Use an annotation to provide a route cookie #16454
Conversation
openshift-ci-robot
added
the
size/XS
|
@knobunc PTAL |
pecameron
force-pushed
the
cookie-name
branch
from
dfc3aa6
to
351aedc
Compare
| @@ -22,6 +22,9 @@ | |||
| {{/* cidrListPattern: Match a space separated list of CIDRs; e.g. 192.168.21.23/24 192.10.2.12 */}} | |||
| {{- $cidrListPattern := printf `(?:%s(?: +%s)*)` $cidrPattern $cidrPattern -}} | |||
|
|
|||
| {{/* cookie name pattern: */}} | |||
| {{- $cookieName := "^[a-zA-Z0-9_-][a-zA-Z0-9_-]*" -}} | |||
There was a problem hiding this comment.
No need for the leading ^ since our functions add ^(...)$ around the provided regexes.
Can you name the variable $cookieNameRE to match the others
| @@ -377,7 +380,7 @@ backend be_secure:{{$cfgIdx}} | |||
| {{- end }} | |||
|
|
|||
| {{- if not (isTrue (index $cfg.Annotations "haproxy.router.openshift.io/disable_cookies")) }} | |||
| cookie {{$cfg.RoutingKeyName}} insert indirect nocache httponly | |||
| cookie {{firstMatch $cookieName (index $cfg.Annotations "router.openshift.io/route.cookie.name") $cfg.RoutingKeyName}} insert indirect nocache httponly | |||
There was a problem hiding this comment.
The annotation should probably be:
haproxy.router.openshift.io/cookie_name
Or cookie-name... we have both in the conf file :-( Seems redundant to say route there though since it is on the route.
Also, you lost the global env... do we want to have that as an option?
There was a problem hiding this comment.
Went with cookie_name
There was a problem hiding this comment.
Added environment variable ROUTER_COOKIE_NAME
|
/assign @knobunc |
pecameron
force-pushed
the
cookie-name
branch
from
351aedc
to
16d0c74
Compare
| @@ -22,6 +22,9 @@ | |||
| {{/* cidrListPattern: Match a space separated list of CIDRs; e.g. 192.168.21.23/24 192.10.2.12 */}} | |||
| {{- $cidrListPattern := printf `(?:%s(?: +%s)*)` $cidrPattern $cidrPattern -}} | |||
|
|
|||
| {{/* cookie name pattern: */}} | |||
| {{- $cookieNameRE := "[a-zA-Z0-9_-][a-zA-Z0-9_-]*" -}} | |||
Route annotation: router.openshift.io/router.cookie.name can be used to set a cookie name for the route. Added ROUTER_COOKIE_NAME for setting cookie name for all routes. The cookie must pass regex filter "[a-zA-Z0-9_-]+" https://trello.com/c/dZpU26W9 (3) Allow routes to set the cookie names for session stickiness origin PR 16454 openshift/origin#16454
pecameron
force-pushed
the
cookie-name
branch
from
16d0c74
to
3fda80b
Compare
| @@ -22,6 +22,9 @@ | |||
| {{/* cidrListPattern: Match a space separated list of CIDRs; e.g. 192.168.21.23/24 192.10.2.12 */}} | |||
| {{- $cidrListPattern := printf `(?:%s(?: +%s)*)` $cidrPattern $cidrPattern -}} | |||
|
|
|||
| {{/* cookie name pattern: */}} | |||
| {{- $cookieNameRE := "[a-zA-Z0-9_-]+" -}} | |||
There was a problem hiding this comment.
Can it start with a '-' or '_' ?
Is it to follow the TEXT as defined in https://tools.ietf.org/html/rfc2616#section-2.2
There was a problem hiding this comment.
@rajatchopra It supports leading '-' and ''. It is a subset of https://tools.ietf.org/html/rfc2616#section-2.2. In particular embedded , and punctuation (other than '-' and ..) are excluded.
This is as far as @knobunc wanted to go.
There was a problem hiding this comment.
@rajatchopra we can allow more if you want. But I couldn't work out how to find out what was safe in the haproxy file at that point... or how to escape things.
@pecameron I realized the other regexes are named *Pattern not *RE... can we change this to match please.
There was a problem hiding this comment.
Also... the comment in the commit message does not match the new regex...
There was a problem hiding this comment.
And, the pattern should be surrounded by ``s not ""s
|
@knobunc do you want further changes? No test should fail because of this change in the template. |
|
/lgtm |
openshift-merge-robot
added
the
approved
|
/retest Please review the full test history for this PR and help us cut down flakes. |
1 similar comment
|
/retest Please review the full test history for this PR and help us cut down flakes. |
openshift-ci-robot
added
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: knobunc, pecameron, rajatchopra The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
|
/retest |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
9 similar comments
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest |
|
/test all [submit-queue is verifying that this PR is safe to merge] |
|
/retest |
|
Automatic merge from submit-queue (batch tested with PRs 16454, 16444, 16522) |
|
@pecameron: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Route annotation: router.openshift.io/router.cookie.name can be used to set a cookie name for the route. Added ROUTER_COOKIE_NAME for setting cookie name for all routes. The cookie must pass regex filter "[a-zA-Z0-9_-]+" https://trello.com/c/dZpU26W9 (3) Allow routes to set the cookie names for session stickiness origin PR 16454 openshift/origin#16454 (cherry picked from commit 4971e9d)
Route annotation: router.openshift.io/router.cookie.name can be used to set a cookie name for the route. Added ROUTER_COOKIE_NAME for setting cookie name for all routes. The cookie must pass regex filter "[a-zA-Z0-9_-]+" https://trello.com/c/dZpU26W9 (3) Allow routes to set the cookie names for session stickiness origin PR 16454 openshift/origin#16454 (cherry picked from commit 4971e9d)
Route annotation: router.openshift.io/router.cookie.name can be used to set a cookie name for the route. Added ROUTER_COOKIE_NAME for setting cookie name for all routes. The cookie must pass regex filter "[a-zA-Z0-9_-]+" https://trello.com/c/dZpU26W9 (3) Allow routes to set the cookie names for session stickiness origin PR 16454 openshift/origin#16454 (cherry picked from commit 4971e9d)
Route annotation:
router.openshift.io/router.cookie.name
can be used to set a cookie name for the route.
Added ROUTER_COOKIE_NAME for setting cookie name for all routes.
The cookie must pass regex filter "[a-zA-Z0-9_-]+"
https://trello.com/c/dZpU26W9
(3) Allow routes to set the cookie names for session stickiness
openshift/openshift-docs PR 5309