Adds optional configuration to ext_authz filter allowing to specify http headers to add to the request from Envoy to external authorization service.
Risk Level: Low
Testing: unit test
Docs Changes: added
Release Notes: added
Signed-off-by: David Kowalski <dkowalski@apple.com>
Mirrored from https://github.com/envoyproxy/envoy @ 031501b1680d7544ab585b06ea459e94f9972f46
* hcm: allow unix sockets to be considered internal addresses
Adds a config option that treats unix socket addresses as internal for
the purpose of stats/header santization.
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ abf17919e363a1c9a2ce6dec85cda8cd6ba725dc
Adds configuration option to zipkin tracer config to determine whether shared span context should be used.
Resolves#4397
Risk Level: Medium
Testing:
Currently defined unit tests but will try on some examples early next week.
Docs Changes:
Config option defined in proto.
Signed-off-by: Gary Brown <gary@brownuk.com>
Mirrored from https://github.com/envoyproxy/envoy @ 2ddebc626920f05697c8f2582a683b03c0b10991
This reverts commit 75e54d072fa190ab78b9795f9ed7a98e1d2d33a3.
This was breaking Mac CI due to known PGV CLI limits.
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 8ba41eea553232bdfab90d9aa32ab4b72ca6fb31
This adds the option to match on gRPC requests directly instead of
indrectly doing so through header matchers. It provides a more robust
matching mechanism, as it incorporates the gRPC content-type variations
into the check.
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 701618f65a7513e2453d04ff1bc5cb2cc864c401
While there, move header modification in some tests from
route action level (deprecated in #3838) to route level.
*Risk Level*: Low
*Testing*: bazel test //test/...
*Docs Changes*: Added
*Release Notes*: Added
Fixes#4249.
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 6ce3e1f45005c37e4a951470ee0bcf0381738e76
Implements the Twitter variant of the Thrift binary protocol,
as implemented by the finagle library.
*Risk Level*: low
*Testing*: unit tests
*Docs Changes*: updated API docs
*Release Notes*: n/a
Signed-off-by: Stephan Zuercher <stephan@turbinelabs.io>
Mirrored from https://github.com/envoyproxy/envoy @ 21c6d13243b5d3c9decf1b24a49b72e66232953e
To encourage users to use v2 configuration. Related to #2100.
Risk Level: N/A, documentation change.
Testing: N/A
Docs Changes: N/A
Release Notes: N/A
Signed-off-by: Taiki Ono <taiki-ono@cookpad.com>
Mirrored from https://github.com/envoyproxy/envoy @ 1d46c75024ebe3c5449647f8bbb9d5dcc532f836
Refactor SdsApi to support dynamic certificate validation context, and support Envoy to fetch certificate validation context from remote server via SDS API.
Risk Level: Low
Testing: Unit tests and integration tests.
Fixes#1194
Signed-off-by: JimmyCYJ <jimmychen.0102@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 15cfc5ad1a4d622126f642fa70699af753a2d310
Ext_Authz HTTP client has been modified so that 5xx errors received from the authorization server will set the filter response status to error instead of denied and HTTP status code field to Forbidden. The gRPC client has been also modified in order to return HTTP status code Forbidden whenever an error between the client and the authorization server occurs.
Risk Level: low
Testing: unit tests, manual tests.
Docs Changes: not needed.
Fixes issue: #4124.
Signed-off-by: Gabriel <gsagula@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ d646949e0534557084196dea850c26599e53f1b8
Add a new field local_credentail into GoogleGrpc which supports Envoy to use gRPC local channel credentials.
Updated gRPC library to 1.15.0 release, which provides new methods that we need in order to use local channel credentials. See grpc/grpc#15909.
Certain Google gRPC features, such as passing Google default call credential, only works with a valid channel credential. Local credential is a valid channel credential.
Risk Level: Low
Testing: Unit test
Signed-off-by: JimmyCYJ <jimmychen.0102@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 23e8e12fd77b08b87007a819b5683a5289883b46
This change adds the ability to attach metadata to the clusters and weighted clusters to allow users to filter a down to instances that match metadata criteria provided. This is used only when the subset load balancer is enabled and leverages what exists already for http metadata matching.
Changes include:
- construct MetadataMatchCriteria objects from protobufs
- expose through Thrift::Router::RouteEntry and use in router impl
Risk Level: LOW
Testing: tests, new and old, pass
Docs Changes: added description for new proto fields. docs build successfully.
Release Notes: n/a
Signed-off-by: Brian Ramos <brirams@users.noreply.github.com>
Mirrored from https://github.com/envoyproxy/envoy @ c32aed93f5d27e8cbd17c1c47cf928d7e8115af4
Making this change so others can depend on metadatamatchcriteria_impl without needing
config_impl. Also update comments on metadata_match to specify that these fields only apply for the subset load balancer.
Context: https://github.com/envoyproxy/envoy/pull/4402/files#r216856765
Risk Level: low
Testing: tests, new and old, pass
Doc Changes: clarified docs
Release Notes: n/a
Signed-off-by: Brian Ramos <brirams@users.noreply.github.com>
Mirrored from https://github.com/envoyproxy/envoy @ 3b3c28a1dd6be6e1dd11e543227b23891c234fe8
Description: * is being rendered out off of the docs. This fixes that.
