diff --git a/.circleci/config.yml b/.circleci/config.yml index ac07f553..3b41ba0f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,8 +1,12 @@ +references: + envoy-build-image: &envoy-build-image + envoyproxy/envoy-build:220e5cb537b5185c953de1aac7d0613f8cf155ac + version: 2 jobs: test: docker: - - image: envoyproxy/envoy-build:52f6880ffbf761c9b809fc3ac208900956ff16b4 + - image: *envoy-build-image resource_class: xlarge working_directory: /source steps: @@ -10,7 +14,7 @@ jobs: - run: ci/do_ci.sh bazel.test docs: docker: - - image: lyft/envoy-build:114e24c6fd05fc026492e9d2ca5608694e5ea59d + - image: *envoy-build-image resource_class: xlarge working_directory: /source steps: @@ -22,7 +26,7 @@ jobs: path: generated/docs format: docker: - - image: lyft/envoy-build:114e24c6fd05fc026492e9d2ca5608694e5ea59d + - image: *envoy-build-image resource_class: xlarge working_directory: /source steps: diff --git a/STYLE.md b/STYLE.md index 409f3a3c..c8abd336 100644 --- a/STYLE.md +++ b/STYLE.md @@ -92,3 +92,23 @@ In addition, the following conventions should be followed: value like `TYPE_NAME_UNSPECIFIED = 0`, and treat it as an error. This design pattern forces developers to explicitly choose the correct enum value for their use case, and avoid misunderstanding of the default behavior. + +## Package organization + +API definitions are layered hierarchically in packages from top-to-bottom: + +- `envoy.service` contains gRPC definitions of supporting services; +- `envoy.config` contains definitions for service configuration, filter +configuration, and bootstrap; +- `envoy.api.v2` contains definitions for EDS, CDS, RDS, LDS, and top-level +resources such as `Cluster`; +- `envoy.api.v2.endpoint`, `envoy.api.v2.cluster`, `envoy.api.v2.route`, +`envoy.api.v2.listener`, `envoy.api.v2.ratelimit` define sub-messages of the top-level resources; +- `envoy.api.v2.core` and `envoy.api.v2.auth` hold core definitions consumed +throughout the API. + +Dependencies are enforced from top-to-bottom using visibility constraints in +the build system to prevent circular dependency formation. Package group +`//envoy/api/v2:friends` selects consumers of the core API package (services and configs) +and is the default visibility for the core API packages. The default visibility +for services and configs should be `//docs` (proto documentation tool). diff --git a/bazel/api_build_system.bzl b/bazel/api_build_system.bzl index a8c4bca8..a514b68f 100644 --- a/bazel/api_build_system.bzl +++ b/bazel/api_build_system.bzl @@ -77,13 +77,19 @@ def api_go_grpc_library(name, proto, deps = []): # gRPC stub generation. # TODO(htuch): Automatically generate go_proto_library and go_grpc_library # from api_proto_library. -def api_proto_library(name, srcs = [], deps = [], has_services = 0, require_py = 1): +def api_proto_library(name, visibility = ["//visibility:private"], srcs = [], deps = [], has_services = 0, require_py = 1): # This is now vestigial, since there are no direct consumers in # data-plane-api. However, we want to maintain native proto_library support # in the proto graph to (1) support future C++ use of native rules with # cc_proto_library (or some Bazel aspect that works on proto_library) when # it can play well with the PGV plugin and (2) other language support that # can make use of native proto_library. + + if visibility == ["//visibility:private"]: + visibility = ["//docs"] + elif visibility != ["//visibility:public"]: + visibility = visibility + ["//docs"] + native.proto_library( name = name, srcs = srcs, @@ -99,7 +105,7 @@ def api_proto_library(name, srcs = [], deps = [], has_services = 0, require_py = "@com_github_gogo_protobuf//:gogo_proto", "@com_lyft_protoc_gen_validate//validate:validate_proto", ], - visibility = ["//visibility:public"], + visibility = visibility, ) # Under the hood, this is just an extension of the Protobuf library's # bespoke cc_proto_library. It doesn't consume proto_library as a proto diff --git a/bazel/repositories.bzl b/bazel/repositories.bzl index bec52c73..f6eedeec 100644 --- a/bazel/repositories.bzl +++ b/bazel/repositories.bzl @@ -198,6 +198,7 @@ api_proto_library( srcs = [ "metrics.proto", ], + visibility = ["//visibility:public"], ) """, ) @@ -214,6 +215,7 @@ api_proto_library( srcs = [ "trace.proto", ], + visibility = ["//visibility:public"], ) """, ) diff --git a/docs/BUILD b/docs/BUILD new file mode 100644 index 00000000..b379d769 --- /dev/null +++ b/docs/BUILD @@ -0,0 +1,53 @@ +licenses(["notice"]) # Apache 2 + +package_group( + name = "docs", + packages = [ + "//docs", + ], +) + +# TODO(htuch): Grow this to cover everything we want to generate docs for, so we can just invoke +# bazel build //docs:protos --aspects tools/protodoc/protodoc.bzl%proto_doc_aspect --output_groups=rst +proto_library( + name = "protos", + deps = [ + "//envoy/api/v2:cds", + "//envoy/api/v2:discovery", + "//envoy/api/v2:eds", + "//envoy/api/v2:lds", + "//envoy/api/v2:rds", + "//envoy/api/v2/cluster:circuit_breaker", + "//envoy/api/v2/cluster:outlier_detection", + "//envoy/api/v2/core:protocol", + "//envoy/api/v2/listener", + "//envoy/api/v2/ratelimit", + "//envoy/api/v2/route", + "//envoy/config/bootstrap/v2:bootstrap", + "//envoy/config/filter/accesslog/v2:accesslog", + "//envoy/config/filter/http/buffer/v2:buffer", + "//envoy/config/filter/http/ext_authz/v2:ext_authz", + "//envoy/config/filter/http/fault/v2:fault", + "//envoy/config/filter/http/gzip/v2:gzip", + "//envoy/config/filter/http/health_check/v2:health_check", + "//envoy/config/filter/http/lua/v2:lua", + "//envoy/config/filter/http/rate_limit/v2:rate_limit", + "//envoy/config/filter/http/router/v2:router", + "//envoy/config/filter/http/squash/v2:squash", + "//envoy/config/filter/http/transcoder/v2:transcoder", + "//envoy/config/filter/network/client_ssl_auth/v2:client_ssl_auth", + "//envoy/config/filter/network/ext_authz/v2:ext_authz", + "//envoy/config/filter/network/http_connection_manager/v2:http_connection_manager", + "//envoy/config/filter/network/mongo_proxy/v2:mongo_proxy", + "//envoy/config/filter/network/rate_limit/v2:rate_limit", + "//envoy/config/filter/network/redis_proxy/v2:redis_proxy", + "//envoy/config/filter/network/tcp_proxy/v2:tcp_proxy", + "//envoy/config/metrics/v2:metrics_service", + "//envoy/config/metrics/v2:stats", + "//envoy/config/ratelimit/v2:rls", + "//envoy/config/trace/v2:trace", + "//envoy/service/discovery/v2:ads", + "//envoy/service/load_stats/v2:lrs", + "//envoy/service/metrics/v2:metrics_service", + ], +) diff --git a/docs/build.sh b/docs/build.sh index ad23422f..c4bc3dce 100755 --- a/docs/build.sh +++ b/docs/build.sh @@ -20,14 +20,18 @@ fi source "${BUILD_DIR}"/venv/bin/activate -bazel --batch build ${BAZEL_BUILD_OPTIONS} //envoy --aspects \ +bazel --batch build ${BAZEL_BUILD_OPTIONS} //docs:protos --aspects \ tools/protodoc/protodoc.bzl%proto_doc_aspect --output_groups=rst --action_env=CPROFILE_ENABLED # These are the protos we want to put in docs, this list will grow. # TODO(htuch): Factor this out of this script. PROTO_RST=" - /envoy/api/v2/address/envoy/api/v2/address.proto.rst - /envoy/api/v2/base/envoy/api/v2/base.proto.rst + /envoy/api/v2/core/address/envoy/api/v2/core/address.proto.rst + /envoy/api/v2/core/base/envoy/api/v2/core/base.proto.rst + /envoy/api/v2/core/config_source/envoy/api/v2/core/config_source.proto.rst + /envoy/api/v2/core/grpc_service/envoy/api/v2/core/grpc_service.proto.rst + /envoy/api/v2/core/health_check/envoy/api/v2/core/health_check.proto.rst + /envoy/api/v2/core/protocol/envoy/api/v2/core/protocol.proto.rst /envoy/api/v2/auth/cert/envoy/api/v2/auth/cert.proto.rst /envoy/api/v2/eds/envoy/api/v2/eds.proto.rst /envoy/api/v2/endpoint/endpoint/envoy/api/v2/endpoint/endpoint.proto.rst @@ -38,10 +42,6 @@ PROTO_RST=" /envoy/api/v2/route/route/envoy/api/v2/route/route.proto.rst /envoy/api/v2/lds/envoy/api/v2/lds.proto.rst /envoy/api/v2/listener/listener/envoy/api/v2/listener/listener.proto.rst - /envoy/api/v2/config_source/envoy/api/v2/config_source.proto.rst - /envoy/api/v2/grpc_service/envoy/api/v2/grpc_service.proto.rst - /envoy/api/v2/health_check/envoy/api/v2/health_check.proto.rst - /envoy/api/v2/protocol/envoy/api/v2/protocol.proto.rst /envoy/api/v2/ratelimit/ratelimit/envoy/api/v2/ratelimit/ratelimit.proto.rst /envoy/config/bootstrap/v2/bootstrap/envoy/config/bootstrap/v2/bootstrap.proto.rst /envoy/api/v2/discovery/envoy/api/v2/discovery.proto.rst @@ -49,23 +49,23 @@ PROTO_RST=" /envoy/config/metrics/v2/metrics_service/envoy/config/metrics/v2/metrics_service.proto.rst /envoy/config/metrics/v2/stats/envoy/config/metrics/v2/stats.proto.rst /envoy/config/trace/v2/trace/envoy/config/trace/v2/trace.proto.rst - /envoy/api/v2/filter/accesslog/accesslog/envoy/api/v2/filter/accesslog/accesslog.proto.rst - /envoy/api/v2/filter/fault/envoy/api/v2/filter/fault.proto.rst - /envoy/api/v2/filter/http/buffer/envoy/api/v2/filter/http/buffer.proto.rst - /envoy/api/v2/filter/http/fault/envoy/api/v2/filter/http/fault.proto.rst - /envoy/api/v2/filter/http/gzip/envoy/api/v2/filter/http/gzip.proto.rst - /envoy/api/v2/filter/http/health_check/envoy/api/v2/filter/http/health_check.proto.rst - /envoy/api/v2/filter/http/lua/envoy/api/v2/filter/http/lua.proto.rst - /envoy/api/v2/filter/http/rate_limit/envoy/api/v2/filter/http/rate_limit.proto.rst - /envoy/api/v2/filter/http/router/envoy/api/v2/filter/http/router.proto.rst - /envoy/api/v2/filter/http/squash/envoy/api/v2/filter/http/squash.proto.rst - /envoy/api/v2/filter/http/transcoder/envoy/api/v2/filter/http/transcoder.proto.rst - /envoy/api/v2/filter/network/client_ssl_auth/envoy/api/v2/filter/network/client_ssl_auth.proto.rst - /envoy/api/v2/filter/network/http_connection_manager/envoy/api/v2/filter/network/http_connection_manager.proto.rst - /envoy/api/v2/filter/network/mongo_proxy/envoy/api/v2/filter/network/mongo_proxy.proto.rst - /envoy/api/v2/filter/network/rate_limit/envoy/api/v2/filter/network/rate_limit.proto.rst - /envoy/api/v2/filter/network/redis_proxy/envoy/api/v2/filter/network/redis_proxy.proto.rst - /envoy/api/v2/filter/network/tcp_proxy/envoy/api/v2/filter/network/tcp_proxy.proto.rst + /envoy/config/filter/accesslog/v2/accesslog/envoy/config/filter/accesslog/v2/accesslog.proto.rst + /envoy/config/filter/fault/v2/fault/envoy/config/filter/fault/v2/fault.proto.rst + /envoy/config/filter/http/buffer/v2/buffer/envoy/config/filter/http/buffer/v2/buffer.proto.rst + /envoy/config/filter/http/fault/v2/fault/envoy/config/filter/http/fault/v2/fault.proto.rst + /envoy/config/filter/http/gzip/v2/gzip/envoy/config/filter/http/gzip/v2/gzip.proto.rst + /envoy/config/filter/http/health_check/v2/health_check/envoy/config/filter/http/health_check/v2/health_check.proto.rst + /envoy/config/filter/http/lua/v2/lua/envoy/config/filter/http/lua/v2/lua.proto.rst + /envoy/config/filter/http/rate_limit/v2/rate_limit/envoy/config/filter/http/rate_limit/v2/rate_limit.proto.rst + /envoy/config/filter/http/router/v2/router/envoy/config/filter/http/router/v2/router.proto.rst + /envoy/config/filter/http/squash/v2/squash/envoy/config/filter/http/squash/v2/squash.proto.rst + /envoy/config/filter/http/transcoder/v2/transcoder/envoy/config/filter/http/transcoder/v2/transcoder.proto.rst + /envoy/config/filter/network/client_ssl_auth/v2/client_ssl_auth/envoy/config/filter/network/client_ssl_auth/v2/client_ssl_auth.proto.rst + /envoy/config/filter/network/http_connection_manager/v2/http_connection_manager/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto.rst + /envoy/config/filter/network/mongo_proxy/v2/mongo_proxy/envoy/config/filter/network/mongo_proxy/v2/mongo_proxy.proto.rst + /envoy/config/filter/network/rate_limit/v2/rate_limit/envoy/config/filter/network/rate_limit/v2/rate_limit.proto.rst + /envoy/config/filter/network/redis_proxy/v2/redis_proxy/envoy/config/filter/network/redis_proxy/v2/redis_proxy.proto.rst + /envoy/config/filter/network/tcp_proxy/v2/tcp_proxy/envoy/config/filter/network/tcp_proxy/v2/tcp_proxy.proto.rst " # Dump all the generated RST so they can be added to PROTO_RST easily. diff --git a/docs/root/api-v2/api.rst b/docs/root/api-v2/api.rst index 02dd76c2..428f8258 100644 --- a/docs/root/api-v2/api.rst +++ b/docs/root/api-v2/api.rst @@ -8,8 +8,8 @@ v2 API reference :maxdepth: 2 config/bootstrap/v2/bootstrap.proto - api/v2/config_source.proto - api/v2/grpc_service.proto + api/v2/core/config_source.proto + api/v2/core/grpc_service.proto api/v2/lds.proto api/v2/listener/listener.proto api/v2/cds.proto @@ -17,17 +17,17 @@ v2 API reference api/v2/cluster/circuit_breaker.proto api/v2/endpoint/endpoint.proto api/v2/eds.proto - api/v2/health_check.proto + api/v2/core/health_check.proto api/v2/route/route.proto api/v2/rds.proto api/v2/auth/cert.proto config/metrics/v2/stats.proto config/metrics/v2/metrics_service.proto config/trace/v2/trace.proto - api/v2/base.proto - api/v2/address.proto - api/v2/protocol.proto + api/v2/core/base.proto + api/v2/core/address.proto + api/v2/core/protocol.proto api/v2/discovery.proto api/v2/ratelimit/ratelimit.proto config/ratelimit/v2/rls.proto - api/v2/filter/filter + config/filter/filter diff --git a/docs/root/api-v2/api/v2/filter/filter.rst b/docs/root/api-v2/config/filter/filter.rst similarity index 61% rename from docs/root/api-v2/api/v2/filter/filter.rst rename to docs/root/api-v2/config/filter/filter.rst index 478b83d8..0793d3f8 100644 --- a/docs/root/api-v2/api/v2/filter/filter.rst +++ b/docs/root/api-v2/config/filter/filter.rst @@ -7,5 +7,5 @@ Filters network/network http/http - accesslog/accesslog.proto - fault.proto + accesslog/v2/accesslog.proto + fault/v2/fault.proto diff --git a/docs/root/api-v2/api/v2/filter/http/http.rst b/docs/root/api-v2/config/filter/http/http.rst similarity index 87% rename from docs/root/api-v2/api/v2/filter/http/http.rst rename to docs/root/api-v2/config/filter/http/http.rst index f859e409..49eaeb7c 100644 --- a/docs/root/api-v2/api/v2/filter/http/http.rst +++ b/docs/root/api-v2/config/filter/http/http.rst @@ -5,4 +5,4 @@ HTTP filters :glob: :maxdepth: 2 - * + */v2/* diff --git a/docs/root/api-v2/api/v2/filter/network/network.rst b/docs/root/api-v2/config/filter/network/network.rst similarity index 88% rename from docs/root/api-v2/api/v2/filter/network/network.rst rename to docs/root/api-v2/config/filter/network/network.rst index deea21e4..d61c0975 100644 --- a/docs/root/api-v2/api/v2/filter/network/network.rst +++ b/docs/root/api-v2/config/filter/network/network.rst @@ -5,4 +5,4 @@ Network filters :glob: :maxdepth: 2 - * + */v2/* diff --git a/docs/root/configuration/access_log.rst b/docs/root/configuration/access_log.rst index 0801c22d..1e73b3f4 100644 --- a/docs/root/configuration/access_log.rst +++ b/docs/root/configuration/access_log.rst @@ -10,7 +10,7 @@ Access logs are configured as part of the :ref:`HTTP connection manager config ` or :ref:`TCP Proxy `. * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` .. _config_access_log_format: diff --git a/docs/root/configuration/cluster_manager/cluster_hc.rst b/docs/root/configuration/cluster_manager/cluster_hc.rst index fa8c2214..2ed62935 100644 --- a/docs/root/configuration/cluster_manager/cluster_hc.rst +++ b/docs/root/configuration/cluster_manager/cluster_hc.rst @@ -7,7 +7,7 @@ Health checking * If health checking is configured for a cluster, additional statistics are emitted. They are documented :ref:`here `. * :ref:`v1 API documentation `. -* :ref:`v2 API documentation `. +* :ref:`v2 API documentation `. .. _config_cluster_manager_cluster_hc_tcp_health_checking: diff --git a/docs/root/configuration/http_conn_man/headers.rst b/docs/root/configuration/http_conn_man/headers.rst index ee4c67b0..ff65af84 100644 --- a/docs/root/configuration/http_conn_man/headers.rst +++ b/docs/root/configuration/http_conn_man/headers.rst @@ -205,7 +205,7 @@ following features are available: * Stable :ref:`access logging ` via the :ref:`v1 API runtime filter` or the - :ref:`v2 API runtime filter`. + :ref:`v2 API runtime filter`. * Stable tracing when performing random sampling via the :ref:`tracing.random_sampling ` runtime setting or via forced tracing using the :ref:`config_http_conn_man_headers_x-envoy-force-trace` and diff --git a/docs/root/configuration/http_conn_man/http_conn_man.rst b/docs/root/configuration/http_conn_man/http_conn_man.rst index 365d4633..0ec3a8bd 100644 --- a/docs/root/configuration/http_conn_man/http_conn_man.rst +++ b/docs/root/configuration/http_conn_man/http_conn_man.rst @@ -6,7 +6,7 @@ HTTP connection manager * HTTP connection manager :ref:`architecture overview ` * HTTP protocols :ref:`architecture overview ` * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` .. toctree:: :hidden: diff --git a/docs/root/configuration/http_filters/buffer_filter.rst b/docs/root/configuration/http_filters/buffer_filter.rst index 5716457a..9fda71b3 100644 --- a/docs/root/configuration/http_filters/buffer_filter.rst +++ b/docs/root/configuration/http_filters/buffer_filter.rst @@ -8,7 +8,7 @@ This is useful in different situations including protecting some applications fr with partial requests and high network latency. * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` Statistics ---------- diff --git a/docs/root/configuration/http_filters/cors_filter.rst b/docs/root/configuration/http_filters/cors_filter.rst index 3cd55abf..436999a1 100644 --- a/docs/root/configuration/http_filters/cors_filter.rst +++ b/docs/root/configuration/http_filters/cors_filter.rst @@ -9,4 +9,4 @@ For the meaning of the headers please refer to the pages below. - https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS - https://www.w3.org/TR/cors/ - :ref:`v1 API reference ` -- :ref:`v2 API reference ` +- :ref:`v2 API reference ` diff --git a/docs/root/configuration/http_filters/dynamodb_filter.rst b/docs/root/configuration/http_filters/dynamodb_filter.rst index f04fc3f2..5254afed 100644 --- a/docs/root/configuration/http_filters/dynamodb_filter.rst +++ b/docs/root/configuration/http_filters/dynamodb_filter.rst @@ -5,7 +5,7 @@ DynamoDB * DynamoDB :ref:`architecture overview ` * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` Statistics ---------- diff --git a/docs/root/configuration/http_filters/fault_filter.rst b/docs/root/configuration/http_filters/fault_filter.rst index 050736e3..5c6b87e4 100644 --- a/docs/root/configuration/http_filters/fault_filter.rst +++ b/docs/root/configuration/http_filters/fault_filter.rst @@ -34,7 +34,7 @@ Configuration including the router filter. * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` Runtime ------- diff --git a/docs/root/configuration/http_filters/grpc_http1_bridge_filter.rst b/docs/root/configuration/http_filters/grpc_http1_bridge_filter.rst index 37adcc2c..9b2e35e1 100644 --- a/docs/root/configuration/http_filters/grpc_http1_bridge_filter.rst +++ b/docs/root/configuration/http_filters/grpc_http1_bridge_filter.rst @@ -5,7 +5,7 @@ gRPC HTTP/1.1 bridge * gRPC :ref:`architecture overview ` * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` This is a simple filter which enables the bridging of an HTTP/1.1 client which does not support response trailers to a compliant gRPC server. It works by doing the following: diff --git a/docs/root/configuration/http_filters/grpc_json_transcoder_filter.rst b/docs/root/configuration/http_filters/grpc_json_transcoder_filter.rst index 93170a2d..3eaa96ae 100644 --- a/docs/root/configuration/http_filters/grpc_json_transcoder_filter.rst +++ b/docs/root/configuration/http_filters/grpc_json_transcoder_filter.rst @@ -5,7 +5,7 @@ gRPC-JSON transcoder * gRPC :ref:`architecture overview ` * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` This is a filter which allows a RESTful JSON API client to send requests to Envoy over HTTP and get