Add wasm plugin contribution introduction (#47)

plugins/wasm-go/extensions/hello-world/go.mod

@@ -0,0 +1,17 @@
+module github.com/alibaba/higress/plugins/wasm-go/extensions/hello-world
+
+go 1.18
+
+replace github.com/alibaba/higress/plugins/wasm-go => ../..
+
+require (
+	github.com/alibaba/higress/plugins/wasm-go v0.0.0
+	github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220822060051-f9d179a57f8c
+)
+
+require (
+	github.com/google/uuid v1.3.0 // indirect
+	github.com/tidwall/gjson v1.14.3 // indirect
+	github.com/tidwall/match v1.1.1 // indirect
+	github.com/tidwall/pretty v1.2.0 // indirect
+)

plugins/wasm-go/extensions/hello-world/go.sum

@@ -0,0 +1,14 @@
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
+github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk=
+github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220822060051-f9d179a57f8c h1:OCUFXVGixHLfNjg6/QYEhv+jHJ5mRGhpEUVFv9eWPJE=
+github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220822060051-f9d179a57f8c/go.mod h1:5t/pWFNJ9eMyu/K/Z+OeGhDJ9sN9eCo8fc2pyM/Qjg4=
+github.com/tidwall/gjson v1.14.3 h1:9jvXn7olKEHU1S9vwoMGliaT8jq1vJ7IH/n9zD9Dnlw=
+github.com/tidwall/gjson v1.14.3/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
+github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
+github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
+github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs=
+github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=

plugins/wasm-go/extensions/hello-world/main.go

@@ -0,0 +1,41 @@
+// Copyright (c) 2022 Alibaba Group Holding Ltd.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+	"github.com/tetratelabs/proxy-wasm-go-sdk/proxywasm"
+	"github.com/tetratelabs/proxy-wasm-go-sdk/proxywasm/types"
+
+	"github.com/alibaba/higress/plugins/wasm-go/pkg/wrapper"
+)
+
+func main() {
+	wrapper.SetCtx(
+		"hello-world",
+		wrapper.ProcessRequestHeadersBy(onHttpRequestHeaders),
+	)
+}
+
+type HelloWorldConfig struct {
+}
+
+func onHttpRequestHeaders(ctx *wrapper.CommonHttpCtx[HelloWorldConfig], config HelloWorldConfig, needBody *bool, log wrapper.LogWrapper) types.Action {
+	err := proxywasm.AddHttpRequestHeader("hello", "world")
+	if err != nil {
+		log.Critical("failed to set request header")
+	}
+	proxywasm.SendHttpResponse(200, nil, []byte("hello world"), -1)
+	return types.ActionContinue
+}

plugins/wasm-go/extensions/http-call/go.mod

@@ -0,0 +1,17 @@
+module github.com/alibaba/higress/plugins/wasm-go/extensions/http-call
+
+go 1.18
+
+replace github.com/alibaba/higress/plugins/wasm-go => ../..
+
+require (
+	github.com/alibaba/higress/plugins/wasm-go v0.0.0
+	github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220822060051-f9d179a57f8c
+	github.com/tidwall/gjson v1.14.3
+)
+
+require (
+	github.com/google/uuid v1.3.0 // indirect
+	github.com/tidwall/match v1.1.1 // indirect
+	github.com/tidwall/pretty v1.2.0 // indirect
+)

plugins/wasm-go/extensions/http-call/go.sum

@@ -0,0 +1,14 @@
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
+github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk=
+github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220822060051-f9d179a57f8c h1:OCUFXVGixHLfNjg6/QYEhv+jHJ5mRGhpEUVFv9eWPJE=
+github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220822060051-f9d179a57f8c/go.mod h1:5t/pWFNJ9eMyu/K/Z+OeGhDJ9sN9eCo8fc2pyM/Qjg4=
+github.com/tidwall/gjson v1.14.3 h1:9jvXn7olKEHU1S9vwoMGliaT8jq1vJ7IH/n9zD9Dnlw=
+github.com/tidwall/gjson v1.14.3/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
+github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
+github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
+github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs=
+github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=

