Release 2.0.6 (#1686 )

Update deploy-to-oss.yaml
fix: baidu api issue (#1685 )
2026-02-25 21:21:01 +08:00 · 2025-01-17 15:22:43 +08:00 · 2025-01-17 15:10:40 +08:00 · 2025-01-16 21:42:43 +08:00 · 2025-01-15 20:47:20 +08:00 · 2025-01-15 20:44:13 +08:00
43 changed files with 270 additions and 85 deletions
--- a/.github/workflows/build-and-test-plugin.yaml
+++ b/.github/workflows/build-and-test-plugin.yaml
@@ -6,11 +6,15 @@ on:
    paths:
      - 'plugins/**'
      - 'test/**'
+      - 'helm/**'
+      - 'Makefile.core.mk'
  pull_request:
    branches: [ "*" ]
    paths:
      - 'plugins/**'
      - 'test/**'
+      - 'helm/**'
+      - 'Makefile.core.mk'
  workflow_dispatch: ~      

 jobs:
--- a/.github/workflows/deploy-to-oss.yaml
+++ b/.github/workflows/deploy-to-oss.yaml
@@ -19,7 +19,7 @@ jobs:
      - name: Download Helm Charts Index
        uses: doggycool/ossutil-github-action@master
        with:
-          ossArgs: 'cp -r -u oss://higress-website-cn-hongkong/helm-charts/index.yaml ./artifact/'
+          ossArgs: 'cp oss://higress-website-cn-hongkong/helm-charts/index.yaml ./artifact/'
          accessKey: ${{ secrets.ACCESS_KEYID }}
          accessSecret: ${{ secrets.ACCESS_KEYSECRET }}
          endpoint: oss-cn-hongkong.aliyuncs.com
--- a/Makefile.core.mk
+++ b/Makefile.core.mk
@@ -188,7 +188,7 @@ install: pre-install
 	helm install higress helm/higress -n higress-system --create-namespace --set 'global.local=true'

 ENVOY_LATEST_IMAGE_TAG ?= 958467a353d411ae3f06e03b096bfd342cddb2c6
-ISTIO_LATEST_IMAGE_TAG ?= 01ad224eff2bb7eb200869fc64221f739a48e07e
+ISTIO_LATEST_IMAGE_TAG ?= d9c728d3b01f64855e012b08d136e306f1160397

 install-dev: pre-install
 	helm install higress helm/core -n higress-system --create-namespace --set 'controller.tag=$(TAG)' --set 'gateway.replicas=1' --set 'pilot.tag=$(ISTIO_LATEST_IMAGE_TAG)' --set 'gateway.tag=$(ENVOY_LATEST_IMAGE_TAG)' --set 'global.local=true'
--- a/2
+++ b/2
@@ -1 +1 @@
-v2.0.6-rc.2
+v2.0.6
--- a/helm/core/Chart.yaml
+++ b/helm/core/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 2.0.6-rc.2
+appVersion: 2.0.6
 description: Helm chart for deploying higress gateways
 icon: https://higress.io/img/higress_logo_small.png
 home: http://higress.io/
@@ -10,4 +10,4 @@ name: higress-core
 sources:
 - http://github.com/alibaba/higress
 type: application
-version: 2.0.6-rc.2
+version: 2.0.6
--- a/helm/higress/Chart.lock
+++ b/helm/higress/Chart.lock
@@ -1,9 +1,9 @@
 dependencies:
 - name: higress-core
  repository: file://../core
-  version: 2.0.6-rc.2
+  version: 2.0.6
 - name: higress-console
  repository: https://higress.io/helm-charts/
-  version: 2.0.1
-digest: sha256:084449006a5b90bdffad7ef47fdfd02924412e67297bcce6d216efdc12c02acf
-generated: "2025-01-14T19:37:32.036755+08:00"
+  version: 2.0.2
+digest: sha256:9c84a628df434c4bf23ec10d62ad7ddf4b15957f797b01bbaa492ede33d87003
+generated: "2025-01-17T15:10:43.589701962+08:00"
--- a/helm/higress/Chart.yaml
+++ b/helm/higress/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 2.0.6-rc.2
+appVersion: 2.0.6
 description: Helm chart for deploying Higress gateways
 icon: https://higress.io/img/higress_logo_small.png
 home: http://higress.io/
@@ -12,9 +12,9 @@ sources:
 dependencies:
 - name: higress-core
  repository: "file://../core"
-  version: 2.0.6-rc.2
+  version: 2.0.6
 - name: higress-console
  repository: "https://higress.io/helm-charts/"
-  version: 2.0.1
+  version: 2.0.2
 type: application
-version: 2.0.6-rc.2
+version: 2.0.6
--- a/istio/istio
+++ b/istio/istio
--- a/plugins/wasm-cpp/extensions/model_mapper/README.md
+++ b/plugins/wasm-cpp/extensions/model_mapper/README.md
@@ -1,17 +1,15 @@
-## 功能说明
+# 功能说明
 `model-mapper`插件实现了基于LLM协议中的model参数路由的功能

