From 0f29850c9877eea43fa7b22232a24862cfcec910 Mon Sep 17 00:00:00 2001
From: Ricardo Katz <rikatz@users.noreply.github.com>
Date: Thu, 18 Jul 2024 19:20:52 -0300
Subject: [PATCH] Bootstrap initial crossplane work (#11653)

* Bootstrap initial crossplane work

* Disable some tests to speed up stuff
---
 go.mod                                        |  3 --
 go.sum                                        |  8 ----
 .../controller/template/crossplane/http.go    | 38 ++++++++++++++-----
 3 files changed, 29 insertions(+), 20 deletions(-)

diff --git a/go.mod b/go.mod
index 2b6fd5af7..2055ad7c6 100644
--- a/go.mod
+++ b/go.mod
@@ -14,7 +14,6 @@ require (
 	github.com/mitchellh/mapstructure v1.5.0
 	github.com/moul/pb v0.0.0-20220425114252-bca18df4138c
 	github.com/ncabatoff/process-exporter v0.8.3
-	github.com/nginxinc/nginx-go-crossplane v0.4.63
 	github.com/onsi/ginkgo/v2 v2.20.2
 	github.com/opencontainers/runc v1.1.14
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2
@@ -48,9 +47,7 @@ require (
 
 require (
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
-	github.com/jstemmer/go-junit-report v1.0.0 // indirect
 	github.com/klauspost/compress v1.17.9 // indirect
-	github.com/maxbrunsfeld/counterfeiter/v6 v6.8.1 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
 	gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
 )
diff --git a/go.sum b/go.sum
index 987993847..5e87f616c 100644
--- a/go.sum
+++ b/go.sum
@@ -109,8 +109,6 @@ github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8Hm
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
-github.com/jstemmer/go-junit-report v1.0.0 h1:8X1gzZpR+nVQLAht+L/foqOeX2l9DTZoaIPbEQHxsds=
-github.com/jstemmer/go-junit-report v1.0.0/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA=
@@ -133,8 +131,6 @@ github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovk
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
 github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
-github.com/maxbrunsfeld/counterfeiter/v6 v6.8.1 h1:NicmruxkeqHjDv03SfSxqmaLuisddudfP3h5wdXFbhM=
-github.com/maxbrunsfeld/counterfeiter/v6 v6.8.1/go.mod h1:eyp4DdUJAKkr9tvxR3jWhw2mDK7CWABMG5r9uyaKC7I=
 github.com/mitchellh/go-ps v1.0.0 h1:i6ampVEEF4wQFF+bkYfwYgY+F/uYJDktmvLPf7qIgjc=
 github.com/mitchellh/go-ps v1.0.0/go.mod h1:J4lOc8z8yJs6vUwklHw2XEIiT4z4C40KtWVN3nvg8Pg=
 github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4=
@@ -162,8 +158,6 @@ github.com/ncabatoff/go-seq v0.0.0-20180805175032-b08ef85ed833 h1:t4WWQ9I797y7QU
 github.com/ncabatoff/go-seq v0.0.0-20180805175032-b08ef85ed833/go.mod h1:0CznHmXSjMEqs5Tezj/w2emQoM41wzYM9KpDKUHPYag=
 github.com/ncabatoff/process-exporter v0.8.3 h1:ZJpzWhRfwdBisIpr2BkitAlUR6dt45hpQn8/AYgToO8=
 github.com/ncabatoff/process-exporter v0.8.3/go.mod h1:MxEOWl740VK/hlWycJkq91VrA2mI+U9Bvc1wuyAaxA4=
-github.com/nginxinc/nginx-go-crossplane v0.4.63 h1:nx5e+EXzPepWVM3YsTEhcs8kp8XDTK1BCzPTTmdgK1E=
-github.com/nginxinc/nginx-go-crossplane v0.4.63/go.mod h1:b7L/JSru3rvbbxVJxBgkePkNvC+LXo/IWE4iJJJvUUw=
 github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
 github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
 github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
@@ -199,8 +193,6 @@ github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoG
 github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
 github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/sclevine/spec v1.4.0 h1:z/Q9idDcay5m5irkZ28M7PtQM4aOISzOpj4bUPkDee8=
-github.com/sclevine/spec v1.4.0/go.mod h1:LvpgJaFyvQzRvc1kaDs0bulYwzC70PbiYjC4QnFHkOM=
 github.com/sergi/go-diff v1.3.1 h1:xkr+Oxo4BOQKmkn/B9eMK0g5Kg/983T9DqqPHwYqD+8=
 github.com/sergi/go-diff v1.3.1/go.mod h1:aMJSSKb2lpPvRNec0+w3fl7LP9IOFzdc9Pa4NFbPK1I=
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
diff --git a/internal/ingress/controller/template/crossplane/http.go b/internal/ingress/controller/template/crossplane/http.go
index 09d681411..dc3e43dce 100644
--- a/internal/ingress/controller/template/crossplane/http.go
+++ b/internal/ingress/controller/template/crossplane/http.go
@@ -28,9 +28,11 @@ func (c *Template) initHTTPDirectives() ngx_crossplane.Directives {
 	cfg := c.tplConfig.Cfg
 	httpBlock := ngx_crossplane.Directives{
 		buildDirective("lua_package_path", "/etc/nginx/lua/?.lua;;"),
+		buildDirective("lua_shared_dict", "luaconfig", "5m"),
+		buildDirective("init_by_lua_file", "/etc/nginx/lua/ngx_conf_init.lua"),
+		buildDirective("init_worker_by_lua_file", "/etc/nginx/lua/ngx_conf_init_worker.lua"),
 		buildDirective("include", c.mimeFile),
 		buildDirective("default_type", cfg.DefaultType),
-		buildDirective("real_ip_recursive", "on"),
 		buildDirective("aio", "threads"),
 		buildDirective("aio_write", cfg.EnableAioWrite),
 		buildDirective("server_tokens", cfg.ShowServerTokens),
@@ -85,8 +87,11 @@ func (c *Template) initHTTPDirectives() ngx_crossplane.Directives {
 func (c *Template) buildHTTP() {
 	cfg := c.tplConfig.Cfg
 	httpBlock := c.initHTTPDirectives()
-	httpBlock = append(httpBlock, buildLuaSharedDictionaries(&c.tplConfig.Cfg)...)
+	httpBlock = append(httpBlock, buildLuaSharedDictionaries(&cfg)...)
 
