Users can specify metadata in a health check's config that will be
used to select a matching transport socket from those configured in a
cluster's transport_socket_matches. This allows users to configure a
different transport socket for health check connections than the one
that is used to create a connection to an endpoint for proxying.
Risk Level: low; small optional feature
Testing: added unit tests
Docs Changes: updated health check and cluster proto docs with an explanation and example.
Release Notes: added
Fixes#10575
Signed-off-by: Spencer Lewis <slewis@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ b6c8bb3a4ac6bcce221643a4924befd5eefd6815
Description: This PR creates a common PROXY protocol config API message. It will be used for CONNECT work as well as in the transport socket for my upstream proxy proto work. This message could be extended to include TLVs in the future.
Risk Level: Low
Testing: None
Docs Changes: None
Release Notes: None
Discussed in: #10682 (my draft PR to discuss the upstream implementation)
Signed-off-by: Weston Carlson <wez470@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 1c28302b62bc4f5b93f2826eb06d2878069d9081
Also remove some stale comments around delta xDS in ConfigSource.
Fixes#10836
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 4ee310ec07a4e0e775626fe8c652726b4151b8e9
Fuzzing catches more fields tripping on ASSERT(valid())
* JWT Authn filter has HTTP header name/value strings: forward_payload_header, name, value
* Route components: request_headers_to_remove
* health_check.proto: host, path, authority, and request_headers_to_remove
Test-only:
* utility fuzz test was running findQueryStringStart on a HeaderString. Fuzz inputs were not validated.
Fixes:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21323https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21623
Signed-off-by: Asra Ali <asraa@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 167df8c4554073d5115316ac36dd97088c3e6d93
This patch performs a major version freeze and bump by modifying
package_version_status, using the tooling developed in #10636.
Specifically:
v2 APIs are frozen (except for where they are the latest in their
package history and still active)
v3 APIs are transitioned to be active
Candidate v4alpha APIs are generated (not used by Envoy yet)
Fixes#10355
Risk level: medium (entire API's files are modified, visually verified
to ensure things look sane, all tests pass)
Testing: CI
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 549164c42cae84b59154ca4c36009e408aa10b52
This patch adds the RuntimeDouble helper class, similar to the
RuntimeUint32 class.
Signed-off-by: Tony Allen <tony@allen.gg>
Mirrored from https://github.com/envoyproxy/envoy @ 15330aa60bd6da79be02f00b8130b527f11eb0fa
Allow using a custom host name for endpoints and health checks. This enables auto host re-write to work with EDS
Risk Level: Low, new opt in field.
Testing: Unit tests
Docs Changes: inline docs in the protocs.
Release Notes: added to version_history.rst
Fixes#10408
Signed-off-by: Yuval Kohavi <yuval.kohavi@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ b5a3405b2725e979a93e7410fce7c57a0c66d8db
Add options to either put all methods into the same per-cluster
stat, or to whitelist which methods to create stats for.
Additionally, start a deprecation process for the default mode
being to create a stat for all methods, to remove an unsafe
default.
Risk Level: Low
Testing: Unit tests added
Docs Changes: done
Release Notes: added
Fixes#10445
Deprecated: added
Mirrored from https://github.com/envoyproxy/envoy @ 715992f3ac891d87e67566ffbfd6b3af8d8a4e1d
Part of https://github.com/envoyproxy/envoy/issues/10355, this patch introduces additional
annotations to the API to support automatic inference (and developer documentation) of where the
active developer editable version of a file is, and which files are frozen or machine generated.
Risk level: Low (API annotations only)
Testing: CI
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 4c5f4310bb8a19a38e5377d7a2d2dc6aa4560f47
This enables "non-strict" header validations, that match the ones in place with Envoy's ASSERT(valid()) code. The default strict: true checks checked for RFC-compliance, which may break previously valid configs.
Part of #10318
Signed-off-by: Asra Ali <asraa@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 97a76d991766d96df2e84a1f2e33b69cae844471
Implement a retry policy for remote data sources.
Risk Level: Low
Testing: Unit test
Docs Changes: N/A
Release Notes: added
Fixes: #9438
Signed-off-by: Yan Xue <yxyan@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ bd7c97858556c2851589d7fb73a25e99b8687df3
Ignores RST code blocks, double-backtick literals, and links.
Ignores single-, double- or asterisk-quoted words containing
letters, numbers, hyphens and periods. Single- and double-quoted
words may contain asterisks as well. Ignores code-like expressions
in single backticks (e.g. `namespace::template<T>`). Ignores
tuple-like expressions. Better smart quote handling. Prefix and
suffixes can be stored in the word list but are handled specially.
Risk Level: low, build only
Testing: unit tests
Docs Changes: cleanup
Release Notes: n/a
Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 56cfb638edd241887338816eecda12fc66f57e9e
Modifies the well-known-names of the built-in http filters
to use the same names as the extension build system.
Handles transition of per-filter-configs.
Risk Level: low, previous name is still accepted
Testing: existing tests + deprecated tests for old names
Docs Changes: updated names
Release Notes: updated
Deprecated: old names are logged as deprecated
Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ c5c1e5bb6570f81f30dd48d8b379392c84e81fe0
This PR introduces a parallel v3 API reference documentation tree to the
existing v2 one.
The docs/root/api-v3/ tree was copied from docs/root/api-v2 and the
necessary package path fixups were made manually. As a result, the tree
largely resembles the v2 docs. Long term this is likely to evolve to
reflect the shape of the new extensions tree.
The message type, field and enum anchors are sed'ed to be distinct and
self-consistent inside api-v3/.
There were a number of API proto changes that were made to obtain a
successful Sphinx build:
* References to deprecated fields were replaced by references to the replacement field.
* clang-format line wrapping in protoxform was removed, this breaks RST in some v3 protos.
* Some packages (type/metadata/v2, data/cluster/v2alpha) were force upgraded to v3, to deal with references to types that are distinct in v2/v3. This is OK as these packages probably make sense to bump for v3, in general we're going to have to think about how to do this more
cleanly, supporting dual v2/v3 references alongside each other.
* Some evil hacks for field renaming added to migrate.py for RouteAction.
There's also some additional machinery added to compute distinct v3/v3
build targets to point protodoc at.
Risk level: Low
Testing: Docs build, manual inspection.
Fixes#8087
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ ac88316892cd47b6a9b58e3736e20e8863cd0d27
In which we convert every v3alpha reference to v3. In future revs of the
stable API versioning policy, we will develop better tooling to support
> 2 alpha and stable versions. For v3, it seems reasonable to just mv
v3alpha to v3, since there should be no external consumers yet.
Risk level: Low
Testing: bazel test //test/..., CI.
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 5248a4fb7d4c2a3d1fa151f944d3a63f6b7a06cf
data-plane-api(CircleCI)