-## 配置字段
+# 配置字段

 | 名称                 | 数据类型        | 填写要求                | 默认值                   | 描述                                                                                                                                                                                                                                                         |
 | -----------          | --------------- | ----------------------- | ------                   | -------------------------------------------                                                                                                                                                                                                                  |
 | `modelKey`           | string          | 选填                    | model                    | 请求body中model参数的位置                                                                                                                                                                                                                                    |
 | `modelMapping`       | map of string   | 选填                    | -                        | AI 模型映射表，用于将请求中的模型名称映射为服务提供商支持模型名称。<br/>1. 支持前缀匹配。例如用 "gpt-3-*" 匹配所有名称以“gpt-3-”开头的模型；<br/>2. 支持使用 "*" 为键来配置通用兜底映射关系；<br/>3. 如果映射的目标名称为空字符串 ""，则表示保留原模型名称。 |
-| `enableOnPathSuffix` | array of string | 选填                    | ["/v1/chat/completions"] | 只对这些特定路径后缀的请求生效                                                                                                                              ## 运行属性
+| `enableOnPathSuffix` | array of string | 选填                    | ["/v1/chat/completions"] | 只对这些特定路径后缀的请求生效                                                                                                                                                                                                                               |
+

-插件执行阶段：认证阶段
-插件执行优先级：800
-                                                                                                 |
 ## 效果说明

 如下配置
--- a/plugins/wasm-cpp/extensions/model_router/README.md
+++ b/plugins/wasm-cpp/extensions/model_router/README.md
@@ -1,7 +1,7 @@
-## 功能说明
+# 功能说明
 `model-router`插件实现了基于LLM协议中的model参数路由的功能

-## 配置字段
+# 配置字段

 | 名称                 | 数据类型        | 填写要求                | 默认值                   | 描述                                                  |
 | -----------          | --------------- | ----------------------- | ------                   | -------------------------------------------           |
--- a/plugins/wasm-cpp/extensions/request_block/BUILD
+++ b/plugins/wasm-cpp/extensions/request_block/BUILD
@@ -26,6 +26,7 @@ proxy_wasm_cc_binary(
        "@com_google_absl//absl/time",
        "//common:json_util",
        "//common:http_util",
+        "//common:regex_util",
        "//common:rule_util",
    ],
 )
@@ -44,6 +45,7 @@ cc_library(
        "//common:json_util",
        "@proxy_wasm_cpp_host//:lib",
        "//common:http_util_nullvm",
+        "//common:regex_util",
        "//common:rule_util_nullvm",
    ],
 )
--- a/plugins/wasm-cpp/extensions/request_block/README.md
+++ b/plugins/wasm-cpp/extensions/request_block/README.md
@@ -1,31 +1,22 @@
---
-title: 请求屏蔽
-keywords: [higress,request block]
-description: 请求屏蔽插件配置参考
---
-
-## 功能说明
+# 功能说明
 `request-block`插件实现了基于 URL、请求头等特征屏蔽 HTTP 请求，可以用于防护部分站点资源不对外部暴露

