1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
#!/bin/sh
set -e
[ -n "$DEBUG" ] && set -x
cd "$(dirname "$0")/.."
oidc_scheme=$(echo "$OIDC_ISSUER" | awk -F[/:] '{print $1}')
oidc_host=$(echo "$OIDC_ISSUER" | awk -F[/:] '{print $4}')
yaml=$(sed -e "s/OAUTH_CLIENT_ID/$OAUTH_CLIENT_ID/" etc/envoy/envoy.yaml)
yaml=$(echo "$yaml" | sed -e "s,https://example.com,$OIDC_ISSUER,")
yaml=$(echo "$yaml" | sed -e "s/example.com/$oidc_host/")
# For http://gdk.test:3000
if [ "$oidc_scheme" = "http" ]; then
yaml=$(echo "$yaml" | sed -e '/transport_socket:/,+4d')
oidc_port=$(echo "$OIDC_ISSUER" | awk -F[/:] '{print $5}')
yaml=$(echo "$yaml" | sed -e "s/port_value: 443/port_value: $oidc_port/")
fi
if [ -z "$OAUTH_CLIENT_SECRET" ]; then
export OAUTH_CLIENT_SECRET="secret"
fi
if [ -z "$HMAC_SESSION_SECRET" ]; then
export HMAC_SESSION_SECRET="$OAUTH_CLIENT_SECRET"
fi
if ! command -v envoy > /dev/null 2>&1; then
echo "envoy could not be found: https://www.envoyproxy.io/docs/envoy/latest/start/install"
exit 1
fi
# https://github.com/envoyproxy/envoy/blob/48f93b68232aba15b5b14743a134691926749122//source/common/common/logger.h#L36
exec envoy \
--base-id 0 \
--config-yaml "$yaml" \
--log-level "$LOG_LEVEL" \
--component-log-level admin:warn,connection:warn,ext_authz:info,grpc:warn,health_checker:warn,http:warn,http2:warn,jwt:warn,oauth2:warn,router:warn,secret:warn,upstream:warn
|
