Skip to content

Commit

Permalink
plugin tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@npolshakova
npolshakova committed Feb 18, 2025
1 parent d863f4e commit 794ddc4
Show file tree
Hide file tree
Showing 8 changed files with 493 additions and 25 deletions.
16 changes: 2 additions & 14 deletions internal/kgateway/extensions2/plugins/upstream/plugin.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,19 +40,7 @@ import (
)

const (
ParameterGroup = "gloo.solo.io"
ParameterKind = "Parameter"
)
const (
ExtensionName = "Upstream"
FilterName = "io.solo.aws_lambda"
)

var (
ParameterGK = schema.GroupKind{
Group: ParameterGroup,
Kind: ParameterKind,
}
FilterName = "io.solo.aws_lambda"
)

type upstreamDestination struct {
Expand Down Expand Up @@ -151,7 +139,7 @@ func NewPlugin(ctx context.Context, commoncol *common.CommonCollections) extensi
},
},
ContributesPolicies: map[schema.GroupKind]extensionsplug.PolicyPlugin{
ParameterGK: {
v1alpha1.UpstreamGVK.GroupKind(): {
Name: "upstream",
NewGatewayTranslationPass: newPlug,
// AttachmentPoints: []ir.AttachmentPoints{ir.HttpBackendRefAttachmentPoint},
Expand Down
163 changes: 163 additions & 0 deletions internal/kgateway/setup/testdata/ai-anthropic-passthrough-out.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,163 @@
clusters:
- connectTimeout: 5s
edsClusterConfig:
edsConfig:
ads: {}
resourceApiVersion: V3
metadata: {}
name: kube_default_kubernetes_443
transportSocketMatches:
- match:
tlsMode: istio
name: tlsMode-istio
transportSocket:
name: envoy.transport_sockets.tls
typedConfig:
'@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
commonTlsContext:
alpnProtocols:
- istio
tlsCertificateSdsSecretConfigs:
- name: istio_server_cert
sdsConfig:
apiConfigSource:
apiType: GRPC
grpcServices:
- envoyGrpc:
clusterName: gateway_proxy_sds
setNodeOnFirstMessageOnly: true
transportApiVersion: V3
resourceApiVersion: V3
tlsParams: {}
validationContextSdsSecretConfig:
name: istio_validation_context
sdsConfig:
apiConfigSource:
apiType: GRPC
grpcServices:
- envoyGrpc:
clusterName: gateway_proxy_sds
setNodeOnFirstMessageOnly: true
transportApiVersion: V3
resourceApiVersion: V3
sni: outbound_.443_._.kubernetes.default.svc.cluster.local
- match: {}
name: tlsMode-disabled
transportSocket:
name: envoy.transport_sockets.raw_buffer
typedConfig:
'@type': type.googleapis.com/envoy.extensions.transport_sockets.raw_buffer.v3.RawBuffer
type: EDS
- connectTimeout: 5s
dnsLookupFamily: V4_ONLY
loadAssignment:
clusterName: upstream_gwtest_anthropic_0
endpoints:
- lbEndpoints:
- endpoint:
address:
socketAddress:
address: api.anthropic.com
portValue: 443
hostname: api.anthropic.com
metadata:
filterMetadata:
envoy.transport_socket_match:
tls: api.anthropic.com
io.solo.transformation:
auth_token: ""
metadata: {}
name: upstream_gwtest_anthropic_0
transportSocketMatches:
- match:
tlsMode: istio
name: tlsMode-istio
transportSocket:
name: envoy.transport_sockets.tls
typedConfig:
'@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
commonTlsContext:
alpnProtocols:
- istio
tlsCertificateSdsSecretConfigs:
- name: istio_server_cert
sdsConfig:
apiConfigSource:
apiType: GRPC
grpcServices:
- envoyGrpc:
clusterName: gateway_proxy_sds
setNodeOnFirstMessageOnly: true
transportApiVersion: V3
resourceApiVersion: V3
tlsParams: {}
validationContextSdsSecretConfig:
name: istio_validation_context
sdsConfig:
apiConfigSource:
apiType: GRPC
grpcServices:
- envoyGrpc:
clusterName: gateway_proxy_sds
setNodeOnFirstMessageOnly: true
transportApiVersion: V3
resourceApiVersion: V3
- match: {}
name: tlsMode-disabled
transportSocket:
name: envoy.transport_sockets.raw_buffer
typedConfig:
'@type': type.googleapis.com/envoy.extensions.transport_sockets.raw_buffer.v3.RawBuffer
type: STRICT_DNS
listeners:
- address:
socketAddress:
address: '::'
ipv4Compat: true
portValue: 8080
filterChains:
- filters:
- name: envoy.filters.network.http_connection_manager
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
httpFilters:
- name: envoy.filters.http.router
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
mergeSlashes: true
normalizePath: true
rds:
configSource:
ads: {}
resourceApiVersion: V3
routeConfigName: http
statPrefix: http
useRemoteAddress: true
name: http
name: http
routes:
- ignorePortInHostMatching: true
name: http
virtualHosts:
- domains:
- test
name: http~test
routes:
- match:
prefix: /
name: http~test-route-1-httproute-route-to-upstream-gwtest-1-0-matcher-0
route:
cluster: upstream_gwtest_anthropic_0
clusterNotFoundResponseCode: INTERNAL_SERVER_ERROR
typedPerFilterConfig:
AutoHostRewrite:
'@type': type.googleapis.com/google.protobuf.BoolValue
value: true
ai.extproc.kgateway.io:
'@type': type.googleapis.com/envoy.extensions.filters.http.ext_proc.v3.ExtProcPerRoute
overrides:
grpcInitialMetadata:
- key: x-llm-provider
value: anthropic