-## 运行属性
+# 配置字段

-插件执行阶段：`鉴权阶段`
-插件执行优先级：`320`
+| 名称              | 数据类型        | 填写要求                                                                                                | 默认值   | 描述                                     |
+| --------          | --------        | --------                                                                                                | -------- | --------                                 |
+| block_urls        | array of string | 选填，`block_urls`,`block_exact_urls`,`block_regexp_urls`,`block_headers`,`block_bodies` 中至少必填一项 | -        | 配置用于匹配需要屏蔽 URL 的字符串        |
+| block_exact_urls  | array of string | 选填，`block_urls`,`block_exact_urls`,`block_regexp_urls`,`block_headers`,`block_bodies` 中至少必填一项 | -        | 配置用于匹配需要精确屏蔽 URL 的字符串    |
+| block_regexp_urls | array of string | 选填，`block_urls`,`block_exact_urls`,`block_regexp_urls`,`block_headers`,`block_bodies` 中至少必填一项 | -        | 配置用于匹配需要屏蔽 URL 的正则表达式    |
+| block_headers     | array of string | 选填，`block_urls`,`block_exact_urls`,`block_regexp_urls`,`block_headers`,`block_bodies` 中至少必填一项 | -        | 配置用于匹配需要屏蔽请求 Header 的字符串 |
+| block_bodies      | array of string | 选填，`block_urls`,`block_exact_urls`,`block_regexp_urls`,`block_headers`,`block_bodies` 中至少必填一项 | -        | 配置用于匹配需要屏蔽请求 Body 的字符串   |
+| blocked_code      | number          | 选填                                                                                                    | 403      | 配置请求被屏蔽时返回的 HTTP 状态码       |
+| blocked_message   | string          | 选填                                                                                                    | -        | 配置请求被屏蔽时返回的 HTTP 应答 Body    |
+| case_sensitive    | bool            | 选填                                                                                                    | true     | 配置匹配时是否区分大小写，默认区分       |

-## 配置字段
+# 配置示例

-| 名称 | 数据类型 | 填写要求 |  默认值 | 描述 |
-| -------- | -------- | -------- | -------- | -------- |
-|  block_urls     |  array of string     | 选填，`block_urls`,`block_headers`,`block_bodies` 中至少必填一项     |   -  |  配置用于匹配需要屏蔽 URL 的字符串   |
-|  block_headers     |  array of string     | 选填，`block_urls`,`block_headers`,`block_bodies` 中至少必填一项     |   -  |  配置用于匹配需要屏蔽请求 Header 的字符串   |
-|  block_bodies     |  array of string     | 选填，`block_urls`,`block_headers`,`block_bodies` 中至少必填一项     |   -  |  配置用于匹配需要屏蔽请求 Body 的字符串   |
-|  blocked_code     |  number     | 选填     |   403  |  配置请求被屏蔽时返回的 HTTP 状态码   |
-|  blocked_message     |  string     | 选填     |   -  |  配置请求被屏蔽时返回的 HTTP 应答 Body   |
-|  case_sensitive     |  bool     | 选填     |   true  |  配置匹配时是否区分大小写，默认区分   |
-
-## 配置示例
-
-### 屏蔽请求 url 路径
+## 屏蔽请求 url 路径
 ```yaml
 block_urls:
 - swagger.html
@@ -40,7 +31,36 @@ curl http://example.com?foo=Bar
 curl http://exmaple.com/Swagger.html
 ```

-### 屏蔽请求 header
+## 屏蔽精确匹配的请求 url 路径
+
+```yaml
+block_exact_urls:
+- /swagger.html?foo=bar
+case_sensitive: false
+```
+
+根据该配置，下列请求将被禁止访问：
+
+```bash
+curl http://exmaple.com/Swagger.html?foo=Bar
+```
+
+## 屏蔽正则匹配的请求 url 路径
+
+```yaml
+block_exact_urls:
+- .*swagger.*
+case_sensitive: false
+```
+
+根据该配置，下列请求将被禁止访问：
+
+```bash
+curl http://exmaple.com/Swagger.html?foo=Bar
+```
+
+
+## 屏蔽请求 header
 ```yaml
 block_headers:
 - example-key
@@ -54,9 +74,9 @@ curl http://example.com -H 'example-key: 123'
 curl http://exmaple.com -H 'my-header: example-value'
 ```

