Previously, type_to_endpoint.cc had a lot of hardcoding, which doesn't scale well with multiple API
versions. See https://github.com/envoyproxy/envoy/pull/9526 for an example of the issues
encountered.
This patch switches to using explicit resource type annotations on service descriptors, which is
great for documentation (previously this was sometimes given in comments, sometimes not), and allows
for a reflection driven reverse map from resource type URL to endpoints to be built at runtime.
Risk level: Low
Testing: New unit tests for type_to_endpoint.cc and golden protoxform tests for the new annotations.
Fixes#9454.
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ cceab393664429a3063d787cf28cade3c8ab01c7
Signed-off-by: Adam Kotwasinski <adam.kotwasinski@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ a60f6853a2c2ebbbfed79dfff0b5b644fd735980
This allows for a clean separation of config/service in v3. This is a
continuation of #9548.
Risk level: Low
Testing: bazel test //test/...
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ c3bddaee1912fcd1fedc4786aee830b2e4a7c599
Description:
Move packages around for #8120 and #8121
Risk Level: Med around messing up build.
Testing: CI
Docs Changes: in API/STYLE.md
Release Notes: N/A (v3alpha is not in use yet)
Fixes#8120
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Mirrored from https://github.com/envoyproxy/envoy @ 1371f2ef46582a72b5b3971147bd87c534011731
Fixes server_fuzz_test fuzz bugs:
* QUIC upstream not implemented in prod, so the fuzzer removes the HTTP3 codec types for http health checks
* PGV validate throws a not yet implemented error on URIs. I removed this check for now and replaced with a TODO. If I catch the std::exception that is thrown and bypass it with a warning statement in the logs, we skip over other validations, which means that any fuzz test or user using this uri field will be in danger of failing because of other invalid fields @JimmyCYJ. PGV issue tracked: envoyproxy/protoc-gen-validate#303
Fixes OSS-Fuzz Issues:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19614https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19689
Signed-off-by: Asra Ali <asraa@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ b7dcf083876f5d34d0dde5df535989a81dfa8023
Inspired (but no longer required) by #9500. This is a relatively simple
API migration feature to support, so worth adding for future flexibility
Risk level: Low
Testing: New protoxform golden tests added.
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 4efbf45c10e2d2afd84fee2466e476cb8fc0a804
It enables to specify API versioning for xDS for #8421, allow to write like this config
eds_cluster_config:
eds_config:
version: V2
api_config_source:
api_type: GRPC
grpc_services:
envoy_grpc:
cluster_name: eds_cluster
Risk Level: Low
Testing: unit test(maybe it is needed to add integration test)
Signed-off-by: shikugawa <rei@tetrate.io>
Mirrored from https://github.com/envoyproxy/envoy @ e3717b54b8d91d1862b096f73efbe96086862183
This is intended to simplify the internal handling of deprecations during API boosting.
See https://docs.google.com/document/d/1mGO9LtVo7t4Lph7WlmyGCxXye3h6j29z3JZvIBbs_D0/edit
Ultimately the plan is to hide this all as a build artifact in Bazel cache, but due to the technical complexity of the pure Bazel solution (involving changes spanning PGV, protoxform, API build rules), we will use checked-in artifacts for 1.13.0.
Risk level: Low
Testing: Additional API test and protoxform golden test.
Part of #8082
This should be unwound in the future with #9479
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ da5fb5ce6ec7cc6e4693656a5ba2161107f6ac4a
Modifies the protodoc tool to tag required duration fields as required.
Adds documentation around HttpHealthCheck.expected_statuses to clarify
what's expected of the Int64Range. Tags two Uint32Value fields as required
since they were implicitly treated as such (and generated missing field
exceptions when unset).
Risk Level: low
Testing: existing tests pass
Docs Changes: yes
Release Notes: n/a
Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 9263763e0a68961ee10fe63bc534d2546ed38376
The type database now has rename information.
Also some misc. fixes for enum and generated static method handling
support.
Part of #8082
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 2c8992bce1880ed7ae8ede837434b8713c24a615
This commit adds query parameters to the /config_dump admin endpoint
that allow listing keys and dumping only config associated with a passed
key.
You can now filter /config_dump endpoint with the key query parameter, e.g. /config_dump?key=clusters. This uses keys such as "listeners" and "clusters" that are set in places like here. You can view all keys with /config_dump?list_keys.
Risk Level: low
Testing: unit tests
Docs Changes: updated config dump proto docs and admin interface docs
Release Notes: added
Fixes#8743
Signed-off-by: Spencer Lewis <slewis@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 091a06f5126021cbff8629cba5e4bafa24e6603c
In order to get file level move annotation, import has to be before options.
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Mirrored from https://github.com/envoyproxy/envoy @ 062c895f499382ae61dead16db2a7e78b9146525
More precise explanation for ACK and NACK for implementers' benefit
Risk Level: Low (doc only change)
Testing: doc only testing (using github rst rendering)
Signed-off-by: Sanjay Pujare <sanjaypujare@users.noreply.github.com>
Mirrored from https://github.com/envoyproxy/envoy @ 89aec852f81055b976cec0fb94e79709b2528145
Updates the documentation to be less specific about the behavior of
removing an endpoint, as there are cases that does not result in
draining connections (e.g. when an endpoint is removed from one priority
but added to another).