plugins/wasm-go/extensions/http-call/main.go

@@ -0,0 +1,120 @@
+// Copyright (c) 2022 Alibaba Group Holding Ltd.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+	"errors"
+	"net/http"
+	"strings"
+
+	"github.com/tetratelabs/proxy-wasm-go-sdk/proxywasm"
+	"github.com/tetratelabs/proxy-wasm-go-sdk/proxywasm/types"
+	"github.com/tidwall/gjson"
+
+	"github.com/alibaba/higress/plugins/wasm-go/pkg/wrapper"
+)
+
+func main() {
+	wrapper.SetCtx(
+		"http-call",
+		wrapper.ParseConfigBy(parseConfig),
+		wrapper.ProcessRequestHeadersBy(onHttpRequestHeaders),
+	)
+}
+
+type HttpCallConfig struct {
+	client      wrapper.HttpClient
+	requestPath string
+	bodyHeader  string
+	tokenHeader string
+}
+
+func parseConfig(json gjson.Result, config *HttpCallConfig, log wrapper.LogWrapper) error {
+	config.bodyHeader = json.Get("bodyHeader").String()
+	if config.bodyHeader == "" {
+		return errors.New("missing bodyHeader in config")
+	}
+	config.tokenHeader = json.Get("tokenHeader").String()
+	if config.tokenHeader == "" {
+		return errors.New("missing tokenHeader in config")
+	}
+	config.requestPath = json.Get("requestPath").String()
+	if config.requestPath == "" {
+		return errors.New("missing requestPath in config")
+	}
+	serviceSource := json.Get("serviceSource").String()
+	serviceName := json.Get("serviceName").String()
+	servicePort := json.Get("servicePort").Int()
+	if serviceName == "" || servicePort == 0 {
+		return errors.New("invalid service config")
+	}
+	switch serviceSource {
+	case "k8s":
+		namespace := json.Get("namespace").String()
+		config.client = wrapper.NewClusterClient(wrapper.K8sCluster{
+			ServiceName: serviceName,
+			Namespace:   namespace,
+			Port:        servicePort,
+		})
+		return nil
+	case "nacos":
+		namespace := json.Get("namespace").String()
+		config.client = wrapper.NewClusterClient(wrapper.NacosCluster{
+			ServiceName: serviceName,
+			NamespaceID: namespace,
+			Port:        servicePort,
+		})
+		return nil
+	case "ip":
+		config.client = wrapper.NewClusterClient(wrapper.StaticIpCluster{
+			ServiceName: serviceName,
+			Port:        servicePort,
+		})
+		return nil
+	case "dns":
+		domain := json.Get("domain").String()
+		config.client = wrapper.NewClusterClient(wrapper.DnsCluster{
+			ServiceName: serviceName,
+			Port:        servicePort,
+			Domain:      domain,
+		})
+		return nil
+	default:
+		return errors.New("unknown service source: " + serviceSource)
+	}
+}
+
+func onHttpRequestHeaders(ctx *wrapper.CommonHttpCtx[HttpCallConfig], config HttpCallConfig, needBody *bool, log wrapper.LogWrapper) types.Action {
+	config.client.Get(config.requestPath, nil,
+		func(statusCode int, responseHeaders http.Header, responseBody []byte) {
+			defer proxywasm.ResumeHttpRequest()
+			if statusCode != http.StatusOK {
+				log.Errorf("http call failed, status: %d", statusCode)
+				proxywasm.SendHttpResponse(http.StatusInternalServerError, nil,
+					[]byte("http call failed"), -1)
+				return
+			}
+			// avoid protocol error
+			body := strings.ReplaceAll(string(responseBody), "\n", "#")
+			// set body to the original request header
+			proxywasm.AddHttpRequestHeader(config.bodyHeader, body)
+			// set service response token header to the original request header
+			token := responseHeaders.Get(config.tokenHeader)
+			if token != "" {
+				proxywasm.AddHttpRequestHeader(config.tokenHeader, token)
+			}
+		})
+	return types.ActionPause
+}

plugins/wasm-go/extensions/request-block/go.mod

@@ -0,0 +1,17 @@
+module github.com/alibaba/higress/plugins/wasm-go/extensions/request-block
+
+go 1.18
+
+replace github.com/alibaba/higress/plugins/wasm-go => ../..
+
+require (
+	github.com/alibaba/higress/plugins/wasm-go v0.0.0
+	github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220822060051-f9d179a57f8c
+	github.com/tidwall/gjson v1.14.3
+)
+
+require (
+	github.com/google/uuid v1.3.0 // indirect
+	github.com/tidwall/match v1.1.1 // indirect
+	github.com/tidwall/pretty v1.2.0 // indirect
+)

plugins/wasm-go/extensions/request-block/go.sum

@@ -0,0 +1,14 @@
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
+github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk=
+github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220822060051-f9d179a57f8c h1:OCUFXVGixHLfNjg6/QYEhv+jHJ5mRGhpEUVFv9eWPJE=
+github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220822060051-f9d179a57f8c/go.mod h1:5t/pWFNJ9eMyu/K/Z+OeGhDJ9sN9eCo8fc2pyM/Qjg4=
+github.com/tidwall/gjson v1.14.3 h1:9jvXn7olKEHU1S9vwoMGliaT8jq1vJ7IH/n9zD9Dnlw=
+github.com/tidwall/gjson v1.14.3/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
+github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
+github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
+github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs=
+github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=

