Fixes server_fuzz_test fuzz bugs:
* QUIC upstream not implemented in prod, so the fuzzer removes the HTTP3 codec types for http health checks
* PGV validate throws a not yet implemented error on URIs. I removed this check for now and replaced with a TODO. If I catch the std::exception that is thrown and bypass it with a warning statement in the logs, we skip over other validations, which means that any fuzz test or user using this uri field will be in danger of failing because of other invalid fields @JimmyCYJ. PGV issue tracked: envoyproxy/protoc-gen-validate#303
Fixes OSS-Fuzz Issues:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19614https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19689
Signed-off-by: Asra Ali <asraa@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ b7dcf083876f5d34d0dde5df535989a81dfa8023
It enables to specify API versioning for xDS for #8421, allow to write like this config
eds_cluster_config:
eds_config:
version: V2
api_config_source:
api_type: GRPC
grpc_services:
envoy_grpc:
cluster_name: eds_cluster
Risk Level: Low
Testing: unit test(maybe it is needed to add integration test)
Signed-off-by: shikugawa <rei@tetrate.io>
Mirrored from https://github.com/envoyproxy/envoy @ e3717b54b8d91d1862b096f73efbe96086862183
Modifies the protodoc tool to tag required duration fields as required.
Adds documentation around HttpHealthCheck.expected_statuses to clarify
what's expected of the Int64Range. Tags two Uint32Value fields as required
since they were implicitly treated as such (and generated missing field
exceptions when unset).
Risk Level: low
Testing: existing tests pass
Docs Changes: yes
Release Notes: n/a
Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 9263763e0a68961ee10fe63bc534d2546ed38376
In order to get file level move annotation, import has to be before options.
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Mirrored from https://github.com/envoyproxy/envoy @ 062c895f499382ae61dead16db2a7e78b9146525
Updates the documentation to be less specific about the behavior of
removing an endpoint, as there are cases that does not result in
draining connections (e.g. when an endpoint is removed from one priority
but added to another).
Fixes#8056
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 7db53c01cf705d329bce4f0eb1b14549fde3744b
Adds documentation for on-demand VHDS/RDS.
Signed-off-by: Brian Avery <bavery@redhat.com>
Mirrored from https://github.com/envoyproxy/envoy @ 8ea6ccb5c3e28479da1978b7376ddc9cf0c6eb3a
Instead of formatting options heuristically, which will erase new annotations without changing protoxform, use proto descriptor to format options, and enforce its order as well.
Risk Level: Low
Testing: CI
Docs Changes: N/A
Release Notes: N/A
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Mirrored from https://github.com/envoyproxy/envoy @ dfe687d49574ef7eb1bf84867bf571e805a2bf97
Add a new field sts_service into GoogleGrpc call credential options which support Envoy to exchange token. See grpc/grpc#19032 and grpc/grpc#19587.
Signed-off-by: JimmyCYJ jimmychen.0102@gmail.com
Risk Level: Low
Testing: Unit test
Signed-off-by: Jimmy Chen <jimmychen.0102@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 46e65a498df7c920065a769860753076f9de16e7
Make TCP listeners supporting SO_REUSEPORT, then each worker thread will create
and listen on socket using same address and port.
Signed-off-by: lhuang8 <lhuang8@ebay.com>
Mirrored from https://github.com/envoyproxy/envoy @ 8534ac8f810de72961b9e4399e14cf24fade7a60
* api: link to previous message type package in API BUILD files.
We need to include the descriptors from the previous message version in
the build. We opt to do this transitively; when you include v3 of a
package, you get the v2 via a transitive dep. This should work based on
alwayslink semantics for cc_library.
The computation of the deps is based on the previous_message_type
annotation, which will allow cross package migrations.
Part of #8082.
Risk level: Low
Testing: Disabled ip_tagging v2 descriptor hack, observed
version_integration_test. After the BUILD changes, this now passes
again.
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 7f8fb9509d3189819dd253e25ec76e939ae106e7
Adding property use_tcp_for_dns_lookups to bootstrap and cds config, which will instruct dns resolvers to use tcp for DNS queries.
Risk Level: Medium/Low
Fixes#7965
Signed-off-by: Kateryna Nezdolii <nezdolik@spotify.com>
Mirrored from https://github.com/envoyproxy/envoy @ b78fc4e0edc696c2395b7eafbca8cbc62cb0f325
This PR avoids having to include an API type database in the Envoy build
by introducing a message annotation option that allows Envoy to
determine earlier corresponding message types via descriptor inspection.
The ApiTypeDb is now ApiTypeOracle and utilizes these annotations.
