jiazhizhong/higress
1
0
Fork 0
mirror of https://github.com/alibaba/higress.git synced 2026-03-18 17:27:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

Migrate WASM Go Plugins to New SDK and Go 1.24 (#2532)

Browse Source
This commit is contained in:
xingpiaoliang
2025-07-11 10:43:00 +08:00
committed by GitHub
parent 9a45f07972
commit 081ab6ee8d
274 changed files with 2073 additions and 2165 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
test/e2e/conformance/tests/go-wasm-ai-cache.yaml
View File

@@ -92,7 +92,7 @@ spec:
provider:
type: "qwen"
qwenEnableCompatible: true
apiTokens:
apiTokens:
- "{{secret.qwenApiKey}}"
timeout: 1200000
modelMapping:
@@ -100,4 +100,4 @@ spec:
ingress:
- higress-conformance-infra/wasmplugin-ai-cache-openai
- higress-conformance-infra/wasmplugin-ai-cache-qwen
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/ai-proxy:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/ai-proxy:2.0.0

3
test/e2e/conformance/tests/go-wasm-basic-auth-template.yaml
View File

@@ -12,7 +12,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: Secret
metadata:
@@ -74,4 +73,4 @@ spec:
configDisable: false
ingress:
- higress-conformance-infra/wasmplugin-basic-auth
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-basic-auth:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-basic-auth:2.0.0

2
test/e2e/conformance/tests/go-wasm-basic-auth.yaml
View File

@@ -53,4 +53,4 @@ spec:
configDisable: false
ingress:
- higress-conformance-infra/wasmplugin-basic-auth
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-basic-auth:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-basic-auth:2.0.0

2
test/e2e/conformance/tests/go-wasm-bot-detect.yaml
View File

@@ -50,4 +50,4 @@ spec:
configDisable: false
ingress:
- higress-conformance-infra/wasmplugin-bot-detect
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-bot-detect:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-bot-detect:2.0.0

2
test/e2e/conformance/tests/go-wasm-cache-control.yaml
View File

@@ -45,4 +45,4 @@ spec:
configDisable: false
ingress:
- higress-conformance-infra/wasmplugin-cache-control
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/cache-control:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/cache-control:2.0.0

12
test/e2e/conformance/tests/go-wasm-custom-response.yaml
View File

@@ -71,14 +71,14 @@ spec:
defaultConfig:
headers:
- key1=value1
"body": "{\"hello\":\"foo\"}"
"body": '{"hello":"foo"}'
matchRules:
- domain:
- bar.com
config:
headers:
- key2=value2
"body": "{\"hello\":\"bar\"}"
"body": '{"hello":"bar"}'
- domain:
- baz.com
config:
@@ -86,15 +86,15 @@ spec:
- 401
headers:
- key3=value3
"body": "{\"hello\":\"baz\"}"
"body": '{"hello":"baz"}'
- domain:
- qux.com
config:
status_code: 201
headers:
- key5=value5
"body": "{\"hello\":\"qux\"}"
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-custom-response:1.0.0
"body": '{"hello":"qux"}'
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-custom-response:2.0.0
---
# test enable_on_status 401
apiVersion: extensions.higress.io/v1alpha1
@@ -115,4 +115,4 @@ spec:
- consumer1
domain:
- baz.com
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/basic-auth:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/basic-auth:2.0.0

2
test/e2e/conformance/tests/go-wasm-ip-restriction-allow.yaml
View File

@@ -43,4 +43,4 @@ spec:
allow:
- 192.168.0.1/16
- 10.0.0.1
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/ip-restriction:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/ip-restriction:2.0.0

2
test/e2e/conformance/tests/go-wasm-ip-restriction-deny.yaml
View File

@@ -43,4 +43,4 @@ spec:
deny:
- 192.168.0.1/16
- 10.0.0.1
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/ip-restriction:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/ip-restriction:2.0.0

2
test/e2e/conformance/tests/go-wasm-jwt-auth-allow.yaml
View File

@@ -139,4 +139,4 @@ spec:
configDisable: false
ingress:
- higress-conformance-infra/wasmplugin-jwt-auth
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-jwt-auth:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-jwt-auth:2.0.0

2
test/e2e/conformance/tests/go-wasm-jwt-auth-deny.yaml
View File

@@ -128,4 +128,4 @@ spec:
configDisable: false
ingress:
- higress-conformance-infra/wasmplugin-jwt-auth
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-jwt-auth:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-jwt-auth:2.0.0

2
test/e2e/conformance/tests/go-wasm-jwt-auth-single-consumer.yaml
View File

@@ -125,4 +125,4 @@ spec:
configDisable: false
ingress:
- higress-conformance-infra/wasmplugin-jwt-auth
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-jwt-auth:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-jwt-auth:2.0.0

2
test/e2e/conformance/tests/go-wasm-key-auth.yaml
View File

@@ -57,4 +57,4 @@ spec:
configDisable: false
ingress:
- higress-conformance-infra/wasmplugin-key-auth
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-key-auth:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-key-auth:2.0.0

2
test/e2e/conformance/tests/go-wasm-opa.yaml
View File

@@ -45,4 +45,4 @@ spec:
servicePort: 8181
policy: example1
timeout: 5s
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/opa:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/opa:2.0.0

50
test/e2e/conformance/tests/go-wasm-request-block.yaml
View File

@@ -22,16 +22,16 @@ metadata:
spec:
ingressClassName: higress
rules:
- host: "foo.com"
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: infra-backend-v1
port:
number: 8080
- host: "foo.com"
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: infra-backend-v1
port:
number: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
@@ -43,16 +43,16 @@ metadata:
spec:
ingressClassName: higress
rules:
- host: "foo2.com"
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: infra-backend-echo-body-v1
port:
number: 8080
- host: "foo2.com"
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: infra-backend-echo-body-v1
port:
number: 8080
---
apiVersion: extensions.higress.io/v1alpha1
kind: WasmPlugin
@@ -62,11 +62,11 @@ metadata:
spec:
defaultConfig:
block_urls:
- "swagger.html"
- "swagger.html"
block_regexp_urls:
- "/env.*"
- "/env.*"
block_exact_urls:
- "/web/info"
- "/web/info"
block_bodies:
- "hello world"
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-request-block:1.0.0
- "hello world"
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-request-block:2.0.0

12
test/e2e/conformance/tests/go-wasm-request-validation.yaml
View File

@@ -44,11 +44,11 @@ spec:
- enum_payload
properties:
enum_payload:
type: string
enum:
- "enum_string_1"
- "enum_string_2"
default: "enum_string_1"
type: string
enum:
- "enum_string_1"
- "enum_string_2"
default: "enum_string_1"
body_schema:
type: object
required:
@@ -94,4 +94,4 @@ spec:
rejected_msg: "customize reject message"
enable_swagger: true
enable_oas3: false
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/request-validation:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/request-validation:2.0.0

22
test/e2e/conformance/tests/go-wasm-simple-jwt-auth.yaml
View File

@@ -20,16 +20,16 @@ metadata:
spec:
ingressClassName: higress
rules:
- host: "foo.com"
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: infra-backend-v1
port:
number: 8080
- host: "foo.com"
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: infra-backend-v1
port:
number: 8080
---
apiVersion: extensions.higress.io/v1alpha1
kind: WasmPlugin
@@ -40,4 +40,4 @@ spec:
defaultConfig:
token_headers: token
token_secret_key: Dav7kfq3iA8S!JUj8&CUkdnQe72E@Cw6
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/simple-jwt-auth:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/simple-jwt-auth:2.0.0

2
test/e2e/conformance/tests/go-wasm-sni-misdirect.yaml
View File

@@ -43,4 +43,4 @@ metadata:
name: sni-misdirect
namespace: higress-system
spec:
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-sni-misdirect:1.0.0
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-sni-misdirect:2.0.0