plugins/wasm-go/extensions/request-block/main.go

@@ -0,0 +1,153 @@
+// Copyright (c) 2022 Alibaba Group Holding Ltd.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+	"errors"
+	"fmt"
+	"strings"
+
+	"github.com/tetratelabs/proxy-wasm-go-sdk/proxywasm"
+	"github.com/tetratelabs/proxy-wasm-go-sdk/proxywasm/types"
+	"github.com/tidwall/gjson"
+
+	"github.com/alibaba/higress/plugins/wasm-go/pkg/wrapper"
+)
+
+func main() {
+	wrapper.SetCtx(
+		"request-block",
+		wrapper.ParseConfigBy(parseConfig),
+		wrapper.ProcessRequestHeadersBy(onHttpRequestHeaders),
+		wrapper.ProcessRequestBodyBy(onHttpRequestBody),
+	)
+}
+
+type RequestBlockConfig struct {
+	blockedCode    uint32
+	blockedMessage string
+	caseSensitive  bool
+	blockUrls      []string
+	blockHeaders   []string
+	blockBodys     []string
+}
+
+func parseConfig(json gjson.Result, config *RequestBlockConfig, log wrapper.LogWrapper) error {
+	code := json.Get("blocked_code").Int()
+	if code != 0 && code > 100 && code < 600 {
+		config.blockedCode = uint32(code)
+	} else {
+		config.blockedCode = 403
+	}
+	config.blockedMessage = json.Get("blocked_message").String()
+	config.caseSensitive = json.Get("case_sensitive").Bool()
+	for _, item := range json.Get("block_urls").Array() {
+		url := item.String()
+		if url == "" {
+			continue
+		}
+		if config.caseSensitive {
+			config.blockUrls = append(config.blockUrls, url)
+		} else {
+			config.blockUrls = append(config.blockUrls, strings.ToLower(url))
+		}
+	}
+	for _, item := range json.Get("block_headers").Array() {
+		header := item.String()
+		if header == "" {
+			continue
+		}
+		if config.caseSensitive {
+			config.blockHeaders = append(config.blockHeaders, header)
+		} else {
+			config.blockHeaders = append(config.blockHeaders, strings.ToLower(header))
+		}
+	}
+	for _, item := range json.Get("block_bodys").Array() {
+		body := item.String()
+		if body == "" {
+			continue
+		}
+		if config.caseSensitive {
+			config.blockBodys = append(config.blockBodys, body)
+		} else {
+			config.blockBodys = append(config.blockBodys, strings.ToLower(body))
+		}
+	}
+	if len(config.blockUrls) == 0 && len(config.blockHeaders) == 0 &&
+		len(config.blockBodys) == 0 {
+		return errors.New("there is no block rules")
+	}
+	return nil
+}
+
+func onHttpRequestHeaders(ctx *wrapper.CommonHttpCtx[RequestBlockConfig], config RequestBlockConfig, needBody *bool, log wrapper.LogWrapper) types.Action {
+	if len(config.blockUrls) > 0 {
+		requestUrl, err := proxywasm.GetHttpRequestHeader(":path")
+		if err != nil {
+			log.Warnf("get path failed: %v", err)
+			return types.ActionContinue
+		}
+		if !config.caseSensitive {
+			requestUrl = strings.ToLower(requestUrl)
+		}
+		for _, blockUrl := range config.blockUrls {
+			if strings.Contains(requestUrl, blockUrl) {
+				proxywasm.SendHttpResponse(config.blockedCode, nil, []byte(config.blockedMessage), -1)
+				return types.ActionContinue
+			}
+		}
+	}
+	if len(config.blockHeaders) > 0 {
+		headers, err := proxywasm.GetHttpRequestHeaders()
+		if err != nil {
+			log.Warnf("get headers failed: %v", err)
+			return types.ActionContinue
+		}
+		var headerPairs []string
+		for _, kv := range headers {
+			headerPairs = append(headerPairs, fmt.Sprintf("%s\n%s", kv[0], kv[1]))
+		}
+		headerStr := strings.Join(headerPairs, "\n")
+		if !config.caseSensitive {
+			headerStr = strings.ToLower(headerStr)
+		}
+		for _, blockHeader := range config.blockHeaders {
+			if strings.Contains(headerStr, blockHeader) {
+				proxywasm.SendHttpResponse(config.blockedCode, nil, []byte(config.blockedMessage), -1)
+				return types.ActionContinue
+			}
+		}
+	}
+	if len(config.blockBodys) == 0 {
+		*needBody = false
+	}
+	return types.ActionContinue
+}
+
+func onHttpRequestBody(ctx *wrapper.CommonHttpCtx[RequestBlockConfig], config RequestBlockConfig, body []byte, log wrapper.LogWrapper) types.Action {
+	bodyStr := string(body)
+	if !config.caseSensitive {
+		bodyStr = strings.ToLower(bodyStr)
+	}
+	for _, blockBody := range config.blockBodys {
+		if strings.Contains(bodyStr, blockBody) {
+			proxywasm.SendHttpResponse(config.blockedCode, nil, []byte(config.blockedMessage), -1)
+			return types.ActionContinue
+		}
+	}
+	return types.ActionContinue
+
+}