-### 屏蔽请求 body
+## 屏蔽请求 body
 ```yaml
-block_bodies:
+block_bodys:
 - "hello world"
 case_sensitive: false
 ```
@@ -68,8 +88,30 @@ curl http://example.com -d 'Hello World'
 curl http://exmaple.com -d 'hello world'
 ```

+## 对特定路由或域名开启
+```yaml
+# 使用 _rules_ 字段进行细粒度规则配置
+_rules_:
+# 规则一：按路由名称匹配生效
+- _match_route_:
+  - route-a
+  - route-b
+  block_bodys: 
+  - "hello world"
+# 规则二：按域名匹配生效
+- _match_domain_:
+  - "*.example.com"
+  - test.com
+  block_urls: 
+  - "swagger.html"
+  block_bodys:
+  - "hello world"
+```
+此例 `_match_route_` 中指定的 `route-a` 和 `route-b` 即在创建网关路由时填写的路由名称，当匹配到这两个路由时，将使用此段配置；
+此例 `_match_domain_` 中指定的 `*.example.com` 和 `test.com` 用于匹配请求的域名，当发现域名匹配时，将使用此段配置；
+配置的匹配生效顺序，将按照 `_rules_` 下规则的排列顺序，匹配第一个规则后生效对应配置，后续规则将被忽略。

-## 请求 Body 大小限制
+# 请求 Body 大小限制

-当配置了 `block_bodies` 时，仅支持小于 32 MB 的请求 Body 进行匹配。若请求 Body 大于此限制，并且不存在匹配到的 `block_urls` 和 `block_headers` 项时，不会对该请求执行屏蔽操作
-当配置了 `block_bodies` 时，若请求 Body 超过全局配置 DownstreamConnectionBufferLimits，将返回 `413 Payload Too Large`
+当配置了 `block_bodys` 时，仅支持小于 32 MB 的请求 Body 进行匹配。若请求 Body 大于此限制，并且不存在匹配到的 `block_urls` 和 `block_headers` 项时，不会对该请求执行屏蔽操作
+当配置了 `block_bodys` 时，若请求 Body 超过全局配置 DownstreamConnectionBufferLimits，将返回 `413 Payload Too Large`, 请在参数配置页调高此项。注意调高此参数配置后，网关内存使用将有显著增加。
--- a/plugins/wasm-cpp/extensions/request_block/plugin.cc
+++ b/plugins/wasm-cpp/extensions/request_block/plugin.cc
@@ -15,6 +15,7 @@
 #include "extensions/request_block/plugin.h"

 #include <array>
+#include <memory>

 #include "absl/strings/str_cat.h"
 #include "absl/strings/str_join.h"
@@ -89,6 +90,48 @@ bool PluginRootContext::parsePluginConfig(const json& configuration,
    LOG_WARN("failed to parse configuration for block_urls.");
    return false;
  }
+  if (!JsonArrayIterate(
+          configuration, "block_exact_urls", [&](const json& item) -> bool {
+            auto url = JsonValueAs<std::string>(item);
+            if (url.second != Wasm::Common::JsonParserResultDetail::OK) {
+              LOG_WARN("cannot parse block_exact_urls");
+              return false;
+            }
+            if (rule.case_sensitive) {
+              rule.block_exact_urls.push_back(std::move(url.first.value()));
+            } else {
+              rule.block_exact_urls.push_back(
+                  absl::AsciiStrToLower(url.first.value()));
+            }
+            return true;
+          })) {
+    LOG_WARN("failed to parse configuration for block_exact_urls.");
+    return false;
+  }
+  if (!JsonArrayIterate(
+          configuration, "block_regexp_urls", [&](const json& item) -> bool {
+            auto url = JsonValueAs<std::string>(item);
+            if (url.second != Wasm::Common::JsonParserResultDetail::OK) {
+              LOG_WARN("cannot parse block_regexp_urls");
+              return false;
+            }
+            std::string regex;
+            if (rule.case_sensitive) {
+              regex = url.first.value();
+            } else {
+              regex = absl::AsciiStrToLower(url.first.value());
+            }
+            auto re = std::make_unique<ReMatcher>(regex);
+            if (!re->error().empty()) {
+              LOG_WARN(re->error());
+              return false;
+            }
+            rule.block_regexp_urls.push_back(std::move(re));
+            return true;
+          })) {
+    LOG_WARN("failed to parse configuration for block_regexp_urls.");
+    return false;
+  }
  if (!JsonArrayIterate(
          configuration, "block_headers", [&](const json& item) -> bool {
            auto header = JsonValueAs<std::string>(item);
@@ -125,8 +168,28 @@ bool PluginRootContext::parsePluginConfig(const json& configuration,
    LOG_WARN("failed to parse configuration for block_bodys.");
    return false;
  }
+  // compatiable
+  if (!JsonArrayIterate(
+          configuration, "block_bodies", [&](const json& item) -> bool {
+            auto body = JsonValueAs<std::string>(item);
+            if (body.second != Wasm::Common::JsonParserResultDetail::OK) {
+              LOG_WARN("cannot parse block_bodies");
+              return false;
+            }
+            if (rule.case_sensitive) {
+              rule.block_bodys.push_back(std::move(body.first.value()));
+            } else {
+              rule.block_bodys.push_back(
+                  absl::AsciiStrToLower(body.first.value()));
+            }
+            return true;
+          })) {