Fixes#8056
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 7db53c01cf705d329bce4f0eb1b14549fde3744b
Description:
Implement `allow_missing` (but not failed) mode for JWT requirement. In this mode, token is not required for JWT filter to pass. However, if a token is presented, it must be valid.
This PR also change the `allow_missing_or_failed` (and the new `allow_missing`) to consider the provider within the container OR-list, instead of using the global one that have all providers. As a result, each `allow_xxx` will examine the interested tokens list independently. This correct the behavior when the `allow_xxx` is used multiple times, e.g in different ORs of an AND-of-OR requirements.
Risk Level: Medium
The PR changes the existing behavior of `allow_missing_or_failed`
Testing:
Unit tests.
Docs Changes: Added
Release Notes: Added
Signed-off-by: Diem Vu <diemvu@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 74436a6303825e0a6873222efff591ea1001cf87
Setting update_frequency to 0 causes a segfault. Prevent invalid values via validation.
Risk Level: low
Testing: added unit test
Doc Changes: updated
Release Notes: n/a
Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 3256d60fcb9710f0ffda856e72126fd957796409
Clarify xDS protocol semantics for resources that do not exist.
Risk Level: Low
Testing: N/A
Docs Changes: Included in PR.
Signed-off-by: Mark D. Roth <roth@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ a9c5fa15909fe7d7be58ec6446508d061fe467c8
This is a beachhead PR for a Clang Libtooling based workflow that automagically updates Envoy's
source tree to the latest API version for every referenced package. So far, ths tool is only capable
of inferring types and performing header fixups, later PRs will expand this.
Risk level: Low
Testing: Manual cleanup of all headers in source/ test/ and include/, all tests pass.
Part of #8082
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ b54d1c366744314dda38aed5f14e7e93323acb41
Adds documentation for on-demand VHDS/RDS.
Signed-off-by: Brian Avery <bavery@redhat.com>
Mirrored from https://github.com/envoyproxy/envoy @ 8ea6ccb5c3e28479da1978b7376ddc9cf0c6eb3a
*Description:*
Add a new `--disable-extensions` flag that hides the named extensions
from their corresponding factory registry. The extensions are retained
in the registry factory, but the factory pointer is nulled so that
configuration attempts to use the extensions will fail.
*Risk Level:* Medium
*Testing:* Added unit tests, manual verification.
*Docs Changes:* Added to CLI reference.
*Release Notes:* Added release note.
*Fixes:* #9096
Signed-off-by: James Peach <jpeach@apache.org>
Mirrored from https://github.com/envoyproxy/envoy @ 445d0ee4a64738f1de072537fb364d9096478915
Document incremental xDS semantics about resources that do not exist.
Risk Level: Low
Testing: N/A
Docs Changes: Included in PR
Release Notes: N/A
This attempts to clarify the incremental xDS protocol semantics, as per discussion in #7415
Signed-off-by: Mark D. Roth <roth@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ fb89269082397153475319b56341ea6fac3a78cd
The max_request_bytes field is assumed to have a value set that is
greater than zero. The code ASSERTs this and does unpleasent things
if not set. This corrects that built-in assumption. Note that this
field could be a primitive integer with a constraint, but it doesn't
seem worth that churn to fix.
Fixes https://github.com/envoyproxy/envoy/issues/7650
Signed-off-by: Matt Klein <mklein@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ a3b15fccf1c4c8318af9493aa263abe07089bfd5
Signed-off-by: William A Rowe Jr <wrowe@pivotal.io>
Signed-off-by: Yechiel Kalmenson <ykalmenson@pivotal.io>
Signed-off-by: Sunjay Bhatia <sbhatia@pivotal.io>
Mirrored from https://github.com/envoyproxy/envoy @ daeb9850dbcd78da21a2e8ff9854564830cefb19
Instead of formatting options heuristically, which will erase new annotations without changing protoxform, use proto descriptor to format options, and enforce its order as well.
Risk Level: Low
Testing: CI
Docs Changes: N/A
Release Notes: N/A
Signed-off-by: Lizan Zhou <lizan@tetrate.io>
Mirrored from https://github.com/envoyproxy/envoy @ dfe687d49574ef7eb1bf84867bf571e805a2bf97
Add a new field sts_service into GoogleGrpc call credential options which support Envoy to exchange token. See grpc/grpc#19032 and grpc/grpc#19587.
Signed-off-by: JimmyCYJ jimmychen.0102@gmail.com
Risk Level: Low
Testing: Unit test
Signed-off-by: Jimmy Chen <jimmychen.0102@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 46e65a498df7c920065a769860753076f9de16e7
* access_log: add ability to generate JSON access logs preserving data types
Using the new typed JSON format mode, numeric values (e.g. request duration,
response codes, bytes sent, etc) are emitted as json numbers instead of as
json strings. In addition, dynamic metadata and filter state are emitted
as nested structs and lists where appropriate.
Risk Level: medium for users of json logs
Testing: unit tests
Doc Changes: included
Release Notes: included
Fixes: #8374
Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ c7affbc223fae3a5dd104b8d6be4ea29af4042f6
data-plane-api(CircleCI)