Signed-off-by: John Howard <howardjohn@google.com>
Co-authored-by: phlax <phlax@users.noreply.github.com>
Mirrored from https://github.com/envoyproxy/envoy @ 466e78586afaeb8ecb5f92351cd5ffdee3871f49
Signed-off-by: Marcin Falkowski <marcin.falkowski@allegro.pl>
Mirrored from https://github.com/envoyproxy/envoy @ 2bee66e427f26680f799643ba9ce82ffd5541895
The HeaderAppendAction was added in the #18246. But the implementation never done. This PR try to complete this feature.
Further work of #18246. To close#22713.
Risk Level: Low.
Testing: Unit Test.
Signed-off-by: wbpcode <wangbaiping@corp.netease.com>
Mirrored from https://github.com/envoyproxy/envoy @ 5183dbf7f11b23f1f7013a3e42cbce71eb63252a
Signed-off-by: Kuat Yessenov <kuat@google.com>
Commit Message: Expose internal listener functionality. Marks the fields as implemented. Adds the following functional changes prior to publishing:
* do not use the `address` field per https://github.com/envoyproxy/envoy/pull/21132, and instead use the listener `name` field as originally expected.
* add an `endpoint_id` field to upstream address to fix https://github.com/envoyproxy/envoy/pull/22420; it's not possible to have multiple internal addresses to the same listener in a single pool without some extra identifier beyond the listener name, because pools identify addresses using `asString()`.
* fixes https://github.com/envoyproxy/envoy/issues/20665 by using stat prefix `listener.envoy_internal_<listener_name>`.
Adds a few sample configs (and fixes https://github.com/envoyproxy/envoy/issues/20335):
* minimal two chained `tcp_proxy` listeners;
* encap HTTP in HTTP CONNECT;
* decap HTTP in HTTP CONNECT;
Risk Level: low, hidden prior
Testing: yes
Docs Changes: yes
Release Notes: yes
Mirrored from https://github.com/envoyproxy/envoy @ 02489bbf8990faddb6be1f2e0f22851b64c3fc85
* cors: add PNA support
Signed-off-by: Loong Dai <loong.dai@intel.com>
* fix field
Signed-off-by: Loong Dai <loong.dai@intel.com>
* use runtime guard rather than api change
Signed-off-by: Loong Dai <loong.dai@intel.com>
* fix CI
Signed-off-by: Loong Dai <loong.dai@intel.com>
* update changelog
Signed-off-by: Loong Dai <loong.dai@intel.com>
* revert unrelated changes
Signed-off-by: Loong Dai <loong.dai@intel.com>
* update API
Signed-off-by: Loong Dai <loong.dai@intel.com>
* feedback and update tests
Signed-off-by: Loong Dai <loong.dai@intel.com>
* update tests
Signed-off-by: Loong Dai <loong.dai@intel.com>
* update tests
Signed-off-by: Loong Dai <loong.dai@intel.com>
* add tests
Signed-off-by: Loong Dai <loong.dai@intel.com>
* feedback
Signed-off-by: Loong Dai <loong.dai@intel.com>
* remove useless test
Signed-off-by: Loong Dai <loong.dai@intel.com>
* feedback
Signed-off-by: Loong Dai <loong.dai@intel.com>
* fix CI
Signed-off-by: Loong Dai <loong.dai@intel.com>
Mirrored from https://github.com/envoyproxy/envoy @ bf61b077e77197a28fefa5798902fd94008e4137
This PR is the first of a series to implement pattern matching and rewrite functionality for Envoy.
These specific proto changes:
Add the foundation for two extension configs
Change the API to expose the extension configs to end users
Risk Level: Low
Signed-off-by: silverstar195 <seanmaloney@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 25654b97cdd2647c258ae459e6607f51e99c99cc
Commit Message: The documentation in the protobuf comments for stats tag extractors has been stale since 2018. This corrects the documentation to match the current behavior.
Additional Description: This documents a change that was done in Feb 2018: #2515 -- obviously we should've fixed the doc then but it was overlooked.
Risk Level: low
Testing: none
Docs Changes: this is a doc change only, to reflect current reality
Release Notes: n/a
Platform Specific Features: n/a
Signed-off-by: Joshua Marantz <jmarantz@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 076bc515b3e6fca54592174928fc7ab06763b812
Commit Message: This PR entirely removes the Lightstep tracer. Lightstep is looking forward to the OpenTelemetry tracer integration.
Additional Description: The owner of this code left Lightstep and we have no plans to maintain this code now that OpenTelemetry is ready.
Risk Level: Low
Docs Changes:
Release Notes: Remove Lightstep tracer.
Co-authored-by: alyssawilk <alyssar@google.com>
Co-authored-by: alyssawilk <alyssar@chromium.org>
Mirrored from https://github.com/envoyproxy/envoy @ eb521f42e760b9e5cb6ca544e5c87523f0592fa9
Adding an API field treat_missing_header_as_empty for better compatibility (both backward and to other xDS clients like gRPC) and potential to expand (not restricted to invert_match)
Risk Level: Low
Testing: Unit test
Docs Changes: inline
Release Notes: inline
Fixes#21828
Signed-off-by: Yuhao Liu <yuhaoliu@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 3e4b31b513765bcff4dba7e2e5b723cb8bd6ffca
Follow-up to #21707 with a focus on back-filling more extension type URLs. Renames extensions_build_config and extensions_metadata to the names in the internal extension registry. For preserve_case, we deprecate the short name with the fully qualified name (both names are valid in the interim).