+    LOG_WARN("failed to parse configuration for block_bodies.");
+    return false;
+  }
  if (rule.block_bodys.empty() && rule.block_headers.empty() &&
-      rule.block_urls.empty()) {
+      rule.block_urls.empty() && rule.block_exact_urls.empty() &&
+      rule.block_regexp_urls.empty()) {
    LOG_WARN("there is no block rules");
    return false;
  }
@@ -172,6 +235,18 @@ bool PluginRootContext::checkHeader(const RequestBlockConfigRule& rule,
      urlstr = absl::AsciiStrToLower(request_url);
      url = urlstr;
    }
+    for (const auto& block_url : rule.block_exact_urls) {
+      if (url == block_url) {
+        sendLocalResponse(rule.blocked_code, "", rule.blocked_message, {});
+        return false;
+      }
+    }
+    for (const auto& block_url : rule.block_regexp_urls) {
+      if (block_url->match(url)) {
+        sendLocalResponse(rule.blocked_code, "", rule.blocked_message, {});
+        return false;
+      }
+    }
    for (const auto& block_url : rule.block_urls) {
      if (absl::StrContains(url, block_url)) {
        sendLocalResponse(rule.blocked_code, "", rule.blocked_message, {});
--- a/plugins/wasm-cpp/extensions/request_block/plugin.h
+++ b/plugins/wasm-cpp/extensions/request_block/plugin.h
@@ -22,6 +22,7 @@
 #include <unordered_map>

 #include "common/http_util.h"
+#include "common/regex.h"
 #include "common/route_rule_matcher.h"
 #define ASSERT(_X) assert(_X)

@@ -39,11 +40,16 @@ namespace request_block {

 #endif

+using ReMatcher = Wasm::Common::Regex::CompiledGoogleReMatcher;
+using ReMatcherPtr = std::unique_ptr<ReMatcher>;
+
 struct RequestBlockConfigRule {
  int blocked_code = 403;
  std::string blocked_message;
  bool case_sensitive = true;
  std::vector<std::string> block_urls;
+  std::vector<std::string> block_exact_urls;
+  std::vector<ReMatcherPtr> block_regexp_urls;
  std::vector<std::string> block_headers;
  std::vector<std::string> block_bodys;
 };
--- a/plugins/wasm-cpp/extensions/request_block/plugin_test.cc
+++ b/plugins/wasm-cpp/extensions/request_block/plugin_test.cc
@@ -127,6 +127,8 @@ TEST_F(RequestBlockTest, CaseSensitive) {
  std::string configuration = R"(
 {
   "block_urls": ["?foo=bar", "swagger.html"],
+   "block_exact_urls": ["/hello.html?abc=123"],
+   "block_regexp_urls": [".*monkey.*"],
   "block_headers": ["headerKey", "headerValue"],
   "block_bodys": ["Hello World"]
 })";
@@ -150,6 +152,22 @@ TEST_F(RequestBlockTest, CaseSensitive) {
  EXPECT_EQ(context_->onRequestHeaders(0, false),
            FilterHeadersStatus::StopIteration);

+  path_ = "/hello.html?abc=123";
+  EXPECT_CALL(*mock_context_, sendLocalResponse(403, testing::_, testing::_,
+                                                testing::_, testing::_));
+  EXPECT_EQ(context_->onRequestHeaders(0, false),
+            FilterHeadersStatus::StopIteration);
+
+  path_ = "/black/Monkey";
+  EXPECT_EQ(context_->onRequestHeaders(0, false),
+            FilterHeadersStatus::Continue);
+
+  path_ = "/black/monkey";
+  EXPECT_CALL(*mock_context_, sendLocalResponse(403, testing::_, testing::_,
+                                                testing::_, testing::_));
+  EXPECT_EQ(context_->onRequestHeaders(0, false),
+            FilterHeadersStatus::StopIteration);
+
  path_ = "";
  headers_ = {{"headerKey", "123"}};
  EXPECT_CALL(*mock_context_, sendLocalResponse(403, testing::_, testing::_,
@@ -188,6 +206,8 @@ TEST_F(RequestBlockTest, CaseInsensitive) {
   "blocked_code": 404,
   "block_urls": ["?foo=bar", "swagger.html"],
   "block_headers": ["headerKey", "headerValue"],
+   "block_exact_urls": ["/hello.html?abc=123"],
+   "block_regexp_urls": [".*monkey.*"],
   "block_bodys": ["Hello World"]
 })";

@@ -206,6 +226,24 @@ TEST_F(RequestBlockTest, CaseInsensitive) {
  EXPECT_EQ(context_->onRequestHeaders(0, false),
            FilterHeadersStatus::StopIteration);

+  path_ = "/Hello.html?abc=123";
+  EXPECT_CALL(*mock_context_, sendLocalResponse(404, testing::_, testing::_,
+                                                testing::_, testing::_));
+  EXPECT_EQ(context_->onRequestHeaders(0, false),
+            FilterHeadersStatus::StopIteration);
+
+  path_ = "/black/Monkey";
+  EXPECT_CALL(*mock_context_, sendLocalResponse(404, testing::_, testing::_,
+                                                testing::_, testing::_));
+  EXPECT_EQ(context_->onRequestHeaders(0, false),
