From 9e7790f5f8e972a335b07f045cfdf6894fbd92f5 Mon Sep 17 00:00:00 2001
From: Takeshi Yoneda <t.y.mathetake@gmail.com>
Date: Tue, 22 Oct 2024 13:22:14 -0700
Subject: [PATCH] extproc: adds request/response attributes options

Signed-off-by: Takeshi Yoneda <t.y.mathetake@gmail.com>
---
 api/v1alpha1/ext_proc_types.go                   | 14 ++++++++++++++
 api/v1alpha1/zz_generated.deepcopy.go            | 10 ++++++++++
 ...way.envoyproxy.io_envoyextensionpolicies.yaml | 16 ++++++++++++++++
 internal/gatewayapi/envoyextensionpolicy.go      |  8 ++++++++
 internal/ir/xds.go                               |  6 ++++++
 internal/ir/zz_generated.deepcopy.go             | 10 ++++++++++
 internal/xds/translator/extproc.go               |  8 ++++++++
 test/cel-validation/envoyextensionpolicy_test.go |  2 ++
 8 files changed, 74 insertions(+)

diff --git a/api/v1alpha1/ext_proc_types.go b/api/v1alpha1/ext_proc_types.go
index cbdaf97ba45..e2cf634c984 100644
--- a/api/v1alpha1/ext_proc_types.go
+++ b/api/v1alpha1/ext_proc_types.go
@@ -70,4 +70,18 @@ type ExtProc struct {
 	//
 	// +optional
 	ProcessingMode *ExtProcProcessingMode `json:"processingMode,omitempty"`
+
+	// RequestAttributes is a list of request attributes that should be sent to the external processor
+	// on the request_headers message. The possible attributes are defined in the envoy documentation:
+	// https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes#arch-overview-attributes
+	//
+	// +optional
+	RequestAttributes []string `json:"requestAttributes,omitempty"`
+
+	// ResponseAttributes is a list of response attributes that should be sent to the external processor
+	// on the response_headers message. The possible attributes are defined in the envoy documentation:
+	// https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes#arch-overview-attributes
+	//
+	// +optional
+	ResponseAttributes []string `json:"responseAttributes,omitempty"`
 }
diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
index c225d65d39e..bd0184d6e37 100644
--- a/api/v1alpha1/zz_generated.deepcopy.go
+++ b/api/v1alpha1/zz_generated.deepcopy.go
@@ -2151,6 +2151,16 @@ func (in *ExtProc) DeepCopyInto(out *ExtProc) {
 		*out = new(ExtProcProcessingMode)
 		(*in).DeepCopyInto(*out)
 	}
+	if in.RequestAttributes != nil {
+		in, out := &in.RequestAttributes, &out.RequestAttributes
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.ResponseAttributes != nil {
+		in, out := &in.ResponseAttributes, &out.ResponseAttributes
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtProc.
diff --git a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_envoyextensionpolicies.yaml b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_envoyextensionpolicies.yaml
index 6baa2842c0c..1bb770c28ed 100644
--- a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_envoyextensionpolicies.yaml
+++ b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_envoyextensionpolicies.yaml
@@ -940,6 +940,22 @@ spec:
                               type: string
                           type: object
                       type: object
+                    requestAttributes:
+                      description: |-
+                        RequestAttributes is a list of request attributes that should be sent to the external processor
+                        on the request_headers message. The possible attributes are defined in the envoy documentation:
+                        https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes#arch-overview-attributes
+                      items:
+                        type: string
+                      type: array
+                    responseAttributes:
+                      description: |-
+                        ResponseAttributes is a list of response attributes that should be sent to the external processor
+                        on the response_headers message. The possible attributes are defined in the envoy documentation:
+                        https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes#arch-overview-attributes
+                      items:
+                        type: string
+                      type: array
                   type: object
                   x-kubernetes-validations:
                   - message: BackendRefs must be used, backendRef is not supported.
diff --git a/internal/gatewayapi/envoyextensionpolicy.go b/internal/gatewayapi/envoyextensionpolicy.go
index 5e61f2eb3aa..5b4a460fdc9 100644
--- a/internal/gatewayapi/envoyextensionpolicy.go
+++ b/internal/gatewayapi/envoyextensionpolicy.go
@@ -491,6 +491,14 @@ func (t *Translator) buildExtProc(
 		}
 	}
 
