverOptions](../dynamic_forward_proxy.proto.sk/#dnsresolveroptions) | Configuration of DNS resolver option flags which control the behavior of the DNS resolver. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/rest/rest.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/rest/rest.proto.sk.md index 7e48a793946..dd0c9697471 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/rest/rest.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/rest/rest.proto.sk.md @@ -79,7 +79,7 @@ This is only for upstream with REST service spec | ----- | ---- | ----------- | | `functionName` | `string` | | | `parameters` | [.transformation.options.gloo.solo.io.Parameters](../../transformation/parameters.proto.sk/#parameters) | | -| `responseTransformation` | [.envoy.api.v2.filter.http.TransformationTemplate](../../../../external/envoy/extensions/transformation/transformation.proto.sk/#transformationtemplate) | | +| `responseTransformation` | .envoy.api.v2.filter.http.TransformationTemplate | | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/tracing/tracing.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/tracing/tracing.proto.sk.md index 4e1adef1f5e..a9329f9b88e 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/tracing/tracing.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/tracing/tracing.proto.sk.md @@ -52,10 +52,10 @@ See [here](https://docs.solo.io/gloo-edge/latest/guides/observability/tracing/) | `requestHeadersForTags` | [[]google.protobuf.StringValue](../../../../../../../../protoc-gen-ext/external/google/protobuf/wrappers.proto.sk/#stringvalue) | Optional. If specified, Envoy will include the headers and header values for any matching request headers. | | `verbose` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Optional. If true, Envoy will include logs for streaming events. Default: false. | | `tracePercentages` | [.tracing.options.gloo.solo.io.TracePercentages](../tracing.proto.sk/#tracepercentages) | Requests can produce traces by random sampling or when the `x-client-trace-id` header is provided. TracePercentages defines the limits for random, forced, and overall tracing percentages. | -| `zipkinConfig` | [.solo.io.envoy.config.trace.v3.ZipkinConfig](../../../../external/envoy/config/trace/v3/zipkin.proto.sk/#zipkinconfig) | Only one of `zipkinConfig`, `datadogConfig`, `openTelemetryConfig`, or `openCensusConfig` can be set. | -| `datadogConfig` | [.solo.io.envoy.config.trace.v3.DatadogConfig](../../../../external/envoy/config/trace/v3/datadog.proto.sk/#datadogconfig) | Only one of `datadogConfig`, `zipkinConfig`, `openTelemetryConfig`, or `openCensusConfig` can be set. | -| `openTelemetryConfig` | [.solo.io.envoy.config.trace.v3.OpenTelemetryConfig](../../../../external/envoy/config/trace/v3/opentelemetry.proto.sk/#opentelemetryconfig) | Only one of `openTelemetryConfig`, `zipkinConfig`, `datadogConfig`, or `openCensusConfig` can be set. | -| `openCensusConfig` | [.solo.io.envoy.config.trace.v3.OpenCensusConfig](../../../../external/envoy/config/trace/v3/opencensus.proto.sk/#opencensusconfig) | Only one of `openCensusConfig`, `zipkinConfig`, `datadogConfig`, or `openTelemetryConfig` can be set. | +| `zipkinConfig` | .solo.io.envoy.config.trace.v3.ZipkinConfig | Only one of `zipkinConfig`, `datadogConfig`, `openTelemetryConfig`, or `openCensusConfig` can be set. | +| `datadogConfig` | .solo.io.envoy.config.trace.v3.DatadogConfig | Only one of `datadogConfig`, `zipkinConfig`, `openTelemetryConfig`, or `openCensusConfig` can be set. | +| `openTelemetryConfig` | .solo.io.envoy.config.trace.v3.OpenTelemetryConfig | Only one of `openTelemetryConfig`, `zipkinConfig`, `datadogConfig`, or `openCensusConfig` can be set. | +| `openCensusConfig` | .solo.io.envoy.config.trace.v3.OpenCensusConfig | Only one of `openCensusConfig`, `zipkinConfig`, `datadogConfig`, or `openTelemetryConfig` can be set. | | `environmentVariablesForTags` | [[]tracing.options.gloo.solo.io.TracingTagEnvironmentVariable](../tracing.proto.sk/#tracingtagenvironmentvariable) | Optional. If specified, Envoy will include the environment variables with the given tag as tracing tags. | | `literalsForTags` | [[]tracing.options.gloo.solo.io.TracingTagLiteral](../tracing.proto.sk/#tracingtagliteral) | Optional. If specified, Envoy will include the literals with the given tag as tracing tags. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/transformation/transformation.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/transformation/transformation.proto.sk.md index 30f2db4b67a..7b166a86138 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/transformation/transformation.