Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: support openresty-1.25.3.1 #10887

Merged
merged 33 commits into from
Feb 26, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
33 commits
Select commit Hold shift + click to select a range
d60428c
chore: upgrade openresty-1.25.3.1
zll600 Jan 30, 2024
e84b875
fix: remove trailing whitspace
zll600 Jan 30, 2024
c22ad18
fix: ci lint
zll600 Jan 30, 2024
be00c28
fix: ci lint
zll600 Jan 30, 2024
4ed4446
fix: enable_http2
zll600 Jan 30, 2024
494c174
fix: enable_http2
zll600 Jan 30, 2024
0108c5f
fix: enable_http2
zll600 Jan 30, 2024
93c7daa
fix: ci lint
zll600 Feb 1, 2024
7d125b2
fix: cli test
zll600 Feb 1, 2024
3c8dcae
fix: cli test
zll600 Feb 1, 2024
8e35feb
fix: http2 with content-length header
zll600 Feb 2, 2024
ce59af7
fix: ext-plugin
zll600 Feb 2, 2024
db03194
fix: remove server ssl port in upstream-tls.t
zll600 Feb 3, 2024
9fcb781
fix: enable proxy_ssl in stream proxy
zll600 Feb 4, 2024
bcc2ea5
Revert "fix: enable proxy_ssl in stream proxy"
zll600 Feb 5, 2024
7361f7b
chore: update
zll600 Feb 5, 2024
1422663
fix: update t/stream-node/upstream.t
zll600 Feb 5, 2024
39601f2
chore: add comment
zll600 Feb 5, 2024
ddc631f
fix: spawn sub-process in timer
zll600 Feb 6, 2024
c6b71fe
chore: cleanup http2
zll600 Feb 8, 2024
f979676
chore: cleanup
zll600 Feb 8, 2024
ef98f70
fix: lint error
zll600 Feb 20, 2024
22d46db
chore: grep 'http2 on'
zll600 Feb 20, 2024
1dd968c
chore: use apisix-runtime/1.2.0
zll600 Feb 21, 2024
9736157
chore: grep 'http2 on'
zll600 Feb 21, 2024
dabfb96
Merge branch 'master' into upgrade_openresty-1.25.3.1
zll600 Feb 21, 2024
25fd383
chore: test ci
zll600 Feb 21, 2024
4eadeca
chore: test ci
zll600 Feb 21, 2024
fbae45e
chore(ci): disable gm ci
zll600 Feb 22, 2024
e184acf
chore: revert install_apisix_runtime
zll600 Feb 23, 2024
69ef089
chore: report 400 for http2/3 request without content-length header
zll600 Feb 23, 2024
dc3c05c
fix: lint error
zll600 Feb 23, 2024
ff028e4
Merge remote-tracking branch 'apisix/master' into upgrade_openresty-1…
zll600 Feb 26, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
File renamed without changes.
File renamed without changes.
2 changes: 1 addition & 1 deletion .requirements
Original file line number Diff line number Diff line change
Expand Up @@ -17,4 +17,4 @@

APISIX_PACKAGE_NAME=apisix

APISIX_RUNTIME=1.1.1
APISIX_RUNTIME=1.2.0
7 changes: 5 additions & 2 deletions apisix/cli/ngx_tpl.lua
Original file line number Diff line number Diff line change
Expand Up @@ -628,12 +628,15 @@ http {
{% end %}

server {
{% if enable_http2 then %}
http2 on;
zll600 marked this conversation as resolved.
Show resolved Hide resolved
{% end %}
{% for _, item in ipairs(node_listen) do %}
listen {* item.ip *}:{* item.port *} default_server {% if item.enable_http2 then %} http2 {% end %} {% if enable_reuseport then %} reuseport {% end %};
listen {* item.ip *}:{* item.port *} default_server {% if enable_reuseport then %} reuseport {% end %};
{% end %}
{% if ssl.enable then %}
{% for _, item in ipairs(ssl.listen) do %}
listen {* item.ip *}:{* item.port *} ssl default_server {% if item.enable_http2 then %} http2 {% end %} {% if enable_reuseport then %} reuseport {% end %};
listen {* item.ip *}:{* item.port *} ssl default_server {% if enable_reuseport then %} reuseport {% end %};
{% end %}
{% end %}
{% if proxy_protocol and proxy_protocol.listen_http_port then %}
Expand Down
8 changes: 8 additions & 0 deletions apisix/cli/ops.lua
Original file line number Diff line number Diff line change
Expand Up @@ -413,6 +413,7 @@ Please modify "admin_key" in conf/config.yaml .
end
end