+            FilterHeadersStatus::StopIteration);
+
+  path_ = "/black/monkey";
+  EXPECT_CALL(*mock_context_, sendLocalResponse(404, testing::_, testing::_,
+                                                testing::_, testing::_));
+  EXPECT_EQ(context_->onRequestHeaders(0, false),
+            FilterHeadersStatus::StopIteration);
+
  path_ = "";
  headers_ = {{"headerkey", "123"}};
  EXPECT_CALL(*mock_context_, sendLocalResponse(404, testing::_, testing::_,
@@ -232,6 +270,26 @@ TEST_F(RequestBlockTest, CaseInsensitive) {
            FilterDataStatus::StopIterationNoBuffer);
 }

+TEST_F(RequestBlockTest, Bodies) {
+  std::string configuration = R"(
+{
+   "case_sensitive": false,
+   "blocked_code": 404,
+   "block_bodies": ["Hello World"]
+})";
+
+  config_.set({configuration.data(), configuration.size()});
+  EXPECT_TRUE(root_context_->configure(configuration.size()));
+
+  body_.set("hello world");
+  EXPECT_EQ(context_->onRequestHeaders(0, false),
+            FilterHeadersStatus::Continue);
+  EXPECT_CALL(*mock_context_, sendLocalResponse(404, testing::_, testing::_,
+                                                testing::_, testing::_));
+  EXPECT_EQ(context_->onRequestBody(11, true),
+            FilterDataStatus::StopIterationNoBuffer);
+}
+
 }  // namespace request_block
 }  // namespace null_plugin
 }  // namespace proxy_wasm
--- a/plugins/wasm-go/extensions/ai-proxy/provider/ai360.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/ai360.go
@@ -22,7 +22,7 @@ type ai360Provider struct {
 	contextCache *contextCache
 }

-func (m *ai360ProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *ai360ProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/azure.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/azure.go
@@ -15,7 +15,7 @@ import (
 type azureProviderInitializer struct {
 }

-func (m *azureProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *azureProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.azureServiceUrl == "" {
 		return errors.New("missing azureServiceUrl in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/baichuan.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/baichuan.go
@@ -19,7 +19,7 @@ const (
 type baichuanProviderInitializer struct {
 }

-func (m *baichuanProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *baichuanProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/baidu.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/baidu.go
@@ -34,16 +34,15 @@ const (

 type baiduProviderInitializer struct{}

-func (g *baiduProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (g *baiduProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.baiduAccessKeyAndSecret == nil || len(config.baiduAccessKeyAndSecret) == 0 {
 		return errors.New("no baiduAccessKeyAndSecret found in provider config")
 	}
 	if config.baiduApiTokenServiceName == "" {
 		return errors.New("no baiduApiTokenServiceName found in provider config")
 	}
-	if !config.failover.enabled {
-		config.useGlobalApiToken = true
-	}
+	// baidu use access key and access secret to refresh apiToken regularly, the apiToken should be accessed globally (via all Wasm VMs)
+	config.useGlobalApiToken = true
 	return nil
 }

--- a/plugins/wasm-go/extensions/ai-proxy/provider/claude.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/claude.go
@@ -78,7 +78,7 @@ type claudeTextGenDelta struct {
 	StopSequence *string `json:"stop_sequence"`
 }

-func (c *claudeProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (c *claudeProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/cloudflare.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/cloudflare.go
@@ -19,7 +19,7 @@ const (
 type cloudflareProviderInitializer struct {
 }

-func (c *cloudflareProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (c *cloudflareProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/cohere.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/cohere.go
@@ -18,7 +18,7 @@ const (

 type cohereProviderInitializer struct{}

-func (m *cohereProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *cohereProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/coze.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/coze.go
@@ -14,7 +14,7 @@ const (

 type cozeProviderInitializer struct{}

-func (m *cozeProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *cozeProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/deepl.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/deepl.go