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/transformation/transformation.proto.sk.md @@ -169,7 +169,7 @@ User-facing API for transformation. | ----- | ---- | ----------- | | `transformationTemplate` | [.transformation.options.gloo.solo.io.TransformationTemplate](../transformation.proto.sk/#transformationtemplate) | Apply transformation templates. Only one of `transformationTemplate`, `headerBodyTransform`, or `xsltTransformation` can be set. | | `headerBodyTransform` | [.transformation.options.gloo.solo.io.HeaderBodyTransform](../transformation.proto.sk/#headerbodytransform) | This type of transformation will make all the headers available in the response body. The resulting JSON body will consist of two attributes: 'headers', containing the headers, and 'body', containing the original body. Only one of `headerBodyTransform`, `transformationTemplate`, or `xsltTransformation` can be set. | -| `xsltTransformation` | [.envoy.config.transformer.xslt.v2.XsltTransformation](../../../../external/envoy/extensions/transformers/xslt/xslt_transformer.proto.sk/#xslttransformation) | (Enterprise Only): Xslt Transformation. Only one of `xsltTransformation`, `transformationTemplate`, or `headerBodyTransform` can be set. | +| `xsltTransformation` | .envoy.config.transformer.xslt.v2.XsltTransformation | (Enterprise Only): Xslt Transformation. Only one of `xsltTransformation`, `transformationTemplate`, or `headerBodyTransform` can be set. | | `logRequestResponseInfo` | `bool` | When enabled, log request/response body and headers before and after this transformation is applied. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/proxy.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/proxy.proto.sk.md index 63f087d1560..0a333c30230 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/proxy.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/proxy.proto.sk.md @@ -300,8 +300,8 @@ Some traffic policies can be configured to work both on the listener and virtual | Field | Type | Description | | ----- | ---- | ----------- | | `sslConfig` | [.gloo.solo.io.SslConfig](../ssl/ssl.proto.sk/#sslconfig) | Gloo use SNI domains as matching criteria for Gateway selection The other ssl_config properties will be applied to the outputFilterChain's transport socket SslConfig from VirtualServices will be ignored in a MatchedGateway. | -| `sourcePrefixRanges` | [[]solo.io.envoy.config.core.v3.CidrRange](../../external/envoy/config/core/v3/address.proto.sk/#cidrrange) | Source addresses to match. This value is either the actual addresses used to connect, or addresses that are overridden by using PROXY protocol or original_src. | -| `prefixRanges` | [[]solo.io.envoy.config.core.v3.CidrRange](../../external/envoy/config/core/v3/address.proto.sk/#cidrrange) | Destination addresses to match. This value is either the actual addresses used to connect, or addresses that are overridden by using PROXY protocol or original_dst. | +| `sourcePrefixRanges` | []solo.io.envoy.config.core.v3.CidrRange | Source addresses to match. This value is either the actual addresses used to connect, or addresses that are overridden by using PROXY protocol or original_src. | +| `prefixRanges` | []solo.io.envoy.config.core.v3.CidrRange | Destination addresses to match. This value is either the actual addresses used to connect, or addresses that are overridden by using PROXY protocol or original_dst. | | `destinationPort` | [.google.protobuf.UInt32Value](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/u-int-32-value) | Optional destination port to consider in determining a filter chain match. Filter chains that specify the destination port of incoming traffic are the most specific match. If no filter chain specifies the exact destination port, the filter chains which do not specify ports are the most specific match. | | `passthroughCipherSuites` | `[]string` | | @@ -623,7 +623,7 @@ Notice: RedirectAction is copied directly from https://github.com/envoyproxy/env | `hostRedirect` | `string` | The host portion of the URL will be swapped with this value. | | `pathRedirect` | `string` | The path portion of the URL will be swapped with this value. Only one of `pathRedirect`, `prefixRewrite`, or `regexRewrite` can be set. | | `prefixRewrite` | `string` | Indicates that during redirection, the matched prefix (or path) should be swapped with this value. This option allows redirect URLs be dynamically created based on the request. Pay attention to the use of trailing slashes as mentioned in `RouteAction`'s `prefix_rewrite`. Only one of `prefixRewrite`, `pathRedirect`, or `regexRewrite` can be set. | -| `regexRewrite` | [.solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute](../../external/envoy/type/matcher/v3/regex.proto.sk/#regexmatchandsubstitute) | Indicates that during forwarding, portions of the path that match the pattern should be rewritten, even allowing the substitution of capture groups from the pattern into the new path as specified by the rewrite substitution string. This is useful to allow application paths to be rewritten in a way that is aware of segments with variable content like identifiers. The router filter will place the original path as it was before the rewrite into the :ref:`x-envoy-original-path ` header. Only one of :ref:`prefix_rewrite ` or *regex_rewrite* may be specified. Examples using Google's [RE2](https://github.com/google/re2) engine: * The path pattern `^/service/([^/]+)(/.