WPB-20209 forward ip address of the remote from federator to component reapply #4805
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
zebot
added
the
ok-to-test
There was a problem hiding this comment.
Pull Request Overview
This PR implements IP address forwarding from federator to backend components for federation requests. It extracts the remote peer IP address during federation communication and forwards it to upstream services for audit logging purposes.
- Enhances federator to capture and forward remote IP addresses from federation connections
- Updates cargohold's asset audit logging to include remote backend IP information
- Adds nginx configuration to properly forward IP headers to upstream services
Reviewed Changes
Copilot reviewed 19 out of 19 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| services/federator/src/Federator/Remote.hs | Captures peer IP during HTTP2 connections and adds it to response headers |
| services/federator/src/Federator/ExternalServer.hs | Extracts and forwards origin IP from request headers to upstream services |
| libs/wire-api-federation/src/Wire/API/Federation/Endpoint.hs | Adds new header types and streaming endpoint with remote IP support |
| services/cargohold/src/CargoHold/API/AuditLog.hs | Updates audit logging functions to include optional IP address parameter |
| services/cargohold/src/CargoHold/API/Federation.hs | Modifies federation endpoints to handle and pass remote IP for audit logging |
| services/nginz/integration-test/conf/nginz/nginx.conf | Adds IP normalization and forwarding configuration for test environment |
| charts/nginz/templates/conf/_nginx.conf.tpl | Updates production nginx config to forward IP headers to upstreams |
Comments suppressed due to low confidence (1)
services/federator/src/Federator/Remote.hs:1
- The
isDigitfunction is not in scope. You need to importData.Char (isDigit)or useData.Char.isDigit.
{-# LANGUAGE RecordWildCards #-}
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
akshaymankar
reviewed
Oct 2, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Checklist
changelog.d