Risk level: Low
Testing: Existing API and verison upgrade tests pass.
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 297f7a73b3f93bccf8af73c0a555ae52bce6cecb
Add a mechanism for a filter to define the action for a route.
Risk Level: Low
Testing: N/A
Docs Changes: Inline with proto change.
Release Notes: N/A
Fixes#8953.
Signed-off-by: Mark D. Roth <roth@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ a907cff53f6ffb33d9a87b5ef50934626caa1b9e
This reverts commit 80aedc1c4a1aecc1616bd1563450c69d04e9568f.
Revert "config: rename NewGrpcMuxImpl -> GrpcMuxImpl (#8919)"
This reverts commit 6d505533304731fcc97041adce1f735431a703d7.
Revert "config: reinstate #8478 (unification of delta and SotW xDS), reverted by #8939 (#8974)"
This reverts commit a37522cf3f15639c8afeb7402f505044815fcf85.
Signed-off-by: Matt Klein <mklein@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ 38adf1f02e95cf7a7078cdaa39032b62ca1e2ebf
Introduce new fallback policy for subset load balancer's selectors: KEYS_SUBSET and related LbSubsetSelector config parameter: fallback_keys_subset.
When context metadata matches given selector on keys, but there is no matching subset and KEYS_SUBSET fallback policy is set for that selector, there will be another attempt on subset selector matching. For that consecutive attempt, the context metadata will be reduced to keys included in fallback_keys_subset.
Risk Level: low (no changes in existing features, adding a new feature that is disabled by default). But there is also a small bugfix that can affect existing behaviour.
Testing: Unit tests and manual testing using envoy with static config
Docs: added
Release Notes: added
Fixes: #8767Fixes: #8874
Signed-off-by: Marcin Falkowski <marcin.falkowski@allegro.pl>
Mirrored from https://github.com/envoyproxy/envoy @ b7bef67c256090919a4585a1a06c42f15d640a09
This reverts commit 443bc3345b0e3db99a3df03d52f317697b99d5d7.
Signed-off-by: Matt Klein <mklein@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ df6d3bc453167a8e9fd29662280859b4f56f0af8
This has not been implemented, so hide the API from the docs.
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 8e368e4bdfa8f220c5f4cb03ca61587ae1a3d118
Deprecate google.protobuf.Struct config members in the following types:
envoy.api.v2.auth.PrivateKeyProvider
envoy.api.v2.listener.UdpListenerConfig
envoy.config.filter.accesslog.v2.ExtensionFilter
Risk Level: Low
Testing: Unit Test
Docs Changes: N/A
Release Notes: N/A
Fixes: #8403
Signed-off-by: Yan Avlasov <yavlasov@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ d36adbb5c4aad13af21f109b86978b8478f54409
Wires up the upstream side of HTTP/1.1 header formatting and documents the header casing behavior.
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 86420eb64a750fd6025cf5efc8b846c8fe63f0c9
Adds a configuration option that will convert all header keys into
Proper-Case. This is useful to allow Envoy to respond with headers
that match the casing of other systems, to ensure that the wire format
of responses is unchanged when migrating to Envoy.
Fixes#8463
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 7846427d7aafb9e023c38bb6e704262f7c724c92
Fix PGV location references and TODOs. Remove some unused imports.
Risk Level: Low (locations in comments and simple TODOs as outlined by @htuch)
Testing: bazel build @envoy_api//envoy/..., bazel test //test/...
Signed-off-by: Michael Payne <michael@sooper.org>
Mirrored from https://github.com/envoyproxy/envoy @ 68ca6746d168c6cea26d21479ef50b2be9aaa25d
Modifies the pedantic spell checker to better handle camel-case words.
Each part the word is now treated as a separate error in both the check
and fix modes.
Disables run-together mode for aspell, which allowed typos such as
"mananger" (man + anger). Fixes the resulting spelling errors.
Miscellaneous other fixes:
* Provides an option to replace a word without adding the word to the
dictionary (in case aspell's suggestions do not contain the correct
replacement).
* Fixes a bug in the script when no suggestions are returned by aspell.
* Checks the dictionary and added words for invalid characters that cause
aspell errors at dictionary load time.
* Sets the mark flag when in CI runs so that misspelled words are indicated.
* Culls words from the dictionary that are no longer in the codebase, or are
otherwise not needed.
Risk Level: low (comments only)
Testing: n/a
Doc Changes: n/a
Release Notes: n/a
Fixes: #8481
Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ de70fe54cdba6b022b3971379afa535f402f2ffe
data-plane-api(CircleCI)