Add wasm plugin contribution introduction (#47)

2026-06-02 09:07:26 +08:00 · 2022-11-10 09:52:54 +08:00
parent ecba3a0265
commit 201c43105d
33 changed files with 1544 additions and 70 deletions
--- a/plugins/wasm-go/README.md
+++ b/plugins/wasm-go/README.md
@@ -1,48 +1,109 @@
-## Intro
+[English](./README_EN.md)

-This SDK is used to develop the WASM Plugins of Higress.
-## Requirements
+## 介绍

-(need support Go's type parameters)
+此 SDK 用于开发 Higress 的 Wasm 插件

-Go version: >= 1.18
+## 编译环境要求

-TinyGo version: >= 0.25.0
+(需要支持 go 范型特性)
+
+Go 版本: >= 1.18
+
+TinyGo 版本: >= 0.25.0

 ## Quick Examples

-### wasm plugin config
+使用 [request-block](extensions/request-block) 作为例子

-```yaml
-# this config will take effect globally (all incoming requests are affected)
-block_urls:
- "test"
-_rules_:
-# matching by route name takes effect
- _match_route_:
-  - route-a
-  - route-b
-  block_bodys:
-  - "hello world"
-# matching by domain takes effect
- _match_domain_:
-  - "*.example.com"
-  - test.com
-  block_urls:
-  - "swagger.html"
-  block_bodys:
-  - "hello world"
-```
-
-### code
-
-[request-block](example/request-block)
-
-
-### compile to wasm
+### step1. 编译 wasm

 ```bash
-tinygo build -o main.wasm -scheduler=none -target=wasi ./main.go
+tinygo build -o main.wasm -scheduler=none -target=wasi ./extensions/request-block/main.go
 ```

+### step2. 构建并推送插件的 docker 镜像
+
+使用这份简单的 [dockerfile](./Dockerfile).
+
+```bash
+docker build -t <your_registry_hub>/request-block:1.0.0 .
+docker push <your_registry_hub>/request-block:1.0.0
+```
+
+### step3. 创建 WasmPlugin 资源
+
+```yaml
+apiVersion: extensions.istio.io/v1alpha1
+kind: WasmPlugin
+metadata:
+  name: request-block
+  namespace: higress-system
+spec:
+  selector:
+    matchLabels:
+      higress: higress-system-higress-gateway
+  pluginConfig:
+    block_urls:
+    - "swagger.html"
+  url: oci://<your_registry_hub>/request-block:1.0.0
+```
+
+创建上述资源后，如果请求url携带 `swagger.html`, 则这个请求就会被拒绝，例如：
+
+```bash
+curl <your_gateway_address>/api/user/swagger.html
+```
+
+```text
+HTTP/1.1 403 Forbidden
+date: Wed, 09 Nov 2022 12:12:32 GMT
+server: istio-envoy
+content-length: 0
+```
+
+如果需要进一步控制插件的执行阶段和顺序
+
+可以阅读此 [文档](https://istio.io/latest/docs/reference/config/proxy_extensions/wasm-plugin/) 了解更多关于 wasmplugin 的配置
+
+
+## 路由级或域名级生效
+
+```yaml
+apiVersion: extensions.istio.io/v1alpha1
+kind: WasmPlugin
+metadata:
+  name: request-block
+  namespace: higress-system
+spec:
+  selector:
+    matchLabels:
+      higress: higress-system-higress-gateway 
+  pluginConfig:
+   # 跟上面例子一样，这个配置会全局生效，但如果被下面规则匹配到，则会改为执行命中规则的配置
+   block_urls:
+   - "swagger.html"
+   _rules_:
+   # 路由级生效配置
+   - _match_route_:
+     - default/foo
+     # default 命名空间下名为 foo 的 ingress 会执行下面这个配置
+     block_bodys:
+     - "foo"
+   - _match_route_:
+     - default/bar
+     # default 命名空间下名为 bar 的 ingress 会执行下面这个配置
+     block_bodys:
+     - "bar"
+   # 域名级生效配置
+   - _match_domain_:
+     - "*.example.com"
+     # 若请求匹配了上面的域名, 会执行下面这个配置
+     block_bodys:
+     - "foo"
+     - "bar"
+  url: oci://<your_registry_hub>/request-block:1.0.0
+```
+
+所有规则会按上面配置的顺序一次执行匹配，当有一个规则匹配时，就停止匹配，并选择匹配的配置执行插件逻辑