envoyproxy · guydc · Nov 20, 2024 · Nov 20, 2024 · Nov 20, 2024 · Nov 25, 2024
@@ -22,11 +22,18 @@ const (
 )
 
 // ProcessingModeOptions defines if headers or body should be processed by the external service
+// and which attributes are sent to the processor
 type ProcessingModeOptions struct {
 	// Defines body processing mode
 	//
 	// +optional
 	Body *ExtProcBodyProcessingMode `json:"body,omitempty"`
+
+	// Defines which attributes are sent to the external processor
+	// https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes
+	//
+	// +optional
+	Attributes []string `json:"attributes,omitempty"`
 }
 
 // ExtProcProcessingMode defines if and how headers and bodies are sent to the service.
@@ -70,4 +77,41 @@ type ExtProc struct {
 	//
 	// +optional
 	ProcessingMode *ExtProcProcessingMode `json:"processingMode,omitempty"`
+
+	// MetadataOptions defines options related to the sending and receiving of dynamic metadata.
+	// These options define which metadata namespaces would be sent to the processor and which dynamic metadata
+	// namespaces the processor would be permitted to emit metadata to.
+	// Users can specify custom namespaces or well-known envoy metadata namespace (such as envoy.filters.http.ext_authz)
+	// documented here: https://www.envoyproxy.io/docs/envoy/latest/configuration/advanced/well_known_dynamic_metadata#well-known-dynamic-metadata
+	// Default: no metadata context is sent or received from the external processor
+	//
+	// +optional
+	MetadataOptions *ExtProcMetadataOptions `json:"metadataOptions,omitempty"`
+}
+
+// ExtProcAttributes defines which envoy attributes are sent for requests and responses to the external processor
+type ExtProcAttributes struct {
+	// defines attributes to send for Request processing
+	//
+	// +optional
+	Request []string `json:"request,omitempty"`
+
+	// defines attributes to send for Response processing
+	//
+	// +optional
+	Response []string `json:"response,omitempty"`
+}
+
+// ExtProcMetadataOptions defines options related to the sending and receiving of dynamic metadata to and from the
+// external processor service
+type ExtProcMetadataOptions struct {
+	// metadata namespaces forwarded to external processor
+	//
+	// +optional
+	ForwardingNamespaces []string `json:"forwardingNamespaces,omitempty"`
+
+	// metadata namespaces updatable by external processor
+	//
+	// +optional
+	ReceivingNamespaces []string `json:"receivingNamespaces,omitempty"`
 }
@@ -908,6 +908,26 @@ spec:
                         Default: 200ms
                       pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$
                       type: string
+                    metadataOptions:
+                      description: |-
+                        MetadataOptions defines options related to the sending and receiving of dynamic metadata.
+                        These options define which metadata namespaces would be sent to the processor and which dynamic metadata
+                        namespaces the processor would be permitted to emit metadata to.
+                        Users can specify custom namespaces or well-known envoy metadata namespace (such as envoy.filters.http.ext_authz)
+                        documented here: https://www.envoyproxy.io/docs/envoy/latest/configuration/advanced/well_known_dynamic_metadata#well-known-dynamic-metadata
+                        Default: no metadata context is sent or received from the external processor
+                      properties:
+                        forwardingNamespaces:
+                          description: metadata namespaces forwarded to external processor
+                          items:
+                            type: string
+                          type: array
+                        receivingNamespaces:
+                          description: metadata namespaces updatable by external processor
+                          items:
+                            type: string
+                          type: array
+                      type: object
                     processingMode:
                       description: |-
                         ProcessingMode defines how request and response body is processed
@@ -918,6 +938,13 @@ spec:
                             Defines processing mode for requests. If present, request headers are sent. Request body is processed according
                             to the specified mode.
                           properties:
+                            attributes:
+                              description: |-
+                                Defines which attributes are sent to the external processor
+                                https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes
+                              items:
+                                type: string
+                              type: array
                             body:
                               description: Defines body processing mode
                               enum:
@@ -931,6 +958,13 @@ spec:
                             Defines processing mode for responses. If present, response headers are sent. Response body is processed according
                             to the specified mode.
                           properties:
+                            attributes:
+                              description: |-
+                                Defines which attributes are sent to the external processor
+                                https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes
+                              items:
+                                type: string
+                              type: array
                             body:
                               description: Defines body processing mode
                               enum:

@@ -1503,6 +1503,9 @@ _Appears in:_
 | `messageTimeout` | _[Duration](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.Duration)_ |  false  | MessageTimeout is the timeout for a response to be returned from the external processor<br />Default: 200ms |
 | `failOpen` | _boolean_ |  false  | FailOpen defines if requests or responses that cannot be processed due to connectivity to the<br />external processor are terminated or passed-through.<br />Default: false |
 | `processingMode` | _[ExtProcProcessingMode](#extprocprocessingmode)_ |  false  | ProcessingMode defines how request and response body is processed<br />Default: header and body are not sent to the external processor |
+| `metadataOptions` | _[ExtProcMetadataOptions](#extprocmetadataoptions)_ |  false  | MetadataOptions defines options related to the sending and receiving of dynamic metadata.<br />These options define which metadata namespaces would be sent to the processor and which dynamic metadata<br />namespaces the processor would be permitted to emit metadata to.<br />Users can specify custom namespaces or well-known envoy metadata namespace (such as envoy.filters.http.ext_authz)<br />documented here: https://www.envoyproxy.io/docs/envoy/latest/configuration/advanced/well_known_dynamic_metadata#well-known-dynamic-metadata<br />Default: no metadata context is sent or received from the external processor |
+
+
 