- key: x-request-id
value: '%REQ(X-REQUEST-ID)%'
11 changes: 6 additions & 5 deletions internal/kgateway/setup/testdata/ai-anthropic-passthrough.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ spec:
namespaces:
from: All
---
apiVersion: gloo.solo.io/v1
apiVersion: gateway.kgateway.dev/v1alpha1
kind: Upstream
metadata:
labels:
Expand All @@ -22,9 +22,10 @@ metadata:
namespace: gwtest
spec:
ai:
anthropic:
authToken:
kind: "Passthrough"
llm:
anthropic:
authToken:
kind: "Passthrough"
---
apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
Expand All @@ -48,7 +49,7 @@ spec:
filters:
- type: ExtensionRef
extensionRef:
group: gateway.kgateway.dev/v1alpha1
group: gateway.kgateway.dev
kind: RoutePolicy
name: route-test
---
Expand Down
163 changes: 163 additions & 0 deletions internal/kgateway/setup/testdata/ai-prompt-guard-out.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,163 @@
clusters:
- connectTimeout: 5s
edsClusterConfig:
edsConfig:
ads: {}
resourceApiVersion: V3
metadata: {}
name: kube_default_kubernetes_443
transportSocketMatches:
- match:
tlsMode: istio
name: tlsMode-istio
transportSocket:
name: envoy.transport_sockets.tls
typedConfig:
'@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
commonTlsContext:
alpnProtocols:
- istio
tlsCertificateSdsSecretConfigs:
- name: istio_server_cert
sdsConfig:
apiConfigSource:
apiType: GRPC
grpcServices:
- envoyGrpc:
clusterName: gateway_proxy_sds
setNodeOnFirstMessageOnly: true
transportApiVersion: V3
resourceApiVersion: V3
tlsParams: {}
validationContextSdsSecretConfig:
name: istio_validation_context
sdsConfig:
apiConfigSource:
apiType: GRPC
grpcServices:
- envoyGrpc:
clusterName: gateway_proxy_sds
setNodeOnFirstMessageOnly: true
transportApiVersion: V3
resourceApiVersion: V3
sni: outbound_.443_._.kubernetes.default.svc.cluster.local
- match: {}
name: tlsMode-disabled
transportSocket:
name: envoy.transport_sockets.raw_buffer
typedConfig:
'@type': type.googleapis.com/envoy.extensions.transport_sockets.raw_buffer.v3.RawBuffer
type: EDS
- connectTimeout: 5s
dnsLookupFamily: V4_ONLY
loadAssignment:
clusterName: upstream_gwtest_openai_0
endpoints:
- lbEndpoints:
- endpoint:
address:
socketAddress:
address: api.openai.com
portValue: 443
hostname: api.openai.com
metadata:
filterMetadata:
envoy.transport_socket_match:
tls: api.openai.com
io.solo.transformation:
auth_token: mysecretkey
metadata: {}
name: upstream_gwtest_openai_0
transportSocketMatches:
- match:
tlsMode: istio
name: tlsMode-istio
transportSocket:
name: envoy.transport_sockets.tls
typedConfig:
'@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
commonTlsContext:
alpnProtocols:
- istio
tlsCertificateSdsSecretConfigs:
- name: istio_server_cert
sdsConfig:
apiConfigSource:
apiType: GRPC
grpcServices:
- envoyGrpc:
clusterName: gateway_proxy_sds
setNodeOnFirstMessageOnly: true
transportApiVersion: V3
resourceApiVersion: V3
tlsParams: {}
validationContextSdsSecretConfig:
name: istio_validation_context
sdsConfig:
apiConfigSource:
apiType: GRPC
grpcServices:
- envoyGrpc:
clusterName: gateway_proxy_sds
setNodeOnFirstMessageOnly: true
transportApiVersion: V3
resourceApiVersion: V3
- match: {}
name: tlsMode-disabled
transportSocket:
name: envoy.transport_sockets.raw_buffer
typedConfig:
'@type': type.googleapis.com/envoy.extensions.transport_sockets.raw_buffer.v3.RawBuffer
type: STRICT_DNS
listeners:
- address:
socketAddress:
address: '::'
ipv4Compat: true
portValue: 8080
filterChains:
- filters:
- name: envoy.filters.network.http_connection_manager
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
httpFilters:
- name: envoy.filters.http.router
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
mergeSlashes: true
normalizePath: true
rds:
configSource:
ads: {}
resourceApiVersion: V3
routeConfigName: http
statPrefix: http
useRemoteAddress: true
name: http
name: http
routes:
- ignorePortInHostMatching: true
name: http
virtualHosts:
- domains:
- test
name: http~test
routes:
- match:
prefix: /
name: http~test-route-1-httproute-route-to-upstream-gwtest-1-0-matcher-0
route:
cluster: upstream_gwtest_openai_0
clusterNotFoundResponseCode: INTERNAL_SERVER_ERROR
typedPerFilterConfig:
AutoHostRewrite:
'@type': type.googleapis.com/google.protobuf.BoolValue
value: true
ai.extproc.kgateway.io:
'@type': type.googleapis.com/envoy.extensions.filters.http.ext_proc.v3.ExtProcPerRoute
overrides:
grpcInitialMetadata:
- key: x-llm-provider
value: openai
- key: x-request-id
value: '%REQ(X-REQUEST-ID)%'
2 changes: 1 addition & 1 deletion internal/kgateway/setup/testdata/ai-prompt-guard.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ spec:
filters:
- type: ExtensionRef
extensionRef:
group: gateway.kgateway.dev/v1alpha1
group: gateway.kgateway.dev
kind: RoutePolicy
name: route-test
---
Expand Down
Loading

0 comments on commit 794ddc4

Please sign in to comment.