Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Environment variable #545

Merged
merged 4 commits into from
Aug 2, 2022
Merged

Environment variable #545

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a4f2b69
`couper.environment` variable
afflerbach Jul 26, 2022
7d72a8d
Docs for `environment` block, setting and variable
afflerbach Jul 26, 2022
8592fb0
Merge branch 'master' into environment-variable
afflerbach Jul 27, 2022
0562478
CS
Aug 1, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@

Unreleased changes are available as `avenga/couper:edge` container.

* **Added**
* [`environment` block](https://docs.couper.io/configuration/block/environment), [setting](https://docs.couper.io/configuration/block/settings) and [`couper.environment` variable](https://docs.couper.io/configuration/variables#couper) ([#521](https://github.com/avenga/couper/pull/521), ([#534](https://github.com/avenga/couper/pull/534), [#545](https://github.com/avenga/couper/pull/545))

* **Fixed**
* Disallow empty path parameters ([#526](https://github.com/avenga/couper/pull/526))
* Basic Auth client authentication with OAuth2 (client ID and secret must be URL encoded) ([#537](https://github.com/avenga/couper/pull/537))
Expand Down
2 changes: 1 addition & 1 deletion config/body/merged_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -149,7 +149,7 @@ block {
}
}

hclcontext := eval.NewContext(nil, nil).HCLContext()
hclcontext := eval.NewDefaultContext().HCLContext()

for k, attr := range expectedAttributes {
a, exist := resultAttributes[k]
Expand Down
6 changes: 3 additions & 3 deletions config/configload/helper.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ type helper struct {
}

// newHelper creates a container with some methods to keep things simple here and there.
func newHelper(body hcl.Body, src [][]byte) (*helper, error) {
func newHelper(body hcl.Body, src [][]byte, environment string) (*helper, error) {
defaultsBlock := &config.DefaultsBlock{}
if diags := gohcl.DecodeBody(body, nil, defaultsBlock); diags.HasErrors() {
return nil, diags
Expand All @@ -31,7 +31,7 @@ func newHelper(body hcl.Body, src [][]byte) (*helper, error) {
defSettings := config.DefaultSettings

couperConfig := &config.Couper{
Context: eval.NewContext(src, defaultsBlock.Defaults),
Context: eval.NewContext(src, defaultsBlock.Defaults, environment),
Definitions: &config.Definitions{},
Defaults: defaultsBlock.Defaults,
Settings: &defSettings,
Expand Down Expand Up @@ -151,7 +151,7 @@ func (h *helper) resolveBackendDeps() (uniqueItems []string, err error) {

// do not forget the other ones
var standalone []string
for def, _ := range h.defsBackends {
for def := range h.defsBackends {
standalone = append(standalone, def)
}
items = append(items, standalone)
Expand Down
14 changes: 7 additions & 7 deletions config/configload/load.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,15 +69,15 @@ func init() {
}
}

func updateContext(body hcl.Body, srcBytes [][]byte) hcl.Diagnostics {
func updateContext(body hcl.Body, srcBytes [][]byte, environment string) hcl.Diagnostics {
defaultsBlock := &config.DefaultsBlock{}
if diags := gohcl.DecodeBody(body, nil, defaultsBlock); diags.HasErrors() {
return diags
}

// We need the "envContext" to be able to resolve absolute paths in the config.
defaultsConfig = defaultsBlock.Defaults
evalContext = eval.NewContext(srcBytes, defaultsConfig)
evalContext = eval.NewContext(srcBytes, defaultsConfig, environment)
envContext = evalContext.HCLContext()

return nil
Expand Down Expand Up @@ -165,7 +165,7 @@ func LoadFiles(filesList []string, env string) (*config.Couper, error) {
Blocks: hclsyntax.Blocks{defaultsBlock},
}

if diags := updateContext(defs, srcBytes); diags.HasErrors() {
if diags := updateContext(defs, srcBytes, env); diags.HasErrors() {
return nil, diags
}

Expand Down Expand Up @@ -196,7 +196,7 @@ func LoadFiles(filesList []string, env string) (*config.Couper, error) {
Blocks: configBlocks,
}

conf, err := LoadConfig(configBody, srcBytes)
conf, err := LoadConfig(configBody, srcBytes, env)
if err != nil {
return nil, err
}
Expand All @@ -216,17 +216,17 @@ func LoadBytes(src []byte, filename string) (*config.Couper, error) {
return nil, diags
}

return LoadConfig(hclBody, [][]byte{src})
return LoadConfig(hclBody, [][]byte{src}, "")
}

func LoadConfig(body hcl.Body, src [][]byte) (*config.Couper, error) {
func LoadConfig(body hcl.Body, src [][]byte, environment string) (*config.Couper, error) {
var err error

if diags := ValidateConfigSchema(body, &config.Couper{}); diags.HasErrors() {
return nil, diags
}

helper, err := newHelper(body, src)
helper, err := newHelper(body, src, environment)
if err != nil {
return nil, err
}
Expand Down
2 changes: 1 addition & 1 deletion config/runtime/server_internal_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -208,7 +208,7 @@ func TestServer_validatePortHosts(t *testing.T) {
}
for _, tt := range tests {
t.Run(tt.name, func(subT *testing.T) {
tt.args.conf.Context = eval.NewContext(nil, nil)
tt.args.conf.Context = eval.NewDefaultContext()
tt.args.conf.Settings = &config.DefaultSettings

logger, _ := logrustest.NewNullLogger()
Expand Down
56 changes: 29 additions & 27 deletions docs/website/content/2.configuration/4.block/environment.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,52 +1,54 @@
# Environment Block
# Environment

The `environment` block lets you refine the Couper configuration based on the set
[environment](/configuration/command-linemd#global-options).
[environment](../command-line#global-options).

| Block name | Context | Label | Nested block(s) |
| :------------ | :------- | :----------------------------------------------- | :---------------------------------- |
| `environment` | Overall. | ⚠ required, multiple labels are supported. | All configuration blocks of Couper. |

The `environment` block works like a preprocessor. If the label of an `environment`
block do not match the set [environment](./CLI.md#global-options) value, the preprocessor
removes this block and their content. Otherwise, the content of the block is applied
block does not match the set [`COUPER_ENVIRONMENT`](../command-line#global-options) value, the preprocessor
removes this block and its content. Otherwise, the content of the block is added
to the configuration.