proxied to a gRPC service. The HTTP mapping for the gRPC service has to be defined by diff --git a/docs/root/configuration/http_filters/grpc_web_filter.rst b/docs/root/configuration/http_filters/grpc_web_filter.rst index 7c97a01c..2fe81100 100644 --- a/docs/root/configuration/http_filters/grpc_web_filter.rst +++ b/docs/root/configuration/http_filters/grpc_web_filter.rst @@ -5,7 +5,7 @@ gRPC-Web * gRPC :ref:`architecture overview ` * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` This is a filter which enables the bridging of a gRPC-Web client to a compliant gRPC server by following https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-WEB.md. diff --git a/docs/root/configuration/http_filters/gzip_filter.rst b/docs/root/configuration/http_filters/gzip_filter.rst index aaa0dd93..e1daf6a7 100644 --- a/docs/root/configuration/http_filters/gzip_filter.rst +++ b/docs/root/configuration/http_filters/gzip_filter.rst @@ -9,7 +9,7 @@ compromising the response time. Configuration ------------- -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` .. attention:: diff --git a/docs/root/configuration/http_filters/health_check_filter.rst b/docs/root/configuration/http_filters/health_check_filter.rst index 443611bf..490b869b 100644 --- a/docs/root/configuration/http_filters/health_check_filter.rst +++ b/docs/root/configuration/http_filters/health_check_filter.rst @@ -5,7 +5,7 @@ Health check * Health check filter :ref:`architecture overview ` * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` .. note:: diff --git a/docs/root/configuration/http_filters/lua_filter.rst b/docs/root/configuration/http_filters/lua_filter.rst index 2067dbe2..64dd124f 100644 --- a/docs/root/configuration/http_filters/lua_filter.rst +++ b/docs/root/configuration/http_filters/lua_filter.rst @@ -62,7 +62,7 @@ Configuration ------------- * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` Script examples --------------- diff --git a/docs/root/configuration/http_filters/rate_limit_filter.rst b/docs/root/configuration/http_filters/rate_limit_filter.rst index a69c4099..dcac97e3 100644 --- a/docs/root/configuration/http_filters/rate_limit_filter.rst +++ b/docs/root/configuration/http_filters/rate_limit_filter.rst @@ -5,7 +5,7 @@ Rate limit * Global rate limiting :ref:`architecture overview ` * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` The HTTP rate limit filter will call the rate limit service when the request's route or virtual host has one or more :ref:`rate limit configurations` diff --git a/docs/root/configuration/http_filters/router_filter.rst b/docs/root/configuration/http_filters/router_filter.rst index b02a4fd1..10efe19c 100644 --- a/docs/root/configuration/http_filters/router_filter.rst +++ b/docs/root/configuration/http_filters/router_filter.rst @@ -9,7 +9,7 @@ configured :ref:`route table `. In addition to redirection, the filter also handles retry, statistics, etc. * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` .. _config_http_filters_router_headers: diff --git a/docs/root/configuration/http_filters/squash_filter.rst b/docs/root/configuration/http_filters/squash_filter.rst index 7af38161..38340f3d 100644 --- a/docs/root/configuration/http_filters/squash_filter.rst +++ b/docs/root/configuration/http_filters/squash_filter.rst @@ -21,7 +21,7 @@ Configuration ------------- * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` How it works ------------ diff --git a/docs/root/configuration/network_filters/client_ssl_auth_filter.rst b/docs/root/configuration/network_filters/client_ssl_auth_filter.rst index 39467c40..ea166311 100644 --- a/docs/root/configuration/network_filters/client_ssl_auth_filter.rst +++ b/docs/root/configuration/network_filters/client_ssl_auth_filter.rst @@ -5,7 +5,7 @@ Client TLS authentication * Client TLS authentication filter :ref:`architecture overview ` * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` .. _config_network_filters_client_ssl_auth_stats: diff --git a/docs/root/configuration/network_filters/mongo_proxy_filter.rst b/docs/root/configuration/network_filters/mongo_proxy_filter.rst index 186285bd..0ee4aa11 100644 --- a/docs/root/configuration/network_filters/mongo_proxy_filter.rst +++ b/docs/root/configuration/network_filters/mongo_proxy_filter.rst @@ -5,7 +5,7 @@ Mongo proxy - MongoDB :ref:`architecture overview ` - :ref:`v1 API reference ` -- :ref:`v2 API reference ` +- :ref:`v2 API reference ` .. _config_network_filters_mongo_proxy_fault_injection: diff --git a/docs/root/configuration/network_filters/rate_limit_filter.rst b/docs/root/configuration/network_filters/rate_limit_filter.rst index 654b1405..4cefd681 100644 --- a/docs/root/configuration/network_filters/rate_limit_filter.rst +++ b/docs/root/configuration/network_filters/rate_limit_filter.rst @@ -5,7 +5,7 @@ Rate limit * Global rate limiting :ref:`architecture overview ` * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` .. _config_network_filters_rate_limit_stats: diff --git a/docs/root/configuration/network_filters/redis_proxy_filter.rst b/docs/root/configuration/network_filters/redis_proxy_filter.rst index 96f1d619..0ebdbfae 100644 --- a/docs/root/configuration/network_filters/redis_proxy_filter.rst +++ b/docs/root/configuration/network_filters/redis_proxy_filter.rst @@ -5,7 +5,7 @@ Redis proxy * Redis :ref:`architecture overview ` * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` .. _config_network_filters_redis_proxy_stats: diff --git a/docs/root/configuration/network_filters/tcp_proxy_filter.rst b/docs/root/configuration/network_filters/tcp_proxy_filter.rst index d3a430ba..4bfc2413 100644 --- a/docs/root/configuration/network_filters/tcp_proxy_filter.rst +++ b/docs/root/configuration/network_filters/tcp_proxy_filter.rst @@ -5,7 +5,7 @@ TCP proxy * TCP proxy :ref:`architecture overview ` * :ref:`v1 API reference ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` .. _config_network_filters_tcp_proxy_stats: diff --git a/docs/root/configuration/overview/v2_overview.rst b/docs/root/configuration/overview/v2_overview.rst index 7e31c534..6f0bb4a3 100644 --- a/docs/root/configuration/overview/v2_overview.rst +++ b/docs/root/configuration/overview/v2_overview.rst @@ -368,8 +368,8 @@ for the service definition. This is used by Envoy as a client when cluster_names: [some_xds_cluster] is set in the :ref:`rds -` field of the :ref:`HttpConnectionManager -` config. +` field of the :ref:`HttpConnectionManager +` config. REST endpoints ^^^^^^^^^^^^^^ @@ -440,8 +440,8 @@ for the service definition. This is used by Envoy as a client when cluster_names: [some_xds_cluster] is set in the :ref:`rds -` field of the :ref:`HttpConnectionManager -` config. +` field of the :ref:`HttpConnectionManager +` config. .. _config_overview_v2_ads: diff --git a/docs/root/intro/arch_overview/grpc.rst b/docs/root/intro/arch_overview/grpc.rst index 9c6783be..57deaf04 100644 --- a/docs/root/intro/arch_overview/grpc.rst +++ b/docs/root/intro/arch_overview/grpc.rst @@ -37,8 +37,8 @@ control plane, where it :ref:`fetches configuration from management server(s) *gRPC services*. When specifying gRPC services, it's necessary to specify the use of either the -:ref:`Envoy gRPC client ` or the -:ref:`Google C++ gRPC client `. We +:ref:`Envoy gRPC client ` or the +:ref:`Google C++ gRPC client `. We discuss the tradeoffs in this choice below. The Envoy gRPC client is a minimal custom implementation of gRPC that makes use diff --git a/docs/root/intro/arch_overview/health_checking.rst b/docs/root/intro/arch_overview/health_checking.rst index da90edc4..2b21f3e6 100644 --- a/docs/root/intro/arch_overview/health_checking.rst +++ b/docs/root/intro/arch_overview/health_checking.rst @@ -46,7 +46,7 @@ operation: Envoy will respond with a 200 or a 503 depending on the current draining state of the server. * **No pass through, computed from upstream cluster health**: In this mode, the health checking filter will return a 200 or a 503 depending on whether at least a :ref:`specified percentage - ` of the + ` of the servers are healthy in one or more upstream clusters. (If the Envoy server is in a draining state, though, it will respond with a 503 regardless of the upstream cluster health.) * **Pass through**: In this mode, Envoy will pass every health check request to the local service. diff --git a/docs/root/intro/version_history.rst b/docs/root/intro/version_history.rst index c88b5eb0..03e5db42 100644 --- a/docs/root/intro/version_history.rst +++ b/docs/root/intro/version_history.rst @@ -15,7 +15,7 @@ Version history * cors: added :ref:`CORS filter `. * health check: added :ref:`x-envoy-immediate-health-check-fail ` header support. -* health check: added :ref:`reuse_connection ` option. +* health check: added :ref:`reuse_connection ` option. * http: added :ref:`per-listener stats `. * http: end-to-end HTTP flow control is now complete across both connections, streams, and filters. * load balancer: added :ref:`subset load balancer `. @@ -41,9 +41,9 @@ Version history * router: added :ref:`downstream IP hashing ` for HTTP ketama routing. * router: added :ref:`cookie hashing `. -* router: added :ref:`start_child_span ` option +* router: added :ref:`start_child_span ` option to create child span for egress calls. -* router: added optional :ref:`upstream logs `. +* router: added optional :ref:`upstream logs `. * router: added complete :ref:`custom append/override/remove support ` of request/response headers. * router: added support to :ref:`specify response code during redirect @@ -54,9 +54,9 @@ Version history * server: change default log level (:option:`-l`) to `info`. * stats: maximum stat/name sizes and maximum number of stats are now variable via the :option:`--max-obj-name-len` and :option:`--max-stats` options. -* tcp proxy: added :ref:`access logging `. +* tcp proxy: added :ref:`access logging `. * tcp proxy: added :ref:`configurable connect retries - `. + `. * tcp proxy: enable use of :ref:`outlier detector `. * tls: added :ref:`SNI support `. * tls: added support for specifying :ref:`TLS session ticket keys diff --git a/docs/root/operations/cli.rst b/docs/root/operations/cli.rst index a50bbcc4..0dd92881 100644 --- a/docs/root/operations/cli.rst +++ b/docs/root/operations/cli.rst @@ -91,7 +91,7 @@ following are the command line options that Envoy supports. *(optional)* Defines the local service cluster name where Envoy is running. The local service cluster name is first sourced from the :ref:`Bootstrap node ` message's :ref:`cluster - ` field. This CLI option provides an alternative + ` field. This CLI option provides an alternative method for specifying this value and will override any value set in bootstrap configuration. It should be set if any of the following features are used: :ref:`statsd `, :ref:`health check cluster @@ -108,7 +108,7 @@ following are the command line options that Envoy supports. *(optional)* Defines the local service node name where Envoy is running. The local service node name is first sourced from the :ref:`Bootstrap node ` message's :ref:`id - ` field. This CLI option provides an alternative + ` field. This CLI option provides an alternative method for specifying this value and will override any value set in bootstrap configuration. It should be set if any of the following features are used: :ref:`statsd `, :ref:`CDS @@ -121,7 +121,7 @@ following are the command line options that Envoy supports. *(optional)* Defines the local service zone where Envoy is running. The local service zone is first sourced from the :ref:`Bootstrap node ` message's :ref:`locality.zone - ` field. This CLI option provides an + ` field. This CLI option provides an alternative method for specifying this value and will override any value set in bootstrap configuration. It should be set if discovery service routing is used and the discovery service exposes :ref:`zone data diff --git a/envoy/BUILD b/envoy/BUILD deleted file mode 100644 index 38bd65c2..00000000 --- a/envoy/BUILD +++ /dev/null @@ -1,27 +0,0 @@ -licenses(["notice"]) # Apache 2 - -# TODO(htuch): Grow this to cover everything we want to generate docs for, so we can just invoke -# bazel build //envoy/api --aspects tools/protodoc/protodoc.bzl%proto_doc_aspect --output_groups=rst -proto_library( - name = "envoy", - deps = [ - "//envoy/api/v2", - "//envoy/api/v2:cds", - "//envoy/api/v2/cluster:circuit_breaker", - "//envoy/api/v2/cluster:outlier_detection", - "//envoy/api/v2/filter/accesslog", - "//envoy/api/v2/filter/http", - "//envoy/api/v2/filter/network", - "//envoy/api/v2/listener", - "//envoy/api/v2/ratelimit", - "//envoy/api/v2/route", - "//envoy/config/bootstrap/v2:bootstrap", - "//envoy/config/metrics/v2:metrics_service", - "//envoy/config/metrics/v2:stats", - "//envoy/config/ratelimit/v2:rls", - "//envoy/config/trace/v2:trace", - "//envoy/service/discovery/v2:ads", - "//envoy/service/load_stats", - "//envoy/service/metrics", - ], -) diff --git a/envoy/api/v2/BUILD b/envoy/api/v2/BUILD index 04d8e4e6..70a8141c 100644 --- a/envoy/api/v2/BUILD +++ b/envoy/api/v2/BUILD @@ -2,100 +2,41 @@ load("//bazel:api_build_system.bzl", "api_proto_library", "api_go_proto_library" licenses(["notice"]) # Apache 2 -api_proto_library( - name = "address", - srcs = ["address.proto"], -) - -api_go_proto_library( - name = "address", - proto = ":address", -) - -api_proto_library( - name = "base", - srcs = ["base.proto"], -) - -api_go_proto_library( - name = "base", - proto = ":base", - deps = [":address_go_proto"], -) - -api_proto_library( - name = "health_check", - srcs = ["health_check.proto"], - deps = [":base"], -) - -api_go_proto_library( - name = "health_check", - proto = ":health_check", - deps = [":base_go_proto"], -) - -api_proto_library( - name = "config_source", - srcs = ["config_source.proto"], - deps = [ - ":base", - ":grpc_service", - ], -) - -api_go_proto_library( - name = "config_source", - proto = ":config_source", - deps = [ - ":base_go_proto", - ":grpc_service_go_proto", +# Friends of core API packages - filters, services, service configs. +# Package //envoy/api/v2 contains xDS and discovery definitions that should +# be in //envoy/service/discovery, but remain here for backwards compatibility. +package_group( + name = "friends", + packages = [ + "//envoy/api/v2", + "//envoy/config/...", + "//envoy/service/...", ], ) -api_proto_library( - name = "grpc_service", - srcs = ["grpc_service.proto"], - deps = [":base"], -) - -api_go_proto_library( - name = "grpc_service", - proto = ":grpc_service", - deps = [":base_go_proto"], -) - -api_proto_library( - name = "protocol", - srcs = ["protocol.proto"], -) - -api_go_proto_library( - name = "protocol", - proto = ":protocol", -) - api_proto_library( name = "discovery", srcs = ["discovery.proto"], - deps = ["//envoy/api/v2:base"], + visibility = [":friends"], + deps = ["//envoy/api/v2/core:base"], ) api_go_proto_library( name = "discovery", proto = ":discovery", - deps = ["//envoy/api/v2:base_go_proto"], + deps = ["//envoy/api/v2/core:base_go_proto"], ) api_proto_library( name = "eds", srcs = ["eds.proto"], has_services = 1, + visibility = [":friends"], deps = [ - ":address", - ":base", ":discovery", - ":health_check", + "//envoy/api/v2/core:address", + "//envoy/api/v2/core:base", + "//envoy/api/v2/core:health_check", "//envoy/api/v2/endpoint", ], ) @@ -104,10 +45,10 @@ api_go_grpc_library( name = "eds", proto = ":eds", deps = [ - ":address_go_proto", - ":base_go_proto", ":discovery_go_proto", - ":health_check_go_proto", + "//envoy/api/v2/core:address_go_proto", + "//envoy/api/v2/core:base_go_proto", + "//envoy/api/v2/core:health_check_go_proto", "//envoy/api/v2/endpoint:endpoint_go_proto", ], ) @@ -116,16 +57,17 @@ api_proto_library( name = "cds", srcs = ["cds.proto"], has_services = 1, + visibility = [":friends"], deps = [ - ":address", - ":base", - ":config_source", ":discovery", - ":health_check", - ":protocol", "//envoy/api/v2/auth:cert", "//envoy/api/v2/cluster:circuit_breaker", "//envoy/api/v2/cluster:outlier_detection", + "//envoy/api/v2/core:address", + "//envoy/api/v2/core:base", + "//envoy/api/v2/core:config_source", + "//envoy/api/v2/core:health_check", + "//envoy/api/v2/core:protocol", ], ) @@ -133,15 +75,15 @@ api_go_grpc_library( name = "cds", proto = ":cds", deps = [ - ":base_go_proto", - ":config_source_go_proto", ":discovery_go_proto", - ":health_check_go_proto", - ":protocol_go_proto", - "//envoy/api/v2:address_go_proto", "//envoy/api/v2/auth:cert_go_proto", "//envoy/api/v2/cluster:circuit_breaker_go_proto", "//envoy/api/v2/cluster:outlier_detection_go_proto", + "//envoy/api/v2/core:address_go_proto", + "//envoy/api/v2/core:base_go_proto", + "//envoy/api/v2/core:config_source_go_proto", + "//envoy/api/v2/core:health_check_go_proto", + "//envoy/api/v2/core:protocol_go_proto", ], ) @@ -149,10 +91,11 @@ api_proto_library( name = "lds", srcs = ["lds.proto"], has_services = 1, + visibility = [":friends"], deps = [ - ":address", - ":base", ":discovery", + "//envoy/api/v2/core:address", + "//envoy/api/v2/core:base", "//envoy/api/v2/listener", ], ) @@ -161,9 +104,9 @@ api_go_grpc_library( name = "lds", proto = ":lds", deps = [ - ":address_go_proto", - ":base_go_proto", ":discovery_go_proto", + "//envoy/api/v2/core:address_go_proto", + "//envoy/api/v2/core:base_go_proto", "//envoy/api/v2/listener:listener_go_proto", ], ) @@ -172,9 +115,10 @@ api_proto_library( name = "rds", srcs = ["rds.proto"], has_services = 1, + visibility = [":friends"], deps = [ - ":base", ":discovery", + "//envoy/api/v2/core:base", "//envoy/api/v2/route", ], ) @@ -183,21 +127,8 @@ api_go_grpc_library( name = "rds", proto = ":rds", deps = [ - ":base_go_proto", ":discovery_go_proto", + "//envoy/api/v2/core:base_go_proto", "//envoy/api/v2/route:route_go_proto", ], ) - -proto_library( - name = "v2", - visibility = ["//envoy:__pkg__"], - deps = [ - ":cds", - ":discovery", - ":eds", - ":lds", - ":protocol", - ":rds", - ], -) diff --git a/envoy/api/v2/README.md b/envoy/api/v2/README.md index a70eae55..984be690 100644 --- a/envoy/api/v2/README.md +++ b/envoy/api/v2/README.md @@ -1 +1,9 @@ -Protocol buffer definitions for core API messages. +Protocol buffer definitions for xDS and top-level resource API messages. + +Package group `//envoy/api/v2:friends` enumerates all consumers of the shared +API messages. That includes package envoy.api.v2 itself, which contains several +xDS definitions. Default visibility for all shared definitions should be set to +`//envoy/api/v2:friends`. + +Additionally, packages envoy.api.v2.core and envoy.api.v2.auth are also +consumed throughout the subpackages of `//envoy/api/v2`. diff --git a/envoy/api/v2/auth/BUILD b/envoy/api/v2/auth/BUILD index 14996a69..461360c6 100644 --- a/envoy/api/v2/auth/BUILD +++ b/envoy/api/v2/auth/BUILD @@ -2,9 +2,23 @@ load("//bazel:api_build_system.bzl", "api_proto_library", "api_go_proto_library" licenses(["notice"]) # Apache 2 +package_group( + name = "friends", + includes = [ + "//envoy/api/v2:friends", + ], + packages = [ + "//envoy/api/v2/cluster", + "//envoy/api/v2/endpoint", + "//envoy/api/v2/listener", + "//envoy/api/v2/route", + ], +) + api_proto_library( name = "auth", srcs = ["auth.proto"], + visibility = [":friends"], deps = [ ":cert", ], @@ -21,9 +35,10 @@ api_go_proto_library( api_proto_library( name = "cert", srcs = ["cert.proto"], + visibility = [":friends"], deps = [ - "//envoy/api/v2:base", - "//envoy/api/v2:config_source", + "//envoy/api/v2/core:base", + "//envoy/api/v2/core:config_source", ], ) @@ -31,7 +46,7 @@ api_go_proto_library( name = "cert", proto = ":cert", deps = [ - "//envoy/api/v2:base_go_proto", - "//envoy/api/v2:config_source_go_proto", + "//envoy/api/v2/core:base_go_proto", + "//envoy/api/v2/core:config_source_go_proto", ], ) diff --git a/envoy/api/v2/auth/auth.proto b/envoy/api/v2/auth/auth.proto index e97c670a..34b1e2b7 100644 --- a/envoy/api/v2/auth/auth.proto +++ b/envoy/api/v2/auth/auth.proto @@ -7,6 +7,10 @@ option go_package = "auth"; import "envoy/api/v2/auth/cert.proto"; +import "gogoproto/gogo.proto"; + +option (gogoproto.equal_all) = true; + message AuthAction { // Should we do white-list or black-list style access control. enum ActionType { diff --git a/envoy/api/v2/auth/cert.proto b/envoy/api/v2/auth/cert.proto index 304e19a9..a2fe1844 100644 --- a/envoy/api/v2/auth/cert.proto +++ b/envoy/api/v2/auth/cert.proto @@ -2,12 +2,15 @@ syntax = "proto3"; package envoy.api.v2.auth; -import "envoy/api/v2/base.proto"; -import "envoy/api/v2/config_source.proto"; +import "envoy/api/v2/core/base.proto"; +import "envoy/api/v2/core/config_source.proto"; import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; + +option (gogoproto.equal_all) = true; // [#protodoc-title: Common TLS configuration] @@ -70,19 +73,19 @@ message TlsParameters { message TlsCertificate { // The TLS certificate chain. - DataSource certificate_chain = 1; + core.DataSource certificate_chain = 1; // The TLS private key. - DataSource private_key = 2; + core.DataSource private_key = 2; // [#not-implemented-hide:] - DataSource password = 3; + core.DataSource password = 3; // [#not-implemented-hide:] - DataSource ocsp_staple = 4; + core.DataSource ocsp_staple = 4; // [#not-implemented-hide:] - repeated DataSource signed_certificate_timestamp = 5; + repeated core.DataSource signed_certificate_timestamp = 5; } message TlsSessionTicketKeys { @@ -109,7 +112,7 @@ message TlsSessionTicketKeys { // * Keep the session ticket keys at least as secure as your TLS certificate private keys // * Rotate session ticket keys at least daily, and preferably hourly // * Always generate keys using a cryptographically-secure random data source - repeated DataSource keys = 1 [(validate.rules).repeated .min_items = 1]; + repeated core.DataSource keys = 1 [(validate.rules).repeated .min_items = 1]; } message CertificateValidationContext { @@ -127,7 +130,7 @@ message CertificateValidationContext { // // See :ref:`the TLS overview ` for a list of common // system CA locations. - DataSource trusted_ca = 1; + core.DataSource trusted_ca = 1; // If specified, Envoy will verify (pin) the hex-encoded SHA-256 hash of // the presented certificate. @@ -154,7 +157,7 @@ message CertificateValidationContext { // (in PEM format). If specified, Envoy will verify that the presented peer // certificate has not been revoked by this CRL. If this DataSource contains // multiple CRLs, all of them will be used. - DataSource crl = 7; + core.DataSource crl = 7; } // TLS context shared by both client and server TLS contexts. @@ -235,7 +238,7 @@ message SdsSecretConfig { // When both name and config are specified, then secret can be fetched and/or reloaded via SDS. // When only name is specified, then secret will be loaded from static resources [V2-API-DIFF]. string name = 1; - ConfigSource sds_config = 2; + core.ConfigSource sds_config = 2; } // [#proto-status: experimental] diff --git a/envoy/api/v2/cds.proto b/envoy/api/v2/cds.proto index cf4471c9..1efc8c5b 100644 --- a/envoy/api/v2/cds.proto +++ b/envoy/api/v2/cds.proto @@ -2,13 +2,13 @@ syntax = "proto3"; package envoy.api.v2; -import "envoy/api/v2/address.proto"; +import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/auth/cert.proto"; -import "envoy/api/v2/base.proto"; -import "envoy/api/v2/config_source.proto"; +import "envoy/api/v2/core/base.proto"; +import "envoy/api/v2/core/config_source.proto"; import "envoy/api/v2/discovery.proto"; -import "envoy/api/v2/health_check.proto"; -import "envoy/api/v2/protocol.proto"; +import "envoy/api/v2/core/health_check.proto"; +import "envoy/api/v2/core/protocol.proto"; import "envoy/api/v2/cluster/circuit_breaker.proto"; import "envoy/api/v2/cluster/outlier_detection.proto"; @@ -20,6 +20,8 @@ import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; import "gogoproto/gogo.proto"; +option (gogoproto.equal_all) = true; + // Return list of all clusters this proxy will load balance to. service ClusterDiscoveryService { rpc StreamClusters(stream DiscoveryRequest) returns (stream DiscoveryResponse) { @@ -78,7 +80,7 @@ message Cluster { // Only valid when discovery type is EDS. message EdsClusterConfig { // Configuration for the source of EDS updates for this Cluster. - ConfigSource eds_config = 1; + core.ConfigSource eds_config = 1; // Optional alternative to cluster name to present to EDS. This does not // have the same restrictions as cluster name, i.e. it may be arbitrary @@ -137,13 +139,13 @@ message Cluster { // :ref:`STRICT_DNS` // or :ref:`LOGICAL_DNS`, // then hosts is required. - repeated Address hosts = 7; + repeated core.Address hosts = 7; // Optional :ref:`active health checking ` // configuration for the cluster. If no // configuration is specified no health checking will be done and all cluster // members will be considered healthy at all times. - repeated HealthCheck health_checks = 8; + repeated core.HealthCheck health_checks = 8; // Optional maximum requests for a single upstream connection. This parameter // is respected by both the HTTP/1.1 and HTTP/2 connection pool @@ -152,7 +154,7 @@ message Cluster { google.protobuf.UInt32Value max_requests_per_connection = 9; // Optional :ref:`circuit breaking ` for the cluster. - envoy.api.v2.cluster.CircuitBreakers circuit_breakers = 10; + cluster.CircuitBreakers circuit_breakers = 10; // The TLS configuration for connections to the upstream cluster. If no TLS // configuration is specified, TLS will not be used for new connections. @@ -167,7 +169,7 @@ message Cluster { reserved 12; // Additional options when handling HTTP1 requests. - Http1ProtocolOptions http_protocol_options = 13; + core.Http1ProtocolOptions http_protocol_options = 13; // Even if default HTTP2 protocol options are desired, this field must be // set so that Envoy will assume that the upstream supports HTTP/2 when @@ -175,7 +177,7 @@ message Cluster { // supports prior knowledge for upstream connections. Even if TLS is used // with ALPN, `http2_protocol_options` must be specified. As an aside this allows HTTP/2 // connections to happen over plain text. - Http2ProtocolOptions http2_protocol_options = 14; + core.Http2ProtocolOptions http2_protocol_options = 14; reserved 15; @@ -222,12 +224,12 @@ message Cluster { // :ref:`STRICT_DNS` // and :ref:`LOGICAL_DNS` // this setting is ignored. - repeated Address dns_resolvers = 18; + repeated core.Address dns_resolvers = 18; // If specified, outlier detection will be enabled for this upstream cluster. // Each of the configuration values can be overridden via // :ref:`runtime values `. - envoy.api.v2.cluster.OutlierDetection outlier_detection = 19; + cluster.OutlierDetection outlier_detection = 19; // The interval for removing stale hosts from a cluster type // :ref:`ORIGINAL_DST`. @@ -248,7 +250,7 @@ message Cluster { // Optional configuration used to bind newly established upstream connections. // This overrides any bind_config specified in the bootstrap proto. // If the addres and port are empty, no bind will be performed. - BindConfig upstream_bind_config = 21; + core.BindConfig upstream_bind_config = 21; // Optionally divide the endpoints in this cluster into subsets defined by // endpoint metadata and selected by route and weighted cluster metadata. @@ -341,15 +343,15 @@ message Cluster { RingHashLbConfig ring_hash_lb_config = 23; } - // See :ref:`base.TransportSocket` description. - TransportSocket transport_socket = 24; + // See :ref:`base.TransportSocket` description. + core.TransportSocket transport_socket = 24; // The Metadata field can be used to provide additional information about the // cluster. It can be used for stats, logging, and varying filter behavior. // Fields should use reverse DNS notation to denote which entity within Envoy // will need the information. For instance, if the metadata is intended for // the Router filter, the filter name should be specified as *envoy.router*. - Metadata metadata = 25; + core.Metadata metadata = 25; enum ClusterProtocolSelection { // Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2). @@ -366,5 +368,5 @@ message Cluster { // establishing upstream connections. message UpstreamBindConfig { // The address Envoy should bind to when establishing upstream connections. - Address source_address = 1; + core.Address source_address = 1; } diff --git a/envoy/api/v2/cluster/BUILD b/envoy/api/v2/cluster/BUILD index 91edbbb0..193a3af5 100644 --- a/envoy/api/v2/cluster/BUILD +++ b/envoy/api/v2/cluster/BUILD @@ -5,8 +5,11 @@ licenses(["notice"]) # Apache 2 api_proto_library( name = "circuit_breaker", srcs = ["circuit_breaker.proto"], + visibility = [ + "//envoy/api/v2:__pkg__", + ], deps = [ - "//envoy/api/v2:base", + "//envoy/api/v2/core:base", ], ) @@ -14,13 +17,16 @@ api_go_proto_library( name = "circuit_breaker", proto = ":circuit_breaker", deps = [ - "//envoy/api/v2:base_go_proto", + "//envoy/api/v2/core:base_go_proto", ], ) api_proto_library( name = "outlier_detection", srcs = ["outlier_detection.proto"], + visibility = [ + "//envoy/api/v2:__pkg__", + ], ) api_go_proto_library( diff --git a/envoy/api/v2/cluster/circuit_breaker.proto b/envoy/api/v2/cluster/circuit_breaker.proto index 0f6964a0..19e378d7 100644 --- a/envoy/api/v2/cluster/circuit_breaker.proto +++ b/envoy/api/v2/cluster/circuit_breaker.proto @@ -3,10 +3,14 @@ syntax = "proto3"; package envoy.api.v2.cluster; option go_package = "cluster"; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/base.proto"; import "google/protobuf/wrappers.proto"; +import "gogoproto/gogo.proto"; + +option (gogoproto.equal_all) = true; + // [#protodoc-title: Circuit breakers] // :ref:`Circuit breaking` settings can be @@ -14,13 +18,13 @@ import "google/protobuf/wrappers.proto"; message CircuitBreakers { // A Thresholds defines CircuitBreaker settings for a - // :ref:`RoutingPriority`. + // :ref:`RoutingPriority`. message Thresholds { - // The :ref:`RoutingPriority` + // The :ref:`RoutingPriority` // the specified CircuitBreaker settings apply to. // [#comment:TODO(htuch): add (validate.rules).enum.defined_only = true once // https://github.com/lyft/protoc-gen-validate/issues/42 is resolved.] - RoutingPriority priority = 1; + core.RoutingPriority priority = 1; // The maximum number of connections that Envoy will make to the upstream // cluster. If not specified, the default is 1024. @@ -40,9 +44,9 @@ message CircuitBreakers { } // If multiple :ref:`Thresholds` - // are defined with the same :ref:`RoutingPriority`, + // are defined with the same :ref:`RoutingPriority`, // the first one in the list is used. If no Thresholds is defined for a given - // :ref:`RoutingPriority`, the default values + // :ref:`RoutingPriority`, the default values // are used. repeated Thresholds thresholds = 1; } diff --git a/envoy/api/v2/cluster/outlier_detection.proto b/envoy/api/v2/cluster/outlier_detection.proto index 0eeeda6c..bab817ad 100644 --- a/envoy/api/v2/cluster/outlier_detection.proto +++ b/envoy/api/v2/cluster/outlier_detection.proto @@ -6,6 +6,9 @@ import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; + +option (gogoproto.equal_all) = true; // [#protodoc-title: Outlier detection] diff --git a/envoy/api/v2/core/BUILD b/envoy/api/v2/core/BUILD new file mode 100644 index 00000000..71de9cf5 --- /dev/null +++ b/envoy/api/v2/core/BUILD @@ -0,0 +1,108 @@ +load("//bazel:api_build_system.bzl", "api_proto_library", "api_go_proto_library", "api_go_grpc_library") + +licenses(["notice"]) # Apache 2 + +package_group( + name = "friends", + includes = [ + "//envoy/api/v2:friends", + ], + packages = [ + "//envoy/api/v2/auth", + "//envoy/api/v2/cluster", + "//envoy/api/v2/endpoint", + "//envoy/api/v2/listener", + "//envoy/api/v2/route", + ], +) + +api_proto_library( + name = "address", + srcs = ["address.proto"], + visibility = [ + ":friends", + ], +) + +api_go_proto_library( + name = "address", + proto = ":address", +) + +api_proto_library( + name = "base", + srcs = ["base.proto"], + visibility = [ + ":friends", + ], +) + +api_go_proto_library( + name = "base", + proto = ":base", + deps = [":address_go_proto"], +) + +api_proto_library( + name = "health_check", + srcs = ["health_check.proto"], + visibility = [ + ":friends", + ], + deps = [":base"], +) + +api_go_proto_library( + name = "health_check", + proto = ":health_check", + deps = [":base_go_proto"], +) + +api_proto_library( + name = "config_source", + srcs = ["config_source.proto"], + visibility = [ + ":friends", + ], + deps = [ + ":base", + ":grpc_service", + ], +) + +api_go_proto_library( + name = "config_source", + proto = ":config_source", + deps = [ + ":base_go_proto", + ":grpc_service_go_proto", + ], +) + +api_proto_library( + name = "grpc_service", + srcs = ["grpc_service.proto"], + visibility = [ + ":friends", + ], + deps = [":base"], +) + +api_go_proto_library( + name = "grpc_service", + proto = ":grpc_service", + deps = [":base_go_proto"], +) + +api_proto_library( + name = "protocol", + srcs = ["protocol.proto"], + visibility = [ + ":friends", + ], +) + +api_go_proto_library( + name = "protocol", + proto = ":protocol", +) diff --git a/envoy/api/v2/address.proto b/envoy/api/v2/core/address.proto similarity index 90% rename from envoy/api/v2/address.proto rename to envoy/api/v2/core/address.proto index ea3bcb50..92354e99 100644 --- a/envoy/api/v2/address.proto +++ b/envoy/api/v2/core/address.proto @@ -1,12 +1,14 @@ syntax = "proto3"; -package envoy.api.v2; +package envoy.api.v2.core; import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; import "gogoproto/gogo.proto"; +option (gogoproto.equal_all) = true; + // [#protodoc-title: Network addresses] // [#v2-api-diff: Addresses now have .proto structure.] @@ -17,6 +19,7 @@ message Pipe { message SocketAddress { enum Protocol { + option (gogoproto.goproto_enum_prefix) = false; TCP = 0; // [#not-implemented-hide:] UDP = 1; @@ -29,14 +32,14 @@ message SocketAddress { // FilterChainMatch after connection. For :ref:`clusters // `, an address may be either an IP or // hostname to be resolved via DNS. If it is a hostname, :ref:`resolver_name - // ` should be set unless default + // ` should be set unless default // (i.e. DNS) resolution is expected. string address = 2 [(validate.rules).string.min_bytes = 1]; oneof port_specifier { option (validate.required) = true; uint32 port_value = 3; // This is only valid if :ref:`resolver_name - // ` is specified below and the + // ` is specified below and the // named resolver is capable of named port resolution. string named_port = 4; } diff --git a/envoy/api/v2/base.proto b/envoy/api/v2/core/base.proto similarity index 96% rename from envoy/api/v2/base.proto rename to envoy/api/v2/core/base.proto index 29c4e482..ed93c06d 100644 --- a/envoy/api/v2/base.proto +++ b/envoy/api/v2/core/base.proto @@ -1,7 +1,7 @@ syntax = "proto3"; -package envoy.api.v2; -option go_package = "api"; +package envoy.api.v2.core; +option go_package = "core"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; @@ -9,11 +9,13 @@ import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; import "gogoproto/gogo.proto"; +option (gogoproto.equal_all) = true; + // [#protodoc-title: Common types] // Identifies location of where either Envoy runs or where upstream hosts run. message Locality { - // Region this :ref:`zone ` belongs to. + // Region this :ref:`zone ` belongs to. string region = 1; // Defines the local service zone where Envoy is running. Though optional, it @@ -121,6 +123,7 @@ enum RoutingPriority { // HTTP request method. enum RequestMethod { + option (gogoproto.goproto_enum_prefix) = false; METHOD_UNSPECIFIED = 0; GET = 1; HEAD = 2; diff --git a/envoy/api/v2/config_source.proto b/envoy/api/v2/core/config_source.proto similarity index 93% rename from envoy/api/v2/config_source.proto rename to envoy/api/v2/core/config_source.proto index c9046255..17bdbbeb 100644 --- a/envoy/api/v2/config_source.proto +++ b/envoy/api/v2/core/config_source.proto @@ -1,14 +1,16 @@ syntax = "proto3"; -package envoy.api.v2; +package envoy.api.v2.core; -import "envoy/api/v2/grpc_service.proto"; +import "envoy/api/v2/core/grpc_service.proto"; import "google/protobuf/duration.proto"; import "validate/validate.proto"; import "gogoproto/gogo.proto"; +option (gogoproto.equal_all) = true; + // [#protodoc-title: Configuration sources] // API configuration source. This identifies the API type and cluster that Envoy @@ -50,7 +52,7 @@ message ApiConfigSource { } // Aggregated Discovery Service (ADS) options. This is currently empty, but when -// set in :ref:`ConfigSource ` can be used to +// set in :ref:`ConfigSource ` can be used to // specify that ADS is to be used. message AggregatedConfigSource { } diff --git a/envoy/api/v2/grpc_service.proto b/envoy/api/v2/core/grpc_service.proto similarity index 91% rename from envoy/api/v2/grpc_service.proto rename to envoy/api/v2/core/grpc_service.proto index e8434941..ad28d407 100644 --- a/envoy/api/v2/grpc_service.proto +++ b/envoy/api/v2/core/grpc_service.proto @@ -1,18 +1,21 @@ syntax = "proto3"; -package envoy.api.v2; +package envoy.api.v2.core; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/base.proto"; import "google/protobuf/duration.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; + +option (gogoproto.equal_all) = true; // [#protodoc-title: gRPC services] // [#proto-status: draft] // gRPC service configuration. This is used by :ref:`ApiConfigSource -// ` and filter configurations. +// ` and filter configurations. message GrpcService { message EnvoyGrpc { // The name of the upstream gRPC cluster. SSL credentials will be supplied @@ -24,7 +27,7 @@ message GrpcService { message GoogleGrpc { // The target URI when using the `Google C++ gRPC client // `_. SSL credentials will be supplied in - // :ref:`credentials `. + // :ref:`credentials `. string target_uri = 1 [(validate.rules).string.min_bytes = 1]; // See https://grpc.io/grpc/cpp/structgrpc_1_1_ssl_credentials_options.html. diff --git a/envoy/api/v2/health_check.proto b/envoy/api/v2/core/health_check.proto similarity index 98% rename from envoy/api/v2/health_check.proto rename to envoy/api/v2/core/health_check.proto index 7d742395..1c0df0e1 100644 --- a/envoy/api/v2/health_check.proto +++ b/envoy/api/v2/core/health_check.proto @@ -1,11 +1,14 @@ syntax = "proto3"; -package envoy.api.v2; +package envoy.api.v2.core; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; + +option (gogoproto.equal_all) = true; // [#protodoc-title: Health check] // * Health checking :ref:`architecture overview `. diff --git a/envoy/api/v2/protocol.proto b/envoy/api/v2/core/protocol.proto similarity index 96% rename from envoy/api/v2/protocol.proto rename to envoy/api/v2/core/protocol.proto index aa60e34c..ad386b3a 100644 --- a/envoy/api/v2/protocol.proto +++ b/envoy/api/v2/core/protocol.proto @@ -2,11 +2,14 @@ syntax = "proto3"; -package envoy.api.v2; +package envoy.api.v2.core; import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; + +option (gogoproto.equal_all) = true; // [#protodoc-title: Protocol options] diff --git a/envoy/api/v2/discovery.proto b/envoy/api/v2/discovery.proto index 13c40d35..b3077b3a 100644 --- a/envoy/api/v2/discovery.proto +++ b/envoy/api/v2/discovery.proto @@ -1,10 +1,14 @@ syntax = "proto3"; package envoy.api.v2; +option go_package = "v2"; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/base.proto"; import "google/protobuf/any.proto"; +import "gogoproto/gogo.proto"; + +option (gogoproto.equal_all) = true; // [#protodoc-title: Common discovery API components] @@ -21,7 +25,7 @@ message DiscoveryRequest { string version_info = 1; // The node making the request. - Node node = 2; + core.Node node = 2; // List of resources to subscribe to, e.g. list of cluster names or a route // configuration name. If this is empty, all resources for the API are @@ -49,7 +53,7 @@ message DiscoveryResponse { string version_info = 1; // The response resources. These resources are typed and depend on the API being called. - repeated google.protobuf.Any resources = 2; + repeated google.protobuf.Any resources = 2 [(gogoproto.nullable) = false]; // [#not-implemented-hide:] // Canary is used to support two Envoy command line flags: diff --git a/envoy/api/v2/eds.proto b/envoy/api/v2/eds.proto index c69d1798..2280982d 100644 --- a/envoy/api/v2/eds.proto +++ b/envoy/api/v2/eds.proto @@ -8,6 +8,9 @@ import "envoy/api/v2/endpoint/endpoint.proto"; import "google/api/annotations.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; + +option (gogoproto.equal_all) = true; // [#protodoc-title: EDS] @@ -41,7 +44,7 @@ message ClusterLoadAssignment { string cluster_name = 1 [(validate.rules).string.min_bytes = 1]; // List of endpoints to load balance to. - repeated endpoint.LocalityLbEndpoints endpoints = 2; + repeated endpoint.LocalityLbEndpoints endpoints = 2 [(gogoproto.nullable) = false]; // Load balancing policy settings. message Policy { diff --git a/envoy/api/v2/endpoint/BUILD b/envoy/api/v2/endpoint/BUILD index 07e1c750..0ae7d994 100644 --- a/envoy/api/v2/endpoint/BUILD +++ b/envoy/api/v2/endpoint/BUILD @@ -5,13 +5,14 @@ licenses(["notice"]) # Apache 2 api_proto_library( name = "endpoint", srcs = ["endpoint.proto"], + visibility = ["//envoy/api/v2:friends"], deps = [ - "//envoy/api/v2:address", - "//envoy/api/v2:base", - "//envoy/api/v2:config_source", - "//envoy/api/v2:health_check", - "//envoy/api/v2:protocol", "//envoy/api/v2/auth:cert", + "//envoy/api/v2/core:address", + "//envoy/api/v2/core:base", + "//envoy/api/v2/core:config_source", + "//envoy/api/v2/core:health_check", + "//envoy/api/v2/core:protocol", ], ) @@ -19,20 +20,21 @@ api_go_proto_library( name = "endpoint", proto = ":endpoint", deps = [ - "//envoy/api/v2:address_go_proto", - "//envoy/api/v2:base_go_proto", - "//envoy/api/v2:config_source_go_proto", - "//envoy/api/v2:health_check_go_proto", - "//envoy/api/v2:protocol_go_proto", "//envoy/api/v2/auth:cert_go_proto", + "//envoy/api/v2/core:address_go_proto", + "//envoy/api/v2/core:base_go_proto", + "//envoy/api/v2/core:config_source_go_proto", + "//envoy/api/v2/core:health_check_go_proto", + "//envoy/api/v2/core:protocol_go_proto", ], ) api_proto_library( name = "load_report", srcs = ["load_report.proto"], + visibility = ["//envoy/api/v2:friends"], deps = [ - "//envoy/api/v2:base", + "//envoy/api/v2/core:base", ], ) @@ -40,6 +42,6 @@ api_go_proto_library( name = "load_report", proto = ":load_report", deps = [ - "//envoy/api/v2:base_go_proto", + "//envoy/api/v2/core:base_go_proto", ], ) diff --git a/envoy/api/v2/endpoint/endpoint.proto b/envoy/api/v2/endpoint/endpoint.proto index ecb8ca2e..c89c4d91 100644 --- a/envoy/api/v2/endpoint/endpoint.proto +++ b/envoy/api/v2/endpoint/endpoint.proto @@ -3,20 +3,22 @@ syntax = "proto3"; package envoy.api.v2.endpoint; option go_package = "endpoint"; -import "envoy/api/v2/address.proto"; -import "envoy/api/v2/base.proto"; -import "envoy/api/v2/health_check.proto"; +import "envoy/api/v2/core/address.proto"; +import "envoy/api/v2/core/base.proto"; +import "envoy/api/v2/core/health_check.proto"; import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; import "gogoproto/gogo.proto"; +option (gogoproto.equal_all) = true; + // [#protodoc-title: Endpoints] // Upstream host identifier. message Endpoint { - Address address = 1; + core.Address address = 1; } // An Endpoint that Envoy can route traffic to. @@ -26,7 +28,7 @@ message LbEndpoint { // [#not-implemented-hide:] Optional health status when known and supplied by // EDS server. - HealthStatus health_status = 2; + core.HealthStatus health_status = 2; // The endpoint metadata specifies values that may be used by the load // balancer to select endpoints in a cluster for a given request. The filter @@ -34,7 +36,7 @@ message LbEndpoint { // is *canary*, providing the optional canary status of the upstream host. // This may be matched against in a route's ForwardAction metadata_match field // to subset the endpoints considered in cluster load balancing. - Metadata metadata = 3; + core.Metadata metadata = 3; // The optional load balancing weight of the upstream host, in the range 1 - // 128. Envoy uses the load balancing weight in some of the built in load @@ -60,10 +62,10 @@ message LbEndpoint { // balancing weights or different priorities. message LocalityLbEndpoints { // Identifies location of where the upstream hosts run. - Locality locality = 1; + core.Locality locality = 1; // The group of endpoints belonging to the locality specified. - repeated LbEndpoint lb_endpoints = 2; + repeated LbEndpoint lb_endpoints = 2 [(gogoproto.nullable) = false]; // Optional: Per priority/region/zone/sub_zone weight - range 1-128. The load // balancing weight for a locality is divided by the sum of the weights of all diff --git a/envoy/api/v2/endpoint/load_report.proto b/envoy/api/v2/endpoint/load_report.proto index 2c2106c7..31edfef6 100644 --- a/envoy/api/v2/endpoint/load_report.proto +++ b/envoy/api/v2/endpoint/load_report.proto @@ -2,7 +2,7 @@ syntax = "proto3"; package envoy.api.v2.endpoint; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/base.proto"; import "validate/validate.proto"; import "gogoproto/gogo.proto"; @@ -15,7 +15,7 @@ import "gogoproto/gogo.proto"; message UpstreamLocalityStats { // Name of zone, region and optionally endpoint group these metrics were // collected from. Zone and region names could be empty if unknown. - envoy.api.v2.Locality locality = 1; + core.Locality locality = 1; // The total number of requests sent by this Envoy since the last report. A // single HTTP or gRPC request or stream is counted as one request. A TCP diff --git a/envoy/api/v2/filter/accesslog/BUILD b/envoy/api/v2/filter/accesslog/BUILD deleted file mode 100644 index a2eb5221..00000000 --- a/envoy/api/v2/filter/accesslog/BUILD +++ /dev/null @@ -1,13 +0,0 @@ -load("//bazel:api_build_system.bzl", "api_proto_library") - -licenses(["notice"]) # Apache 2 - -api_proto_library( - name = "accesslog", - srcs = ["accesslog.proto"], - deps = [ - "//envoy/api/v2:address", - "//envoy/api/v2:base", - "//envoy/api/v2:grpc_service", - ], -) diff --git a/envoy/api/v2/filter/http/BUILD b/envoy/api/v2/filter/http/BUILD deleted file mode 100644 index 24bacf1b..00000000 --- a/envoy/api/v2/filter/http/BUILD +++ /dev/null @@ -1,85 +0,0 @@ -load("//bazel:api_build_system.bzl", "api_proto_library") - -licenses(["notice"]) # Apache 2 - -api_proto_library( - name = "router", - srcs = ["router.proto"], - deps = ["//envoy/api/v2/filter/accesslog"], -) - -api_proto_library( - name = "lua", - srcs = ["lua.proto"], -) - -api_proto_library( - name = "buffer", - srcs = ["buffer.proto"], -) - -api_proto_library( - name = "transcoder", - srcs = ["transcoder.proto"], -) - -api_proto_library( - name = "rate_limit", - srcs = ["rate_limit.proto"], -) - -api_proto_library( - name = "ip_tagging", - srcs = ["ip_tagging.proto"], - deps = ["//envoy/api/v2:address"], -) - -api_proto_library( - name = "health_check", - srcs = ["health_check.proto"], - deps = [ - "//envoy/api/v2:base", - ], -) - -api_proto_library( - name = "fault", - srcs = ["fault.proto"], - deps = [ - "//envoy/api/v2/filter:fault", - "//envoy/api/v2/route", - ], -) - -api_proto_library( - name = "gzip", - srcs = ["gzip.proto"], -) - -api_proto_library( - name = "squash", - srcs = ["squash.proto"], -) - -api_proto_library( - name = "ext_authz", - srcs = ["ext_authz.proto"], - deps = ["//envoy/api/v2:grpc_service"], -) - -proto_library( - name = "http", - visibility = ["//envoy:__pkg__"], - deps = [ - ":buffer", - ":ext_authz", - ":fault", - ":gzip", - ":health_check", - ":lua", - ":rate_limit", - ":router", - ":squash", - ":transcoder", - ], -) diff --git a/envoy/api/v2/filter/network/BUILD b/envoy/api/v2/filter/network/BUILD deleted file mode 100644 index 0ca78090..00000000 --- a/envoy/api/v2/filter/network/BUILD +++ /dev/null @@ -1,67 +0,0 @@ -load("//bazel:api_build_system.bzl", "api_proto_library") - -licenses(["notice"]) # Apache 2 - -api_proto_library( - name = "http_connection_manager", - srcs = ["http_connection_manager.proto"], - deps = [ - "//envoy/api/v2:base", - "//envoy/api/v2:config_source", - "//envoy/api/v2:protocol", - "//envoy/api/v2:rds", - "//envoy/api/v2/filter/accesslog", - ], -) - -api_proto_library( - name = "mongo_proxy", - srcs = ["mongo_proxy.proto"], - deps = ["//envoy/api/v2/filter:fault"], -) - -api_proto_library( - name = "tcp_proxy", - srcs = ["tcp_proxy.proto"], - deps = [ - "//envoy/api/v2:address", - "//envoy/api/v2/filter/accesslog", - ], -) - -api_proto_library( - name = "redis_proxy", - srcs = ["redis_proxy.proto"], -) - -api_proto_library( - name = "client_ssl_auth", - srcs = ["client_ssl_auth.proto"], - deps = ["//envoy/api/v2:address"], -) - -api_proto_library( - name = "rate_limit", - srcs = ["rate_limit.proto"], - deps = ["//envoy/api/v2/ratelimit"], -) - -api_proto_library( - name = "ext_authz", - srcs = ["ext_authz.proto"], - deps = ["//envoy/api/v2:grpc_service"], -) - -proto_library( - name = "network", - visibility = ["//envoy:__pkg__"], - deps = [ - ":client_ssl_auth", - ":ext_authz", - ":http_connection_manager", - ":mongo_proxy", - ":rate_limit", - ":redis_proxy", - ":tcp_proxy", - ], -) diff --git a/envoy/api/v2/lds.proto b/envoy/api/v2/lds.proto index fa9ef38e..05ef8b08 100644 --- a/envoy/api/v2/lds.proto +++ b/envoy/api/v2/lds.proto @@ -2,8 +2,8 @@ syntax = "proto3"; package envoy.api.v2; -import "envoy/api/v2/address.proto"; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/address.proto"; +import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/discovery.proto"; import "envoy/api/v2/listener/listener.proto"; @@ -11,6 +11,9 @@ import "google/api/annotations.proto"; import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; + +option (gogoproto.equal_all) = true; // [#protodoc-title: LDS] @@ -42,7 +45,7 @@ message Listener { // The address that the listener should listen on. In general, the address must be unique, though // that is governed by the bind rules of the OS. E.g., multiple listeners can listen on port 0 on // Linux as the actual port will be allocated by the OS. - Address address = 2 [(validate.rules).message.required = true]; + core.Address address = 2 [(validate.rules).message.required = true, (gogoproto.nullable) = false]; // A list of filter chains to consider for this listener. The // :ref:`FilterChain ` with the most specific @@ -58,7 +61,8 @@ message Listener { // filters differ, the configuration will fail to load. In the future, this limitation will be // relaxed such that different filters can be used depending on which filter chain matches // (based on SNI or some other parameter). - repeated listener.FilterChain filter_chains = 3 [(validate.rules).repeated .min_items = 1]; + repeated listener.FilterChain filter_chains = 3 + [(validate.rules).repeated .min_items = 1, (gogoproto.nullable) = false]; // If a connection is redirected using *iptables*, the port on which the proxy // receives it might be different from the original destination address. When this flag is set to @@ -82,7 +86,7 @@ message Listener { google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5; // Listener metadata. - Metadata metadata = 6; + core.Metadata metadata = 6; // [#not-implemented-hide:] message DeprecatedV1 { @@ -118,5 +122,5 @@ message Listener { // :ref:`filter_chains `. Order matters as the // filters are processed sequentially right after a socket has been accepted by the listener, and // before a connection is created. - repeated listener.ListenerFilter listener_filters = 9; + repeated listener.ListenerFilter listener_filters = 9 [(gogoproto.nullable) = false]; } diff --git a/envoy/api/v2/listener/BUILD b/envoy/api/v2/listener/BUILD index f6261132..063cb641 100644 --- a/envoy/api/v2/listener/BUILD +++ b/envoy/api/v2/listener/BUILD @@ -5,10 +5,11 @@ licenses(["notice"]) # Apache 2 api_proto_library( name = "listener", srcs = ["listener.proto"], + visibility = ["//envoy/api/v2:friends"], deps = [ - "//envoy/api/v2:address", - "//envoy/api/v2:base", "//envoy/api/v2/auth:cert", + "//envoy/api/v2/core:address", + "//envoy/api/v2/core:base", ], ) @@ -16,8 +17,8 @@ api_go_proto_library( name = "listener", proto = ":listener", deps = [ - "//envoy/api/v2:address_go_proto", - "//envoy/api/v2:base_go_proto", "//envoy/api/v2/auth:cert_go_proto", + "//envoy/api/v2/core:address_go_proto", + "//envoy/api/v2/core:base_go_proto", ], ) diff --git a/envoy/api/v2/listener/listener.proto b/envoy/api/v2/listener/listener.proto index bc5a0620..83da2eb9 100644 --- a/envoy/api/v2/listener/listener.proto +++ b/envoy/api/v2/listener/listener.proto @@ -3,14 +3,17 @@ syntax = "proto3"; package envoy.api.v2.listener; option go_package = "listener"; -import "envoy/api/v2/address.proto"; +import "envoy/api/v2/core/address.proto"; import "envoy/api/v2/auth/cert.proto"; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/base.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; + +option (gogoproto.equal_all) = true; // [#protodoc-title: Listeners] // Listener :ref:`configuration overview ` @@ -57,7 +60,7 @@ message FilterChainMatch { // If non-empty, an IP address and prefix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. // [#not-implemented-hide:] - repeated CidrRange prefix_ranges = 3; + repeated core.CidrRange prefix_ranges = 3; // If non-empty, an IP address and suffix length to match addresses when the // listener is bound to 0.0.0.0/:: or when use_original_dst is specified. @@ -72,7 +75,7 @@ message FilterChainMatch { // parameter is not specified or the list is empty, the source IP address is // ignored. // [#not-implemented-hide:] - repeated CidrRange source_prefix_ranges = 6; + repeated core.CidrRange source_prefix_ranges = 6; // The criteria is satisfied if the source port of the downstream connection // is contained in at least one of the specified ports. If the parameter is @@ -99,7 +102,7 @@ message FilterChain { // connections established with the listener. Order matters as the filters are // processed sequentially as connection events happen. Note: If the filter // list is empty, the connection will close by default. - repeated Filter filters = 3; + repeated Filter filters = 3 [(gogoproto.nullable) = false]; // Whether the listener should expect a PROXY protocol V1 header on new // connections. If this option is enabled, the listener will assume that that @@ -110,10 +113,10 @@ message FilterChain { google.protobuf.BoolValue use_proxy_proto = 4; // [#not-implemented-hide:] filter chain metadata. - Metadata metadata = 5; + core.Metadata metadata = 5; - // [#not-implemented-hide:] See base.TransportSocket description. - TransportSocket transport_socket = 6; + // See :ref:`base.TransportSocket` description. + core.TransportSocket transport_socket = 6; } message ListenerFilter { diff --git a/envoy/api/v2/ratelimit/BUILD b/envoy/api/v2/ratelimit/BUILD index 76db38ad..e51c0e23 100644 --- a/envoy/api/v2/ratelimit/BUILD +++ b/envoy/api/v2/ratelimit/BUILD @@ -5,6 +5,7 @@ licenses(["notice"]) # Apache 2 api_proto_library( name = "ratelimit", srcs = ["ratelimit.proto"], + visibility = ["//envoy/api/v2:friends"], ) api_go_proto_library( diff --git a/envoy/api/v2/rds.proto b/envoy/api/v2/rds.proto index 819717c5..010b4d72 100644 --- a/envoy/api/v2/rds.proto +++ b/envoy/api/v2/rds.proto @@ -2,13 +2,17 @@ syntax = "proto3"; package envoy.api.v2; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/discovery.proto"; import "envoy/api/v2/route/route.proto"; import "google/api/annotations.proto"; import "google/protobuf/wrappers.proto"; +import "gogoproto/gogo.proto"; + +option (gogoproto.equal_all) = true; + // [#protodoc-title: RDS] // The resource_names field in DiscoveryRequest specifies a route configuration. @@ -30,12 +34,13 @@ service RouteDiscoveryService { message RouteConfiguration { // The name of the route configuration. For example, it might match - // :ref:`route_config_name ` in - // :ref:`envoy_api_msg_filter.network.Rds`. + // :ref:`route_config_name + // ` in + // :ref:`envoy_api_msg_config.filter.network.http_connection_manager.v2.Rds`. string name = 1; // An array of virtual hosts that make up the route table. - repeated route.VirtualHost virtual_hosts = 2; + repeated route.VirtualHost virtual_hosts = 2 [(gogoproto.nullable) = false]; // Optionally specifies a list of HTTP headers that the connection manager // will consider to be internal only. If they are found on external requests they will be cleaned @@ -49,7 +54,7 @@ message RouteConfiguration { // :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. - repeated HeaderValueOption response_headers_to_add = 4; + repeated core.HeaderValueOption response_headers_to_add = 4; // Specifies a list of HTTP headers that should be removed from each response // that the connection manager encodes. @@ -61,7 +66,7 @@ message RouteConfiguration { // :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. - repeated HeaderValueOption request_headers_to_add = 6; + repeated core.HeaderValueOption request_headers_to_add = 6; // An optional boolean that specifies whether the clusters that the route // table refers to will be validated by the cluster manager. If set to true @@ -70,10 +75,11 @@ message RouteConfiguration { // route table will load and the router filter will return a 404 if the route // is selected at runtime. This setting defaults to true if the route table // is statically defined via the :ref:`route_config - // ` option. This setting - // default to false if the route table is loaded dynamically via the :ref:`rds - // ` option. Users - // may which to override the default behavior in certain cases (for example - // when using CDS with a static route table). + // ` + // option. This setting default to false if the route table is loaded dynamically via the + // :ref:`rds + // ` + // option. Users may which to override the default behavior in certain cases (for example when + // using CDS with a static route table). google.protobuf.BoolValue validate_clusters = 7; } diff --git a/envoy/api/v2/route/BUILD b/envoy/api/v2/route/BUILD index 53fc2e1f..88a04762 100644 --- a/envoy/api/v2/route/BUILD +++ b/envoy/api/v2/route/BUILD @@ -5,9 +5,10 @@ licenses(["notice"]) # Apache 2 api_proto_library( name = "route", srcs = ["route.proto"], + visibility = ["//envoy/api/v2:friends"], deps = [ - "//envoy/api/v2:base", "//envoy/api/v2/auth", + "//envoy/api/v2/core:base", ], ) @@ -15,7 +16,7 @@ api_go_proto_library( name = "route", proto = ":route", deps = [ - "//envoy/api/v2:base_go_proto", "//envoy/api/v2/auth:auth_go_proto", + "//envoy/api/v2/core:base_go_proto", ], ) diff --git a/envoy/api/v2/route/route.proto b/envoy/api/v2/route/route.proto index 59b7239e..026411bc 100644 --- a/envoy/api/v2/route/route.proto +++ b/envoy/api/v2/route/route.proto @@ -3,7 +3,7 @@ syntax = "proto3"; package envoy.api.v2.route; option go_package = "route"; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/auth/auth.proto"; import "google/protobuf/duration.proto"; @@ -12,6 +12,8 @@ import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; import "gogoproto/gogo.proto"; +option (gogoproto.equal_all) = true; + // [#protodoc-title: HTTP route management] // * Routing :ref:`architecture overview ` @@ -43,7 +45,7 @@ message VirtualHost { // The list of routes that will be matched, in order, for incoming requests. // The first route that matches will be used. - repeated Route routes = 3; + repeated Route routes = 3 [(gogoproto.nullable) = false]; enum TlsRequirementType { // No TLS requirement for the virtual host. @@ -76,7 +78,7 @@ message VirtualHost { // enclosing :ref:`envoy_api_msg_RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. - repeated HeaderValueOption request_headers_to_add = 7; + repeated core.HeaderValueOption request_headers_to_add = 7; // Specifies a list of HTTP headers that should be added to each response // handled by this virtual host. Headers specified at this level are applied @@ -84,7 +86,7 @@ message VirtualHost { // enclosing :ref:`envoy_api_msg_RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. - repeated HeaderValueOption response_headers_to_add = 10; + repeated core.HeaderValueOption response_headers_to_add = 10; // Specifies a list of HTTP headers that should be removed from each response // handle by this virtual host. @@ -107,7 +109,7 @@ message VirtualHost { // `. message Route { // Route matching parameters. - RouteMatch match = 1 [(validate.rules).message.required = true]; + RouteMatch match = 1 [(validate.rules).message.required = true, (gogoproto.nullable) = false]; oneof action { option (validate.required) = true; @@ -127,7 +129,7 @@ message Route { // The metadata should go under the filter namespace that will need it. // For instance, if the metadata is intended for the Router filter, // the filter name should be specified as *envoy.router*. - Metadata metadata = 4; + core.Metadata metadata = 4; // Decorator for the matched route. Decorator decorator = 5; @@ -158,7 +160,7 @@ message WeightedCluster { // Optional endpoint metadata match criteria. Only endpoints in the upstream // cluster with metadata matching that set in metadata_match will be // considered. The filter name should be specified as *envoy.lb*. - Metadata metadata_match = 3; + core.Metadata metadata_match = 3; // [#not-implemented-hide:] // Specifies a list of headers to be added to requests when this cluster is selected @@ -169,7 +171,7 @@ message WeightedCluster { // :ref:`envoy_api_msg_route.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. - repeated HeaderValueOption request_headers_to_add = 4; + repeated core.HeaderValueOption request_headers_to_add = 4; // [#not-implemented-hide:] // Specifies a list of headers to be added to responses when this cluster is selected @@ -180,7 +182,7 @@ message WeightedCluster { // :ref:`envoy_api_msg_route.RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. - repeated HeaderValueOption response_headers_to_add = 5; + repeated core.HeaderValueOption response_headers_to_add = 5; // [#not-implemented-hide:] // Specifies a list of headers to be removed from responses when this cluster is selected @@ -246,7 +248,7 @@ message RouteMatch { // gradual manner without full code/config deploys. Refer to the // :ref:`traffic shifting ` docs // for additional documentation. - RuntimeUInt32 runtime = 5; + core.RuntimeUInt32 runtime = 5; // Specifies a set of headers that the route should match on. The router will // check the request’s headers against all the specified headers in the route @@ -329,7 +331,7 @@ message RouteAction { // Optional endpoint metadata match criteria. Only endpoints in the upstream // cluster with metadata matching that set in metadata_match will be // considered. The filter name should be specified as *envoy.lb*. - Metadata metadata_match = 4; + core.Metadata metadata_match = 4; // Indicates that during forwarding, the matched prefix (or path) should be // swapped with this value. This option allows application URLs to be rooted @@ -415,7 +417,7 @@ message RouteAction { // Optionally specifies the :ref:`routing priority `. // [#comment:TODO(htuch): add (validate.rules).enum.defined_only = true once // https://github.com/lyft/protoc-gen-validate/issues/42 is resolved.] - RoutingPriority priority = 11; + core.RoutingPriority priority = 11; // Specifies a set of headers that will be added to requests matching this // route. Headers specified at this level are applied before headers from the @@ -423,7 +425,7 @@ message RouteAction { // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. - repeated HeaderValueOption request_headers_to_add = 12; + repeated core.HeaderValueOption request_headers_to_add = 12; // Specifies a set of headers that will be added to responses to requests // matching this route. Headers specified at this level are applied before @@ -431,7 +433,7 @@ message RouteAction { // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on // :ref:`custom request headers `. - repeated HeaderValueOption response_headers_to_add = 18; + repeated core.HeaderValueOption response_headers_to_add = 18; // Specifies a list of HTTP headers that should be removed from each response // to requests matching this route. @@ -577,7 +579,7 @@ message DirectResponseAction { // // Headers can be specified using *response_headers_to_add* in // :ref:`envoy_api_msg_RouteConfiguration`. - DataSource body = 2; + core.DataSource body = 2; } message Decorator { @@ -630,7 +632,7 @@ message VirtualCluster { // etc. // [#comment:TODO(htuch): add (validate.rules).enum.defined_only = true once // https://github.com/lyft/protoc-gen-validate/issues/42 is resolved.] - RequestMethod method = 3; + core.RequestMethod method = 3; } // Global rate limiting :ref:`architecture overview `. diff --git a/envoy/config/README.md b/envoy/config/README.md index 6f515109..279bd7c2 100644 --- a/envoy/config/README.md +++ b/envoy/config/README.md @@ -1 +1,3 @@ -Protocol buffer definitions for Envoy's bootstrap and service configuration. +Protocol buffer definitions for Envoy's bootstrap, filter, and service configuration. + +Visibility should be constrained to none or `//envoy/config/bootstrap/v2` by default. diff --git a/envoy/config/accesslog/v2/BUILD b/envoy/config/accesslog/v2/BUILD index d726149e..355fe3e9 100644 --- a/envoy/config/accesslog/v2/BUILD +++ b/envoy/config/accesslog/v2/BUILD @@ -6,6 +6,6 @@ api_proto_library( name = "als", srcs = ["als.proto"], deps = [ - "//envoy/api/v2:grpc_service", + "//envoy/api/v2/core:grpc_service", ], ) diff --git a/envoy/config/accesslog/v2/als.proto b/envoy/config/accesslog/v2/als.proto index 1bd2425f..305e7860 100644 --- a/envoy/config/accesslog/v2/als.proto +++ b/envoy/config/accesslog/v2/als.proto @@ -1,9 +1,9 @@ syntax = "proto3"; package envoy.config.accesslog.v2; -option go_package = "accesslog"; +option go_package = "v2"; -import "envoy/api/v2/grpc_service.proto"; +import "envoy/api/v2/core/grpc_service.proto"; import "validate/validate.proto"; @@ -38,5 +38,5 @@ message CommonGrpcAccessLogConfig { string log_name = 1 [(validate.rules).string.min_bytes = 1]; // The gRPC service for the access log service. - envoy.api.v2.GrpcService grpc_service = 2 [(validate.rules).message.required = true]; + envoy.api.v2.core.GrpcService grpc_service = 2 [(validate.rules).message.required = true]; } diff --git a/envoy/config/bootstrap/v2/BUILD b/envoy/config/bootstrap/v2/BUILD index dd66035f..80736d98 100644 --- a/envoy/config/bootstrap/v2/BUILD +++ b/envoy/config/bootstrap/v2/BUILD @@ -6,12 +6,12 @@ api_proto_library( name = "bootstrap", srcs = ["bootstrap.proto"], deps = [ - "//envoy/api/v2:address", - "//envoy/api/v2:base", "//envoy/api/v2:cds", - "//envoy/api/v2:config_source", "//envoy/api/v2:lds", "//envoy/api/v2/auth:cert", + "//envoy/api/v2/core:address", + "//envoy/api/v2/core:base", + "//envoy/api/v2/core:config_source", "//envoy/config/metrics/v2:metrics_service", "//envoy/config/metrics/v2:stats", "//envoy/config/ratelimit/v2:rls", @@ -23,12 +23,12 @@ api_go_proto_library( name = "bootstrap", proto = ":bootstrap", deps = [ - "//envoy/api/v2:address_go_proto", - "//envoy/api/v2:base_go_proto", "//envoy/api/v2:cds_go_grpc", - "//envoy/api/v2:config_source_go_proto", "//envoy/api/v2:lds_go_grpc", "//envoy/api/v2/auth:cert_go_proto", + "//envoy/api/v2/core:address_go_proto", + "//envoy/api/v2/core:base_go_proto", + "//envoy/api/v2/core:config_source_go_proto", "//envoy/config/metrics/v2:metrics_service_go_proto", "//envoy/config/metrics/v2:stats_go_proto", "//envoy/config/ratelimit/v2:rls_go_grpc", diff --git a/envoy/config/bootstrap/v2/bootstrap.proto b/envoy/config/bootstrap/v2/bootstrap.proto index 9f19a44b..bad71c6f 100644 --- a/envoy/config/bootstrap/v2/bootstrap.proto +++ b/envoy/config/bootstrap/v2/bootstrap.proto @@ -6,12 +6,12 @@ syntax = "proto3"; package envoy.config.bootstrap.v2; -option go_package = "bootstrap"; +option go_package = "v2"; -import "envoy/api/v2/address.proto"; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/address.proto"; +import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/auth/cert.proto"; -import "envoy/api/v2/config_source.proto"; +import "envoy/api/v2/core/config_source.proto"; import "envoy/api/v2/cds.proto"; import "envoy/api/v2/lds.proto"; import "envoy/config/trace/v2/trace.proto"; @@ -27,12 +27,12 @@ import "gogoproto/gogo.proto"; message Bootstrap { // Node identity to present to the management server and for instance // identification purposes (e.g. in generated headers). - envoy.api.v2.Node node = 1; + envoy.api.v2.core.Node node = 1; message StaticResources { // Static :ref:`Listeners `. These listeners are // available regardless of LDS configuration. - repeated envoy.api.v2.Listener listeners = 1; + repeated envoy.api.v2.Listener listeners = 1 [(gogoproto.nullable) = false]; // If a network based configuration source is specified for :ref:`cds_config // `, it's necessary @@ -40,10 +40,10 @@ message Bootstrap { // how to speak to the management server. These cluster definitions may not // use :ref:`EDS ` (i.e. they should be static // IP or DNS-based). - repeated envoy.api.v2.Cluster clusters = 2; + repeated envoy.api.v2.Cluster clusters = 2 [(gogoproto.nullable) = false]; // [#not-implemented-hide:] - repeated envoy.api.v2.auth.Secret secrets = 3; + repeated envoy.api.v2.auth.Secret secrets = 3 [(gogoproto.nullable) = false]; } // Statically specified resources. StaticResources static_resources = 2; @@ -51,28 +51,28 @@ message Bootstrap { message DynamicResources { // All :ref:`Listeners ` are provided by a single // :ref:`LDS ` configuration source. - envoy.api.v2.ConfigSource lds_config = 1; + envoy.api.v2.core.ConfigSource lds_config = 1; // All post-bootstrap :ref:`Cluster ` definitions are // provided by a single :ref:`CDS ` // configuration source. - envoy.api.v2.ConfigSource cds_config = 2; + envoy.api.v2.core.ConfigSource cds_config = 2; // A single :ref:`ADS ` source may be optionally // specified. This must have :ref:`api_type - // ` :ref:`GRPC - // `. Only - // :ref:`ConfigSources ` that have - // the :ref:`ads ` field set will be + // ` :ref:`GRPC + // `. Only + // :ref:`ConfigSources ` that have + // the :ref:`ads ` field set will be // streamed on the ADS channel. - envoy.api.v2.ApiConfigSource ads_config = 3; + envoy.api.v2.core.ApiConfigSource ads_config = 3; message DeprecatedV1 { // This is the global :ref:`SDS ` config // when using v1 REST for :ref:`CDS // `/:ref:`EDS // `. - envoy.api.v2.ConfigSource sds_config = 1; + envoy.api.v2.core.ConfigSource sds_config = 1; } // [#not-implemented-hide:] @@ -132,7 +132,7 @@ message Admin { string profile_path = 2; // The TCP address that the administration server will listen on. - envoy.api.v2.Address address = 3 + envoy.api.v2.core.Address address = 3 [(validate.rules).message.required = true, (gogoproto.nullable) = false]; } @@ -158,12 +158,13 @@ message ClusterManager { // Optional configuration used to bind newly established upstream connections. // This may be overridden on a per-cluster basis by upstream_bind_config in the cds_config. - envoy.api.v2.BindConfig upstream_bind_config = 3; + envoy.api.v2.core.BindConfig upstream_bind_config = 3; // A management server endpoint to stream load stats to via - // *StreamLoadStats*. This must have :ref:`api_type ` - // :ref:`GRPC `. - envoy.api.v2.ApiConfigSource load_stats_config = 4; + // *StreamLoadStats*. This must have :ref:`api_type + // ` :ref:`GRPC + // `. + envoy.api.v2.core.ApiConfigSource load_stats_config = 4; } // Envoy process watchdog configuration. When configured, this monitors for diff --git a/envoy/api/v2/filter/README.md b/envoy/config/filter/README.md similarity index 73% rename from envoy/api/v2/filter/README.md rename to envoy/config/filter/README.md index 992864c4..11f26a08 100644 --- a/envoy/api/v2/filter/README.md +++ b/envoy/config/filter/README.md @@ -1,5 +1,8 @@ Protocol buffer definitions for filters. +Visibility of the definitions should be constrained to none except for +shared definitions between explicitly enumerated filters (e.g. accesslog and fault definitions). + ## NOTE If a filter configuration is not captured in the proto specification, you diff --git a/envoy/config/filter/accesslog/v2/BUILD b/envoy/config/filter/accesslog/v2/BUILD new file mode 100644 index 00000000..66298a63 --- /dev/null +++ b/envoy/config/filter/accesslog/v2/BUILD @@ -0,0 +1,19 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "accesslog", + srcs = ["accesslog.proto"], + visibility = [ + "//envoy/config/filter/http/router/v2:__pkg__", + "//envoy/config/filter/network/http_connection_manager/v2:__pkg__", + "//envoy/config/filter/network/tcp_proxy/v2:__pkg__", + "//envoy/service/accesslog/v2:__pkg__", + ], + deps = [ + "//envoy/api/v2/core:address", + "//envoy/api/v2/core:base", + "//envoy/api/v2/core:grpc_service", + ], +) diff --git a/envoy/api/v2/filter/accesslog/accesslog.proto b/envoy/config/filter/accesslog/v2/accesslog.proto similarity index 91% rename from envoy/api/v2/filter/accesslog/accesslog.proto rename to envoy/config/filter/accesslog/v2/accesslog.proto index 9fa8336e..6fe74d9f 100644 --- a/envoy/api/v2/filter/accesslog/accesslog.proto +++ b/envoy/config/filter/accesslog/v2/accesslog.proto @@ -1,10 +1,10 @@ syntax = "proto3"; -package envoy.api.v2.filter.accesslog; -option go_package = "accesslog"; +package envoy.config.filter.accesslog.v2; +option go_package = "v2"; -import "envoy/api/v2/address.proto"; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/address.proto"; +import "envoy/api/v2/core/base.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; @@ -12,6 +12,7 @@ import "google/protobuf/timestamp.proto"; import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; // [#protodoc-title: Common access log types] // Envoy access logs describe incoming interaction with Envoy over a fixed @@ -35,47 +36,47 @@ message AccessLogCommon { // This field is the remote/origin address on which the request from the user was received. // Note: This may not be the physical peer. E.g, if the remote address is inferred from for // example the x-forwarder-for header, proxy protocol, etc. - Address downstream_remote_address = 2; + envoy.api.v2.core.Address downstream_remote_address = 2; // This field is the local/destination address on which the request from the user was received. - Address downstream_local_address = 3; + envoy.api.v2.core.Address downstream_local_address = 3; // If the connection is secure, this field will contain TLS properties. TLSProperties tls_properties = 4; // The time that Envoy started servicing this request. This is effectively the time that the first // downstream byte is received. - google.protobuf.Timestamp start_time = 5; + google.protobuf.Timestamp start_time = 5 [(gogoproto.stdtime) = true]; // Interval between the first downstream byte received and the last // downstream byte received (i.e. time it takes to receive a request). - google.protobuf.Duration time_to_last_rx_byte = 6; + google.protobuf.Duration time_to_last_rx_byte = 6 [(gogoproto.stdduration) = true]; // Interval between the first downstream byte received and the first upstream byte sent. There may // by considerable delta between *time_to_last_rx_byte* and this value due to filters. // Additionally, the same caveats apply as documented in *time_to_last_downstream_tx_byte* about // not accounting for kernel socket buffer time, etc. - google.protobuf.Duration time_to_first_upstream_tx_byte = 7; + google.protobuf.Duration time_to_first_upstream_tx_byte = 7 [(gogoproto.stdduration) = true]; // Interval between the first downstream byte received and the last upstream byte sent. There may // by considerable delta between *time_to_last_rx_byte* and this value due to filters. // Additionally, the same caveats apply as documented in *time_to_last_downstream_tx_byte* about // not accounting for kernel socket buffer time, etc. - google.protobuf.Duration time_to_last_upstream_tx_byte = 8; + google.protobuf.Duration time_to_last_upstream_tx_byte = 8 [(gogoproto.stdduration) = true]; // Interval between the first downstream byte received and the first upstream // byte received (i.e. time it takes to start receiving a response). - google.protobuf.Duration time_to_first_upstream_rx_byte = 9; + google.protobuf.Duration time_to_first_upstream_rx_byte = 9 [(gogoproto.stdduration) = true]; // Interval between the first downstream byte received and the last upstream // byte received (i.e. time it takes to receive a complete response). - google.protobuf.Duration time_to_last_upstream_rx_byte = 10; + google.protobuf.Duration time_to_last_upstream_rx_byte = 10 [(gogoproto.stdduration) = true]; // Interval between the first downstream byte received and the first downstream byte sent. // There may be a considerable delta between the *time_to_first_upstream_rx_byte* and this field // due to filters. Additionally, the same caveats apply as documented in // *time_to_last_downstream_tx_byte* about not accounting for kernel socket buffer time, etc. - google.protobuf.Duration time_to_first_downstream_tx_byte = 11; + google.protobuf.Duration time_to_first_downstream_tx_byte = 11 [(gogoproto.stdduration) = true]; // Interval between the first downstream byte received and the last downstream byte sent. // Depending on protocol, buffering, windowing, filters, etc. there may be a considerable delta @@ -83,14 +84,14 @@ message AccessLogCommon { // time. In the current implementation it does not include kernel socket buffer time. In the // current implementation it also does not include send window buffering inside the HTTP/2 codec. // In the future it is likely that work will be done to make this duration more accurate. - google.protobuf.Duration time_to_last_downstream_tx_byte = 12; + google.protobuf.Duration time_to_last_downstream_tx_byte = 12 [(gogoproto.stdduration) = true]; // The upstream remote/destination address that handles this exchange. This does not include // retries. - Address upstream_remote_address = 13; + envoy.api.v2.core.Address upstream_remote_address = 13; // The upstream local/origin address that handles this exchange. This does not include retries. - Address upstream_local_address = 14; + envoy.api.v2.core.Address upstream_local_address = 14; // The upstream cluster that *upstream_remote_address* belongs to. string upstream_cluster = 15; @@ -106,7 +107,7 @@ message AccessLogCommon { // route created from a higher level forwarding rule with some ID can place // that ID in this field and cross reference later. It can also be used to // determine if a canary endpoint was used or not. - Metadata metadata = 17; + envoy.api.v2.core.Metadata metadata = 17; } // [#proto-status: draft] @@ -188,7 +189,7 @@ message HTTPRequestProperties { // The request method (RFC 7231/2616). // [#comment:TODO(htuch): add (validate.rules).enum.defined_only = true once // https://github.com/lyft/protoc-gen-validate/issues/42 is resolved.] - RequestMethod request_method = 1; + envoy.api.v2.core.RequestMethod request_method = 1; // The