Normalize path (#405)

* normalize path * only merge * Revert "block some status endpoints (#403)" This reverts commit 7558272.
allegro · Dec 22, 2023 · d6481de · d6481de
1 parent 07c4254
commit d6481de
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 16 deletions.
diff --git a/...e/src/main/kotlin/pl/allegro/tech/servicemesh/envoycontrol/snapshot/SnapshotProperties.kt b/...e/src/main/kotlin/pl/allegro/tech/servicemesh/envoycontrol/snapshot/SnapshotProperties.kt
@@ -214,7 +214,6 @@ class AdminRouteProperties {
 class StatusRouteProperties {
     var enabled = false
     var endpoints: MutableList<EndpointMatch> = mutableListOf()
-    var blockedStatusEndpoints: MutableList<EndpointMatch> = mutableListOf()
     var createVirtualCluster = false
 }
 

diff --git a/...vicemesh/envoycontrol/snapshot/resource/listeners/filters/HttpConnectionManagerFactory.kt b/...vicemesh/envoycontrol/snapshot/resource/listeners/filters/HttpConnectionManagerFactory.kt
@@ -66,7 +66,6 @@ class HttpConnectionManagerFactory(
                     .setUseRemoteAddress(BoolValue.newBuilder().setValue(listenersConfig.useRemoteAddress).build())
                     .setDelayedCloseTimeout(Duration.newBuilder().setSeconds(0).build())
                     .setCommonHttpProtocolOptions(httpProtocolOptions)
-                    .setNormalizePath(BoolValue.newBuilder().setValue(true).build())
                     .setMergeSlashes(true)
                     .setCodecType(HttpConnectionManager.CodecType.AUTO)
                     .setHttpProtocolOptions(ingressHttp1ProtocolOptions(group.serviceName))

diff --git a/...ro/tech/servicemesh/envoycontrol/snapshot/resource/listeners/filters/RBACFilterFactory.kt b/...ro/tech/servicemesh/envoycontrol/snapshot/resource/listeners/filters/RBACFilterFactory.kt
@@ -275,22 +275,13 @@ class RBACFilterFactory(
 
     private fun createStatusRoutePolicy(statusRouteProperties: StatusRouteProperties): Map<String, Policy.Builder> {
         return if (statusRouteProperties.enabled) {
-            val notRules = statusRouteProperties.blockedStatusEndpoints.map {
-                rBACFilterPermissions.createPathPermission(
-                    path = it.path,
-                    matchingType = it.matchingType
-                ).build()
-            }
             val permissions = statusRouteProperties.endpoints
                 .map {
-                    val permission = rBACFilterPermissions.createPathPermission(
+                    rBACFilterPermissions.createPathPermission(
                         path = it.path,
                         matchingType = it.matchingType
-                    )
-                    notRules.forEach { permission.setNotRule(it) }
-                    permission.build()
+                    ).build()
                 }
-
             val policy = Policy.newBuilder()
                 .addPrincipals(anyPrincipal)
                 .addPermissions(anyOf(permissions))
@@ -377,18 +368,15 @@ class RBACFilterFactory(
                         principal
                     )
                 )
-
                 OAuth.Policy.STRICT -> mergePrincipals(
                     listOf(
                         strictPolicyPrincipal,
                         principal
                     )
                 )
-
                 OAuth.Policy.ALLOW_MISSING_OR_FAILED -> {
                     principal
                 }
-
                 null -> {
                     principal
                 }