*)$` paired with a substitution string of `\2/instance/\1` would transform `/service/foo/v1/api` into `/v1/api/instance/foo`. * The pattern `one` paired with a substitution string of `two` would transform `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/two/zzz`. * The pattern `^(.*?)one(.*)$` paired with a substitution string of `\1two\2` would replace only the first occurrence of `one`, transforming path `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/one/zzz`. * The pattern `(?i)/xxx/` paired with a substitution string of `/yyy/` would do a case-insensitive match and transform path `/aaa/XxX/bbb` to `/aaa/yyy/bbb`. Only one of `regexRewrite`, `pathRedirect`, or `prefixRewrite` can be set. | +| `regexRewrite` | .solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute | Indicates that during forwarding, portions of the path that match the pattern should be rewritten, even allowing the substitution of capture groups from the pattern into the new path as specified by the rewrite substitution string. This is useful to allow application paths to be rewritten in a way that is aware of segments with variable content like identifiers. The router filter will place the original path as it was before the rewrite into the :ref:`x-envoy-original-path ` header. Only one of :ref:`prefix_rewrite ` or *regex_rewrite* may be specified. Examples using Google's [RE2](https://github.com/google/re2) engine: * The path pattern `^/service/([^/]+)(/.*)$` paired with a substitution string of `\2/instance/\1` would transform `/service/foo/v1/api` into `/v1/api/instance/foo`. * The pattern `one` paired with a substitution string of `two` would transform `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/two/zzz`. * The pattern `^(.*?)one(.*)$` paired with a substitution string of `\1two\2` would replace only the first occurrence of `one`, transforming path `/xxx/one/yyy/one/zzz` into `/xxx/two/yyy/one/zzz`. * The pattern `(?i)/xxx/` paired with a substitution string of `/yyy/` would do a case-insensitive match and transform path `/aaa/XxX/bbb` to `/aaa/yyy/bbb`. Only one of `regexRewrite`, `pathRedirect`, or `prefixRewrite` can be set. | | `responseCode` | [.gloo.solo.io.RedirectAction.RedirectResponseCode](../proxy.proto.sk/#redirectresponsecode) | The HTTP status code to use in the redirect response. The default response code is MOVED_PERMANENTLY (301). | | `httpsRedirect` | `bool` | The scheme portion of the URL will be swapped with "https". | | `stripQuery` | `bool` | Indicates that during redirection, the query portion of the URL will be removed. Default value is false. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/route_options.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/route_options.proto.sk.md index ce463d5963e..3e7df2bab92 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/route_options.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/route_options.proto.sk.md @@ -89,7 +89,7 @@ to be usable by Gloo. (plugins currently need to be compiled into Gloo) | `headerManipulation` | [.headers.options.gloo.solo.io.HeaderManipulation](../options/headers/headers.proto.sk/#headermanipulation) | Append/Remove headers on Requests or Responses on this Route. | | `hostRewrite` | `string` | Indicates that during forwarding, the host header will be swapped with this value. Only one of `hostRewrite`, `autoHostRewrite`, `hostRewritePathRegex`, or `hostRewriteHeader` can be set. | | `autoHostRewrite` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Enable/Disable auto host re-write. Indicates that the host header will be swapped with the hostname of the upstream host. This setting is only honored for upstreams that use DNS resolution (i.e., their generated Envoy cluster is of type STRICT_DNS or LOGICAL_DNS -- think aws, azure, or static upstreams with hostnames). Only one of `autoHostRewrite`, `hostRewrite`, `hostRewritePathRegex`, or `hostRewriteHeader` can be set. | -| `hostRewritePathRegex` | [.solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute](../../external/envoy/type/matcher/v3/regex.proto.sk/#regexmatchandsubstitute) | Indicates that during forwarding, the host header will be swapped with the result of the regex substitution executed on path value with query and fragment removed. Only one of `hostRewritePathRegex`, `hostRewrite`, `autoHostRewrite`, or `hostRewriteHeader` can be set. | +| `hostRewritePathRegex` | .solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute | Indicates that during forwarding, the host header will