scheme portion of the incoming request URI. string scheme = 2; @@ -293,7 +294,8 @@ message AccessLog { // Custom configuration that depends on the access log being instantiated. built-in configurations // include: - // 1) "envoy.file_access_log": :ref:`FileAccessLog ` + // 1) "envoy.file_access_log": :ref:`FileAccessLog + // ` google.protobuf.Struct config = 3; } @@ -338,7 +340,7 @@ message ComparisonFilter { Op op = 1 [(validate.rules).enum.defined_only = true]; // Value to compare against. - RuntimeUInt32 value = 2; + envoy.api.v2.core.RuntimeUInt32 value = 2; } // Filters on HTTP response/status code. diff --git a/envoy/config/filter/fault/v2/BUILD b/envoy/config/filter/fault/v2/BUILD new file mode 100644 index 00000000..0b4310f4 --- /dev/null +++ b/envoy/config/filter/fault/v2/BUILD @@ -0,0 +1,12 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "fault", + srcs = ["fault.proto"], + visibility = [ + "//envoy/config/filter/http/fault/v2:__pkg__", + "//envoy/config/filter/network/mongo_proxy/v2:__pkg__", + ], +) diff --git a/envoy/api/v2/filter/fault.proto b/envoy/config/filter/fault/v2/fault.proto similarity index 95% rename from envoy/api/v2/filter/fault.proto rename to envoy/config/filter/fault/v2/fault.proto index fe28e681..b3c9543c 100644 --- a/envoy/api/v2/filter/fault.proto +++ b/envoy/config/filter/fault/v2/fault.proto @@ -1,7 +1,7 @@ syntax = "proto3"; -package envoy.api.v2.filter; -option go_package = "filter"; +package envoy.config.filter.fault.v2; +option go_package = "v2"; import "google/protobuf/duration.proto"; diff --git a/envoy/config/filter/http/buffer/v2/BUILD b/envoy/config/filter/http/buffer/v2/BUILD new file mode 100644 index 00000000..d2be36c5 --- /dev/null +++ b/envoy/config/filter/http/buffer/v2/BUILD @@ -0,0 +1,8 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "buffer", + srcs = ["buffer.proto"], +) diff --git a/envoy/api/v2/filter/http/buffer.proto b/envoy/config/filter/http/buffer/v2/buffer.proto similarity index 77% rename from envoy/api/v2/filter/http/buffer.proto rename to envoy/config/filter/http/buffer/v2/buffer.proto index b1497de3..38a1b420 100644 --- a/envoy/api/v2/filter/http/buffer.proto +++ b/envoy/config/filter/http/buffer/v2/buffer.proto @@ -1,11 +1,13 @@ syntax = "proto3"; -package envoy.api.v2.filter.http; +package envoy.config.filter.http.buffer.v2; +option go_package = "v2"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; // [#protodoc-title: Buffer] // Buffer :ref:`configuration overview `. @@ -18,5 +20,5 @@ message Buffer { // The maximum number of seconds that the filter will wait for a complete // request before returning a 408 response. google.protobuf.Duration max_request_time = 2 - [(validate.rules).duration = {required: true, gt: {}}]; + [(validate.rules).duration = {required: true, gt: {}}, (gogoproto.stdduration) = true]; } diff --git a/envoy/config/filter/http/ext_authz/v2/BUILD b/envoy/config/filter/http/ext_authz/v2/BUILD new file mode 100644 index 00000000..22dc8915 --- /dev/null +++ b/envoy/config/filter/http/ext_authz/v2/BUILD @@ -0,0 +1,9 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "ext_authz", + srcs = ["ext_authz.proto"], + deps = ["//envoy/api/v2/core:grpc_service"], +) diff --git a/envoy/api/v2/filter/http/ext_authz.proto b/envoy/config/filter/http/ext_authz/v2/ext_authz.proto similarity index 82% rename from envoy/api/v2/filter/http/ext_authz.proto rename to envoy/config/filter/http/ext_authz/v2/ext_authz.proto index e741a25b..caa2fd9b 100644 --- a/envoy/api/v2/filter/http/ext_authz.proto +++ b/envoy/config/filter/http/ext_authz/v2/ext_authz.proto @@ -1,8 +1,9 @@ syntax = "proto3"; -package envoy.api.v2.filter.http; +package envoy.config.filter.http.ext_authz.v2; +option go_package = "v2"; -import "envoy/api/v2/grpc_service.proto"; +import "envoy/api/v2/core/grpc_service.proto"; import "validate/validate.proto"; @@ -13,7 +14,7 @@ import "validate/validate.proto"; message ExtAuthz { // The external authorization gRPC service configuration. - GrpcService grpc_service = 1; + envoy.api.v2.core.GrpcService grpc_service = 1; // The filter's behaviour in case the external authorization service does // not respond back. If set to true then in case of failure to get a diff --git a/envoy/config/filter/http/fault/v2/BUILD b/envoy/config/filter/http/fault/v2/BUILD new file mode 100644 index 00000000..0c517c3e --- /dev/null +++ b/envoy/config/filter/http/fault/v2/BUILD @@ -0,0 +1,12 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "fault", + srcs = ["fault.proto"], + deps = [ + "//envoy/api/v2/route", + "//envoy/config/filter/fault/v2:fault", + ], +) diff --git a/envoy/api/v2/filter/http/fault.proto b/envoy/config/filter/http/fault/v2/fault.proto similarity index 86% rename from envoy/api/v2/filter/http/fault.proto rename to envoy/config/filter/http/fault/v2/fault.proto index ca08be14..894d2b78 100644 --- a/envoy/api/v2/filter/http/fault.proto +++ b/envoy/config/filter/http/fault/v2/fault.proto @@ -1,8 +1,9 @@ syntax = "proto3"; -package envoy.api.v2.filter.http; +package envoy.config.filter.http.fault.v2; +option go_package = "v2"; -import "envoy/api/v2/filter/fault.proto"; +import "envoy/config/filter/fault/v2/fault.proto"; import "envoy/api/v2/route/route.proto"; import "validate/validate.proto"; @@ -26,7 +27,7 @@ message FaultAbort { message HTTPFault { // If specified, the filter will inject delays based on the values in the // object. At least *abort* or *delay* must be specified. - FaultDelay delay = 1; + envoy.config.filter.fault.v2.FaultDelay delay = 1; // If specified, the filter will abort requests based on the values in // the object. At least *abort* or *delay* must be specified. @@ -41,12 +42,12 @@ message HTTPFault { // injection filter can be applied selectively to requests that match a set of // headers specified in the fault filter config. The chances of actual fault // injection further depend on the value of the :ref:`percent - // ` field. The filter will + // ` field. The filter will // check the request's headers against all the specified headers in the filter // config. A match will happen if all the headers in the config are present in // the request with the same values (or based on presence if the *value* field // is not in the config). - repeated route.HeaderMatcher headers = 4; + repeated envoy.api.v2.route.HeaderMatcher headers = 4; // Faults are injected for the specified list of downstream hosts. If this // setting is not set, faults are injected for all downstream nodes. diff --git a/envoy/api/v2/filter/BUILD b/envoy/config/filter/http/gzip/v2/BUILD similarity index 70% rename from envoy/api/v2/filter/BUILD rename to envoy/config/filter/http/gzip/v2/BUILD index de3473b4..e1b592f4 100644 --- a/envoy/api/v2/filter/BUILD +++ b/envoy/config/filter/http/gzip/v2/BUILD @@ -3,6 +3,6 @@ load("//bazel:api_build_system.bzl", "api_proto_library") licenses(["notice"]) # Apache 2 api_proto_library( - name = "fault", - srcs = ["fault.proto"], + name = "gzip", + srcs = ["gzip.proto"], ) diff --git a/envoy/api/v2/filter/http/gzip.proto b/envoy/config/filter/http/gzip/v2/gzip.proto similarity index 97% rename from envoy/api/v2/filter/http/gzip.proto rename to envoy/config/filter/http/gzip/v2/gzip.proto index 8d5a387e..033a0926 100644 --- a/envoy/api/v2/filter/http/gzip.proto +++ b/envoy/config/filter/http/gzip/v2/gzip.proto @@ -1,10 +1,12 @@ syntax = "proto3"; -package envoy.api.v2.filter.http; +package envoy.config.filter.http.gzip.v2; +option go_package = "v2"; import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; // [#protodoc-title: Gzip] // Gzip :ref:`configuration overview `. diff --git a/envoy/config/filter/http/health_check/v2/BUILD b/envoy/config/filter/http/health_check/v2/BUILD new file mode 100644 index 00000000..5ca79e7b --- /dev/null +++ b/envoy/config/filter/http/health_check/v2/BUILD @@ -0,0 +1,11 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "health_check", + srcs = ["health_check.proto"], + deps = [ + "//envoy/api/v2/core:base", + ], +) diff --git a/envoy/api/v2/filter/http/health_check.proto b/envoy/config/filter/http/health_check/v2/health_check.proto similarity index 76% rename from envoy/api/v2/filter/http/health_check.proto rename to envoy/config/filter/http/health_check/v2/health_check.proto index 814facb8..1908876c 100644 --- a/envoy/api/v2/filter/http/health_check.proto +++ b/envoy/config/filter/http/health_check/v2/health_check.proto @@ -1,12 +1,15 @@ syntax = "proto3"; -package envoy.api.v2.filter.http; +package envoy.config.filter.http.health_check.v2; +option go_package = "v2"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/base.proto"; + import "validate/validate.proto"; +import "gogoproto/gogo.proto"; // [#protodoc-title: Health check] // Health check :ref:`configuration overview `. @@ -21,10 +24,10 @@ message HealthCheck { // If operating in pass through mode, the amount of time in milliseconds // that the filter should cache the upstream response. - google.protobuf.Duration cache_time = 3; + google.protobuf.Duration cache_time = 3 [(gogoproto.stdduration) = true]; // If operating in non-pass-through mode, specifies a set of upstream cluster // names and the minimum percentage of servers in each of those clusters that // must be healthy in order for the filter to return a 200. - map cluster_min_healthy_percentages = 4; + map cluster_min_healthy_percentages = 4; } diff --git a/envoy/config/filter/http/ip_tagging/v2/BUILD b/envoy/config/filter/http/ip_tagging/v2/BUILD new file mode 100644 index 00000000..147693b8 --- /dev/null +++ b/envoy/config/filter/http/ip_tagging/v2/BUILD @@ -0,0 +1,9 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "ip_tagging", + srcs = ["ip_tagging.proto"], + deps = ["//envoy/api/v2/core:address"], +) diff --git a/envoy/api/v2/filter/http/ip_tagging.proto b/envoy/config/filter/http/ip_tagging/v2/ip_tagging.proto similarity index 85% rename from envoy/api/v2/filter/http/ip_tagging.proto rename to envoy/config/filter/http/ip_tagging/v2/ip_tagging.proto index d7a1f5d0..c6742b14 100644 --- a/envoy/api/v2/filter/http/ip_tagging.proto +++ b/envoy/config/filter/http/ip_tagging/v2/ip_tagging.proto @@ -2,9 +2,10 @@ syntax = "proto3"; // [#proto-status: experimental] -package envoy.api.v2.filter.http; +package envoy.config.filter.http.ip_tagging.v2; +option go_package = "v2"; -import "envoy/api/v2/address.proto"; +import "envoy/api/v2/core/address.proto"; // This is an HTTP filter which enables Envoy to tag requests with extra // information such as location, cloud source, and any extra data. This is @@ -31,6 +32,6 @@ message IPTagging { // A list of IP address and subnet masks that will be tagged with the // ip_tag_name. Both IPv4 and IPv6 CIDR addresses are allowed here. - repeated CidrRange ip_list = 2; + repeated envoy.api.v2.core.CidrRange ip_list = 2; } } diff --git a/envoy/config/filter/http/lua/v2/BUILD b/envoy/config/filter/http/lua/v2/BUILD new file mode 100644 index 00000000..ce571d97 --- /dev/null +++ b/envoy/config/filter/http/lua/v2/BUILD @@ -0,0 +1,8 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "lua", + srcs = ["lua.proto"], +) diff --git a/envoy/api/v2/filter/http/lua.proto b/envoy/config/filter/http/lua/v2/lua.proto similarity index 89% rename from envoy/api/v2/filter/http/lua.proto rename to envoy/config/filter/http/lua/v2/lua.proto index ccfb3b71..f42f1b6e 100644 --- a/envoy/api/v2/filter/http/lua.proto +++ b/envoy/config/filter/http/lua/v2/lua.proto @@ -1,6 +1,7 @@ syntax = "proto3"; -package envoy.api.v2.filter.http; +package envoy.config.filter.http.lua.v2; +option go_package = "v2"; import "validate/validate.proto"; diff --git a/envoy/config/filter/http/rate_limit/v2/BUILD b/envoy/config/filter/http/rate_limit/v2/BUILD new file mode 100644 index 00000000..484e19c4 --- /dev/null +++ b/envoy/config/filter/http/rate_limit/v2/BUILD @@ -0,0 +1,8 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "rate_limit", + srcs = ["rate_limit.proto"], +) diff --git a/envoy/api/v2/filter/http/rate_limit.proto b/envoy/config/filter/http/rate_limit/v2/rate_limit.proto similarity index 87% rename from envoy/api/v2/filter/http/rate_limit.proto rename to envoy/config/filter/http/rate_limit/v2/rate_limit.proto index 86560db5..9d3f50e7 100644 --- a/envoy/api/v2/filter/http/rate_limit.proto +++ b/envoy/config/filter/http/rate_limit/v2/rate_limit.proto @@ -1,10 +1,12 @@ syntax = "proto3"; -package envoy.api.v2.filter.http; +package envoy.config.filter.http.rate_limit.v2; +option go_package = "v2"; import "google/protobuf/duration.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. @@ -31,5 +33,5 @@ message RateLimit { // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. - google.protobuf.Duration timeout = 4; + google.protobuf.Duration timeout = 4 [(gogoproto.stdduration) = true]; } diff --git a/envoy/config/filter/http/router/v2/BUILD b/envoy/config/filter/http/router/v2/BUILD new file mode 100644 index 00000000..00392ac7 --- /dev/null +++ b/envoy/config/filter/http/router/v2/BUILD @@ -0,0 +1,9 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "router", + srcs = ["router.proto"], + deps = ["//envoy/config/filter/accesslog/v2:accesslog"], +) diff --git a/envoy/api/v2/filter/http/router.proto b/envoy/config/filter/http/router/v2/router.proto similarity index 82% rename from envoy/api/v2/filter/http/router.proto rename to envoy/config/filter/http/router/v2/router.proto index e75b76ab..a334c62c 100644 --- a/envoy/api/v2/filter/http/router.proto +++ b/envoy/config/filter/http/router/v2/router.proto @@ -1,9 +1,9 @@ syntax = "proto3"; -package envoy.api.v2.filter.http; -option go_package = "http"; +package envoy.config.filter.http.router.v2; +option go_package = "v2"; -import "envoy/api/v2/filter/accesslog/accesslog.proto"; +import "envoy/config/filter/accesslog/v2/accesslog.proto"; import "google/protobuf/wrappers.proto"; @@ -25,5 +25,5 @@ message Router { // are configured in the same way as access logs, but each log entry represents // an upstream request. Presuming retries are configured, multiple upstream // requests may be made for each downstream (inbound) request. - repeated accesslog.AccessLog upstream_log = 3; + repeated envoy.config.filter.accesslog.v2.AccessLog upstream_log = 3; } diff --git a/envoy/config/filter/http/squash/v2/BUILD b/envoy/config/filter/http/squash/v2/BUILD new file mode 100644 index 00000000..ea5e9c6c --- /dev/null +++ b/envoy/config/filter/http/squash/v2/BUILD @@ -0,0 +1,8 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "squash", + srcs = ["squash.proto"], +) diff --git a/envoy/api/v2/filter/http/squash.proto b/envoy/config/filter/http/squash/v2/squash.proto similarity index 81% rename from envoy/api/v2/filter/http/squash.proto rename to envoy/config/filter/http/squash/v2/squash.proto index c46b18e2..a1455417 100644 --- a/envoy/api/v2/filter/http/squash.proto +++ b/envoy/config/filter/http/squash/v2/squash.proto @@ -1,10 +1,13 @@ syntax = "proto3"; -package envoy.api.v2.filter.http; +package envoy.config.filter.http.squash.v2; +option go_package = "v2"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; + import "validate/validate.proto"; +import "gogoproto/gogo.proto"; // [#protodoc-title: Squash] // Squash :ref:`configuration overview `. @@ -36,13 +39,13 @@ message Squash { google.protobuf.Struct attachment_template = 2; // The timeout for individual requests sent to the Squash cluster. Defaults to 1 second. - google.protobuf.Duration request_timeout = 3; + google.protobuf.Duration request_timeout = 3 [(gogoproto.stdduration) = true]; // The total timeout Squash will delay a request and wait for it to be attached. Defaults to 60 // seconds. - google.protobuf.Duration attachment_timeout = 4; + google.protobuf.Duration attachment_timeout = 4 [(gogoproto.stdduration) = true]; // Amount of time to poll for the status of the attachment object in the Squash server // (to check if has been attached). Defaults to 1 second. - google.protobuf.Duration attachment_poll_period = 5; + google.protobuf.Duration attachment_poll_period = 5 [(gogoproto.stdduration) = true]; } diff --git a/envoy/config/filter/http/transcoder/v2/BUILD b/envoy/config/filter/http/transcoder/v2/BUILD new file mode 100644 index 00000000..087f8ce8 --- /dev/null +++ b/envoy/config/filter/http/transcoder/v2/BUILD @@ -0,0 +1,8 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "transcoder", + srcs = ["transcoder.proto"], +) diff --git a/envoy/api/v2/filter/http/transcoder.proto b/envoy/config/filter/http/transcoder/v2/transcoder.proto similarity index 96% rename from envoy/api/v2/filter/http/transcoder.proto rename to envoy/config/filter/http/transcoder/v2/transcoder.proto index b394332f..dfb629cd 100644 --- a/envoy/api/v2/filter/http/transcoder.proto +++ b/envoy/config/filter/http/transcoder/v2/transcoder.proto @@ -1,6 +1,7 @@ syntax = "proto3"; -package envoy.api.v2.filter.http; +package envoy.config.filter.http.transcoder.v2; +option go_package = "v2"; import "validate/validate.proto"; diff --git a/envoy/config/filter/network/client_ssl_auth/v2/BUILD b/envoy/config/filter/network/client_ssl_auth/v2/BUILD new file mode 100644 index 00000000..d382848c --- /dev/null +++ b/envoy/config/filter/network/client_ssl_auth/v2/BUILD @@ -0,0 +1,9 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "client_ssl_auth", + srcs = ["client_ssl_auth.proto"], + deps = ["//envoy/api/v2/core:address"], +) diff --git a/envoy/api/v2/filter/network/client_ssl_auth.proto b/envoy/config/filter/network/client_ssl_auth/v2/client_ssl_auth.proto similarity index 80% rename from envoy/api/v2/filter/network/client_ssl_auth.proto rename to envoy/config/filter/network/client_ssl_auth/v2/client_ssl_auth.proto index e115b4f6..7d0321cf 100644 --- a/envoy/api/v2/filter/network/client_ssl_auth.proto +++ b/envoy/config/filter/network/client_ssl_auth/v2/client_ssl_auth.proto @@ -1,11 +1,13 @@ syntax = "proto3"; -package envoy.api.v2.filter.network; +package envoy.config.filter.network.client_ssl_auth.v2; +option go_package = "v2"; -import "envoy/api/v2/address.proto"; +import "envoy/api/v2/core/address.proto"; import "google/protobuf/duration.