Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

/api/ZipDeploy Fails with 404 due to app settings data in headers #231

Open
sushmithavangala opened this issue Nov 1, 2021 · 2 comments
Open

/api/ZipDeploy Fails with 404 due to app settings data in headers #231

sushmithavangala opened this issue Nov 1, 2021 · 2 comments

Comments

@sushmithavangala
Copy link
Collaborator

sushmithavangala commented Nov 1, 2021
edited
Loading

Due to validations fail in headers , zipDeploy is failing with 404. The best fix for this is to not add all the appsettings as part of headers and rather read them through app settings secret file.

Logs from envoy pods

[2021-11-01 13:07:46.151][1][warning][config] [source/common/config/grpc_subscription_impl.cc:126] gRPC config for type.googleapis.com/envoy.config.route.v3.RouteConfiguration rejected: Proto constraint validation failed (RouteConfigurationValidationError.VirtualHosts[1]: embedded message failed validation | caused by VirtualHostValidationError.RequestHeadersToAdd[4]: embedded message failed validation | caused by HeaderValueOptionValidationError.Header: embedded message failed validation | caused by HeaderValueValidationError.Value: value does not match regex pattern "^[^\x00\n\r]*$"): name: "internal_https_route"
virtual_hosts {
  name: "k8se-apps_kafka-js-sample"
  domains: "kafka-js-sample.internal.k4apps-example.io"
  domains: "kafka-js-sample.internal.k4apps-example.io:*"
  routes {
    match {
      prefix: "/admin"
    }
    route {
      cluster: "k8se-apps_kafka-js-sample"
      timeout {
        seconds: 1800
      }
      idle_timeout {
        seconds: 240
      }
      upgrade_configs {
        upgrade_type: "websocket"
        enabled {
          value: true
        }
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-app-name"
        value: "kafka-js-sample"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-app-namespace"
        value: "k8se-apps"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-secret-endpoint-name"
        value: "kafka-js-sample-secrets"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-app-framework"
        value: "NODE|14"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-protocol"
        value: "http1"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-app-kind"
        value: "functionapp"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "content-type"
        value: "application/json"
      }
      append {
        value: true
      }
    }
    typed_per_filter_config {
      key: "envoy.filters.http.rbac"
      value {
      }
    }
  }
  routes {
    match {
      prefix: "/"
    }
    route {
      cluster: "k8se-apps_kafka-js-sample"
      timeout {
        seconds: 1800
      }
      idle_timeout {
        seconds: 240
      }
      upgrade_configs {
        upgrade_type: "websocket"
        enabled {
          value: true
        }
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-app-name"
        value: "kafka-js-sample"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-app-namespace"
        value: "k8se-apps"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-secret-endpoint-name"
        value: "kafka-js-sample-secrets"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-app-framework"
        value: "NODE|14"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-protocol"
        value: "http1"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-app-kind"
        value: "functionapp"
      }
      append {
      }
    }
    typed_per_filter_config {
      key: "envoy.filters.http.rbac"
      value {
      }
    }
  }
  request_headers_to_add {
    header {
      key: "X-ARR-SSL"
      value: "true"
    }
    append {
    }
  }
  retry_policy {
    retry_on: "reset,connect-failure,refused-stream,retriable-headers"
    num_retries {
      value: 5
    }
    retriable_headers {
      name: "x-ms-k8se-activator-retry"
    }
  }
}
virtual_hosts {
  name: "k8se-apps_kafka-js-sample_scm_internal"
  domains: "kafka-js-sample.scm.internal.k4apps-example.io"
  domains: "kafka-js-sample.scm.internal.k4apps-example.io:*"
  routes {
    match {
      prefix: "/"
    }
    route {
      cluster: "build_server_scm"
      idle_timeout {
        seconds: 240
      }
    }
    typed_per_filter_config {
      key: "envoy.filters.http.rbac"
      value {
      }
    }
  }
  request_headers_to_add {
    header {
      key: "K8SE_APP_NAME"
      value: "kafka-js-sample"
    }
    append {
    }
  }
  request_headers_to_add {
    header {
      key: "x-k8se-app-name"
      value: "kafka-js-sample"
    }
    append {
    }
  }
  request_headers_to_add {
    header {
      key: "x-k8se-app-namespace"
      value: "k8se-apps"
    }
    append {
    }
  }
  request_headers_to_add {
    header {
      key: "K8SE_APP_TYPE"
      value: "functionapp"
    }
    append {
    }
  }
  request_headers_to_add {
    header {
      key: "APPSETTING_WEBSITE_AUTH_ENCRYPTION_KEY"
      value: "cQuYwPZZAJ3F/FFkt3TOwC0L+hEgZs2QRbvd9Ih0xs0=\n"
    }
    append {
    }
  }
}
response_headers_to_remove: "x-envoy-upstream-service-time"

[2021-11-01 13:07:46.151][1][warning][config] [source/common/config/grpc_subscription_impl.cc:126] gRPC config for type.googleapis.com/envoy.config.route.v3.RouteConfiguration rejected: Proto constraint validation failed (RouteConfigurationValidationError.VirtualHosts[1]: embedded message failed validation | caused by VirtualHostValidationError.RequestHeadersToAdd[4]: embedded message failed validation | caused by HeaderValueOptionValidationError.Header: embedded message failed validation | caused by HeaderValueValidationError.Value: value does not match regex pattern "^[^\x00\n\r]*$"): name: "external_https_route"
virtual_hosts {
  name: "k8se-apps_kafka-js-sample"
  domains: "kafka-js-sample.k4apps-example.io"
  domains: "kafka-js-sample.k4apps-example.io:*"
  routes {
    match {
      prefix: "/admin"
    }
    route {
      cluster: "k8se-apps_kafka-js-sample"
      timeout {
        seconds: 1800
      }
      idle_timeout {
        seconds: 240
      }
      upgrade_configs {
        upgrade_type: "websocket"
        enabled {
          value: true
        }
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-app-name"
        value: "kafka-js-sample"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-app-namespace"
        value: "k8se-apps"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-secret-endpoint-name"
        value: "kafka-js-sample-secrets"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-app-framework"
        value: "NODE|14"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-protocol"
        value: "http1"
      }
      append {
      }
    }
    request_headers_to_add {
      header {
        key: "x-k8se-app-kind"
        value: "functionapp"
      }
@sushmithavangala
Copy link
Collaborator Author

sushmithavangala commented Nov 1, 2021
edited
Loading

@pragnagopa @TsuyoshiUshio @sanchitmehta Tagging for reference

@sushmithavangala
Copy link
Collaborator Author

@TsuyoshiUshio @sanchitmehta @ahmelsayed

Below is my suggestion for the fix

  • Modify Kudulite to get the appsettings data from the kubernetes secret file with appsettings key value data.

@sushmithavangala sushmithavangala mentioned this issue Dec 23, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sushmithavangala