This is an automated email from the ASF dual-hosted git repository.
monkeydluffy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new bf8940d8d feat(limit-count): allow to use environment variables for
settings (#10607)
bf8940d8d is described below
commit bf8940d8d57cb45bc08a75baea4f3293ad97529b
Author: ikatlinsky <[email protected]>
AuthorDate: Mon Dec 18 07:38:13 2023 +0100
feat(limit-count): allow to use environment variables for settings (#10607)
---
apisix/plugins/limit-count.lua | 2 ++
docs/en/latest/plugins/limit-count.md | 31 ++++++++++++++++++++
t/plugin/limit-count-redis-cluster3.t | 55 +++++++++++++++++++++++++++++++++++
t/plugin/limit-count-redis4.t | 49 +++++++++++++++++++++++++++++++
t/plugin/limit-count5.t | 48 ++++++++++++++++++++++++++++++
5 files changed, 185 insertions(+)
diff --git a/apisix/plugins/limit-count.lua b/apisix/plugins/limit-count.lua
index 3e2443d0e..cc7791a10 100644
--- a/apisix/plugins/limit-count.lua
+++ b/apisix/plugins/limit-count.lua
@@ -14,6 +14,7 @@
-- See the License for the specific language governing permissions and
-- limitations under the License.
--
+local fetch_secrets = require("apisix.secret").fetch_secrets
local limit_count = require("apisix.plugins.limit-count.init")
local plugin_name = "limit-count"
@@ -31,6 +32,7 @@ end
function _M.access(conf, ctx)
+ conf = fetch_secrets(conf)
return limit_count.rate_limit(conf, ctx, plugin_name, 1)
end
diff --git a/docs/en/latest/plugins/limit-count.md
b/docs/en/latest/plugins/limit-count.md
index 46a775a00..7fbec44d6 100644
--- a/docs/en/latest/plugins/limit-count.md
+++ b/docs/en/latest/plugins/limit-count.md
@@ -257,6 +257,37 @@ curl -i http://127.0.0.1:9180/apisix/admin/routes/1 \
}'
```
+In addition, you can use APISIX secret to store and reference plugin
attributes. APISIX currently supports storing secrets in two ways -
[Environment Variables and HashiCorp Vault](../terminology/secret.md). For
example, in
+case you have environment variables `REDIS_HOST` and `REDIS_PASSWORD` set, you
can use them in the plugin configuration as shown below:
+
+```shell
+curl -i http://127.0.0.1:9180/apisix/admin/routes/1 \
+-H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "uri": "/index.html",
+ "plugins": {
+ "limit-count": {
+ "count": 2,
+ "time_window": 60,
+ "rejected_code": 503,
+ "key": "remote_addr",
+ "policy": "redis",
+ "redis_host": "$ENV://REDIS_HOST",
+ "redis_port": 6379,
+ "redis_password": "$ENV://REDIS_PASSWORD",
+ "redis_database": 1,
+ "redis_timeout": 1001
+ }
+ },
+ "upstream": {
+ "type": "roundrobin",
+ "nodes": {
+ "127.0.0.1:1980": 1
+ }
+ }
+}'
+```
+
## Example usage
The above configuration limits to 2 requests in 60 seconds. The first two
requests will work and the response headers will contain the headers
`X-RateLimit-Limit` and `X-RateLimit-Remaining` and `X-RateLimit-Reset`,
represents the total number of requests that are limited, the number of
requests that can still be sent, and the number of seconds left for the counter
to reset:
diff --git a/t/plugin/limit-count-redis-cluster3.t
b/t/plugin/limit-count-redis-cluster3.t
index 017c3048e..2a599184c 100644
--- a/t/plugin/limit-count-redis-cluster3.t
+++ b/t/plugin/limit-count-redis-cluster3.t
@@ -14,6 +14,10 @@
# See the License for the specific language governing permissions and
# limitations under the License.
#
+BEGIN {
+ $ENV{REDIS_NODE_0} = "127.0.0.1:5000";
+ $ENV{REDIS_NODE_1} = "127.0.0.1:5001";
+}
use t::APISIX;
@@ -128,3 +132,54 @@ passed
["GET /hello", "GET /hello", "GET /hello"]
--- error_code eval
[200, 200, 503]
+
+
+
+=== TEST 4: set route, with redis_cluster_nodes as environment variables and
redis_cluster_name
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/routes/1',
+ ngx.HTTP_PUT,
+ [[{
+ "uri": "/hello",
+ "plugins": {
+ "limit-count": {
+ "count": 2,
+ "time_window": 60,
+ "rejected_code": 503,
+ "key": "remote_addr",
+ "policy": "redis-cluster",
+ "redis_timeout": 1001,
+ "redis_cluster_nodes": [
+ "$ENV://REDIS_NODE_0",
+ "$ENV://REDIS_NODE_1"
+ ],
+ "redis_cluster_name": "redis-cluster-1"
+ }
+ },
+ "upstream": {
+ "nodes": {
+ "127.0.0.1:1980": 1
+ },
+ "type": "roundrobin"
+ }
+ }]]
+ )
+ if code >= 300 then
+ ngx.status = code
+ end
+ ngx.say(body)
+ }
+ }
+--- response_body
+passed
+
+
+
+=== TEST 5: up the limit with environment variables for redis_cluster_nodes
+--- pipelined_requests eval
+["GET /hello", "GET /hello", "GET /hello"]
+--- error_code eval
+[200, 200, 503]
diff --git a/t/plugin/limit-count-redis4.t b/t/plugin/limit-count-redis4.t
index 47deedf06..d1fad1980 100644
--- a/t/plugin/limit-count-redis4.t
+++ b/t/plugin/limit-count-redis4.t
@@ -22,6 +22,8 @@ BEGIN {
$ENV{TEST_NGINX_USE_HUP} = 1;
undef $ENV{TEST_NGINX_USE_STAP};
}
+
+ $ENV{REDIS_HOST} = "127.0.0.1";
}
use t::APISIX;
@@ -85,3 +87,50 @@ __DATA__
}
--- response_body
remaining: 1
+
+
+
+=== TEST 2: set route, with redis host as environment variable
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/routes/1',
+ ngx.HTTP_PUT,
+ [[{
+ "uri": "/hello",
+ "plugins": {
+ "limit-count": {
+ "count": 2,
+ "time_window": 60,
+ "rejected_code": 503,
+ "key": "remote_addr",
+ "policy": "redis",
+ "redis_host": "$ENV://REDIS_HOST"
+ }
+ },
+ "upstream": {
+ "nodes": {
+ "127.0.0.1:1980": 1
+ },
+ "type": "roundrobin"
+ }
+ }]]
+ )
+
+ if code >= 300 then
+ ngx.status = code
+ end
+ ngx.say(body)
+ }
+ }
+--- response_body
+passed
+
+
+
+=== TEST 3: up the limit with host environment variable
+--- pipelined_requests eval
+["GET /hello", "GET /hello", "GET /hello"]
+--- error_code eval
+[200, 200, 503]
diff --git a/t/plugin/limit-count5.t b/t/plugin/limit-count5.t
index 47daaa71c..cb4615990 100644
--- a/t/plugin/limit-count5.t
+++ b/t/plugin/limit-count5.t
@@ -22,6 +22,8 @@ BEGIN {
$ENV{TEST_NGINX_USE_HUP} = 1;
undef $ENV{TEST_NGINX_USE_STAP};
}
+
+ $ENV{LIMIT_COUNT_KEY} = "remote_addr";
}
use t::APISIX;
@@ -89,3 +91,49 @@ remaining: 2
remaining: 0
rejected
rejected
+
+
+
+=== TEST 2: set route(id: 1) using environment variable for key
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/routes/1',
+ ngx.HTTP_PUT,
+ [[{
+ "methods": ["GET"],
+ "plugins": {
+ "limit-count": {
+ "count": 2,
+ "time_window": 60,
+ "rejected_code": 503,
+ "key": "$ENV://LIMIT_COUNT_KEY"
+ }
+ },
+ "upstream": {
+ "nodes": {
+ "127.0.0.1:1980": 1
+ },
+ "type": "roundrobin"
+ },
+ "uri": "/hello"
+ }]]
+ )
+
+ if code >= 300 then
+ ngx.status = code
+ end
+ ngx.say(body)
+ }
+ }
+--- response_body
+passed
+
+
+
+=== TEST 3: up the limit with environment variable for key
+--- pipelined_requests eval
+["GET /hello", "GET /hello", "GET /hello", "GET /hello"]
+--- error_code eval
+[200, 200, 503, 503]