If the [environment](/configuration/command-linemd#global-options) value set to `prod`, the following configuration
## Example

Considering the following configuration with the `COUPER_ENVIRONMENT` value set to `prod`

```hcl
server {
api "protected" {
endpoint "/secure" {
environment "prod" {
access_control = ["jwt"]
}

proxy {
environment "prod" {
url = "https://protected-resource.org"
}
environment "stage" {
url = "https://test-resource.org"
}
}
api "protected" {
endpoint "/secure" {
environment "prod" {
access_control = ["jwt"]
}

proxy {
environment "prod" {
url = "https://protected-resource.org"
}
environment "stage" {
url = "https://test-resource.org"
}
}
}
}
}
```

produces after the preprocessing the following configuration:
the result will be:

```hcl
server {
api "protected" {
endpoint "/secure" {
access_control = ["jwt"]
api "protected" {
endpoint "/secure" {
access_control = ["jwt"]

proxy {
url = "https://protected-resource.org"
}
}
proxy {
url = "https://protected-resource.org"
}
}
}
}
```
7 changes: 4 additions & 3 deletions docs/website/content/2.configuration/4.block/settings.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ gateway instance.
|:--------------------------------|:---------------|:--------------------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------|
| `accept_forwarded_url` | tuple (string) | `[]` | Which `X-Forwarded-*` request headers should be accepted to change the [request variables](../modifiers#request) `url`, `origin`, `protocol`, `host`, `port`. Valid values are `"proto"`, `"host"` and `"port"`. The port in `X-Forwarded-Port` takes precedence over a port in `X-Forwarded-Host`. | Affects relative url values for [`sp_acs_url`](saml) attribute and `redirect_uri` attribute within [beta_oauth2](oauth2) & [oidc](oidc). | `["proto","host","port"]` |
| `default_port` | number | `8080` | Port which will be used if not explicitly specified per host within the [`hosts`](server) list. | - | - |
| `environment` | string | `""` | [Environment](../command-line#global-options) Couper is to run in. | - | `"prod"` |
| `health_path` | string | `"/healthz"` | Health path which is available for all configured server and ports. | - | - |
| `https_dev_proxy` | tuple (string) | `[]` | List of tls port mappings to define the tls listen port and the target one. A self-signed certificate will be generated on the fly based on given hostname. | Certificates will be hold in memory and are generated once. | `["443:8080", "8443:8080"]` |
| `log_format` | string | `"common"` | Switch for tab/field based colored view or JSON log lines. Valid values are `"common"` and `"json"`. | - | - |
Expand All @@ -16,10 +17,10 @@ gateway instance.
| `request_id_accept_from_header` | string | `""` | Name of a client request HTTP header field that transports the `request.id` which Couper takes for logging and transport to the backend (if configured). | - | `X-UID` |
| `request_id_backend_header` | string | `Couper-Request-ID` | Name of a HTTP header field which Couper uses to transport the `request.id` to the backend. | - | - |
| `request_id_client_header` | string | `Couper-Request-ID` | Name of a HTTP header field which Couper uses to transport the `request.id` to the client. | - | - |
| `request_id_format` | string | `"common"` | Valid values are `"common"` and `"uuid4"`. If set to `"uuid4"` a rfc4122 uuid is used for `request.id` and related log fields. | - | - |
| `request_id_format` | string | `"common"` | Valid values are `"common"` and `"uuid4"`. If set to `"uuid4"` a RFC 4122 uuid is used for `request.id` and related log fields. | - | - |
| `secure_cookies` | string | `""` | Valid values are `""` and `"strip"`. If set to `"strip"`, the `Secure` flag is removed from all `Set-Cookie` HTTP header fields. | - | - |
| `xfh` | bool | `false` | Option to use the `X-Forwarded-Host` header as the request host. | - | - |
| `beta_metrics` | bool | `false` | Option to enable the Prometheus [metrics](METRICS.md) exporter. | - | - |
| `beta_metrics` | bool | `false` | Option to enable the Prometheus [metrics](/observation/metrics) exporter. | - | - |
| `beta_metrics_port` | number | `9090` | Prometheus exporter listen port. | - | - |
| `beta_service_name` | string | `"couper"` | The service name which applies to the `service_name` metric labels. | - | - |
| `ca_file` | string | `""` | Option for adding the given PEM encoded ca-certificate to the existing system certificate pool for all outgoing connections. | - | - |
| `ca_file` | string | `""` | Option for adding the given PEM encoded CA certificate to the existing system certificate pool for all outgoing connections. | - | - |
7 changes: 4 additions & 3 deletions docs/website/content/2.configuration/5.variables.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,10 @@ The second evaluation will happen during the request/response handling.

## `couper`

| Variable | Type | Description | Example |
| :------------------------------- | :----- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :-------- |
| `version` | string | Couper's version number | `"1.3.1"` |
| Variable | Type | Description | Example |
| :------------------------------- | :----- | :------------------------------------------------------------------------- | :-------- |
| `version` | string | Couper's version number | `"1.9.2"` |
| `environment` | string | The [environment](../command-line#global-options) Couper currently runs in | `"prod"` |

## `env`

Expand Down
Loading