+	if extProc.RequestAttributes != nil {
+		extProcIR.RequestAttributes = extProc.RequestAttributes
+	}
+
+	if extProc.ResponseAttributes != nil {
+		extProcIR.ResponseAttributes = extProc.ResponseAttributes
+	}
+
 	return extProcIR, err
 }
 
diff --git a/internal/ir/xds.go b/internal/ir/xds.go
index cb5021f4c9f..d9b8dfd6ad5 100644
--- a/internal/ir/xds.go
+++ b/internal/ir/xds.go
@@ -2546,6 +2546,12 @@ type ExtProc struct {
 
 	// ResponseBodyProcessingMode Defines response body processing
 	ResponseBodyProcessingMode *ExtProcBodyProcessingMode `json:"responseBodyProcessingMode,omitempty" yaml:"responseBodyProcessingMode,omitempty"`
+
+	// RequestAttributes defines the attributes to be sent to the external processor
+	RequestAttributes []string `json:"requestAttributes,omitempty" yaml:"requestAttributes,omitempty"`
+
+	// ResponseAttributes defines the attributes to be sent to the external processor
+	ResponseAttributes []string `json:"responseAttributes,omitempty" yaml:"responseAttributes,omitempty"`
 }
 
 // Wasm holds the information associated with the Wasm extensions.
diff --git a/internal/ir/zz_generated.deepcopy.go b/internal/ir/zz_generated.deepcopy.go
index 791b6d5dd68..27eb54165fc 100644
--- a/internal/ir/zz_generated.deepcopy.go
+++ b/internal/ir/zz_generated.deepcopy.go
@@ -944,6 +944,16 @@ func (in *ExtProc) DeepCopyInto(out *ExtProc) {
 		*out = new(ExtProcBodyProcessingMode)
 		**out = **in
 	}
+	if in.RequestAttributes != nil {
+		in, out := &in.RequestAttributes, &out.RequestAttributes
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.ResponseAttributes != nil {
+		in, out := &in.ResponseAttributes, &out.ResponseAttributes
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtProc.
diff --git a/internal/xds/translator/extproc.go b/internal/xds/translator/extproc.go
index 2bc6c4b6ba6..8d45812080d 100644
--- a/internal/xds/translator/extproc.go
+++ b/internal/xds/translator/extproc.go
@@ -137,6 +137,14 @@ func extProcConfig(extProc ir.ExtProc) *extprocv3.ExternalProcessor {
 		config.ProcessingMode.ResponseHeaderMode = extprocv3.ProcessingMode_SEND
 	}
 
+	if extProc.RequestAttributes != nil {
+		config.RequestAttributes = extProc.RequestAttributes
+	}
+
+	if extProc.ResponseAttributes != nil {
+		config.ResponseAttributes = extProc.ResponseAttributes
+	}
+
 	return config
 }
 
diff --git a/test/cel-validation/envoyextensionpolicy_test.go b/test/cel-validation/envoyextensionpolicy_test.go
index 7c9c168df10..cf9a2f04cfc 100644
--- a/test/cel-validation/envoyextensionpolicy_test.go
+++ b/test/cel-validation/envoyextensionpolicy_test.go
@@ -293,6 +293,8 @@ func TestEnvoyExtensionPolicyTarget(t *testing.T) {
 									},
 								},
 							},
+							RequestAttributes:  []string{"request.path"},
+							ResponseAttributes: []string{"response.code"},
 						},
 					},
 					PolicyTargetReferences: egv1a1.PolicyTargetReferences{