be swapped with the result of the regex substitution executed on path value with query and fragment removed. Only one of `hostRewritePathRegex`, `hostRewrite`, `autoHostRewrite`, or `hostRewriteHeader` can be set. | | `hostRewriteHeader` | [.google.protobuf.StringValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/string-value) | Indicates that during forwarding, the host header will be swapped with the content of given downstream or custom header. If header value is empty, host header is left intact. Using this option will append the x-forwarded-host header if append_x_forwarded_host is set. Only one of `hostRewriteHeader`, `hostRewrite`, `autoHostRewrite`, or `hostRewritePathRegex` can be set. | | `appendXForwardedHost` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | If true and there is a host rewrite, appends the x-forwarded-host header to requests. | | `cors` | [.cors.options.gloo.solo.io.CorsPolicy](../options/cors/cors.proto.sk/#corspolicy) | Defines a CORS policy for the route. If a CORS policy is defined on both the route and the virtual host, the merge behavior for these policies is determined by the CorsPolicyMergeSettings defined on the VirtualHost. | @@ -109,11 +109,11 @@ to be usable by Gloo. (plugins currently need to be compiled into Gloo) | `rbac` | [.rbac.options.gloo.solo.io.ExtensionSettings](../enterprise/options/rbac/rbac.proto.sk/#extensionsettings) | Enterprise-only: Config for RBAC (currently only supports RBAC based on JWT claims). | | `extauth` | [.enterprise.gloo.solo.io.ExtAuthExtension](../enterprise/options/extauth/v1/extauth.proto.sk/#extauthextension) | Enterprise-only: Authentication configuration. | | `dlp` | [.dlp.options.gloo.solo.io.Config](../enterprise/options/dlp/dlp.proto.sk/#config) | Enterprise-only: Config for data loss prevention. | -| `bufferPerRoute` | [.solo.io.envoy.extensions.filters.http.buffer.v3.BufferPerRoute](../../external/envoy/extensions/filters/http/buffer/v3/buffer.proto.sk/#bufferperroute) | BufferPerRoute can be used to set the maximum request size that the filter will buffer before the connection manager will stop buffering and return a 413 response. Note: If you have not set a global config (at the gateway level), this override will not do anything by itself. | -| `csrf` | [.solo.io.envoy.extensions.filters.http.csrf.v3.CsrfPolicy](../../external/envoy/extensions/filters/http/csrf/v3/csrf.proto.sk/#csrfpolicy) | Csrf can be used to set percent of requests for which the CSRF filter is enabled, enable shadow-only mode where policies will be evaluated and tracked, but not enforced and add additional source origins that will be allowed in addition to the destination origin. For more, see https://www.envoyproxy.io/docs/envoy/latest/api-v2/config/filter/http/csrf/v2/csrf.proto. | +| `bufferPerRoute` | .solo.io.envoy.extensions.filters.http.buffer.v3.BufferPerRoute | BufferPerRoute can be used to set the maximum request size that the filter will buffer before the connection manager will stop buffering and return a 413 response. Note: If you have not set a global config (at the gateway level), this override will not do anything by itself. | +| `csrf` | .solo.io.envoy.extensions.filters.http.csrf.v3.CsrfPolicy | Csrf can be used to set percent of requests for which the CSRF filter is enabled, enable shadow-only mode where policies will be evaluated and tracked, but not enforced and add additional source origins that will be allowed in addition to the destination origin. For more, see https://www.envoyproxy.io/docs/envoy/latest/api-v2/config/filter/http/csrf/v2/csrf.proto. | | `stagedTransformations` | [.transformation.options.gloo.solo.io.TransformationStages](../options/transformation/transformation.proto.sk/#transformationstages) | Early transformations stage. These transformations run before most other options are processed. If the `regular` field is set in here, the `transformations` field is ignored. | | `envoyMetadata` | `map` | This field can be used to provide additional information about the route. This metadata can be consumed by the Envoy filters that process requests that match the route. For more info about metadata, see [here](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/data_sharing_between_filters#metadata). The value of this field will be propagated to the `metadata` attribute of the corresponding Envoy route. Please refer to the [Envoy documentation](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/route_components.proto#config-route-v3-route) for more details about the `metadata` attribute. | -| `regexRewrite` | [.solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute](../../external/envoy/type/matcher/v3/regex.proto.sk/#regexmatchandsubstitute) | For requests matched on this route, rewrite the HTTP request path according to the provided regex pattern before forwarding upstream Please refer to the [Envoy documentation](https://www.envoyproxy.io/docs/envoy/v1.14.1/api-v3/config/route/v3/route_components.proto#envoy-v3-api-field-config-route-v3-routeaction-regex-rewrite) for more details about the `regex_rewrite` attribute. | +| `regexRewrite` | .solo.io.envoy.type.matcher.v3.RegexMatchAndSubstitute | For requests matched on this route, rewrite the HTTP request path according to the provided regex pattern before forwarding upstream Please refer to the [Envoy documentation](https://www.envoyproxy.io/docs/envoy/v1.14.1/api-v3/config/route/v3/route_components.proto#envoy-v3-api-field-config-route-v3-routeaction-regex-rewrite) for more details about the `regex_rewrite` attribute. | | `maxStreamDuration` | [.gloo.solo.io.RouteOptions.MaxStreamDuration](../route_options.proto.sk/#maxstreamduration) | Settings for maximum durations and timeouts for streams on the route. Please refer to the [Envoy documentation](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/route_components.proto#envoy-v3-api-msg-config-route-v3-routeaction-maxstreamduration). | | `idleTimeout` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Specifies the idle timeout for the route. If not specified, there is no per-route idle timeout, although the Gateway's [httpConnectionManagerSettings](https://docs.solo.io/gloo-edge/latest/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/options/hcm/hcm.proto.sk/#httpconnectionmanagersettings) wide stream_idle_timeout will still apply. A value of 0 will completely disable the route’s idle timeout, even if a connection manager stream idle timeout is configured. Please refer to the [Envoy documentation](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/route_components.proto#envoy-v3-api-field-config-route-v3-routeaction-idle-timeout). | | `extProc` | [.extproc.options.gloo.solo.io.RouteSettings](../enterprise/options/extproc/extproc.proto.sk/#routesettings) | Enterprise-only: External Processing filter settings for the route. This can be used to override certain HttpListenerOptions or VirtualHostOptions settings. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/settings.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/settings.proto.sk.md index bddf737bf05..43fb88d4511 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/settings.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/settings.proto.sk.md @@ -806,7 +806,7 @@ Settings specific to the gloo (Envoy xDS server) controller | Field | Type | Description | | ----- | ---- | ----------- | | `enableCredentialsDiscovey` | `bool` | Enable credential discovery via IAM; when this is set, there's no need provide a secret on the upstream when running on AWS environment. Note: This should **ONLY** be enabled when running in an AWS environment, as the AWS code blocks the envoy main thread. This should be negligible when running inside AWS. Only one of `enableCredentialsDiscovey` or `serviceAccountCredentials` can be set. | -| `serviceAccountCredentials` | [.envoy.config.filter.http.aws_lambda.v2.AWSLambdaConfig.ServiceAccountCredentials](../../external/envoy/extensions/aws/filter.proto.sk/#serviceaccountcredentials) | Use projected service account token, and role arn to create temporary credentials with which to authenticate lambda requests. This functionality is meant to work along side EKS service account to IAM binding functionality as outlined here: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html If the following environment values are not present in the gateway-proxy, this option cannot be used. 1. AWS_WEB_IDENTITY_TOKEN_FILE 2. AWS_ROLE_ARN The role which will be assumed by the credentials will be the one specified by AWS_ROLE_ARN, however, this can also be overwritten in the AWS Upstream spec via the role_arn field If they are not specified envoy will NACK the config update, which will show up in the logs when running OS Gloo. When running Gloo enterprise it will be reflected in the prometheus stat: "glooe.solo.io/xds/nack" In order to specify the aws sts endpoint, both the cluster and uri must be set. This is due to an envoy limitation which cannot infer the host or path from the cluster, and therefore must be explicitly specified via the uri. Only one of `serviceAccountCredentials` or `enableCredentialsDiscovey` can be set. | +| `serviceAccountCredentials` | .envoy.config.filter.http.aws_lambda.v2.AWSLambdaConfig.ServiceAccountCredentials | Use projected service account token, and role arn to create temporary credentials with which to authenticate lambda requests. This functionality is meant to work along side EKS service account to IAM binding functionality as outlined here: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html If the following environment values are not present in the gateway-proxy, this option cannot be used. 1. AWS_WEB_IDENTITY_TOKEN_FILE 2. AWS_ROLE_ARN The