refactor: wasm32-wasi renamed to wasm32-wasip1, chore(deps); rust to 1.78

.github/workflows/build.yml

@@ -46,7 +46,7 @@ jobs:
         run: rustc --version && cargo --version
 
       - name: Clippy
-        run: cargo clippy --release --all-targets --target=wasm32-wasi -- -D warnings
+        run: cargo clippy --release --all-targets --target=wasm32-wasip1 -- -D warnings
 
   fmt:
     runs-on: ubuntu-latest
@@ -110,7 +110,7 @@ jobs:
 
       - name: Build wasm-oidc-plugin
         run: |
-          cargo build --target wasm32-wasi --release
+          cargo build --target wasm32-wasip1 --release
 
       - name: Upload plugin as artifact
         uses: actions/upload-artifact@v4

.github/workflows/release.yml

@@ -28,7 +28,7 @@ jobs:
 
       - name: Build
         run: |
-          cargo build --target wasm32-wasi --release
+          cargo build --target wasm32-wasip1 --release
 
       - name: Archive production artifacts
         uses: actions/upload-artifact@v4

.github/workflows/test.yml

@@ -43,7 +43,7 @@ jobs:
       - name: Clippy
         run: |
           rustc --version && cargo --version
-          cargo clippy --release --all-targets --target=wasm32-wasi -- -D warnings
+          cargo clippy --release --all-targets --target=wasm32-wasip1 -- -D warnings
 
   fmt:
     runs-on: ubuntu-latest
@@ -107,7 +107,7 @@ jobs:
 
       - name: Build wasm-oidc-plugin
         run: |
-          cargo build --target wasm32-wasi --release
+          cargo build --target wasm32-wasip1 --release
 
       - name: Upload plugin as artifact
         uses: actions/upload-artifact@v4

Dockerfile

@@ -1,17 +1,17 @@
-FROM rust:1.75.0 AS builder
+FROM rust:1.78.0 AS builder
 
 COPY src/ src/
 COPY Cargo.toml Cargo.toml
 COPY Cargo.lock Cargo.lock
 
-RUN rustup target add wasm32-wasi
+RUN rustup target add wasm32-wasip1
 
-RUN cargo build --target=wasm32-wasi --release
+RUN cargo build --target=wasm32-wasip1 --release
 
 ##################################################
 
 FROM envoyproxy/envoy:v1.29-latest
 
-COPY --from=builder /target/wasm32-wasi/release/wasm_oidc_plugin.wasm /etc/envoy/proxy-wasm-plugins/wasm_oidc_plugin.wasm
+COPY --from=builder /target/wasm32-wasip1/release/wasm_oidc_plugin.wasm /etc/envoy/proxy-wasm-plugins/wasm_oidc_plugin.wasm
 
 CMD [ "envoy", "-c", "/etc/envoy/envoy.yaml" ]

Makefile

@@ -1,10 +1,10 @@
 build:
-	cargo build --target wasm32-wasi --release
+	cargo build --target wasm32-wasip1 --release
 run:
-	cargo build --target wasm32-wasi --release
+	cargo build --target wasm32-wasip1 --release
 	docker-compose up
 run-background:
-	cargo build --target wasm32-wasi --release
+	cargo build --target wasm32-wasip1 --release
 	docker-compose up -d
 docker-image:
 	docker buildx build --platform linux/amd64 -f Dockerfile -t antonengelhardt/wasm-oidc-plugin:latest .

README.md

@@ -32,7 +32,7 @@ apt install build-essential
 # Install Rustup
 curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
 # Enable WASM compilation target
-cargo build --target wasm32-wasi --release
+cargo build --target wasm32-wasip1 --release
 ```
 
 ## Run
@@ -50,7 +50,7 @@ make run
 1. **Building the plugin:**
 
 ```sh
-cargo build --target wasm32-wasi --release
+cargo build --target wasm32-wasip1 --release
 # or
 make build
 ```
@@ -73,9 +73,10 @@ To deploy the plugin to production, the following steps are needed (either manua
 
 1. Build the plugin
 
-    1.1 with `cargo build --target wasm32-wasi --release` - this can be done in a [initContainer](./k8s/deployment.yaml) (see [k8s](./k8s) folder) and then copy the binary to the path `/etc/envoy/proxy-wasm-plugins/` in the envoy container.
+   1.1 with `cargo build --target wasm32-wasip1 --release` - this can be done in a [initContainer](./k8s/deployment.yaml) (see [k8s](./k8s) folder) and then copy the binary to the path `/etc/envoy/proxy-wasm-plugins/` in the envoy container.
+
+   1.2 by using the pre-built Docker image [antonengelhardt/wasm-oidc-plugin](https://hub.docker.com/r/antonengelhardt/wasm-oidc-plugin).
 
-    1.2 by using the pre-built Docker image [antonengelhardt/wasm-oidc-plugin](https://hub.docker.com/r/antonengelhardt/wasm-oidc-plugin).
 2. Run envoy as a container with the `envoy.yaml` file mounted through the [ConfigMap](./k8s/configmap.yml) as a volume.
 3. Set up [Service](./k8s/service.yml), [Certificate](./k8s/certificate-production.yml), [Ingress](./k8s/ingress.yml) to expose the Envoy to the internet.
 
@@ -190,3 +191,40 @@ cargo-deny check advisories
 ```
 
 These commands are also run in the CI pipeline.
+
+## FAQ
+
+> My OpenID provider uses a different endpoint for the jwks_uri. How can I configure this?
+
+Google does exactly that:
+
+```json
+{
+  "jwks_uri": "https://www.googleapis.com/oauth2/v3/certs"
+}
+```
+
+You can add the endpoint in your `envoy.yaml`-file like this:
+
+```yaml
+- name: google
+      connect_timeout: 5s
+      type: STRICT_DNS
+      dns_lookup_family: V4_ONLY
+      load_assignment:
+        cluster_name: google
+        endpoints:
+          - lb_endpoints:
+              - endpoint:
+                  address:
+                    socket_address:
+                      address: accounts.google.com
+                      port_value: 443
+              - endpoint:
+                  address:
+                    socket_address:
+                      address: www.googleapis.com
+                      port_value: 443
+```
+
+The rest should work fine.

docker-compose.yaml

@@ -9,7 +9,7 @@ services:
       - "10000:10000"
     volumes:
       - ./envoy.yaml:/etc/envoy/envoy.yaml
-      - ./target/wasm32-wasi/release:/etc/envoy/proxy-wasm-plugins
+      - ./target/wasm32-wasip1/release:/etc/envoy/proxy-wasm-plugins
     networks:
       - envoymesh
     # Additional options:

k8s/ci.yml

@@ -112,7 +112,7 @@ jobs:
 
       - name: Build wasm-oidc-plugin
         run: |
-          cargo build --target wasm32-wasi --release
+          cargo build --target wasm32-wasip1 --release
 
       - name: Upload plugin as artifact
         uses: actions/upload-artifact@v4

k8s/deployment-init-container.yaml

@@ -36,7 +36,7 @@ spec:
               apk add git
               git clone -b main https://${GITHUB_PAT}@github.com/your-org/your-repo.git #! Change URL and branch
               cd your-repo #! Change directory
-              cargo build --target wasm32-wasi --release
+              cargo build --target wasm32-wasip1 --release
               cp target/wasm32-wasi/release/name_of_your_wasm_plugin.wasm /plugins/name_of_your_wasm_plugin.wasm #! Rename, if necessary
 
           env: