From ea3e608abb3fee6ce542f67ed6daa3b1c0e20ed0 Mon Sep 17 00:00:00 2001 From: "data-plane-api(CircleCI)" Date: Mon, 27 Jan 2020 21:55:20 +0000 Subject: [PATCH] Proxy-WASM configuration protos. (#9256) Signed-off-by: John Plevyak Mirrored from https://github.com/envoyproxy/envoy @ bd637c4e3d691a74721049bba5aacc4551123aa8 --- BUILD | 2 + docs/BUILD | 1 + envoy/config/wasm/v2alpha/BUILD | 12 ++++ envoy/config/wasm/v2alpha/wasm.proto | 81 +++++++++++++++++++++++++ envoy/extensions/wasm/v3/BUILD | 13 ++++ envoy/extensions/wasm/v3/wasm.proto | 89 ++++++++++++++++++++++++++++ 6 files changed, 198 insertions(+) create mode 100644 envoy/config/wasm/v2alpha/BUILD create mode 100644 envoy/config/wasm/v2alpha/wasm.proto create mode 100644 envoy/extensions/wasm/v3/BUILD create mode 100644 envoy/extensions/wasm/v3/wasm.proto diff --git a/BUILD b/BUILD index 69443c3e..c50a1c80 100644 --- a/BUILD +++ b/BUILD @@ -95,6 +95,7 @@ proto_library( "//envoy/config/transport_socket/alts/v2alpha:pkg", "//envoy/config/transport_socket/raw_buffer/v2:pkg", "//envoy/config/transport_socket/tap/v2alpha:pkg", + "//envoy/config/wasm/v2alpha:pkg", "//envoy/data/accesslog/v2:pkg", "//envoy/data/cluster/v2alpha:pkg", "//envoy/data/core/v2alpha:pkg", @@ -209,6 +210,7 @@ proto_library( "//envoy/extensions/transport_sockets/raw_buffer/v3:pkg", "//envoy/extensions/transport_sockets/tap/v3:pkg", "//envoy/extensions/transport_sockets/tls/v3:pkg", + "//envoy/extensions/wasm/v3:pkg", "//envoy/service/accesslog/v3:pkg", "//envoy/service/auth/v3:pkg", "//envoy/service/cluster/v3:pkg", diff --git a/docs/BUILD b/docs/BUILD index 38683df0..b09a5bc3 100644 --- a/docs/BUILD +++ b/docs/BUILD @@ -101,6 +101,7 @@ proto_library( "//envoy/config/transport_socket/alts/v2alpha:pkg", "//envoy/config/transport_socket/raw_buffer/v2:pkg", "//envoy/config/transport_socket/tap/v2alpha:pkg", + "//envoy/config/wasm/v2alpha:pkg", "//envoy/data/accesslog/v2:pkg", "//envoy/data/cluster/v2alpha:pkg", "//envoy/data/core/v2alpha:pkg", diff --git a/envoy/config/wasm/v2alpha/BUILD b/envoy/config/wasm/v2alpha/BUILD new file mode 100644 index 00000000..69168ad0 --- /dev/null +++ b/envoy/config/wasm/v2alpha/BUILD @@ -0,0 +1,12 @@ +# DO NOT EDIT. This file is generated by tools/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/api/v2/core:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/envoy/config/wasm/v2alpha/wasm.proto b/envoy/config/wasm/v2alpha/wasm.proto new file mode 100644 index 00000000..34cb7041 --- /dev/null +++ b/envoy/config/wasm/v2alpha/wasm.proto @@ -0,0 +1,81 @@ +syntax = "proto3"; + +package envoy.config.wasm.v2alpha; + +import "envoy/api/v2/core/base.proto"; + +import "google/protobuf/any.proto"; + +import "udpa/annotations/migrate.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.config.wasm.v2alpha"; +option java_outer_classname = "WasmProto"; +option java_multiple_files = true; +option (udpa.annotations.file_migrate).move_to_package = "envoy.extensions.wasm.v3"; + +// [#protodoc-title: Wasm service] + +// Configuration for a Wasm VM. +// [#next-free-field: 6] +// [#not-implemented-hide:] pending implementation. +message VmConfig { + // An ID which will be used along with a hash of the wasm code (or the name of the registered Null + // VM plugin) to determine which VM will be used for the plugin. All plugins which use the same + // *vm_id* and code will use the same VM. May be left blank. Sharing a VM between plugins can + // reduce memory utilization and make sharing of data easier which may have security implications. + // See ref: "TODO: add ref" for details. + string vm_id = 1; + + // The Wasm runtime type (either "v8" or "null" for code compiled into Envoy). + string runtime = 2 [(validate.rules).string = {min_bytes: 1}]; + + // The Wasm code that Envoy will execute. + api.v2.core.AsyncDataSource code = 3; + + // The Wasm configuration used in initialization of a new VM (proxy_on_start). + google.protobuf.Any configuration = 4; + + // Allow the wasm file to include pre-compiled code on VMs which support it. + // Warning: this should only be enable for trusted sources as the precompiled code is not + // verified. + bool allow_precompiled = 5; +} + +// Base Configuration for Wasm Plugins e.g. filters and services. +// [#next-free-field: 6] +// [#not-implemented-hide:] pending implementation. +message PluginConfig { + // A unique name for a filters/services in a VM for use in identifying the filter/service if + // multiple filters/services are handled by the same *vm_id* and *group_name* and for + // logging/debugging. + string name = 1; + + // A unique ID for a set of filters/services in a VM which will share a RootContext and Contexts + // if applicable (e.g. an Wasm HttpFilter and an Wasm AccessLog). If left blank, all + // filters/services with a blank group_name with the same *vm_id* will share Context(s). + string group_name = 2; + + // Configuration for finding or starting VM. + oneof vm_config { + VmConfig inline_vm_config = 3; + // In the future add referential VM configurations. + } + + // Filter/service configuration used to configure or reconfigure a plugin + // (proxy_on_configuration). + google.protobuf.Any configuration = 5; +} + +// WasmService is configured as a built-in *envoy.wasm_service* :ref:`ServiceConfig +// `. This opaque configuration will be used to +// create a Wasm Service. +// [#not-implemented-hide:] pending implementation. +message WasmService { + // General plugin configuration. + PluginConfig config = 1; + + // If true, create a single VM rather than creating one VM per worker. Such a singleton can + // not be used with filters. + bool singleton = 2; +} diff --git a/envoy/extensions/wasm/v3/BUILD b/envoy/extensions/wasm/v3/BUILD new file mode 100644 index 00000000..d29790ff --- /dev/null +++ b/envoy/extensions/wasm/v3/BUILD @@ -0,0 +1,13 @@ +# DO NOT EDIT. This file is generated by tools/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/config/core/v3:pkg", + "//envoy/config/wasm/v2alpha:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/envoy/extensions/wasm/v3/wasm.proto b/envoy/extensions/wasm/v3/wasm.proto new file mode 100644 index 00000000..ce771727 --- /dev/null +++ b/envoy/extensions/wasm/v3/wasm.proto @@ -0,0 +1,89 @@ +syntax = "proto3"; + +package envoy.extensions.wasm.v3; + +import "envoy/config/core/v3/base.proto"; + +import "google/protobuf/any.proto"; + +import "udpa/annotations/versioning.proto"; + +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.wasm.v3"; +option java_outer_classname = "WasmProto"; +option java_multiple_files = true; + +// [#protodoc-title: Wasm service] + +// Configuration for a Wasm VM. +// [#next-free-field: 6] +// [#not-implemented-hide:] pending implementation. +message VmConfig { + option (udpa.annotations.versioning).previous_message_type = "envoy.config.wasm.v2alpha.VmConfig"; + + // An ID which will be used along with a hash of the wasm code (or the name of the registered Null + // VM plugin) to determine which VM will be used for the plugin. All plugins which use the same + // *vm_id* and code will use the same VM. May be left blank. Sharing a VM between plugins can + // reduce memory utilization and make sharing of data easier which may have security implications. + // See ref: "TODO: add ref" for details. + string vm_id = 1; + + // The Wasm runtime type (either "v8" or "null" for code compiled into Envoy). + string runtime = 2 [(validate.rules).string = {min_bytes: 1}]; + + // The Wasm code that Envoy will execute. + config.core.v3.AsyncDataSource code = 3; + + // The Wasm configuration used in initialization of a new VM (proxy_on_start). + google.protobuf.Any configuration = 4; + + // Allow the wasm file to include pre-compiled code on VMs which support it. + // Warning: this should only be enable for trusted sources as the precompiled code is not + // verified. + bool allow_precompiled = 5; +} + +// Base Configuration for Wasm Plugins e.g. filters and services. +// [#next-free-field: 6] +// [#not-implemented-hide:] pending implementation. +message PluginConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.config.wasm.v2alpha.PluginConfig"; + + // A unique name for a filters/services in a VM for use in identifying the filter/service if + // multiple filters/services are handled by the same *vm_id* and *group_name* and for + // logging/debugging. + string name = 1; + + // A unique ID for a set of filters/services in a VM which will share a RootContext and Contexts + // if applicable (e.g. an Wasm HttpFilter and an Wasm AccessLog). If left blank, all + // filters/services with a blank group_name with the same *vm_id* will share Context(s). + string group_name = 2; + + // Configuration for finding or starting VM. + oneof vm_config { + VmConfig inline_vm_config = 3; + // In the future add referential VM configurations. + } + + // Filter/service configuration used to configure or reconfigure a plugin + // (proxy_on_configuration). + google.protobuf.Any configuration = 5; +} + +// WasmService is configured as a built-in *envoy.wasm_service* :ref:`ServiceConfig +// `. This opaque configuration will be used to +// create a Wasm Service. +// [#not-implemented-hide:] pending implementation. +message WasmService { + option (udpa.annotations.versioning).previous_message_type = + "envoy.config.wasm.v2alpha.WasmService"; + + // General plugin configuration. + PluginConfig config = 1; + + // If true, create a single VM rather than creating one VM per worker. Such a singleton can + // not be used with filters. + bool singleton = 2; +}