envoyproxy/envoy

ext_authz to be able to set x-envoy-force-trace

Open

#21,670 创建于 2022年6月12日

在 GitHub 查看
 (7 评论) (0 反应) (0 负责人)C++ (5,373 fork)batch import
area/ext_authzhelp wanted

仓库指标

Star
 (27,997 star)
PR 合并指标
 (平均合并 8天) (30 天内合并 378 个 PR)

描述

Title: ext_authz to be able to set x-envoy-force-trace

Description:

The documentation states that

If an internal request sets this header, Envoy will modify the generated x-request-id such that it forces traces to be collected.

However, setting this in an ext_authz with allowed_upstream_headers doesn't enable tracing. It does cause an x-request-id response header.

It would be practical if ext_authz could set the tracing state based on user/session configuration since it's already manipulating that data anyway.

Relevant Links:

The code that checks the header is in conn_manager_utility.cc, but I wonder if this condition in conn_manager_impl.cc is what's causing this decision to be re-evaluated after ext_authz.

The x-request-id response header decision doesn't check the trace reason, but explicitly looks at the force header, which explains why that shows up even without tracing.

贡献者指南