@@ -57,7 +57,7 @@ type deeplResponseTranslation struct {
 	Text                   string `json:"text"`
 }

-func (d *deeplProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (d *deeplProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.targetLang == "" {
 		return errors.New("missing targetLang in deepl provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/deepseek.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/deepseek.go
@@ -19,7 +19,7 @@ const (
 type deepseekProviderInitializer struct {
 }

-func (m *deepseekProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *deepseekProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/doubao.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/doubao.go
@@ -17,7 +17,7 @@ const (

 type doubaoProviderInitializer struct{}

-func (m *doubaoProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *doubaoProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/failover.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/failover.go
@@ -8,7 +8,7 @@ import (
 	"net/http"
 	"strings"
 	"time"
-	
+
 	"github.com/alibaba/higress/plugins/wasm-go/extensions/ai-proxy/util"
 	"github.com/alibaba/higress/plugins/wasm-go/pkg/wrapper"
 	"github.com/google/uuid"
@@ -558,7 +558,8 @@ func (c *ProviderConfig) GetApiTokenInUse(ctx wrapper.HttpContext) string {
 func (c *ProviderConfig) SetApiTokenInUse(ctx wrapper.HttpContext, log wrapper.Log) {
 	var apiToken string
 	if c.isFailoverEnabled() || c.useGlobalApiToken {
-		// if enable apiToken failover, only use available apiToken
+		// if enable apiToken failover, only use available apiToken from global apiTokens list
+		// or the apiToken need to be accessed globally (via all Wasm VMs, e.g. baidu),
 		apiToken = c.GetGlobalRandomToken(log)
 	} else {
 		apiToken = c.GetRandomToken()
--- a/plugins/wasm-go/extensions/ai-proxy/provider/gemini.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/gemini.go
@@ -28,7 +28,7 @@ const (
 type geminiProviderInitializer struct {
 }

-func (g *geminiProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (g *geminiProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/github.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/github.go
@@ -25,7 +25,7 @@ type githubProvider struct {
 	contextCache *contextCache
 }

-func (m *githubProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *githubProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/groq.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/groq.go
@@ -18,7 +18,7 @@ const (

 type groqProviderInitializer struct{}

-func (g *groqProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (g *groqProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/hunyuan.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/hunyuan.go
@@ -85,7 +85,7 @@ type hunyuanChatMessage struct {
 	Content string `json:"Content,omitempty"`
 }

-func (m *hunyuanProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *hunyuanProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	// 校验hunyuan id 和 key的合法性
 	if len(config.hunyuanAuthId) != hunyuanAuthIdLen || len(config.hunyuanAuthKey) != hunyuanAuthKeyLen {
 		return errors.New("hunyuanAuthId / hunyuanAuthKey is illegal in config file")
--- a/plugins/wasm-go/extensions/ai-proxy/provider/minimax.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/minimax.go
@@ -38,7 +38,7 @@ const (
 type minimaxProviderInitializer struct {
 }

-func (m *minimaxProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *minimaxProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	// If using the chat completion Pro API, a group ID must be set.
 	if minimaxApiTypePro == config.minimaxApiType && config.minimaxGroupId == "" {
 		return errors.New(fmt.Sprintf("missing minimaxGroupId in provider config when minimaxApiType is %s", minimaxApiTypePro))
--- a/plugins/wasm-go/extensions/ai-proxy/provider/mistral.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/mistral.go
@@ -15,7 +15,7 @@ const (

 type mistralProviderInitializer struct{}

-func (m *mistralProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *mistralProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/moonshot.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/moonshot.go
@@ -24,7 +24,7 @@ const (
 type moonshotProviderInitializer struct {
