chore: set default filter orders (#5095)

set default filter orders

Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>

api/v1alpha1/envoyproxy_types.go

@@ -195,7 +195,7 @@ type FilterPosition struct {
 }
 
 // EnvoyFilter defines the type of Envoy HTTP filter.
-// +kubebuilder:validation:Enum=envoy.filters.http.health_check;envoy.filters.http.fault;envoy.filters.http.cors;envoy.filters.http.ext_authz;envoy.filters.http.basic_auth;envoy.filters.http.oauth2;envoy.filters.http.jwt_authn;envoy.filters.http.stateful_session;envoy.filters.http.ext_proc;envoy.filters.http.wasm;envoy.filters.http.rbac;envoy.filters.http.local_ratelimit;envoy.filters.http.ratelimit;envoy.filters.http.custom_response
+// +kubebuilder:validation:Enum=envoy.filters.http.health_check;envoy.filters.http.fault;envoy.filters.http.cors;envoy.filters.http.ext_authz;envoy.filters.http.api_key_auth;envoy.filters.http.basic_auth;envoy.filters.http.oauth2;envoy.filters.http.jwt_authn;envoy.filters.http.stateful_session;envoy.filters.http.ext_proc;envoy.filters.http.wasm;envoy.filters.http.rbac;envoy.filters.http.local_ratelimit;envoy.filters.http.ratelimit;envoy.filters.http.custom_response;envoy.filters.http.compressor
 type EnvoyFilter string
 
 const (

charts/gateway-helm/crds/generated/gateway.envoyproxy.io_envoyproxies.yaml

@@ -328,6 +328,7 @@ spec:
                       - envoy.filters.http.fault
                       - envoy.filters.http.cors
                       - envoy.filters.http.ext_authz
+                      - envoy.filters.http.api_key_auth
                       - envoy.filters.http.basic_auth
                       - envoy.filters.http.oauth2
                       - envoy.filters.http.jwt_authn
@@ -338,6 +339,7 @@ spec:
                       - envoy.filters.http.local_ratelimit
                       - envoy.filters.http.ratelimit
                       - envoy.filters.http.custom_response
+                      - envoy.filters.http.compressor
                       type: string
                     before:
                       description: |-
@@ -348,6 +350,7 @@ spec:
                       - envoy.filters.http.fault
                       - envoy.filters.http.cors
                       - envoy.filters.http.ext_authz
+                      - envoy.filters.http.api_key_auth
                       - envoy.filters.http.basic_auth
                       - envoy.filters.http.oauth2
                       - envoy.filters.http.jwt_authn
@@ -358,6 +361,7 @@ spec:
                       - envoy.filters.http.local_ratelimit
                       - envoy.filters.http.ratelimit
                       - envoy.filters.http.custom_response
+                      - envoy.filters.http.compressor
                       type: string
                     name:
                       description: Name of the filter.
@@ -366,6 +370,7 @@ spec:
                       - envoy.filters.http.fault
                       - envoy.filters.http.cors
                       - envoy.filters.http.ext_authz
+                      - envoy.filters.http.api_key_auth
                       - envoy.filters.http.basic_auth
                       - envoy.filters.http.oauth2
                       - envoy.filters.http.jwt_authn
@@ -376,6 +381,7 @@ spec:
                       - envoy.filters.http.local_ratelimit
                       - envoy.filters.http.ratelimit
                       - envoy.filters.http.custom_response
+                      - envoy.filters.http.compressor
                       type: string
                   required:
                   - name

internal/xds/translator/httpfilters.go

@@ -14,7 +14,6 @@ import (
 
 	routev3 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3"
 	hcmv3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3"
-	"github.com/envoyproxy/go-control-plane/pkg/wellknown"
 	"k8s.io/utils/ptr"
 
 	egv1a1 "github.com/envoyproxy/gateway/api/v1alpha1"
@@ -80,7 +79,7 @@ type OrderedHTTPFilters []*OrderedHTTPFilter
 // For example, the health_check filter should be placed in the first position because external load
 // balancer determines whether envoy should receive traffic based on the health check result which
 // only depending on the current draining state of the envoy, result should not be affected by other
-// filters, or else user traffic discruption may happen.
+// filters, or else user traffic disruption may happen.
 // the fault filter should be placed in the second position because
 // it doesn't rely on the functionality of other filters, and rejecting early can save computation costs
 // for the remaining filters, the cors filter should be put at the third to avoid unnecessary
@@ -98,7 +97,6 @@ func newOrderedHTTPFilter(filter *hcmv3.HttpFilter) *OrderedHTTPFilter {
 	// When the fault filter is configured to be at the first, the computation of
 	// the remaining filters is skipped when rejected early
 	// Important: After adding new filter types, don't forget to modify the validation rule of the EnvoyFilter type in the API
-	// TODO (zhaohuabing): remove duplicate filter type constants and replace them with the type constants in the api package
 	switch {
 	case isFilterType(filter, egv1a1.EnvoyFilterHealthCheck):
 		order = 0
@@ -128,8 +126,12 @@ func newOrderedHTTPFilter(filter *hcmv3.HttpFilter) *OrderedHTTPFilter {
 		order = 202
 	case isFilterType(filter, egv1a1.EnvoyFilterRateLimit):
 		order = 203
-	case isFilterType(filter, wellknown.Router):
+	case isFilterType(filter, egv1a1.EnvoyFilterCustomResponse):
 		order = 204
+	case isFilterType(filter, egv1a1.EnvoyFilterCompressor):
+		order = 205
+	case isFilterType(filter, egv1a1.EnvoyFilterRouter):
+		order = 206
 	}
 
 	return &OrderedHTTPFilter{
@@ -267,7 +269,7 @@ func (t *Translator) patchHCMWithFilters(
 	// Add the router filter if it doesn't exist.
 	hasRouter := false
 	for _, filter := range mgr.HttpFilters {
-		if filter.Name == wellknown.Router {
+		if filter.Name == string(egv1a1.EnvoyFilterRouter) {
 			hasRouter = true
 			break
 		}