local enable_http2_global = false
local node_listen = {}
-- listen in http, support multiple ports and specific IP, compatible with the original style
if type(yaml_conf.apisix.node_listen) == "number" then
Expand Down Expand Up @@ -443,6 +444,9 @@ Please modify "admin_key" in conf/config.yaml .
if enable_http2 == nil then
enable_http2 = false
end
if enable_http2 == true then
enable_http2_global = true
end

listen_table_insert(node_listen, "http", ip, port,
enable_http2, enable_ipv6)
Expand Down Expand Up @@ -473,12 +477,16 @@ Please modify "admin_key" in conf/config.yaml .
if enable_http2 == nil then
enable_http2 = false
end
if enable_http2 == true then
enable_http2_global = true
end

listen_table_insert(ssl_listen, "https", ip, port,
enable_http2, enable_ipv6)
end

yaml_conf.apisix.ssl.listen = ssl_listen
yaml_conf.apisix.enable_http2 = enable_http2_global

if yaml_conf.apisix.ssl.ssl_trusted_certificate ~= nil then
local cert_path = yaml_conf.apisix.ssl.ssl_trusted_certificate
Expand Down
9 changes: 9 additions & 0 deletions apisix/core/request.lua
Original file line number Diff line number Diff line change
Expand Up @@ -282,6 +282,15 @@ function _M.get_body(max_size, ctx)
end
end

-- check content-length header for http2/http3
do
local var = ctx and ctx.var or ngx.var
local content_length = tonumber(var.http_content_length)
if (var.server_protocol == "HTTP/2.0" or var.server_protocol == "HTTP/3.0")
and not content_length then
return nil, "HTTP2/HTTP3 request without a Content-Length header"
end
end
zll600 marked this conversation as resolved.
Show resolved Hide resolved
req_read_body()

local req_body = req_get_body_data()
Expand Down
4 changes: 2 additions & 2 deletions apisix/plugins/ext-plugin/init.lua
Original file line number Diff line number Diff line change
Expand Up @@ -935,13 +935,14 @@ end

local runner
local function setup_runner(cmd)
runner = spawn_proc(cmd)

ngx_timer_at(0, function(premature)
if premature then
return
end

runner = spawn_proc(cmd)

zll600 marked this conversation as resolved.
Show resolved Hide resolved
while not exiting() do
while true do
-- drain output
Expand All @@ -968,7 +969,6 @@ local function setup_runner(cmd)
end

runner = nil

local ok, err = events:post(events_list._source, events_list.runner_exit)
if not ok then
core.log.error("post event failure with ", events_list._source, ", error: ", err)
Expand Down
5 changes: 1 addition & 4 deletions ci/centos7-ci.sh
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,7 @@ install_dependencies() {
yum install -y yum-utils && yum-config-manager --add-repo https://openresty.org/package/centos/openresty.repo
yum install -y openresty-pcre-devel openresty-zlib-devel

export runtime_version=${APISIX_RUNTIME}
wget "https://raw.githubusercontent.com/api7/apisix-build-tools/apisix-runtime/${APISIX_RUNTIME}/build-apisix-runtime.sh"
chmod +x build-apisix-runtime.sh
./build-apisix-runtime.sh latest
zll600 marked this conversation as resolved.
Show resolved Hide resolved
install_apisix_runtime
curl -o /usr/local/openresty/openssl3/ssl/openssl.cnf \
https://raw.githubusercontent.com/api7/apisix-build-tools/apisix-runtime/${APISIX_RUNTIME}/conf/openssl3/openssl.cnf

Expand Down
7 changes: 7 additions & 0 deletions ci/common.sh
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,13 @@ install_curl () {
curl -V
}

install_apisix_runtime() {
export runtime_version=${APISIX_RUNTIME}
wget "https://raw.githubusercontent.com/api7/apisix-build-tools/apisix-runtime/${APISIX_RUNTIME}/build-apisix-runtime.sh"
chmod +x build-apisix-runtime.sh
./build-apisix-runtime.sh latest
}

install_grpcurl () {
# For more versions, visit https://github.com/fullstorydev/grpcurl/releases
GRPCURL_VERSION="1.8.5"
Expand Down
5 changes: 1 addition & 4 deletions ci/linux-install-openresty.sh
Original file line number Diff line number Diff line change
Expand Up @@ -51,10 +51,7 @@ if [ "$OPENRESTY_VERSION" == "source" ]; then
fi
fi

export runtime_version=${APISIX_RUNTIME}
wget "https://raw.githubusercontent.com/api7/apisix-build-tools/apisix-runtime/${APISIX_RUNTIME}/build-apisix-runtime.sh"
chmod +x build-apisix-runtime.sh
./build-apisix-runtime.sh latest
install_apisix_runtime

if [ ! "$ENABLE_FIPS" == "true" ]; then
curl -o /usr/local/openresty/openssl3/ssl/openssl.cnf \
Expand Down
5 changes: 1 addition & 4 deletions ci/redhat-ci.sh
Original file line number Diff line number Diff line change
Expand Up @@ -38,10 +38,7 @@ install_dependencies() {
yum install -y yum-utils && yum-config-manager --add-repo https://openresty.org/package/centos/openresty.repo
yum install -y openresty-pcre-devel openresty-zlib-devel

export runtime_version=${APISIX_RUNTIME}
wget "https://raw.githubusercontent.com/api7/apisix-build-tools/apisix-runtime/${APISIX_RUNTIME}/build-apisix-runtime.sh"
chmod +x build-apisix-runtime.sh
./build-apisix-runtime.sh latest
install_apisix_runtime
curl -o /usr/local/openresty/openssl3/ssl/openssl.cnf \
https://raw.githubusercontent.com/api7/apisix-build-tools/apisix-runtime/${APISIX_RUNTIME}/conf/openssl3/openssl.cnf

Expand Down
3 changes: 2 additions & 1 deletion t/APISIX.pm
Original file line number Diff line number Diff line change
Expand Up @@ -726,7 +726,8 @@ _EOC_
$config .= <<_EOC_;
$ipv6_listen_conf

listen 1994 ssl http2;
listen 1994 ssl;
http2 on;
ssl_certificate cert/apisix.crt;
ssl_certificate_key cert/apisix.key;
lua_ssl_trusted_certificate cert/apisix.crt;
Expand Down
4 changes: 2 additions & 2 deletions t/cli/test_main.sh
Original file line number Diff line number Diff line change
Expand Up @@ -152,7 +152,7 @@ if [ $count_http_specific_ip -ne 2 ]; then
exit 1
fi

count_http_specific_ip_and_enable_http2=`grep -c "listen 127.0.0..:908. default_server http2" conf/nginx.conf || true`
count_http_specific_ip_and_enable_http2=`grep -c "http2 on" conf/nginx.conf || true`
if [ $count_http_specific_ip_and_enable_http2 -ne 1 ]; then
zll600 marked this conversation as resolved.
Show resolved Hide resolved
echo "failed: failed to support specific IP and enable http2 listen in http"
exit 1
Expand All @@ -164,7 +164,7 @@ if [ $count_https_specific_ip -ne 2 ]; then
exit 1
fi

count_https_specific_ip_and_enable_http2=`grep -c "listen 127.0.0..:944. ssl default_server http2" conf/nginx.conf || true`
count_https_specific_ip_and_enable_http2=`grep -c "http2 on" conf/nginx.conf || true`
if [ $count_https_specific_ip_and_enable_http2 -ne 1 ]; then
echo "failed: failed to support specific IP and enable http2 listen in https"
exit 1
Expand Down
52 changes: 52 additions & 0 deletions t/plugin/azure-functions.t
Original file line number Diff line number Diff line change
Expand Up @@ -189,6 +189,8 @@ X-Extra-Header: MUST
--- http2
--- request
GET /azure
--- more_headers
Content-Length: 0
--- response_body
faas invoked

Expand All @@ -208,6 +210,8 @@ server: APISIX/2.10.2
--- http2
--- request
HEAD /azure
--- more_headers
Content-Length: 0
--- response_headers
Connection:
Upgrade:
Expand Down Expand Up @@ -456,3 +460,51 @@ invocation /api/http/trigger successful
}
--- response_body
invocation /api successful



=== TEST 14: create route with azure-function plugin enabled
--- config
location /t {
content_by_lua_block {
local t = require("lib.test_admin").test

local code, body = t('/apisix/admin/routes/1',
ngx.HTTP_PUT,
[[{
"plugins": {
"azure-functions": {
"function_uri": "http://localhost:8765/httptrigger"
}
},
"upstream": {
"nodes": {
"127.0.0.1:1982": 1
},
"type": "roundrobin"
},
"uri": "/azure"
}]]
)

if code >= 300 then
ngx.status = code
ngx.say("fail")
return
end

ngx.say(body)
}
}
--- response_body
passed



=== TEST 15: http2 failed to check response body and headers
--- http2
--- request
GET /azure
--- error_code: 400
--- error_log
HTTP2/HTTP3 request without a Content-Length header,
2 changes: 1 addition & 1 deletion t/plugin/proxy-rewrite2.t
Original file line number Diff line number Diff line change
Expand Up @@ -202,7 +202,7 @@ GET /echo
X-Forwarded-Proto: http
X-Forwarded-Proto: grpc
--- response_headers
X-Forwarded-Proto: http
X-Forwarded-Proto: http, grpc
zll600 marked this conversation as resolved.
Show resolved Hide resolved



Expand Down
Loading