Skip to content

api: add custom timeout for external auth service #6682

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
arkodg merged 1 commit into from
Aug 15, 2025
Merged

api: add custom timeout for external auth service #6682

arkodg merged 1 commit into from
Aug 15, 2025

Conversation

@sudiptob2
Copy link
Member

@sudiptob2 sudiptob2 commented Aug 3, 2025
edited
Loading

Fixes #6679

E2E Test
I set the timeout to 1ms, which should cause an immediate timeout and return a 403 response, thereby verifying the effect of the custom timeout.

In ext_auth_http_service.go and ext_auth_http_service.go the default timeout of 10s is in effect, which allows these to pass.

Release Notes: Yes/No

@codecov
Copy link

codecov bot commented Aug 3, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 71.09%. Comparing base (9458c0b) to head (97eabcc).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #6682   +/-   ##
=======================================
  Coverage   71.09%   71.09%           
=======================================
  Files         225      225           
  Lines       39798    39810   +12     
=======================================
+ Hits        28295    28304    +9     
- Misses       9841     9844    +3     
  Partials     1662     1662

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@sudiptob2 sudiptob2 force-pushed the feat/custom-timeout-for-extauth branch from fff7fd7 to c45724a Compare August 3, 2025 02:36
@sudiptob2 sudiptob2 marked this pull request as ready for review August 3, 2025 03:38
@sudiptob2 sudiptob2 requested a review from a team as a code owner August 3, 2025 03:38
@zirain zirain force-pushed the feat/custom-timeout-for-extauth branch from c45724a to 50c024f Compare August 3, 2025 08:33
@arkodg arkodg added this to the v1.6.0-rc.1 Release milestone Aug 14, 2025
arkodg
arkodg previously approved these changes Aug 14, 2025
View reviewed changes
Copy link
Contributor

@arkodg arkodg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM thanks

@arkodg arkodg requested review from a team August 14, 2025 18:10
kkk777-7
kkk777-7 reviewed Aug 15, 2025
View reviewed changes
internal/xds/translator/extauth_test.go Outdated
},
Timeout: &metav1.Duration{Duration: 500 * time.Millisecond},
},
expectedTimeout: 0, // 500ms = 0.5 seconds, rounds down to 0
Copy link
Member

@kkk777-7 kkk777-7 Aug 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking at issue #6679, it seems the user wants to set timeouts shorter than 1 second, such as 500 ms.
In this case, the fact that the timeout is truncated to 0s may be unintended behavior.

Since durationpb.Duration also has a nanoseconds field, should we support it?
https://pkg.go.dev/google.golang.org/[email protected]/types/known/durationpb#Duration

Copy link
Member Author

@sudiptob2 sudiptob2 Aug 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see. Yeah that would be a nice improvement. will update the PR shortly

@sudiptob2 sudiptob2 force-pushed the feat/custom-timeout-for-extauth branch 2 times, most recently from c5f2939 to 8f386a0 Compare August 15, 2025 07:40
@sudiptob2 sudiptob2 force-pushed the feat/custom-timeout-for-extauth branch from 8f386a0 to 97eabcc Compare August 15, 2025 07:44
@kkk777-7
Copy link
Member

kkk777-7 commented Aug 15, 2025

LGTM thanks!

@sudiptob2 sudiptob2 requested review from arkodg and kkk777-7 August 15, 2025 14:52
@arkodg arkodg merged commit 3bc6663 into envoyproxy:main Aug 15, 2025
34 checks passed
@sudiptob2 sudiptob2 deleted the feat/custom-timeout-for-extauth branch August 15, 2025 16:41
@zirain zirain mentioned this pull request Sep 16, 2025
Merged
@arkodg arkodg mentioned this pull request Nov 8, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@arkodg arkodg arkodg approved these changes

@kkk777-7 kkk777-7 Awaiting requested review from kkk777-7

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

v1.6.0-rc.1 Release

Development

Successfully merging this pull request may close these issues.

Support to add custom timeout for external auth service

3 participants

@sudiptob2 @kkk777-7 @arkodg