+	if c.tplConfig.Cfg.EnableOpentelemetry || shouldLoadOpentelemetryModule(c.tplConfig.Servers) {
+		httpBlock = append(httpBlock, buildDirective("opentelemetry_config", cfg.OpentelemetryConfig))
+	}
 	// Real IP dealing
 	if (cfg.UseForwardedHeaders || cfg.UseProxyProtocol) || cfg.EnableRealIP {
 		if cfg.UseProxyProtocol {
@@ -94,7 +99,7 @@ func (c *Template) buildHTTP() {
 		} else {
 			httpBlock = append(httpBlock, buildDirective("real_ip_header", cfg.ForwardedForHeader))
 		}
-
+		httpBlock = append(httpBlock, buildDirective("real_ip_recursive", "on"))
 		for k := range cfg.ProxyRealIPCIDR {
 			httpBlock = append(httpBlock, buildDirective("set_real_ip_from", cfg.ProxyRealIPCIDR[k]))
 		}
@@ -128,10 +133,25 @@ func (c *Template) buildHTTP() {
 		}
 	}
 
+	if cfg.EnableBrotli {
+		httpBlock = append(httpBlock, buildDirective("brotli", "on"))
+		httpBlock = append(httpBlock, buildDirective("brotli_comp_level", cfg.BrotliLevel))
+		httpBlock = append(httpBlock, buildDirective("brotli_min_length", cfg.BrotliMinLength))
+		httpBlock = append(httpBlock, buildDirective("brotli_types", cfg.BrotliTypes))
+	}
+
 	if !cfg.ShowServerTokens {
 		httpBlock = append(httpBlock, buildDirective("more_clear_headers", "Server"))
 	}
 
+	httpBlock = append(httpBlock, buildBlockDirective(
+		"geo",
+		[]string{"$literal_dollar"},
+		ngx_crossplane.Directives{
+			buildDirective("default", "$"),
+		},
+	))
+
 	if len(c.tplConfig.AddHeaders) > 0 {
 		additionalHeaders := make([]string, 0)
 		for headerName, headerValue := range c.tplConfig.AddHeaders {
@@ -206,6 +226,8 @@ func (c *Template) buildHTTP() {
 	httpUpgradeMap := ngx_crossplane.Directives{buildDirective("default", "upgrade")}
 	if cfg.UpstreamKeepaliveConnections < 1 {
 		httpUpgradeMap = append(httpUpgradeMap, buildDirective("", "close"))
+	} else {
+		httpUpgradeMap = append(httpUpgradeMap, buildDirective("", ""))
 	}
 	httpBlock = append(httpBlock, buildMapDirective("$http_upgrade", "$connection_upgrade", httpUpgradeMap))
 
@@ -220,7 +242,7 @@ func (c *Template) buildHTTP() {
 		if cfg.UseProxyProtocol {
 			forwardForMap = append(forwardForMap,
 				buildDirective("default", "$http_x_forwarded_for, $proxy_protocol_addr"),
-				buildDirective("", "$http_x_forwarded_for, $proxy_protocol_addr"),
+				buildDirective("", "$proxy_protocol_addr"),
 			)
 		} else {
 			forwardForMap = append(forwardForMap,
@@ -244,15 +266,13 @@ func (c *Template) buildHTTP() {
 		)
 	}
 
-	if len(cfg.HideHeaders) > 0 {
-		for k := range cfg.HideHeaders {
-			httpBlock = append(httpBlock, buildDirective("proxy_hide_header", cfg.HideHeaders[k]))
-		}
+	for k := range cfg.HideHeaders {
+		httpBlock = append(httpBlock, buildDirective("proxy_hide_header", cfg.HideHeaders[k]))
 	}
 
 	blockUpstreamDirectives := ngx_crossplane.Directives{
 		buildDirective("server", "0.0.0.1"),
-		buildBlockDirective("balancer_by_lua_block", nil, ngx_crossplane.Directives{buildDirective("balancer.balance()")}),
+		buildDirective("balancer_by_lua_file", "/etc/nginx/lua/nginx/ngx_conf_balancer.lua"),
 	}
 	if c.tplConfig.Cfg.UpstreamKeepaliveConnections > 0 {
 		blockUpstreamDirectives = append(blockUpstreamDirectives,