Risk Level: low
Testing: generated docs locally.
Signed-off-by: Jose Nino <jnino@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ 5c3169f863c4fc492f5a6a3220aef852451719ec
This adds the necessary configuration and interfaces to register
implementations of RetryPriority and RetryHostPredicate, which will
allow configuring smarter host selection during retries.
Part of #3958
Risk Level: low, api changes
Testing: n/a
Doc Changes: inline
Release Notes:n/a
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ f75577daab6bcd98f191ad915dd21eb341dd3b95
Adding the ability to add weighted clusters to the thrift router's RouteAction proto. This works much like the http one and borrows a great deal of code from it. Since the thrift_proxy Route and RouteEntry interfaces are much more bare bones, was able to implement the WeightedClusterEntry class.
Risk Level: Low
Testing: Tests, new and old, pass
Doc Changes: inline
Release Notes: n/a
Signed-off-by: Brian Ramos <brirams@users.noreply.github.com>
Mirrored from https://github.com/envoyproxy/envoy @ a50ac3747623a7fa74a5dbd33eacf0808dbf4d0c
Adds a /memory endpoint to the admin panel for fast inspection of Envoy::Memory's heap statistics, without needing to query stats.
Risk Level: Low
Testing: Added a test to admin_test.cc.
Docs Changes: Added a description of the option to admin.rst.
Release Notes: N/A
Signed-off-by: James Buckland <jbuckland@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ b5ba7f89a4433d283549c61a659c4e61ed564d16
This allows injecting a synthetic resource pressure from a file, primarily intended for use in integration tests to force envoy into an overloaded state.
Testing: unit tests
Docs Changes: docs updated to reference new resource monitor
Signed-off-by: Elisha Ziskind eziskind@google.com
Mirrored from https://github.com/envoyproxy/envoy @ 12957a29bd2627bc0bba921603bd5869a449be47
Add a terminal attribute to request hash policy.
Think about a case where customers want to hash on a cookie if it's present but if it's not present, do best-effort sticky based on something like IP so the customer has a stable hash.
This "terminal" allows request hashing to have the ability of "if A not working, fallback to B.", which also saves time to generate the hash.
Changes:
* Add a terminal attribute to HashMethod, which shortcircuit the hash generating process if a policy is marked terminal and there is a hash computed already.
Signed-off-by: Xin Zhuang stevenzzz@google.com
Description: Add terminal attribute to request hash.
Risk Level: Low
Testing: unit tests.
Mirrored from https://github.com/envoyproxy/envoy @ ee710d0a92b476cc3d7a0f99f11b62675d1a4e01
This PR added a new principal_name of type StringMatcher to rbac Authenticated and mark the existing user field as deprecated. This gives us more flexibility to express more matching rules against peer certificate.
Risk Level: Low
Testing: Added unit tests
Signed-off-by: Yangmin Zhu <ymzhu@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 5d731878fd0134ca15d5904450a64dab0ff577a9
Currently host level stats in clusters proto uses map so they are outputted in random order. This PR changes it to list so that the order is predictable.
Risk Level: Low
Testing: Added automated tests
Docs Changes: N/A
Release Notes: N/A
Signed-off-by: Rama <rama.rao@salesforce.com>
Mirrored from https://github.com/envoyproxy/envoy @ 69474b39878d74354a1fb0b14d41f362839540e8
Signed-off-by: Daniel Hochman <danielhochman@users.noreply.github.com>
Risk: trivial (Documentation only change)
Mirrored from https://github.com/envoyproxy/envoy @ f13ef246488f2ca1c1cc925ed90d1c76695cc624
This reverts commit ac0bd74. But leaves the API changes as 'not implemented' in order to not scramble the proto field.
#4073 had a bug. The cause has been identified, and a fix PR is forthcoming. However, in the meantime, we want to leave master clean.
Mirrored from https://github.com/envoyproxy/envoy @ 9d094e590f814485b53c7e46a4fb1066a71c36d3
This allows tunneling over H2, unfortunately only enabled via nghttp2_option_set_no_http_messaging until nghttp2/nghttp2#1181 is sorted out. See the big warnings about not using (at least without knowing you're going to have a roll-out that may break backwards-compatibility some time in the not too distant future)
Risk Level: Medium (changes are contained behind H2-with-Upgrade header which doesn't work today)
Testing: unit tests, and turned up the full H1/H2 upstream/downstream in the integration test
Docs Changes: for now, though I may take them out. I think they're useful for review.
Release Notes: not added since we don't want folks using it (outside of testbeds) yet.
#1630
Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Mirrored from https://github.com/envoyproxy/envoy @ cd171d9a95f551628453c83f0b00924e8b310bf0
We have dedicated alternative mechanisms for this in RouteAction, it can
confuse other actions (e.g. prefix_rewrite).
Fixes oss-fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9995.
Risk level: Low
Testing: Unit tests and corpus entry added.