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; // [#protodoc-title: Client TLS authentication] // Client TLS authentication @@ -26,10 +28,10 @@ message ClientSSLAuth { // authentication service. Default is 60000 (60s). The actual fetch time // will be this value plus a random jittered value between // 0-refresh_delay_ms milliseconds. - google.protobuf.Duration refresh_delay = 3; + google.protobuf.Duration refresh_delay = 3 [(gogoproto.stdduration) = true]; // An optional list of IP address and subnet masks that should be white // listed for access by the filter. If no list is provided, there is no // IP white list. - repeated CidrRange ip_white_list = 4; + repeated envoy.api.v2.core.CidrRange ip_white_list = 4; } diff --git a/envoy/config/filter/network/ext_authz/v2/BUILD b/envoy/config/filter/network/ext_authz/v2/BUILD new file mode 100644 index 00000000..22dc8915 --- /dev/null +++ b/envoy/config/filter/network/ext_authz/v2/BUILD @@ -0,0 +1,9 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "ext_authz", + srcs = ["ext_authz.proto"], + deps = ["//envoy/api/v2/core:grpc_service"], +) diff --git a/envoy/api/v2/filter/network/ext_authz.proto b/envoy/config/filter/network/ext_authz/v2/ext_authz.proto similarity index 84% rename from envoy/api/v2/filter/network/ext_authz.proto rename to envoy/config/filter/network/ext_authz/v2/ext_authz.proto index 5cfdf410..eb0fe7f0 100644 --- a/envoy/api/v2/filter/network/ext_authz.proto +++ b/envoy/config/filter/network/ext_authz/v2/ext_authz.proto @@ -1,8 +1,9 @@ syntax = "proto3"; -package envoy.api.v2.filter.network; +package envoy.config.filter.network.ext_authz.v2; +option go_package = "v2"; -import "envoy/api/v2/grpc_service.proto"; +import "envoy/api/v2/core/grpc_service.proto"; import "validate/validate.proto"; @@ -15,7 +16,7 @@ message ExtAuthz { string stat_prefix = 1 [(validate.rules).string.min_bytes = 1]; // The external authorization gRPC service configuration. - GrpcService grpc_service = 2; + envoy.api.v2.core.GrpcService grpc_service = 2; // The filter's behaviour in case the external authorization service does // not respond back. If set to true then in case of failure to get a diff --git a/envoy/config/filter/network/http_connection_manager/v2/BUILD b/envoy/config/filter/network/http_connection_manager/v2/BUILD new file mode 100644 index 00000000..a1ef916c --- /dev/null +++ b/envoy/config/filter/network/http_connection_manager/v2/BUILD @@ -0,0 +1,15 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "http_connection_manager", + srcs = ["http_connection_manager.proto"], + deps = [ + "//envoy/api/v2:rds", + "//envoy/api/v2/core:base", + "//envoy/api/v2/core:config_source", + "//envoy/api/v2/core:protocol", + "//envoy/config/filter/accesslog/v2:accesslog", + ], +) diff --git a/envoy/api/v2/filter/network/http_connection_manager.proto b/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto similarity index 90% rename from envoy/api/v2/filter/network/http_connection_manager.proto rename to envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto index 1e46b266..286c33cd 100644 --- a/envoy/api/v2/filter/network/http_connection_manager.proto +++ b/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto @@ -1,12 +1,12 @@ syntax = "proto3"; -package envoy.api.v2.filter.network; -option go_package = "network"; +package envoy.config.filter.network.http_connection_manager.v2; +option go_package = "v2"; -import "envoy/api/v2/base.proto"; -import "envoy/api/v2/config_source.proto"; -import "envoy/api/v2/protocol.proto"; -import "envoy/api/v2/filter/accesslog/accesslog.proto"; +import "envoy/api/v2/core/base.proto"; +import "envoy/api/v2/core/config_source.proto"; +import "envoy/api/v2/core/protocol.proto"; +import "envoy/config/filter/accesslog/v2/accesslog.proto"; import "envoy/api/v2/rds.proto"; import "google/protobuf/duration.proto"; @@ -21,6 +21,8 @@ import "gogoproto/gogo.proto"; message HttpConnectionManager { enum CodecType { + option (gogoproto.goproto_enum_prefix) = false; + // For every new connection, the connection manager will determine which // codec to use. This mode supports both ALPN for TLS listeners as well as // protocol inference for plaintext listeners. If ALPN data is available, it @@ -52,7 +54,7 @@ message HttpConnectionManager { Rds rds = 3; // The route table for the connection manager is static and is specified in this property. - RouteConfiguration route_config = 4; + envoy.api.v2.RouteConfiguration route_config = 4; } // A list of individual HTTP filters that make up the filter chain for @@ -67,6 +69,8 @@ message HttpConnectionManager { message Tracing { enum OperationName { + option (gogoproto.goproto_enum_prefix) = false; + // The HTTP listener is used for ingress/incoming requests. INGRESS = 0; @@ -88,14 +92,14 @@ message HttpConnectionManager { // 'tracing.client_sampling' in the :ref:`HTTP Connection Manager // `. // Default: 100% - Percent client_sampling = 3; + envoy.api.v2.core.Percent client_sampling = 3; // Target percentage of requests managed by this HTTP connection manager that will be randomly // selected for trace generation, if not requested by the client or not forced. This field is // a direct analog for the runtime variable 'tracing.random_sampling' in the // :ref:`HTTP Connection Manager `. // Default: 100% - Percent random_sampling = 4; + envoy.api.v2.core.Percent random_sampling = 4; // Target percentage of requests managed by this HTTP connection manager that will be traced // after all other sampling checks have been applied (client-directed, force tracing, random @@ -105,7 +109,7 @@ message HttpConnectionManager { // analog for the runtime variable 'tracing.global_enabled' in the // :ref:`HTTP Connection Manager `. // Default: 100% - Percent overall_sampling = 5; + envoy.api.v2.core.Percent overall_sampling = 5; } // Presence of the object defines whether the connection manager @@ -114,10 +118,10 @@ message HttpConnectionManager { Tracing tracing = 7; // Additional HTTP/1 settings that are passed to the HTTP/1 codec. - Http1ProtocolOptions http_protocol_options = 8; + envoy.api.v2.core.Http1ProtocolOptions http_protocol_options = 8; // Additional HTTP/2 settings that are passed directly to the HTTP/2 codec. - Http2ProtocolOptions http2_protocol_options = 9; + envoy.api.v2.core.Http2ProtocolOptions http2_protocol_options = 9; // An optional override that the connection manager will write to the server // header in responses. If not set, the default is *envoy*. @@ -128,7 +132,8 @@ message HttpConnectionManager { // requests. If not set, there is no idle timeout. When the idle timeout is // reached the connection will be closed. If the connection is an HTTP/2 // connection a drain sequence will occur prior to closing the connection. See - // :ref:`drain_timeout `. + // :ref:`drain_timeout + // `. google.protobuf.Duration idle_timeout = 11 [(gogoproto.stdduration) = true]; // The time that Envoy will wait between sending an HTTP/2 “shutdown @@ -144,7 +149,7 @@ message HttpConnectionManager { // Configuration for :ref:`HTTP access logs ` // emitted by the connection manager. - repeated accesslog.AccessLog access_log = 13; + repeated envoy.config.filter.accesslog.v2.AccessLog access_log = 13; // If set to true, the connection manager will use the real remote address // of the client connection when determining internal versus external origin and manipulating @@ -164,6 +169,8 @@ message HttpConnectionManager { // How to handle the :ref:`config_http_conn_man_headers_x-forwarded-client-cert` (XFCC) HTTP // header. enum ForwardClientCertDetails { + option (gogoproto.goproto_enum_prefix) = false; + // Do not send the XFCC header to the next hop. This is the default value. SANITIZE = 0; @@ -202,8 +209,8 @@ message HttpConnectionManager { }; // This field is valid only when :ref:`forward_client_cert_details - // ` is - // APPEND_FORWARD or SANITIZE_SET and the client connection is mTLS. It specifies the fields in + // ` + // is APPEND_FORWARD or SANITIZE_SET and the client connection is mTLS. It specifies the fields in // the client certificate to be forwarded. Note that in the // :ref:`config_http_conn_man_headers_x-forwarded-client-cert` header, *Hash* is always set, and // *By* is always set when the client certificate presents the SAN value. @@ -219,7 +226,7 @@ message HttpConnectionManager { message Rds { // Configuration source specifier for RDS. - ConfigSource config_source = 1 + envoy.api.v2.core.ConfigSource config_source = 1 [(validate.rules).message.required = true, (gogoproto.nullable) = false]; // The name of the route configuration. This name will be passed to the RDS diff --git a/envoy/config/filter/network/mongo_proxy/v2/BUILD b/envoy/config/filter/network/mongo_proxy/v2/BUILD new file mode 100644 index 00000000..03bc3034 --- /dev/null +++ b/envoy/config/filter/network/mongo_proxy/v2/BUILD @@ -0,0 +1,9 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "mongo_proxy", + srcs = ["mongo_proxy.proto"], + deps = ["//envoy/config/filter/fault/v2:fault"], +) diff --git a/envoy/api/v2/filter/network/mongo_proxy.proto b/envoy/config/filter/network/mongo_proxy/v2/mongo_proxy.proto similarity index 83% rename from envoy/api/v2/filter/network/mongo_proxy.proto rename to envoy/config/filter/network/mongo_proxy/v2/mongo_proxy.proto index f4540c4a..0d729733 100644 --- a/envoy/api/v2/filter/network/mongo_proxy.proto +++ b/envoy/config/filter/network/mongo_proxy/v2/mongo_proxy.proto @@ -1,8 +1,9 @@ syntax = "proto3"; -package envoy.api.v2.filter.network; +package envoy.config.filter.network.mongo_proxy.v2; +option go_package = "v2"; -import "envoy/api/v2/filter/fault.proto"; +import "envoy/config/filter/fault/v2/fault.proto"; import "validate/validate.proto"; @@ -23,5 +24,5 @@ message MongoProxy { // applied to the following MongoDB operations: Query, Insert, GetMore, // and KillCursors. Once an active delay is in progress, all incoming // data up until the timer event fires will be a part of the delay. - FaultDelay delay = 3; + envoy.config.filter.fault.v2.FaultDelay delay = 3; } diff --git a/envoy/config/filter/network/rate_limit/v2/BUILD b/envoy/config/filter/network/rate_limit/v2/BUILD new file mode 100644 index 00000000..b1936e3b --- /dev/null +++ b/envoy/config/filter/network/rate_limit/v2/BUILD @@ -0,0 +1,9 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "rate_limit", + srcs = ["rate_limit.proto"], + deps = ["//envoy/api/v2/ratelimit"], +) diff --git a/envoy/api/v2/filter/network/rate_limit.proto b/envoy/config/filter/network/rate_limit/v2/rate_limit.proto similarity index 71% rename from envoy/api/v2/filter/network/rate_limit.proto rename to envoy/config/filter/network/rate_limit/v2/rate_limit.proto index 0d3f5f6a..24012949 100644 --- a/envoy/api/v2/filter/network/rate_limit.proto +++ b/envoy/config/filter/network/rate_limit/v2/rate_limit.proto @@ -1,11 +1,13 @@ syntax = "proto3"; -package envoy.api.v2.filter.network; +package envoy.config.filter.network.rate_limit.v2; +option go_package = "v2"; import "envoy/api/v2/ratelimit/ratelimit.proto"; import "google/protobuf/duration.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; // [#protodoc-title: Rate limit] // Rate limit :ref:`configuration overview `. @@ -18,9 +20,10 @@ message RateLimit { string domain = 2 [(validate.rules).string.min_bytes = 1]; // The rate limit descriptor list to use in the rate limit service request. - repeated ratelimit.RateLimitDescriptor descriptors = 3 [(validate.rules).repeated .min_items = 1]; + repeated envoy.api.v2.ratelimit.RateLimitDescriptor descriptors = 3 + [(validate.rules).repeated .min_items = 1]; // The timeout in milliseconds for the rate limit service RPC. If not // set, this defaults to 20ms. - google.protobuf.Duration timeout = 4; + google.protobuf.Duration timeout = 4 [(gogoproto.stdduration) = true]; } diff --git a/envoy/config/filter/network/redis_proxy/v2/BUILD b/envoy/config/filter/network/redis_proxy/v2/BUILD new file mode 100644 index 00000000..78f26930 --- /dev/null +++ b/envoy/config/filter/network/redis_proxy/v2/BUILD @@ -0,0 +1,8 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "redis_proxy", + srcs = ["redis_proxy.proto"], +) diff --git a/envoy/api/v2/filter/network/redis_proxy.proto b/envoy/config/filter/network/redis_proxy/v2/redis_proxy.proto similarity index 85% rename from envoy/api/v2/filter/network/redis_proxy.proto rename to envoy/config/filter/network/redis_proxy/v2/redis_proxy.proto index b9a14ade..4d522013 100644 --- a/envoy/api/v2/filter/network/redis_proxy.proto +++ b/envoy/config/filter/network/redis_proxy/v2/redis_proxy.proto @@ -1,10 +1,12 @@ syntax = "proto3"; -package envoy.api.v2.filter.network; +package envoy.config.filter.network.redis_proxy.v2; +option go_package = "v2"; import "google/protobuf/duration.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; // [#protodoc-title: Redis Proxy] // Redis Proxy :ref:`configuration overview `. @@ -26,7 +28,8 @@ message RedisProxy { // The only exception to this behavior is when a connection to a backend is not yet established. // In that case, the connect timeout on the cluster will govern the timeout until the connection // is ready. - google.protobuf.Duration op_timeout = 1 [(validate.rules).duration.required = true]; + google.protobuf.Duration op_timeout = 1 + [(validate.rules).duration.required = true, (gogoproto.stdduration) = true]; } // Network settings for the connection pool to the upstream cluster. diff --git a/envoy/config/filter/network/tcp_proxy/v2/BUILD b/envoy/config/filter/network/tcp_proxy/v2/BUILD new file mode 100644 index 00000000..20bcbbad --- /dev/null +++ b/envoy/config/filter/network/tcp_proxy/v2/BUILD @@ -0,0 +1,12 @@ +load("//bazel:api_build_system.bzl", "api_proto_library") + +licenses(["notice"]) # Apache 2 + +api_proto_library( + name = "tcp_proxy", + srcs = ["tcp_proxy.proto"], + deps = [ + "//envoy/api/v2/core:address", + "//envoy/config/filter/accesslog/v2:accesslog", + ], +) diff --git a/envoy/api/v2/filter/network/tcp_proxy.proto b/envoy/config/filter/network/tcp_proxy/v2/tcp_proxy.proto similarity index 88% rename from envoy/api/v2/filter/network/tcp_proxy.proto rename to envoy/config/filter/network/tcp_proxy/v2/tcp_proxy.proto index 4881f448..4f098dc2 100644 --- a/envoy/api/v2/filter/network/tcp_proxy.proto +++ b/envoy/config/filter/network/tcp_proxy/v2/tcp_proxy.proto @@ -1,14 +1,16 @@ syntax = "proto3"; -package envoy.api.v2.filter.network; +package envoy.config.filter.network.tcp_proxy.v2; +option go_package = "v2"; -import "envoy/api/v2/filter/accesslog/accesslog.proto"; -import "envoy/api/v2/address.proto"; +import "envoy/config/filter/accesslog/v2/accesslog.proto"; +import "envoy/api/v2/core/address.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/wrappers.proto"; import "validate/validate.proto"; +import "gogoproto/gogo.proto"; // [#protodoc-title: TCP Proxy] // TCP Proxy :ref:`configuration overview `. @@ -26,8 +28,9 @@ message TcpProxy { // way to configure the target cluster. All other matching will be done via :ref:`filter chain // matching rules `. For very simple configurations, // this field can still be used to select the cluster when no other matching rules are required. - // Otherwise, a :ref:`deprecated_v1 ` - // configuration is required to use more complex routing in the interim. + // Otherwise, a :ref:`deprecated_v1 + // ` configuration is + // required to use more complex routing in the interim. // string cluster = 2; @@ -35,7 +38,8 @@ message TcpProxy { // is defined as the period in which there are no bytes sent or received on either // the upstream or downstream connection. If not set, connections will never be closed // by the TCP proxy due to being idle. - google.protobuf.Duration idle_timeout = 8 [(validate.rules).duration.gt = {}]; + google.protobuf.Duration idle_timeout = 8 + [(validate.rules).duration.gt = {}, (gogoproto.stdduration) = true]; // [#not-implemented-hide:] The idle timeout for connections managed by the TCP proxy // filter. The idle timeout is defined as the period in which there is no @@ -50,7 +54,7 @@ message TcpProxy { // Configuration for :ref:`access logs ` // emitted by the this tcp_proxy. - repeated accesslog.AccessLog access_log = 5; + repeated envoy.config.filter.accesslog.v2.AccessLog access_log = 5; // TCP Proxy filter configuration using V1 format, until Envoy gets the // ability to match source/destination at the listener level (called @@ -76,7 +80,7 @@ message TcpProxy { // address of the downstream connection might be different from the // addresses on which the proxy is listening if the connection has been // redirected. - repeated CidrRange destination_ip_list = 2; + repeated envoy.api.v2.core.CidrRange destination_ip_list = 2; // An optional string containing a comma-separated list of port numbers // or ranges. The criteria is satisfied if the destination port of the @@ -92,7 +96,7 @@ message TcpProxy { // of the downstream connection is contained in at least one of the // specified subnets. If the parameter is not specified or the list is // empty, the source IP address is ignored. - repeated CidrRange source_ip_list = 4; + repeated envoy.api.v2.core.CidrRange source_ip_list = 4; // An optional string containing a comma-separated list of port numbers // or ranges. The criteria is satisfied if the source port of the diff --git a/envoy/config/metrics/v2/BUILD b/envoy/config/metrics/v2/BUILD index 1e73614d..d9df02a5 100644 --- a/envoy/config/metrics/v2/BUILD +++ b/envoy/config/metrics/v2/BUILD @@ -5,8 +5,11 @@ licenses(["notice"]) # Apache 2 api_proto_library( name = "metrics_service", srcs = ["metrics_service.proto"], + visibility = [ + "//envoy/config/bootstrap/v2:__pkg__", + ], deps = [ - "//envoy/api/v2:grpc_service", + "//envoy/api/v2/core:grpc_service", ], ) @@ -14,15 +17,18 @@ api_go_proto_library( name = "metrics_service", proto = ":metrics_service", deps = [ - "//envoy/api/v2:grpc_service_go_proto", + "//envoy/api/v2/core:grpc_service_go_proto", ], ) api_proto_library( name = "stats", srcs = ["stats.proto"], + visibility = [ + "//envoy/config/bootstrap/v2:__pkg__", + ], deps = [ - "//envoy/api/v2:address", + "//envoy/api/v2/core:address", ], ) @@ -30,6 +36,6 @@ api_go_proto_library( name = "stats", proto = ":stats", deps = [ - "//envoy/api/v2:address_go_proto", + "//envoy/api/v2/core:address_go_proto", ], ) diff --git a/envoy/config/metrics/v2/metrics_service.proto b/envoy/config/metrics/v2/metrics_service.proto index 9faa7306..cae57348 100644 --- a/envoy/config/metrics/v2/metrics_service.proto +++ b/envoy/config/metrics/v2/metrics_service.proto @@ -6,7 +6,7 @@ syntax = "proto3"; package envoy.config.metrics.v2; -import "envoy/api/v2/grpc_service.proto"; +import "envoy/api/v2/core/grpc_service.proto"; import "validate/validate.proto"; @@ -15,5 +15,5 @@ import "validate/validate.proto"; // Metrics Service. message MetricsServiceConfig { // The upstream gRPC cluster that hosts the metrics service. - envoy.api.v2.GrpcService grpc_service = 1 [(validate.rules).message.required = true]; + envoy.api.v2.core.GrpcService grpc_service = 1 [(validate.rules).message.required = true]; } diff --git a/envoy/config/metrics/v2/stats.proto b/envoy/config/metrics/v2/stats.proto index 6e31fb42..53f8e535 100644 --- a/envoy/config/metrics/v2/stats.proto +++ b/envoy/config/metrics/v2/stats.proto @@ -4,9 +4,9 @@ syntax = "proto3"; package envoy.config.metrics.v2; -option go_package = "metrics"; +option go_package = "v2"; -import "envoy/api/v2/address.proto"; +import "envoy/api/v2/core/address.