Skip to content

Commit

Permalink
feat(pdk): dynamic control upstream tls when kong.service.request.set…
Browse files Browse the repository at this point in the history 
…_scheme was called
  • Loading branch information
@oowl @fffonion
oowl authored and fffonion committed Jan 20, 2025
1 parent 398172d commit 7fd7f04
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 1 deletion.
3 changes: 3 additions & 0 deletions changelog/unreleased/kong/dynamic-set-tls-in-pdk-set_scheme.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
message: dynamic control upstream tls when kong.service.request.set_scheme was called
type: feature
scope: PDK
21 changes: 20 additions & 1 deletion kong/pdk/service/request.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ local cjson = require "cjson.safe"
local buffer = require "string.buffer"
local checks = require "kong.pdk.private.checks"
local phase_checker = require "kong.pdk.private.phases"

local balancer = require "ngx.balancer"

local ngx = ngx
local ngx_var = ngx.var
Expand Down Expand Up @@ -112,6 +112,15 @@ local function new(self)
error("invalid scheme: " .. scheme, 2)
end

if ngx.get_phase() == "balancer" then
if scheme == "https" then
kong.service.request.enable_tls()
end
if scheme == "http" then
kong.service.request.disable_tls()
end
end

ngx_var.upstream_scheme = scheme
end

Expand Down Expand Up @@ -711,6 +720,16 @@ local function new(self)

return disable_proxy_ssl()
end
else
request.disable_tls = function()
check_phase(preread_and_balancer)
return balancer.set_upstream_tls(false)
end

request.enable_tls = function()
check_phase(preread_and_balancer)
return balancer.set_upstream_tls(true)
end
end

return request
Expand Down
24 changes: 24 additions & 0 deletions t/01-pdk/06-service-request/00-phase_checks.t
View file
Original file line number Diff line number Diff line change
Expand Up @@ -186,6 +186,30 @@ qq{
body_filter = false,
log = false,
admin_api = "forced false",
},{
method = "disable_tls",
args = { },
init_worker = "forced false",
certificate = "pending",
rewrite = "forced false",
access = "forced false",
response = "forced false",
header_filter = "forced false",
body_filter = "forced false",
log = "forced false",
admin_api = "forced false",
},{
method = "enable_tls",
args = { },
init_worker = "forced false",
certificate = "pending",
rewrite = "forced false",
access = "forced false",
response = "forced false",
header_filter = "forced false",
body_filter = "forced false",
log = "forced false",
admin_api = "forced false",
},
}
Expand Down

1 comment on commit 7fd7f04

@github-actions
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bazel Build

Docker image available kong/kong-dev:7fd7f0471b4561ad8a0a3d7a8df716752e63ca31
Artifacts available https://github.com/Kong/kong/actions/runs/12862985280

Please sign in to comment.