role which will be assumed by the credentials will be the one specified by AWS_ROLE_ARN, however, this can also be overwritten in the AWS Upstream spec via the role_arn field If they are not specified envoy will NACK the config update, which will show up in the logs when running OS Gloo. When running Gloo enterprise it will be reflected in the prometheus stat: "glooe.solo.io/xds/nack" In order to specify the aws sts endpoint, both the cluster and uri must be set. This is due to an envoy limitation which cannot infer the host or path from the cluster, and therefore must be explicitly specified via the uri. Only one of `serviceAccountCredentials` or `enableCredentialsDiscovey` can be set. | | `propagateOriginalRouting` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Send downstream path and method as `x-envoy-original-path` and `x-envoy-original-method` headers on the request to AWS lambda. Defaults to false. | | `credentialRefreshDelay` | [.google.protobuf.Duration](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/duration) | Sets cadence for refreshing credentials for Service Account. Does nothing if Service account is not set. Does not affect the default filewatch for service account only augments it. Defaults to not refreshing on time period. Suggested is 15 minutes. | | `fallbackToFirstFunction` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | Sets the unsafe behavior where a route can specify a lambda upstream but not set the function to target. It will use the first function which if discovery is enabled the first function is the first function name alphabetically from the last discovery run. This means that the lambda being pointed to could change. Defaults to false. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/upstream.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/upstream.proto.sk.md index 44918575013..8e4c606a35c 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/upstream.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/upstream.proto.sk.md @@ -81,8 +81,8 @@ Each upstream type is handled by a corresponding Gloo plugin. (plugins currently | `sslConfig` | [.gloo.solo.io.UpstreamSslConfig](../ssl/ssl.proto.sk/#upstreamsslconfig) | SslConfig contains the options necessary to configure envoy to originate TLS to an upstream. | | `circuitBreakers` | [.gloo.solo.io.CircuitBreakerConfig](../circuit_breaker.proto.sk/#circuitbreakerconfig) | Circuit breakers for this upstream. if not set, the defaults ones from the Gloo settings will be used. if those are not set, [envoy's defaults](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/circuit_breaker.proto#envoy-api-msg-cluster-circuitbreakers) will be used. | | `loadBalancerConfig` | [.gloo.solo.io.LoadBalancerConfig](../load_balancer.proto.sk/#loadbalancerconfig) | Settings for the load balancer that sends requests to the Upstream. The load balancing method is set to round robin by default. | -| `healthChecks` | [[]solo.io.envoy.api.v2.core.HealthCheck](../../external/envoy/api/v2/core/health_check.proto.sk/#healthcheck) | | -| `outlierDetection` | [.solo.io.envoy.api.v2.cluster.OutlierDetection](../../external/envoy/api/v2/cluster/outlier_detection.proto.sk/#outlierdetection) | | +| `healthChecks` | []solo.io.envoy.api.v2.core.HealthCheck | | +| `outlierDetection` | .solo.io.envoy.api.v2.cluster.OutlierDetection | | | `kube` | [.kubernetes.options.gloo.solo.io.UpstreamSpec](../options/kubernetes/kubernetes.proto.sk/#upstreamspec) | Only one of `kube`, `static`, `pipe`, `aws`, `azure`, `consul`, `awsEc2`, `gcp`, or `ai` can be set. | | `static` | [.static.options.gloo.solo.io.UpstreamSpec](../options/static/static.proto.sk/#upstreamspec) | Only one of `static`, `kube`, `pipe`, `aws`, `azure`, `consul`, `awsEc2`, `gcp`, or `ai` can be set. | | `pipe` | [.pipe.options.gloo.solo.io.UpstreamSpec](../options/pipe/pipe.proto.sk/#upstreamspec) | Only one of `pipe`, `kube`, `static`, `aws`, `azure`, `consul`, `awsEc2`, `gcp`, or `ai` can be set. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/virtual_host_options.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/virtual_host_options.proto.sk.md index 45801835f27..db2e94ee2cb 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/virtual_host_options.