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ b9dc5d9a04411fe72ff516cbaef527dd8c016ae9
This change adds header matching to the thrift router We do this by pulling in the route proto definition into the thrift route proto and making use of the Http::HeaderUtility class to do the matching for us. As such, we support the same type of header matching that exists for the http router.
Risk Level: LOW
Testing: unit and integrations tests, new and old, pass.
Doc changes: api docs updated
Release notes: n/a
Signed-off-by: Brian Ramos <brirams@users.noreply.github.com>
Mirrored from https://github.com/envoyproxy/envoy @ f5e219edca39da8d6b2d136d4d87a35c6ef5e416
In the latest iteration of
https://github.com/envoyproxy/envoy/pull/4220, it was necessary to use
PGV constraints on fuzzer inputs. To do this would require PGV
generation in envoy_build_system.bzl.
There is also quite a bit of mess in
how we were doing envoy_proto_library() today. So, this PR allows us to
throw away the custom envoy_proto_library() and benefit from leveraging
a single source of Envoy proto build truth.
Risk level: Low
Testing: bazel test //test/...
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 28d5f4118d60f828b1453cd8ad25033f2c8e38ab
* support failure_mode_deny in ratelimit
Signed-off-by: Rama <rama.rao@salesforce.com>
Mirrored from https://github.com/envoyproxy/envoy @ ac0bd74f6f9716e3a44d1412f795317c30ca770a
Fixes the order of config_dump elements - bootstrap, clusters, listeners and routes will come in that order. Note that inside each of them, ordering is not guaranteed. This is a step in moving towards complete ordering.
Risk Level: Low
Testing: Added Automated tests
Docs Changes: Updated
Release Notes: N/A
Signed-off-by: Rama <rama.rao@salesforce.com>
Mirrored from https://github.com/envoyproxy/envoy @ 51d274be76119efff76fdafaa2f49fdd479f2def
We use the new extension_protocol_options field on Cluster to allow clusters
to be configured with a transport and/or protocol. Downstream requests are
automatically translated to the upstream dialect and upstream responses are
translated back to the downstream's dialect.
Moves the TransportType and ProtocolType protobuf enums out of the
ThriftProxy message to allow their re-use in ThriftProtocolOptions.
*Risk Level*: low
*Testing*: integration test
*Docs Changes*: added thrift filter docs
*Release Notes*: n/a
Signed-off-by: Stephan Zuercher <stephan@turbinelabs.io>
Mirrored from https://github.com/envoyproxy/envoy @ c91625ed829a4ec4123bab8b4e6b223f67d88e4a
This PR adds timestamp field to the HealthCheckEvent message to allow
having it rendered inside the JSON serialized log of a health check
event.
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
Mirrored from https://github.com/envoyproxy/envoy @ 8d0680feb074999c18998930b7f5f261f8f4a7a0
- Ability to add custom response headers from ratelimit
service/filter
- For both (LimitStatus::OK and LimitStatus::OverLimit) custom
headers are added if RLS service sends headers
- For LimitStatus:OK, we temporarily store the headers and add
them to the response (via Filter::encodeHeaders())
*Risk Level*: Low
*Testing*: unit and integration tests added. Verified with modified
github.com/lyft/ratelimit service. Passes "bazel test //test/..." in
Linux
Signed-off-by: Suresh Kumar <suresh@freshdesk.com>
Mirrored from https://github.com/envoyproxy/envoy @ 71152b710e3543732464fca57c8f07b7395de68d
Currently, the thrift router only supports method matching as a way to route thrift requests. This builds on that by adding the ability to specify a service name that is used when matching. This change updates the RouteMatch proto definition to use a oneof field to indicate what type of matching should be done, as well as an invert flag that will allow for inverse matching rules.
Additionally:
* ensure new RouteEntryImplBase implementations check that inversion and wildcard matching are not enabled at the same time, as this would result in no matches for a route
* implement service matching as checking the prefix of the method name, as that's how it's implemented in thrift
*Risk Level:* Low
*Testing:*
* new and existing unit tests pass.
* updated integration test use new matching rules and ensure that expected upstreams receive requests.
*Documentation:* n/a
*Release Notes:* n/a
Signed-off-by: Brian Ramos <brirams@users.noreply.github.com>
Mirrored from https://github.com/envoyproxy/envoy @ 27fb1d353bb13d778a7fb70186e77ad7ce1080e1
The existing FaultDelay config used uint32 for the percent field which
limited the user to configure percentages only in terms of whole numbers
between 0 and 100. FractionalPercent allows finer control over the
percent values by allowing fractions to be specified in the
configuration, for example 0.0001%.
Signed-off-by: Venil Noronha <veniln@vmware.com>
Mirrored from https://github.com/envoyproxy/envoy @ 714ae130a6cb0d9c4bcef6cd5e3a0e698bdad370
Renaming message types in api/envoy/service/discovery/v2/hds.proto to improve readability
Risk Level:
Low
This is for #1310.
Signed-off-by: Lilika Markatou <lilika@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 9b33c49d1ca32e73d761849a617b988ed6b596a7