 }

-func (m *moonshotProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *moonshotProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.moonshotFileId != "" && config.context != nil {
 		return errors.New("moonshotFileId and context cannot be configured at the same time")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/ollama.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/ollama.go
@@ -19,7 +19,7 @@ const (
 type ollamaProviderInitializer struct {
 }

-func (m *ollamaProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *ollamaProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.ollamaServerHost == "" {
 		return errors.New("missing ollamaServerHost in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/openai.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/openai.go
@@ -22,7 +22,7 @@ const (
 type openaiProviderInitializer struct {
 }

-func (m *openaiProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *openaiProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	return nil
 }

--- a/plugins/wasm-go/extensions/ai-proxy/provider/provider.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/provider.go
@@ -76,7 +76,7 @@ const (
 )

 type providerInitializer interface {
-	ValidateConfig(ProviderConfig) error
+	ValidateConfig(*ProviderConfig) error
 	CreateProvider(ProviderConfig) (Provider, error)
 }

@@ -405,7 +405,7 @@ func (c *ProviderConfig) Validate() error {
 	if !has {
 		return errors.New("unknown provider type: " + c.typ)
 	}
-	if err := initializer.ValidateConfig(*c); err != nil {
+	if err := initializer.ValidateConfig(c); err != nil {
 		return err
 	}
 	return nil
--- a/plugins/wasm-go/extensions/ai-proxy/provider/qwen.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/qwen.go
@@ -42,7 +42,7 @@ const (
 type qwenProviderInitializer struct {
 }

-func (m *qwenProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *qwenProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if len(config.qwenFileIds) != 0 && config.context != nil {
 		return errors.New("qwenFileIds and context cannot be configured at the same time")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/spark.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/spark.go
@@ -51,7 +51,7 @@ type sparkStreamResponse struct {
 	Created int64  `json:"created"`
 }

-func (i *sparkProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (i *sparkProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	return nil
 }

--- a/plugins/wasm-go/extensions/ai-proxy/provider/stepfun.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/stepfun.go
@@ -17,7 +17,7 @@ const (
 type stepfunProviderInitializer struct {
 }

-func (m *stepfunProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *stepfunProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/together_ai.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/together_ai.go
@@ -16,7 +16,7 @@ const (

 type togetherAIProviderInitializer struct{}

-func (m *togetherAIProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *togetherAIProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/yi.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/yi.go
@@ -17,7 +17,7 @@ const (
 type yiProviderInitializer struct {
 }

-func (m *yiProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *yiProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
--- a/plugins/wasm-go/extensions/ai-proxy/provider/zhipuai.go
+++ b/plugins/wasm-go/extensions/ai-proxy/provider/zhipuai.go
@@ -17,7 +17,7 @@ const (

 type zhipuAiProviderInitializer struct{}

-func (m *zhipuAiProviderInitializer) ValidateConfig(config ProviderConfig) error {
+func (m *zhipuAiProviderInitializer) ValidateConfig(config *ProviderConfig) error {
 	if config.apiTokens == nil || len(config.apiTokens) == 0 {
 		return errors.New("no apiToken found in provider config")
 	}
Author	SHA1	Message	Date
澄潭	fd1eb54f25	Release 2.0.6 (#1686 )	2025-01-17 15:22:43 +08:00
澄潭	c7550e2d49	Update deploy-to-oss.yaml	2025-01-17 15:10:40 +08:00
Se7en	ba74f4bbb9	fix: baidu api issue (#1685 )	2025-01-16 21:42:43 +08:00
澄潭	9e418dafd9	release 2.0.6-rc.3 (#1680 )	2025-01-15 20:47:20 +08:00
澄潭	95523a1bc7	Fix istio lds cache (#1679 )	2025-01-15 20:44:13 +08:00
澄潭	dcd8466127	Update build-and-test-plugin.yaml	2025-01-15 20:19:58 +08:00
澄潭	cceae6ad2a	update cpp wasm plugins (#1675 )	2025-01-15 19:15:11 +08:00