-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[fuzz] Create ext authz http fuzzer with dynamic metadata #15520
Conversation
Signed-off-by: Asra Ali <asraa@google.com>
Signed-off-by: Asra Ali <asraa@google.com>
This is ready for review! |
Signed-off-by: Asra Ali <asraa@google.com>
This looks reasonable though I admit that I need to learn more about how fuzz tests work in Envoy. |
Signed-off-by: Asra Ali <asraa@google.com>
No worries! I've defined a protobuf that is fuzzed by the engine that defines a sequence of actions and executes them with the ext_authz filter. @fcfort would you be able to review (or find a review)? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you fix the envoy-presubmit
errors? Looks like format_pre
failed.
@@ -0,0 +1,23 @@ | |||
config { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is the purpose of these files in ext_authz_corpus
?
Filters::Common::ExtAuthz::ResponsePtr response = | ||
std::make_unique<Filters::Common::ExtAuthz::Response>(); | ||
response->status = status; | ||
// TODO: add headers to remove, append, set, body, status_code. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What does this TODO
mean?
This pull request has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions! |
@asraa I am closing so we keep active assignment on PRs. Please re-open if you want to continue this workstream. |
/wait |
Signed-off-by: Asra Ali <asraa@google.com>
cc @adisuissa |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for doing this work.
Left a few small nits, and the only thing that needs to be changed is surrounding the FilterConfig
instantiation inside a try-catch clause.
test/extensions/filters/http/ext_authz/ext_authz_corpus/metadata_context
Outdated
Show resolved
Hide resolved
test/extensions/filters/http/ext_authz/ext_authz_corpus/example
Outdated
Show resolved
Hide resolved
test/extensions/filters/http/ext_authz/ext_authz_corpus/error_fail_close
Outdated
Show resolved
Hide resolved
test/extensions/filters/http/ext_authz/ext_authz_corpus/custom_status
Outdated
Show resolved
Hide resolved
Signed-off-by: Asra Ali <asraa@google.com>
Signed-off-by: Asra Ali <asraa@google.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for working on this!
Signed-off-by: Asra Ali asraa@google.com
Commit Message: Added dedicated fuzzer for ext_authz filter.
Additional Description:
Risk Level: Low
Testing: Added corpus entries mirroring unit test cases, including metadata.