yoshino-s/cilium-envoy-hook
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

support custom xff trust num

Browse Source
This commit is contained in:
yoshino-s
2024-06-06 18:52:29 +08:00
parent ce98821d89
commit 0f3b290ae6
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cmd/deploy.yaml
View File

@@ -17,9 +17,10 @@ spec:
spec: spec:
containers: containers:
- name: APP - name: APP
image: registry.yoshino-s.xyz/yoshino-s/cilium-envoy-hook:latest image: registry.yoshino-s.xyz/yoshino-s/cilium-envoy-hook:dev
imagePullPolicy: Always imagePullPolicy: Always
args: args:
- server
- --tls-cert-file-path=/etc/webhook/certs/cert.pem - --tls-cert-file-path=/etc/webhook/certs/cert.pem
- --tls-key-file-path=/etc/webhook/certs/key.pem - --tls-key-file-path=/etc/webhook/certs/key.pem
ports: ports:

4
cmd/server.go
View File

@@ -40,6 +40,7 @@ type Config struct {
WebhookListenAddr string WebhookListenAddr string
TLSCertFilePath string TLSCertFilePath string
TLSKeyFilePath string TLSKeyFilePath string
XffNumTrustedHops int
} }
var ( var (
@@ -108,7 +109,7 @@ var (
}) })
typedConfig["upgradeConfigs"] = upgradeConfigs typedConfig["upgradeConfigs"] = upgradeConfigs
typedConfig["useRemoteAddress"] = true typedConfig["useRemoteAddress"] = true
typedConfig["xffNumTrustedHops"] = 2 typedConfig["xffNumTrustedHops"] = cmdConfig.XffNumTrustedHops
} }
} }
} }
@@ -181,4 +182,5 @@ func init() {
serverCmd.PersistentFlags().StringVar(&cmdConfig.WebhookListenAddr, "webhook-listen-address", ":8080", "The address where the HTTPS server will be listening to serve the webhooks.") serverCmd.PersistentFlags().StringVar(&cmdConfig.WebhookListenAddr, "webhook-listen-address", ":8080", "The address where the HTTPS server will be listening to serve the webhooks.")
serverCmd.PersistentFlags().StringVar(&cmdConfig.TLSCertFilePath, "tls-cert-file-path", "", "The path for the webhook HTTPS server TLS cert file.") serverCmd.PersistentFlags().StringVar(&cmdConfig.TLSCertFilePath, "tls-cert-file-path", "", "The path for the webhook HTTPS server TLS cert file.")
serverCmd.PersistentFlags().StringVar(&cmdConfig.TLSKeyFilePath, "tls-key-file-path", "", "The path for the webhook HTTPS server TLS key file.") serverCmd.PersistentFlags().StringVar(&cmdConfig.TLSKeyFilePath, "tls-key-file-path", "", "The path for the webhook HTTPS server TLS key file.")
serverCmd.PersistentFlags().IntVar(&cmdConfig.XffNumTrustedHops, "xff-num-trusted-hops", 1, "The number of trusted hops for the X-Forwarded-For header.")
} }