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/wrappers.proto"; @@ -145,7 +145,7 @@ message StatsdSink { // The UDP address of a running `statsd `_ // compliant listener. If specified, statistics will be flushed to this // address. - envoy.api.v2.Address address = 1; + envoy.api.v2.core.Address address = 1; // The name of a cluster that is running a TCP `statsd // `_ compliant listener. If specified, @@ -164,7 +164,7 @@ message DogStatsdSink { // The UDP address of a running DogStatsD compliant listener. If specified, // statistics will be flushed to this address. - envoy.api.v2.Address address = 1; + envoy.api.v2.core.Address address = 1; // The name of a cluster that is DogStatsD compliant TCP listener. If specified, // Envoy will connect to this cluster to flush statistics. diff --git a/envoy/config/ratelimit/v2/BUILD b/envoy/config/ratelimit/v2/BUILD index 0a7bafa3..f71f28e0 100644 --- a/envoy/config/ratelimit/v2/BUILD +++ b/envoy/config/ratelimit/v2/BUILD @@ -5,8 +5,11 @@ licenses(["notice"]) # Apache 2 api_proto_library( name = "rls", srcs = ["rls.proto"], + visibility = [ + "//envoy/config/bootstrap/v2:__pkg__", + ], deps = [ - "//envoy/api/v2:grpc_service", + "//envoy/api/v2/core:grpc_service", ], ) @@ -14,6 +17,6 @@ api_go_grpc_library( name = "rls", proto = ":rls", deps = [ - "//envoy/api/v2:grpc_service_go_proto", + "//envoy/api/v2/core:grpc_service_go_proto", ], ) diff --git a/envoy/config/ratelimit/v2/rls.proto b/envoy/config/ratelimit/v2/rls.proto index 5ecd3635..62bcb9b6 100644 --- a/envoy/config/ratelimit/v2/rls.proto +++ b/envoy/config/ratelimit/v2/rls.proto @@ -1,9 +1,9 @@ syntax = "proto3"; package envoy.config.ratelimit.v2; -option go_package = "ratelimit"; +option go_package = "v2"; -import "envoy/api/v2/grpc_service.proto"; +import "envoy/api/v2/core/grpc_service.proto"; import "validate/validate.proto"; @@ -18,13 +18,13 @@ message RateLimitServiceConfig { // service. The client will connect to this cluster when it needs to make // rate limit service requests. This field is deprecated and `grpc_service` // should be used instead. The :ref:`Envoy gRPC client - // ` will be used when this field is + // ` will be used when this field is // specified. string cluster_name = 1 [(validate.rules).string.min_bytes = 1, deprecated = true]; // Specifies the gRPC service that hosts the rate limit service. The client // will connect to this cluster when it needs to make rate limit service // requests. - envoy.api.v2.GrpcService grpc_service = 2; + envoy.api.v2.core.GrpcService grpc_service = 2; } } diff --git a/envoy/config/trace/v2/BUILD b/envoy/config/trace/v2/BUILD index 08e36b14..19fa06a4 100644 --- a/envoy/config/trace/v2/BUILD +++ b/envoy/config/trace/v2/BUILD @@ -5,8 +5,11 @@ licenses(["notice"]) # Apache 2 api_proto_library( name = "trace", srcs = ["trace.proto"], + visibility = [ + "//envoy/config/bootstrap/v2:__pkg__", + ], deps = [ - "//envoy/api/v2:grpc_service", + "//envoy/api/v2/core:grpc_service", ], ) @@ -14,6 +17,6 @@ api_go_proto_library( name = "trace", proto = ":trace", deps = [ - "//envoy/api/v2:grpc_service_go_proto", + "//envoy/api/v2/core:grpc_service_go_proto", ], ) diff --git a/envoy/config/trace/v2/trace.proto b/envoy/config/trace/v2/trace.proto index 219d73b0..c1154cf0 100644 --- a/envoy/config/trace/v2/trace.proto +++ b/envoy/config/trace/v2/trace.proto @@ -4,9 +4,9 @@ syntax = "proto3"; package envoy.config.trace.v2; -option go_package = "trace"; +option go_package = "v2"; -import "envoy/api/v2/grpc_service.proto"; +import "envoy/api/v2/core/grpc_service.proto"; import "google/protobuf/struct.proto"; @@ -73,5 +73,5 @@ message DynamicOtConfig { // Configuration structure. message TraceServiceConfig { // The upstream gRPC cluster that hosts the metrics service. - envoy.api.v2.GrpcService grpc_service = 1 [(validate.rules).message.required = true]; + envoy.api.v2.core.GrpcService grpc_service = 1 [(validate.rules).message.required = true]; } diff --git a/envoy/service/README.md b/envoy/service/README.md index b16852f4..831b740a 100644 --- a/envoy/service/README.md +++ b/envoy/service/README.md @@ -1 +1,3 @@ Protocol buffer definitions for gRPC and REST services. + +Visibility should be constrained to none (default). diff --git a/envoy/service/accesslog/v2/BUILD b/envoy/service/accesslog/v2/BUILD index 5b292d29..cdf5b36a 100644 --- a/envoy/service/accesslog/v2/BUILD +++ b/envoy/service/accesslog/v2/BUILD @@ -7,8 +7,8 @@ api_proto_library( srcs = ["als.proto"], has_services = 1, deps = [ - "//envoy/api/v2:base", - "//envoy/api/v2:grpc_service", - "//envoy/api/v2/filter/accesslog", + "//envoy/api/v2/core:base", + "//envoy/api/v2/core:grpc_service", + "//envoy/config/filter/accesslog/v2:accesslog", ], ) diff --git a/envoy/service/accesslog/v2/als.proto b/envoy/service/accesslog/v2/als.proto index 9efed409..9f3ad343 100644 --- a/envoy/service/accesslog/v2/als.proto +++ b/envoy/service/accesslog/v2/als.proto @@ -1,10 +1,10 @@ syntax = "proto3"; package envoy.service.accesslog.v2; -option go_package = "accesslog"; +option go_package = "v2"; -import "envoy/api/v2/base.proto"; -import "envoy/api/v2/filter/accesslog/accesslog.proto"; +import "envoy/api/v2/core/base.proto"; +import "envoy/config/filter/accesslog/v2/accesslog.proto"; import "validate/validate.proto"; @@ -32,7 +32,7 @@ message StreamAccessLogsResponse { message StreamAccessLogsMessage { message Identifier { // The node sending the access log messages over the stream. - envoy.api.v2.Node node = 1 [(validate.rules).message.required = true]; + envoy.api.v2.core.Node node = 1 [(validate.rules).message.required = true]; // The friendly name of the log configured in AccessLogServiceConfig. string log_name = 2 [(validate.rules).string.min_bytes = 1]; @@ -44,13 +44,13 @@ message StreamAccessLogsMessage { // Wrapper for batches of HTTP access log entries. message HTTPAccessLogEntries { - repeated envoy.api.v2.filter.accesslog.HTTPAccessLogEntry log_entry = 1 + repeated envoy.config.filter.accesslog.v2.HTTPAccessLogEntry log_entry = 1 [(validate.rules).repeated .min_items = 1]; } // Wrapper for batches of TCP access log entries. message TCPAccessLogEntries { - repeated envoy.api.v2.filter.accesslog.TCPAccessLogEntry log_entry = 1 + repeated envoy.config.filter.accesslog.v2.TCPAccessLogEntry log_entry = 1 [(validate.rules).repeated .min_items = 1]; } diff --git a/envoy/service/auth/v2/BUILD b/envoy/service/auth/v2/BUILD index 6797b68e..8a7f5ee5 100644 --- a/envoy/service/auth/v2/BUILD +++ b/envoy/service/auth/v2/BUILD @@ -8,7 +8,7 @@ api_proto_library( "attribute_context.proto", ], deps = [ - "//envoy/api/v2:address", + "//envoy/api/v2/core:address", ], ) diff --git a/envoy/service/auth/v2/attribute_context.proto b/envoy/service/auth/v2/attribute_context.proto index 6d4062ac..e27c798f 100644 --- a/envoy/service/auth/v2/attribute_context.proto +++ b/envoy/service/auth/v2/attribute_context.proto @@ -3,9 +3,8 @@ syntax = "proto3"; // [#proto-status: draft] package envoy.service.auth.v2; -option go_package = "auth"; -import "envoy/api/v2/address.proto"; +import "envoy/api/v2/core/address.proto"; import "google/protobuf/timestamp.proto"; @@ -23,7 +22,7 @@ message AttributeContext { message Peer { // The address of the peer, this is typically the IP address. // It can also be UDS path, or others. - envoy.api.v2.Address address = 1; + envoy.api.v2.core.Address address = 1; // The canonical service name of the peer. // It should be set to :ref:`the HTTP x-envoy-downstream-service-cluster diff --git a/envoy/service/auth/v2/external_auth.proto b/envoy/service/auth/v2/external_auth.proto index 562c6e43..149af57c 100644 --- a/envoy/service/auth/v2/external_auth.proto +++ b/envoy/service/auth/v2/external_auth.proto @@ -3,7 +3,7 @@ syntax = "proto3"; // [#proto-status: draft] package envoy.service.auth.v2; -option go_package = "auth"; +option go_package = "v2"; import "envoy/service/auth/v2/attribute_context.proto"; diff --git a/envoy/service/discovery/v2/BUILD b/envoy/service/discovery/v2/BUILD index ccd50866..12f376a2 100644 --- a/envoy/service/discovery/v2/BUILD +++ b/envoy/service/discovery/v2/BUILD @@ -24,8 +24,8 @@ api_proto_library( srcs = ["hds.proto"], has_services = 1, deps = [ - "//envoy/api/v2:base", - "//envoy/api/v2:health_check", + "//envoy/api/v2/core:base", + "//envoy/api/v2/core:health_check", "//envoy/api/v2/endpoint", ], ) @@ -34,8 +34,8 @@ api_go_grpc_library( name = "hds", proto = ":hds", deps = [ - "//envoy/api/v2:base_go_proto", - "//envoy/api/v2:health_check_go_proto", + "//envoy/api/v2/core:base_go_proto", + "//envoy/api/v2/core:health_check_go_proto", "//envoy/api/v2/endpoint:endpoint_go_proto", ], ) diff --git a/envoy/service/discovery/v2/ads.proto b/envoy/service/discovery/v2/ads.proto index 49d117e5..d75bc52e 100644 --- a/envoy/service/discovery/v2/ads.proto +++ b/envoy/service/discovery/v2/ads.proto @@ -1,7 +1,7 @@ syntax = "proto3"; package envoy.service.discovery.v2; -option go_package = "discovery"; +option go_package = "v2"; import "envoy/api/v2/discovery.proto"; diff --git a/envoy/service/discovery/v2/hds.proto b/envoy/service/discovery/v2/hds.proto index 6e6c3d3b..00aef2d7 100644 --- a/envoy/service/discovery/v2/hds.proto +++ b/envoy/service/discovery/v2/hds.proto @@ -2,8 +2,8 @@ syntax = "proto3"; package envoy.service.discovery.v2; -import "envoy/api/v2/base.proto"; -import "envoy/api/v2/health_check.proto"; +import "envoy/api/v2/core/base.proto"; +import "envoy/api/v2/core/health_check.proto"; import "envoy/api/v2/endpoint/endpoint.proto"; import "google/api/annotations.proto"; @@ -79,13 +79,13 @@ message Capability { } message HealthCheckRequest { - envoy.api.v2.Node node = 1; + envoy.api.v2.core.Node node = 1; Capability capability = 2; } message EndpointHealth { envoy.api.v2.endpoint.Endpoint endpoint = 1; - envoy.api.v2.HealthStatus health_status = 2; + envoy.api.v2.core.HealthStatus health_status = 2; } message EndpointHealthResponse { @@ -100,7 +100,7 @@ message HealthCheckRequestOrEndpointHealthResponse { } message LocalityEndpoints { - envoy.api.v2.Locality locality = 1; + envoy.api.v2.core.Locality locality = 1; repeated envoy.api.v2.endpoint.Endpoint endpoints = 2; } @@ -110,7 +110,7 @@ message LocalityEndpoints { // same cluster structure as that provided by EDS. message ClusterHealthCheck { string cluster_name = 1; - repeated envoy.api.v2.HealthCheck health_checks = 2; + repeated envoy.api.v2.core.HealthCheck health_checks = 2; repeated LocalityEndpoints endpoints = 3; } diff --git a/envoy/service/load_stats/BUILD b/envoy/service/load_stats/BUILD deleted file mode 100644 index 19ceeea1..00000000 --- a/envoy/service/load_stats/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -licenses(["notice"]) # Apache 2 - -proto_library( - name = "load_stats", - visibility = ["//envoy:__pkg__"], - deps = [ - "//envoy/service/load_stats/v2:lrs", - ], -) diff --git a/envoy/service/load_stats/v2/BUILD b/envoy/service/load_stats/v2/BUILD index 318bbd5d..4fc65001 100644 --- a/envoy/service/load_stats/v2/BUILD +++ b/envoy/service/load_stats/v2/BUILD @@ -7,7 +7,7 @@ api_proto_library( srcs = ["lrs.proto"], has_services = 1, deps = [ - "//envoy/api/v2:base", + "//envoy/api/v2/core:base", "//envoy/api/v2/endpoint:load_report", ], ) @@ -16,7 +16,7 @@ api_go_grpc_library( name = "lrs", proto = ":lrs", deps = [ - "//envoy/api/v2:base_go_proto", + "//envoy/api/v2/core:base_go_proto", "//envoy/api/v2/endpoint:load_report_go_proto", ], ) diff --git a/envoy/service/load_stats/v2/lrs.proto b/envoy/service/load_stats/v2/lrs.proto index e5d5ba3a..57d5ee7e 100644 --- a/envoy/service/load_stats/v2/lrs.proto +++ b/envoy/service/load_stats/v2/lrs.proto @@ -1,9 +1,9 @@ syntax = "proto3"; package envoy.service.load_stats.v2; -option go_package = "load_stats"; +option go_package = "v2"; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/base.proto"; import "envoy/api/v2/endpoint/load_report.proto"; import "google/protobuf/duration.proto"; @@ -49,7 +49,7 @@ service LoadReportingService { // [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. message LoadStatsRequest { // Node identifier for Envoy instance. - envoy.api.v2.Node node = 1; + envoy.api.v2.core.Node node = 1; // A list of load stats to report. repeated envoy.api.v2.endpoint.ClusterStats cluster_stats = 2; diff --git a/envoy/service/metrics/BUILD b/envoy/service/metrics/BUILD deleted file mode 100644 index 10e19072..00000000 --- a/envoy/service/metrics/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -licenses(["notice"]) # Apache 2 - -proto_library( - name = "metrics", - visibility = ["//envoy:__pkg__"], - deps = [ - "//envoy/service/metrics/v2:metrics_service", - ], -) diff --git a/envoy/service/metrics/v2/BUILD b/envoy/service/metrics/v2/BUILD index aac79fb1..cdaf519d 100644 --- a/envoy/service/metrics/v2/BUILD +++ b/envoy/service/metrics/v2/BUILD @@ -8,8 +8,8 @@ api_proto_library( has_services = 1, require_py = 0, deps = [ - "//envoy/api/v2:base", - "//envoy/api/v2:grpc_service", + "//envoy/api/v2/core:base", + "//envoy/api/v2/core:grpc_service", "@promotheus_metrics_model//:client_model", ], ) diff --git a/envoy/service/metrics/v2/metrics_service.proto b/envoy/service/metrics/v2/metrics_service.proto index c70af05d..51a1f8a6 100644 --- a/envoy/service/metrics/v2/metrics_service.proto +++ b/envoy/service/metrics/v2/metrics_service.proto @@ -3,9 +3,9 @@ syntax = "proto3"; // [#proto-status: draft] package envoy.service.metrics.v2; -option go_package = "metrics"; +option go_package = "v2"; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/base.proto"; import "metrics.proto"; @@ -26,7 +26,7 @@ message StreamMetricsResponse { message StreamMetricsMessage { message Identifier { // The node sending metrics over the stream. - envoy.api.v2.Node node = 1 [(validate.rules).message.required = true]; + envoy.api.v2.core.Node node = 1 [(validate.rules).message.required = true]; } // Identifier data effectively is a structured metadata. As a performance optimization this will diff --git a/envoy/service/ratelimit/BUILD b/envoy/service/ratelimit/BUILD deleted file mode 100644 index d7caf15c..00000000 --- a/envoy/service/ratelimit/BUILD +++ /dev/null @@ -1,9 +0,0 @@ -licenses(["notice"]) # Apache 2 - -proto_library( - name = "ratelimit", - visibility = ["//envoy:__pkg__"], - deps = [ - "//envoy/service/ratelimit/v2:rls", - ], -) diff --git a/envoy/service/ratelimit/v2/BUILD b/envoy/service/ratelimit/v2/BUILD index 1b6db360..d934b848 100644 --- a/envoy/service/ratelimit/v2/BUILD +++ b/envoy/service/ratelimit/v2/BUILD @@ -7,7 +7,7 @@ api_proto_library( srcs = ["rls.proto"], has_services = 1, deps = [ - "//envoy/api/v2:grpc_service", + "//envoy/api/v2/core:grpc_service", "//envoy/api/v2/ratelimit", ], ) @@ -16,7 +16,7 @@ api_go_grpc_library( name = "rls", proto = ":rls", deps = [ - "//envoy/api/v2:grpc_service_go_proto", + "//envoy/api/v2/core:grpc_service_go_proto", "//envoy/api/v2/ratelimit:ratelimit_go_proto", ], ) diff --git a/envoy/service/ratelimit/v2/rls.proto b/envoy/service/ratelimit/v2/rls.proto index 4719087f..c1a416fc 100644 --- a/envoy/service/ratelimit/v2/rls.proto +++ b/envoy/service/ratelimit/v2/rls.proto @@ -1,7 +1,7 @@ syntax = "proto3"; package envoy.service.ratelimit.v2; -option go_package = "ratelimit"; +option go_package = "v2"; import "envoy/api/v2/ratelimit/ratelimit.proto"; diff --git a/envoy/service/trace/v2/BUILD b/envoy/service/trace/v2/BUILD index 10b3de2f..ecd4d504 100644 --- a/envoy/service/trace/v2/BUILD +++ b/envoy/service/trace/v2/BUILD @@ -8,7 +8,7 @@ api_proto_library( has_services = 1, require_py = 0, deps = [ - "//envoy/api/v2:base", + "//envoy/api/v2/core:base", "@io_opencensus_trace//:trace_model", ], ) diff --git a/envoy/service/trace/v2/trace_service.proto b/envoy/service/trace/v2/trace_service.proto index 142afb7e..03a7eba7 100644 --- a/envoy/service/trace/v2/trace_service.proto +++ b/envoy/service/trace/v2/trace_service.proto @@ -3,9 +3,9 @@ syntax = "proto3"; // [#proto-status: draft] package envoy.service.trace.v2; -option go_package = "trace"; +option go_package = "v2"; -import "envoy/api/v2/base.proto"; +import "envoy/api/v2/core/base.proto"; import "trace.proto"; import "google/api/annotations.proto"; @@ -28,7 +28,7 @@ message StreamTracesResponse { message StreamTracesMessage { message Identifier { // The node sending the access log messages over the stream. - envoy.api.v2.Node node = 1 [(validate.rules).message.required = true]; + envoy.api.v2.core.Node node = 1 [(validate.rules).message.required = true]; } // Identifier data effectively is a structured metadata. diff --git a/test/validate/BUILD b/test/validate/BUILD index 3662904d..6ff25055 100644 --- a/test/validate/BUILD +++ b/test/validate/BUILD @@ -9,23 +9,23 @@ api_cc_test( "//envoy/api/v2:cds", "//envoy/api/v2:eds", "//envoy/api/v2:lds", - "//envoy/api/v2:protocol", "//envoy/api/v2:rds", - "//envoy/api/v2/filter/accesslog", - "//envoy/api/v2/filter/http:buffer", - "//envoy/api/v2/filter/http:fault", - "//envoy/api/v2/filter/http:gzip", - "//envoy/api/v2/filter/http:health_check", - "//envoy/api/v2/filter/http:lua", - "//envoy/api/v2/filter/http:router", - "//envoy/api/v2/filter/http:squash", - "//envoy/api/v2/filter/http:transcoder", - "//envoy/api/v2/filter/network:http_connection_manager", - "//envoy/api/v2/filter/network:mongo_proxy", - "//envoy/api/v2/filter/network:redis_proxy", - "//envoy/api/v2/filter/network:tcp_proxy", + "//envoy/api/v2/core:protocol", "//envoy/api/v2/listener", "//envoy/api/v2/route", "//envoy/config/bootstrap/v2:bootstrap", + "//envoy/config/filter/accesslog/v2:accesslog", + "//envoy/config/filter/http/buffer/v2:buffer", + "//envoy/config/filter/http/fault/v2:fault", + "//envoy/config/filter/http/gzip/v2:gzip", + "//envoy/config/filter/http/health_check/v2:health_check", + "//envoy/config/filter/http/lua/v2:lua", + "//envoy/config/filter/http/router/v2:router", + "//envoy/config/filter/http/squash/v2:squash", + "//envoy/config/filter/http/transcoder/v2:transcoder", + "//envoy/config/filter/network/http_connection_manager/v2:http_connection_manager", + "//envoy/config/filter/network/mongo_proxy/v2:mongo_proxy", + "//envoy/config/filter/network/redis_proxy/v2:redis_proxy", + "//envoy/config/filter/network/tcp_proxy/v2:tcp_proxy", ], ) diff --git a/test/validate/pgv_test.cc b/test/validate/pgv_test.cc index 7d89ff6f..07f49b92 100644 --- a/test/validate/pgv_test.cc +++ b/test/validate/pgv_test.cc @@ -6,21 +6,21 @@ #include "envoy/api/v2/cds.pb.validate.h" #include "envoy/api/v2/eds.pb.validate.h" #include "envoy/api/v2/lds.pb.validate.h" -#include "envoy/api/v2/protocol.pb.validate.h" #include "envoy/api/v2/rds.pb.validate.h" -#include "envoy/api/v2/filter/accesslog/accesslog.pb.validate.h" -#include "envoy/api/v2/filter/http/buffer.pb.validate.h" -#include "envoy/api/v2/filter/http/fault.pb.validate.h" -#include "envoy/api/v2/filter/http/gzip.pb.validate.h" -#include "envoy/api/v2/filter/http/health_check.pb.validate.h" -#include "envoy/api/v2/filter/http/lua.pb.validate.h" -#include "envoy/api/v2/filter/http/router.pb.validate.h" -#include "envoy/api/v2/filter/http/squash.pb.validate.h" -#include "envoy/api/v2/filter/http/transcoder.pb.validate.h" -#include "envoy/api/v2/filter/network/http_connection_manager.pb.validate.h" -#include "envoy/api/v2/filter/network/mongo_proxy.pb.validate.h" -#include "envoy/api/v2/filter/network/redis_proxy.pb.validate.h" -#include "envoy/api/v2/filter/network/tcp_proxy.pb.validate.h" +#include "envoy/api/v2/core/protocol.pb.validate.h" +#include "envoy/config/filter/accesslog/v2/accesslog.pb.validate.h" +#include "envoy/config/filter/http/buffer/v2/buffer.pb.validate.h" +#include "envoy/config/filter/http/fault/v2/fault.pb.validate.h" +#include "envoy/config/filter/http/gzip/v2/gzip.pb.validate.h" +#include "envoy/config/filter/http/health_check/v2/health_check.pb.validate.h" +#include "envoy/config/filter/http/lua/v2/lua.pb.validate.h" +#include "envoy/config/filter/http/router/v2/router.pb.validate.h" +#include "envoy/config/filter/http/squash/v2/squash.pb.validate.h" +#include "envoy/config/filter/http/transcoder/v2/transcoder.pb.validate.h" +#include "envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.pb.validate.h" +#include "envoy/config/filter/network/mongo_proxy/v2/mongo_proxy.pb.validate.h" +#include "envoy/config/filter/network/redis_proxy/v2/redis_proxy.pb.validate.h" +#include "envoy/config/filter/network/tcp_proxy/v2/tcp_proxy.pb.validate.h" #include "envoy/api/v2/listener/listener.pb.validate.h" #include "envoy/api/v2/route/route.pb.validate.h" #include "envoy/config/bootstrap/v2/bootstrap.pb.validate.h" diff --git a/tools/BUILD b/tools/BUILD index 04be86a3..668ea6fe 100644 --- a/tools/BUILD +++ b/tools/BUILD @@ -7,7 +7,7 @@ py_binary( visibility = ["//visibility:public"], deps = [ "//envoy/api/v2:lds_py", - "//envoy/api/v2/filter/network:http_connection_manager_py", + "//envoy/config/filter/network/http_connection_manager/v2:http_connection_manager_py", ], ) diff --git a/tools/generate_listeners.py b/tools/generate_listeners.py index b485438a..fdcfb138 100644 --- a/tools/generate_listeners.py +++ b/tools/generate_listeners.py @@ -17,7 +17,7 @@ from google.protobuf import struct_pb2 from google.protobuf import text_format from envoy.api.v2 import lds_pb2 -from envoy.api.v2.filter.network import http_connection_manager_pb2 +from envoy.config.filter.network.http_connection_manager.v2 import http_connection_manager_pb2 # Convert an arbitrary proto object to its Struct proto representation.