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/virtual_host_options.proto.sk.md @@ -82,8 +82,8 @@ to be usable by Gloo. (plugins currently need to be compiled into Gloo) | `rbac` | [.rbac.options.gloo.solo.io.ExtensionSettings](../enterprise/options/rbac/rbac.proto.sk/#extensionsettings) | Enterprise-only: Config for RBAC (currently only supports RBAC based on JWT claims). | | `extauth` | [.enterprise.gloo.solo.io.ExtAuthExtension](../enterprise/options/extauth/v1/extauth.proto.sk/#extauthextension) | Enterprise-only: Authentication configuration. | | `dlp` | [.dlp.options.gloo.solo.io.Config](../enterprise/options/dlp/dlp.proto.sk/#config) | Enterprise-only: Config for data loss prevention. | -| `bufferPerRoute` | [.solo.io.envoy.extensions.filters.http.buffer.v3.BufferPerRoute](../../external/envoy/extensions/filters/http/buffer/v3/buffer.proto.sk/#bufferperroute) | BufferPerRoute can be used to set the maximum request size that the filter will buffer before the connection manager will stop buffering and return a 413 response. Note: If you have not set a global config (at the gateway level), this override will not do anything by itself. | -| `csrf` | [.solo.io.envoy.extensions.filters.http.csrf.v3.CsrfPolicy](../../external/envoy/extensions/filters/http/csrf/v3/csrf.proto.sk/#csrfpolicy) | Csrf can be used to set percent of requests for which the CSRF filter is enabled, enable shadow-only mode where policies will be evaluated and tracked, but not enforced and add additional source origins that will be allowed in addition to the destination origin. For more, see https://www.envoyproxy.io/docs/envoy/latest/api-v2/config/filter/http/csrf/v2/csrf.proto. | +| `bufferPerRoute` | .solo.io.envoy.extensions.filters.http.buffer.v3.BufferPerRoute | BufferPerRoute can be used to set the maximum request size that the filter will buffer before the connection manager will stop buffering and return a 413 response. Note: If you have not set a global config (at the gateway level), this override will not do anything by itself. | +| `csrf` | .solo.io.envoy.extensions.filters.http.csrf.v3.CsrfPolicy | Csrf can be used to set percent of requests for which the CSRF filter is enabled, enable shadow-only mode where policies will be evaluated and tracked, but not enforced and add additional source origins that will be allowed in addition to the destination origin. For more, see https://www.envoyproxy.io/docs/envoy/latest/api-v2/config/filter/http/csrf/v2/csrf.proto. | | `includeRequestAttemptCount` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | IncludeRequestAttemptCount decides whether the x-envoy-attempt-count header should be included in the upstream request. Setting this option will cause it to override any existing header value, so in the case of two Envoys on the request path with this option enabled, the upstream will see the attempt count as perceived by the second Envoy. Defaults to false. | | `includeAttemptCountInResponse` | [.google.protobuf.BoolValue](https://developers.google.com/protocol-buffers/docs/reference/csharp/class/google/protobuf/well-known-types/bool-value) | IncludeAttemptCountInResponse decides whether the x-envoy-attempt-count header should be included in the downstream response. Setting this option will cause the router to override any existing header value, so in the case of two Envoys on the request path with this option enabled, the downstream will see the attempt count as perceived by the Envoy closest upstream from itself. Defaults to false. | | `stagedTransformations` | [.transformation.options.gloo.solo.io.TransformationStages](../options/transformation/transformation.proto.sk/#transformationstages) | Early transformations stage. These transformations run before most other options are processed. If the `regular` field is set in here, the `transformations` field is ignored. | diff --git a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/weighted_destination_options.proto.sk.md b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/weighted_destination_options.proto.sk.md index 108e55bb0a7..e4f26f4b9af 100644 --- a/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/weighted_destination_options.proto.sk.md +++ b/docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/v1/weighted_destination_options.proto.sk.md @@ -46,8 +46,8 @@ is selected for routing. | `transformations` | [.transformation.options.gloo.solo.io.Transformations](../options/transformation/transformation.proto.sk/#transformations) | Transformations to apply. Note: this field is superseded by `staged_transformations`. If `staged_transformations.regular` is set, this field will be ignored. | | `extensions` | [.gloo.solo.io.Extensions](../extensions.proto.sk/#extensions) | Extensions will be passed along from Listeners, Gateways, VirtualServices, Routes, and Route tables to the underlying Proxy, making them useful for controllers, validation tools, etc. which interact with kubernetes yaml. Some sample use cases: * controllers, deployment pipelines, helm charts, etc. which wish to use extensions as a kind of opaque metadata. * In the future, Gloo may support gRPC-based plugins which communicate with the Gloo translator out-of-process. Opaque Extensions enables development of out-of-process plugins without requiring recompiling & redeploying Gloo's API. | | `extauth` | [.enterprise.gloo.solo.io.ExtAuthExtension](../enterprise/options/extauth/v1/extauth.proto.sk/#extauthextension) | Enterprise-only: Authentication configuration. | -| `bufferPerRoute` | [.solo.io.envoy.extensions.filters.http.buffer.v3.BufferPerRoute](../../external/envoy/extensions/filters/http/buffer/v3/buffer.proto.sk/#bufferperroute) | BufferPerRoute can be used to set the maximum request size that the filter will buffer before the connection manager will stop buffering and return a 413 response. Note: If you have not set a global config (at the gateway level), this override will not do anything by itself. | -| `csrf` | [.solo.io.envoy.extensions.filters.http.csrf.v3.CsrfPolicy](../../external/envoy/extensions/filters/http/csrf/v3/csrf.proto.sk/#csrfpolicy) | Csrf can be used to set percent of requests for which the CSRF filter is enabled, enable shadow-only mode where policies will be evaluated and tracked, but not enforced and add additional source origins that will be allowed in addition to the destination origin. For more, see https://www.envoyproxy.io/docs/envoy/latest/api-v2/config/filter/http/csrf/v2/csrf.proto. | +| `bufferPerRoute` | .solo.io.envoy.extensions.filters.http.buffer.v3.BufferPerRoute | BufferPerRoute can be used to set the maximum request size that the filter will buffer before the connection manager will stop buffering and return a 413 response. Note: If you have not set a global config (at the gateway level), this override will not do anything by itself. | +| `csrf` | .solo.io.envoy.extensions.filters.http.csrf.v3.CsrfPolicy | Csrf can be used to set percent of requests for which the CSRF filter is enabled, enable shadow-only mode where policies will be evaluated and tracked, but not enforced and add additional source origins that will be allowed in addition to the destination origin. For more, see https://www.envoyproxy.io/docs/envoy/latest/api-v2/config/filter/http/csrf/v2/csrf.proto. | | `stagedTransformations` | [.transformation.options.gloo.solo.io.TransformationStages](../options/transformation/transformation.proto.sk/#transformationstages) | Early transformations stage. These transformations run before most other options are processed. If the `regular` field is set in here, the `transformations` field is ignored. | diff --git a/generate.go b/generate.go index 2aa1ab0092f..30e7e208659 100644 --- a/generate.go +++ b/generate.go @@ -1,6 +1,8 @@ package main import ( + "os" + "github.com/solo-io/go-utils/log" "github.com/solo-io/solo-kit/pkg/code-generator/cmd" "github.com/solo-io/solo-kit/pkg/code-generator/docgen/options" @@ -53,6 +55,11 @@ func main() { DataDir: "/docs/data", ApiDir: "reference/api", }, + RenderOptions: &options.RenderOptions{ + SkipLinksForPathPrefixes: []string{ + "github.com/solo-io/gloo/projects/gloo/api/external", + }, + }, }, ExternalImports: protoImports, ValidationSchemaOptions: &schemagen.ValidationSchemaOptions{ @@ -81,5 +88,16 @@ func main() { if err := cmd.Generate(generateOptions); err != nil { log.Fatalf("generate failed!: %v", err) } + + err := removeExternalApiDocs() + if err != nil { + log.Fatalf("failed to remove external api docs: %v", err) + } + log.Printf("finished generating code for gloo") } + +func removeExternalApiDocs() error { + const externalApiDocsPath = "docs/content/reference/api/github.com/solo-io/gloo/projects/gloo/api/external" + return os.RemoveAll(externalApiDocsPath) +} diff --git a/go.mod b/go.mod index 8502bf2d6dd..a5fee09521c 100644 --- a/go.mod +++ b/go.mod @@ -58,7 +58,7 @@ require ( // Ref: https://github.com/solo-io/gloo/pull/9463/files#r1594409655 && https://solo-io-corp.slack.com/archives/C03MFATU265/p1716913420716729?thread_ts=1716476992.938679&cid=C03MFATU265 // as to why it is now based off `gloo-main` and not `gloo-repo-branch` github.com/solo-io/solo-apis v0.0.0-20240917212400-9103ca169358 - github.com/solo-io/solo-kit v0.36.1 + github.com/solo-io/solo-kit v0.36.2 github.com/spf13/afero v1.11.0 github.com/spf13/cobra v1.8.1 github.com/spf13/pflag v1.0.5 diff --git a/go.sum b/go.sum index c6d19ef7b1f..72446cbce8a 100644 --- a/go.sum +++ b/go.sum @@ -2707,8 +2707,8 @@ github.com/solo-io/skv2 v0.41.0 h1:NRZUe83LquB8zR++SY36JKhw1abRd+SBuGUGAHS9rWA= github.com/solo-io/skv2 v0.41.0/go.mod h1:GtEN0CCne94tm710YbefQh9YcMFcIu2X490g7Loq/Zs= github.com/solo-io/solo-apis v0.0.0-20240917212400-9103ca169358 h1:yNJpr6sKTBUJ0XbYEdOZuFEr+umyq4XgB/GR1cbhCCI= github.com/solo-io/solo-apis v0.0.0-20240917212400-9103ca169358/go.mod h1:xWaT1lP+nkAGYCuAtRdG1l4MsdKwphqeomC41AIsemY= -github.com/solo-io/solo-kit v0.36.1 h1:jiO2HVsbUKuFwF9q3t20LujANouvAFlRzPMrK5goDn0= -github.com/solo-io/solo-kit v0.36.1/go.mod h1:tLK3BllHZZUZsvgG3paVzux8ccmItKadqLSg7nOltDw= +github.com/solo-io/solo-kit v0.36.2 h1:oZCrgseICHC2j88TCHeS9y8p5ffRRsXspy3jwWcZewY= +github.com/solo-io/solo-kit v0.36.2/go.mod h1:tLK3BllHZZUZsvgG3paVzux8ccmItKadqLSg7nOltDw= github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo= github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=