Skip to content

Commit

Permalink
feat(pdk): dynamic control upstream tls when kong.service.request.set…
Browse files Browse the repository at this point in the history 
…_scheme was called
  • Loading branch information
@oowl
oowl committed Dec 20, 2024
1 parent 5bdb601 commit 0728d8c
Show file tree
Hide file tree
Showing 3 changed files with 45 additions and 1 deletion.
3 changes: 3 additions & 0 deletions changelog/unreleased/kong/dynamic-set-tls-in-pdk-set_scheme.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
message: dynamic control upstream tls when kong.service.request.set_scheme was called
type: feature
scope: PDK
19 changes: 18 additions & 1 deletion kong/pdk/service/request.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ local cjson = require "cjson.safe"
local buffer = require "string.buffer"
local checks = require "kong.pdk.private.checks"
local phase_checker = require "kong.pdk.private.phases"

local balancer = require "ngx.balancer"

local ngx = ngx
local ngx_var = ngx.var
Expand Down Expand Up @@ -112,6 +112,15 @@ local function new(self)
error("invalid scheme: " .. scheme, 2)
end

if ngx.get_phase() == "balancer" then
if scheme == "https" then
kong.service.request.enable_tls()
end
if scheme == "http" then
kong.service.request.disable_tls()
end
end

ngx_var.upstream_scheme = scheme
end

Expand Down Expand Up @@ -711,6 +720,14 @@ local function new(self)

return disable_proxy_ssl()
end
else
request.disable_tls = function()
return balancer.set_upstream_tls(false)
end

request.enable_tls = function()
return balancer.set_upstream_tls(true)
end
end

return request
Expand Down
24 changes: 24 additions & 0 deletions t/01-pdk/06-service-request/00-phase_checks.t
View file
Original file line number Diff line number Diff line change
Expand Up @@ -186,6 +186,30 @@ qq{
body_filter = false,
log = false,
admin_api = "forced false",
},{
method = "disable_tls",
args = { },
init_worker = "forced false",
certificate = "pending",
rewrite = "forced false",
access = "forced false",
response = "forced false",
header_filter = "forced false",
body_filter = "forced false",
log = "forced false",
admin_api = "forced false",
},{
method = "enable_tls",
args = { },
init_worker = "forced false",
certificate = "pending",
rewrite = "forced false",
access = "forced false",
response = "forced false",
header_filter = "forced false",
body_filter = "forced false",
log = "forced false",
admin_api = "forced false",
},
}
Expand Down

0 comments on commit 0728d8c

Please sign in to comment.