 
 #### ExtProcBodyProcessingMode
@@ -1521,6 +1524,22 @@ _Appears in:_
 | `BufferedPartial` | BufferedPartialExtBodyHeaderProcessingMode will buffer the message body in memory and send the entire body in one chunk. If the body exceeds the configured buffer limit, then the body contents up to the buffer limit will be sent.<br /> | 
 
 
+#### ExtProcMetadataOptions
+
+
+
+ExtProcMetadataOptions defines options related to the sending and receiving of dynamic metadata to and from the
+external processor service
+
+_Appears in:_
+- [ExtProc](#extproc)
+
+| Field | Type | Required | Description |
+| ---   | ---  | ---      | ---         |
+| `forwardingNamespaces` | _string array_ |  false  | metadata namespaces forwarded to external processor |
+| `receivingNamespaces` | _string array_ |  false  | metadata namespaces updatable by external processor |
+
+
 #### ExtProcProcessingMode
 
 
@@ -2964,13 +2983,15 @@ _Appears in:_
 
 
 ProcessingModeOptions defines if headers or body should be processed by the external service
+and which attributes are sent to the processor
 
 _Appears in:_
 - [ExtProcProcessingMode](#extprocprocessingmode)
 
 | Field | Type | Required | Description |
 | ---   | ---  | ---      | ---         |
 | `body` | _[ExtProcBodyProcessingMode](#extprocbodyprocessingmode)_ |  false  | Defines body processing mode |
+| `attributes` | _string array_ |  false  | Defines which attributes are sent to the external processor<br />https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes |
 
 
 #### ProviderType

@@ -1503,6 +1503,9 @@ _Appears in:_
 | `messageTimeout` | _[Duration](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.Duration)_ |  false  | MessageTimeout is the timeout for a response to be returned from the external processor<br />Default: 200ms |
 | `failOpen` | _boolean_ |  false  | FailOpen defines if requests or responses that cannot be processed due to connectivity to the<br />external processor are terminated or passed-through.<br />Default: false |
 | `processingMode` | _[ExtProcProcessingMode](#extprocprocessingmode)_ |  false  | ProcessingMode defines how request and response body is processed<br />Default: header and body are not sent to the external processor |
+| `metadataOptions` | _[ExtProcMetadataOptions](#extprocmetadataoptions)_ |  false  | MetadataOptions defines options related to the sending and receiving of dynamic metadata.<br />These options define which metadata namespaces would be sent to the processor and which dynamic metadata<br />namespaces the processor would be permitted to emit metadata to.<br />Users can specify custom namespaces or well-known envoy metadata namespace (such as envoy.filters.http.ext_authz)<br />documented here: https://www.envoyproxy.io/docs/envoy/latest/configuration/advanced/well_known_dynamic_metadata#well-known-dynamic-metadata<br />Default: no metadata context is sent or received from the external processor |
+
+
 
 
 #### ExtProcBodyProcessingMode
@@ -1521,6 +1524,22 @@ _Appears in:_
 | `BufferedPartial` | BufferedPartialExtBodyHeaderProcessingMode will buffer the message body in memory and send the entire body in one chunk. If the body exceeds the configured buffer limit, then the body contents up to the buffer limit will be sent.<br /> | 
 
 
+#### ExtProcMetadataOptions
+
+
+
+ExtProcMetadataOptions defines options related to the sending and receiving of dynamic metadata to and from the
+external processor service
+
+_Appears in:_
+- [ExtProc](#extproc)
+
+| Field | Type | Required | Description |
+| ---   | ---  | ---      | ---         |
+| `forwardingNamespaces` | _string array_ |  false  | metadata namespaces forwarded to external processor |
+| `receivingNamespaces` | _string array_ |  false  | metadata namespaces updatable by external processor |
+
+
 #### ExtProcProcessingMode
 
 
@@ -2964,13 +2983,15 @@ _Appears in:_
 
 
 ProcessingModeOptions defines if headers or body should be processed by the external service
+and which attributes are sent to the processor
 
 _Appears in:_
 - [ExtProcProcessingMode](#extprocprocessingmode)
 
 | Field | Type | Required | Description |
 | ---   | ---  | ---      | ---         |
 | `body` | _[ExtProcBodyProcessingMode](#extprocbodyprocessingmode)_ |  false  | Defines body processing mode |
+| `attributes` | _string array_ |  false  | Defines which attributes are sent to the external processor<br />https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes |
 
 
 #### ProviderType