281
test/e2e/conformance/tests/go-wasm-transformer.yaml
View File

@@ -70,9 +70,8 @@ spec:
service:
name: infra-backend-v1
port:
number: 8080
number: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
@@ -111,10 +110,10 @@ spec:
service:
name: infra-backend-v1
port:
number: 8080
---
number: 8080
---
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
@@ -133,7 +132,7 @@ spec:
service:
name: infra-backend-v1
port:
number: 8080
number: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
@@ -153,7 +152,7 @@ spec:
service:
name: infra-backend-v1
port:
number: 8080
number: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
@@ -207,58 +206,58 @@ spec:
- higress-conformance-infra/wasmplugin-transform-request
configDisable: false
config:
reqRules:
- operate: remove
headers:
- key: X-remove
querys:
- key: k1
- operate: rename
headers:
- oldKey: X-not-renamed
newKey: X-renamed
querys:
- oldKey: k2
newKey: k2-new
- operate: replace
headers:
- key: X-replace
newValue: replaced
querys:
- key: k2-new
newValue: v2-new
- operate: add
headers:
- key: X-add-append
value: add
querys:
- key: k3
value: v31
- operate: append
headers:
- key: X-add-append
appendValue: append
querys:
- key: k3
appendValue: v32
- operate: map
headers:
- fromKey: X-add-append
toKey: X-map
querys:
- fromKey: k3
toKey: k4
- operate: dedupe
headers:
- key: X-dedupe-first
strategy: RETAIN_FIRST
- key: X-dedupe-last
strategy: RETAIN_LAST
- key: X-dedupe-unique
strategy: RETAIN_UNIQUE
querys:
- key: k4
strategy: RETAIN_FIRST
reqRules:
- operate: remove
headers:
- key: X-remove
querys:
- key: k1
- operate: rename
headers:
- oldKey: X-not-renamed
newKey: X-renamed
querys:
- oldKey: k2
newKey: k2-new
- operate: replace
headers:
- key: X-replace
newValue: replaced
querys:
- key: k2-new
newValue: v2-new
- operate: add
headers:
- key: X-add-append
value: add
querys:
- key: k3
value: v31
- operate: append
headers:
- key: X-add-append
appendValue: append
querys:
- key: k3
appendValue: v32
- operate: map
headers:
- fromKey: X-add-append
toKey: X-map
querys:
- fromKey: k3
toKey: k4
- operate: dedupe
headers:
- key: X-dedupe-first
strategy: RETAIN_FIRST
- key: X-dedupe-last
strategy: RETAIN_LAST
- key: X-dedupe-unique
strategy: RETAIN_UNIQUE
querys:
- key: k4
strategy: RETAIN_FIRST
- ingress:
- higress-conformance-infra/wasmplugin-transform-response-header-and-query
@@ -422,7 +421,7 @@ spec:
headers:
- key: X-dedupe-last
newValue: X-dedupe-last-replaced
- operate: rename
headers:
- oldKey: X-dedupe-unique
@@ -436,8 +435,6 @@ spec:
- key: X-dedupe-first
querys:
- key: k1
- ingress:
- higress-conformance-infra/wasmplugin-transform-response-arbitary-rule-order
@@ -475,98 +472,98 @@ spec:
- higress-conformance-infra/wasmplugin-transform-request-map-from-querys-to-headers
configDisable: false
config:
reqRules:
- operate: map
mapSource: querys
headers:
- fromKey: kmap
toKey: X-map
querys:
- fromKey: k3
toKey: k4
reqRules:
- operate: map
mapSource: querys
headers:
- fromKey: kmap
toKey: X-map
querys:
- fromKey: k3
toKey: k4
- ingress:
- higress-conformance-infra/wasmplugin-transform-request-map-from-headers-to-querys
configDisable: false
config:
reqRules:
- operate: map
mapSource: headers
querys:
# 映射来源为headers时fromKey的匹配不区分大小写
- fromKey: X-map
toKey: kmap
reqRules:
- operate: map
mapSource: headers
querys:
# 映射来源为headers时fromKey的匹配不区分大小写
- fromKey: X-map
toKey: kmap
- ingress:
- higress-conformance-infra/wasmplugin-transform-request-body
configDisable: false
config:
reqRules:
- operate: remove
body:
- key: X-removed
- operate: rename
body:
- oldKey: X-not-renamed
newKey: X-renamed
- operate: replace
body:
- key: X-replace
newValue: replaced
- operate: add
body:
- key: X-add-append
value: add
- operate: append
body:
- key: X-add-append
appendValue: append
- operate: map
body:
- fromKey: X-to-be-mapped
toKey: X-map
- operate: dedupe
body:
- key: X-dedupe-first
strategy: RETAIN_FIRST
- key: X-dedupe-last
strategy: RETAIN_LAST
- key: X-dedupe-unique
strategy: RETAIN_UNIQUE
reqRules:
- operate: remove
body:
- key: X-removed
- operate: rename
body:
- oldKey: X-not-renamed
newKey: X-renamed
- operate: replace
body:
- key: X-replace
newValue: replaced
- operate: add
body:
- key: X-add-append
value: add
- operate: append
body:
- key: X-add-append
appendValue: append
- operate: map
body:
- fromKey: X-to-be-mapped
toKey: X-map
- operate: dedupe
body:
- key: X-dedupe-first
strategy: RETAIN_FIRST
- key: X-dedupe-last
strategy: RETAIN_LAST
- key: X-dedupe-unique
strategy: RETAIN_UNIQUE
- ingress:
- higress-conformance-infra/wasmplugin-transform-response-body
configDisable: false
config:
respRules:
- operate: remove
body:
- key: X-removed
- operate: rename
body:
- oldKey: X-not-renamed
newKey: X-renamed
- operate: replace
body:
- key: X-replace
newValue: replaced
- operate: add
body:
- key: X-add-append
value: add
- operate: append
body:
- key: X-add-append
appendValue: append
- operate: map
body:
- fromKey: X-to-be-mapped
toKey: X-map
- operate: dedupe
body:
- key: X-dedupe-first
strategy: RETAIN_FIRST
- key: X-dedupe-last
strategy: RETAIN_LAST
- key: X-dedupe-unique
strategy: RETAIN_UNIQUE
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/transformer:1.0.0
respRules:
- operate: remove
body:
- key: X-removed
- operate: rename
body:
- oldKey: X-not-renamed
newKey: X-renamed
- operate: replace
body:
- key: X-replace
newValue: replaced
- operate: add
body:
- key: X-add-append
value: add
- operate: append
body:
- key: X-add-append
appendValue: append
- operate: map
body:
- fromKey: X-to-be-mapped
toKey: X-map
- operate: dedupe
body:
- key: X-dedupe-first
strategy: RETAIN_FIRST
- key: X-dedupe-last
strategy: RETAIN_LAST
- key: X-dedupe-unique
strategy: RETAIN_UNIQUE
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/transformer:2.0.0

30
test/e2e/conformance/tests/rust-wasm-ai-data-masking.yaml
View File

@@ -56,69 +56,69 @@ spec:
config:
headers:
- Content-Type=application/json
"body": "{\"choices\":[{\"index\":0,\"message\":{\"role\":\"assistant\",\"content\":\"ok\"}}],\"usage\":{}}"
"body": '{"choices":[{"index":0,"message":{"role":"assistant","content":"ok"}}],"usage":{}}'
- domain:
- replace.openai.com
config:
headers:
- Content-Type=application/json
"body": "{\"choices\":[{\"index\":0,\"message\":{\"role\":\"assistant\",\"content\":\"***.***.***.*** c11e7177eb60c80cf983ddf8ca98f2dc1272d4c612204ce9bedd2460b18939cc ****@gmail.com\"}}],\"usage\":{}}"
"body": '{"choices":[{"index":0,"message":{"role":"assistant","content":"***.***.***.*** c11e7177eb60c80cf983ddf8ca98f2dc1272d4c612204ce9bedd2460b18939cc ****@gmail.com"}}],"usage":{}}'
- domain:
- system_deny.openai.com
config:
headers:
- Content-Type=application/json
"body": "{\"choices\":[{\"index\":0,\"message\":{\"role\":\"assistant\",\"content\":\"fuck\"}}],\"usage\":{}}"
"body": '{"choices":[{"index":0,"message":{"role":"assistant","content":"fuck"}}],"usage":{}}'
- domain:
- costom_word1.openai.com
config:
headers:
- Content-Type=application/json
"body": "{\"choices\":[{\"index\":0,\"message\":{\"role\":\"assistant\",\"content\":\"costom_word1\"}}],\"usage\":{}}"
"body": '{"choices":[{"index":0,"message":{"role":"assistant","content":"costom_word1"}}],"usage":{}}'
- domain:
- costom_word.openai.com
config:
headers:
- Content-Type=application/json
"body": "{\"choices\":[{\"index\":0,\"message\":{\"role\":\"assistant\",\"content\":\"costom_word\"}}],\"usage\":{}}"
"body": '{"choices":[{"index":0,"message":{"role":"assistant","content":"costom_word"}}],"usage":{}}'
- domain:
- ok.raw.com
config:
headers:
- Content-Type=application/json
"body": "{\"res\":\"ok\"}"
"body": '{"res":"ok"}'
- domain:
- replace.raw.com
config:
headers:
- Content-Type=application/json
"body": "{\"res\":\"***.***.***.*** c11e7177eb60c80cf983ddf8ca98f2dc1272d4c612204ce9bedd2460b18939cc ****@gmail.com\"}"
"body": '{"res":"***.***.***.*** c11e7177eb60c80cf983ddf8ca98f2dc1272d4c612204ce9bedd2460b18939cc ****@gmail.com"}'
- domain:
- system_deny.raw.com
config:
headers:
- Content-Type=application/json
"body": "{\"res\":\"fuck\"}"
"body": '{"res":"fuck"}'
- domain:
- system_no_deny.raw.com
config:
headers:
- Content-Type=application/json
"body": "{\"res\":\"工信处女干事每月经过下属科室都要亲口交代24口交换机等技术性器件的安装工作\"}"
"body": '{"res":"工信处女干事每月经过下属科室都要亲口交代24口交换机等技术性器件的安装工作"}'
- domain:
- costom_word1.raw.com
config:
headers:
- Content-Type=application/json
"body": "{\"res\":\"costom_word1\"}"
"body": '{"res":"costom_word1"}'
- domain:
- costom_word.raw.com
config:
headers:
- Content-Type=application/json
"body": "{\"res\":\"costom_word\"}"
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-custom-response:1.0.0
"body": '{"res":"costom_word"}'
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/go-custom-response:2.0.0
---
apiVersion: extensions.higress.io/v1alpha1
kind: WasmPlugin
@@ -135,9 +135,9 @@ spec:
deny_raw: true
deny_code: 200
deny_message: "提问或回答中包含敏感词,已被屏蔽"
deny_raw_message: "{\"errmsg\":\"提问或回答中包含敏感词,已被屏蔽\"}"
deny_raw_message: '{"errmsg":"提问或回答中包含敏感词,已被屏蔽"}'
deny_content_type: "application/json"
deny_words:
deny_words:
- "costom_word1"
replace_roles:
- regex: "%{EMAILLOCALPART}@%{HOSTNAME:domain}"

2
test/e2e/conformance/utils/config/timeout.go
View File

@@ -56,7 +56,7 @@ func DefaultTimeoutConfig() TimeoutConfig {
DeleteTimeout: 10 * time.Second,
GetTimeout: 10 * time.Second,
ManifestFetchTimeout: 10 * time.Second,
MaxTimeToConsistency: 30 * time.Second,
MaxTimeToConsistency: 300 * time.Second,
NamespacesMustBeReady: 300 * time.Second,
RequestTimeout: 10 * time.Second,
TLSHandshakeTimeout: 10 * time.Second,

1
test/e2e/conformance/utils/kubernetes/helpers.go
View File

@@ -66,6 +66,7 @@ func NamespacesMustBeAccepted(t *testing.T, c client.Client, timeoutConfig confi
}
}
}
t.Logf("✅ Gateways and Pods in %s namespaces ready", strings.Join(namespaces, ", "))
return true, nil
})