feature flag

allegro · Jul 4, 2024 · 5b67453 · 5b67453
1 parent 7c6c414
commit 5b67453
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 4 deletions.
diff --git a/...e/src/main/kotlin/pl/allegro/tech/servicemesh/envoycontrol/snapshot/SnapshotProperties.kt b/...e/src/main/kotlin/pl/allegro/tech/servicemesh/envoycontrol/snapshot/SnapshotProperties.kt
@@ -392,6 +392,7 @@ class JwtFilterProperties {
     var forwardPayloadHeader = "x-oauth-token-validated"
     var payloadInMetadata = "jwt"
     var failedStatusInMetadata = "jwt_failure_reason"
+    var failedStatusInMetadataEnabled = true
     var fieldRequiredInToken = "exp"
     var defaultVerificationType = OAuth.Verification.OFFLINE
     var defaultOAuthPolicy = OAuth.Policy.STRICT

diff --git a/...gro/tech/servicemesh/envoycontrol/snapshot/resource/listeners/filters/JwtFilterFactory.kt b/...gro/tech/servicemesh/envoycontrol/snapshot/resource/listeners/filters/JwtFilterFactory.kt
@@ -64,7 +64,8 @@ class JwtFilterFactory(
             it.key to createProvider(it.value)
         }
 
-    private fun createProvider(provider: OAuthProvider) = JwtProvider.newBuilder()
+    private fun createProvider(provider: OAuthProvider): JwtProvider {
+        val jwtProvider = JwtProvider.newBuilder()
         .setRemoteJwks(
             RemoteJwks.newBuilder().setHttpUri(
                 HttpUri.newBuilder()
@@ -79,8 +80,12 @@ class JwtFilterFactory(
         .setForward(properties.forwardJwt)
         .setForwardPayloadHeader(properties.forwardPayloadHeader)
         .setPayloadInMetadata(properties.payloadInMetadata)
-        .setFailedStatusInMetadata(properties.failedStatusInMetadata)
-        .build()
+
+        if (properties.failedStatusInMetadataEnabled)
+            jwtProvider.setFailedStatusInMetadata(properties.failedStatusInMetadata)
+
+        return jwtProvider.build()
+    }
 
     private fun createRules(endpoints: List<IncomingEndpoint>): Set<RequirementRule> {
         return endpoints.mapNotNull(this::createRuleForEndpoint).toSet()

diff --git a/...s/src/main/kotlin/pl/allegro/tech/servicemesh/envoycontrol/config/envoy/EnvoyContainer.kt b/...s/src/main/kotlin/pl/allegro/tech/servicemesh/envoycontrol/config/envoy/EnvoyContainer.kt
@@ -39,7 +39,7 @@ class EnvoyContainer(
         private const val ADMIN_PORT = 10000
 
         private const val MIN_SUPPORTED_ENVOY_VERSION = "v1.22.7"
-        private const val MAX_SUPPORTED_ENVOY_VERSION = "v1.30.2" // todo: v1.28.0+ - OutlierDetectionTest breaks
+        private const val MAX_SUPPORTED_ENVOY_VERSION = "v1.30.4"
 
         val DEFAULT_IMAGE = run {
             val version =