Risk Level: medium, only preserve_case name changes
Testing: regression
Docs Changes: yes
Release Notes: yes
Signed-off-by: Kuat Yessenov <kuat@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 7c04dda02a61c4866b6cc7273c776d62dd3fb127
The patch does following up jobs of #21633,
1. removes deprecated fields of regex matching in docs and examples,
2. add the missing deprecation changelog,
3. add the missing extension category and extensions.
Risk Level: Low
Testing: N/A
Docs Changes: Yes (examples)
Release Notes: Added
Platform Specific Features: N/A
Signed-off-by: Xie Zhihao <zhihao.xie@intel.com>
Mirrored from https://github.com/envoyproxy/envoy @ aa8da5554ae8bdf8c85229cc2594ec7d8dee6edb
initially this will only check for "unused imports" but we can expand
as other linting rules are met.
Signed-off-by: Ryan Northey <ryan@synca.io>
Mirrored from https://github.com/envoyproxy/envoy @ e9f492281f9f905b6bedcbbb334c370b36c56fb2
Add support for injecting regex engine with its options on startup in a bootstrap option. These are some API, runtime and implementation changes.
* google_re2 in safe_regex will be deprecated and no longer be required. Regex::parseRegex will choose the registered regex engine to parse expressions into matchers.
* A new bootstrap option default_regex_engine will be introduced for regex engine selection.
* For compatibility, GoogleRE2 will be chosen as default regex engine if no regex engine is designated.
Signed-off-by: Xie Zhihao <zhihao.xie@intel.com>
Mirrored from https://github.com/envoyproxy/envoy @ 0a92cc86e7f8b88d5af0eb2e27b5c7ef64719e56
Signed-off-by: Xie Zhihao zhihao.xie@intel.com
Commit Message: rbac: add unified matcher for RBAC filters
Additional Description:
The patch add the matching API support for both RBAC network filter and HTTP filter. Users can configure rules and shadow rules in either policies or the matching API manner. There are some incompatibilities, TODOs and behavior changes compared to the policies way.
RBAC matchers are not compatible with the matching API.
URL path and CEL are not supported in the matching API. These matchers may come as custom matcher.
Metadata is not supported in the matching API. These matchers may come as inputs.
Connections and requests with no matcher matched will always be denied.
Risk Level: Medium
Testing: Unit and integration
Docs Changes: API and configuration
Release Notes: WIP
Platform Specific Features: N/A
Fixes#20623
Mirrored from https://github.com/envoyproxy/envoy @ 42cb84456d53d053eb1ae94680d07a74f4545a48
Commit Message: add stats prefix for route
Additional Description: Adds API for stats generation support per route.
Risk Level: Low
Testing:
Docs Changes:
Release Notes:
Platform Specific Features:
API for #3351
Signed-off-by: Rama Chavali <rama.rao@salesforce.com>
Mirrored from https://github.com/envoyproxy/envoy @ 7b937e8cd5796cf19d14f20abcb6be81f149c68b
Risk Level: low (and config guarded)
Testing: new unit, integration tests
Docs Changes: in with APIs
Release Notes: inline
part of envoyproxy/envoy-mobile#1622
Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Mirrored from https://github.com/envoyproxy/envoy @ 71f7f2c54b4c7c8b3c076ad22d849914c25f62e8
Make sure a config option is a valid header name.
Signed-off-by: Andre Vehreschild <vehre@x41-dsec.de>
Mirrored from https://github.com/envoyproxy/envoy @ 2db5f021551b67cb37c49ca769bf1ab659897bc9
The default value of most_specific_header_mutations_wins is false.
Signed-off-by: derekguo001 <dong.guo@intel.com>
Mirrored from https://github.com/envoyproxy/envoy @ 774bcedf31ac495f4ccb9df5d702f2be6d169079
API for Unified Header Validators
Signed-off-by: Yan Avlasov <yavlasov@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ e569ce06101932cfe3ccb710c3c60b92dd09464b
udp: Add a udp_packet_packet_writer_config option to UdpListenerConfig.
Fixes#21200
Risk Level: Low
Testing: Existing and additional tests
Docs Changes: None
Release Notes: Added
Platform Specific Features: N/A
Signed-off-by: Ryan Hamilton <rch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 3a7b26aa3909488a8561a232b82845b8b4cd38bb
Commit Message: make HTTP/3 upstream sends 0-RTT (early data) requests if it has cached 0-RTT credentials. Add a config knob in RouteAction to specify which request can be sent over early data, which by default are HTTP safe methods.
Risk Level: high, changes to conn pool behavior though should only take effect for h3 pool
Testing: added h3 upstream integration tests.
Docs Changes: N/A
Release Notes: changes to docs/root/version_history/current.rst
Platform Specific Features: N/A
Runtime guard: envoy.reloadable_features.http3_sends_early_data
Fixes#18715, #19542
Signed-off-by: Dan Zhang <danzh@google.com>
Signed-off-by: Dan Zhang <danzh@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 8ce13d75a982ddd347db5a333a4bb080922f7514
* Add an option to RouteConfiguration, when enabled, ignore port contained in host header during host matching.
Signed-off-by: Xin Zhuang <stevenzzz@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 2f99e0c9f83b6c91b42d215a148ed49ce0f174fd
data-plane-api(Azure Pipelines)