This patch adds the RuntimeDouble helper class, similar to the
RuntimeUint32 class.
Signed-off-by: Tony Allen <tony@allen.gg>
Mirrored from https://github.com/envoyproxy/envoy @ 15330aa60bd6da79be02f00b8130b527f11eb0fa
Allow using a custom host name for endpoints and health checks. This enables auto host re-write to work with EDS
Risk Level: Low, new opt in field.
Testing: Unit tests
Docs Changes: inline docs in the protocs.
Release Notes: added to version_history.rst
Fixes#10408
Signed-off-by: Yuval Kohavi <yuval.kohavi@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ b5a3405b2725e979a93e7410fce7c57a0c66d8db
Signed-off-by: Ruslan Nigmatullin <elessar@dropbox.com>
Co-authored-by: Ross Delinger <rossd@dropbox.com>
Mirrored from https://github.com/envoyproxy/envoy @ 56537f6acf687ff889b47bd2b823d7e11c178e1c
This commit is this base structure and api definition
for the DNS filter. The code itself takes no action
on packets. Tests will be added later.
Signed-off-by: Alvin Baptiste <alvinsb@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ b3949eaf2080809b8a3a6cf720eba2cfdf864472
Add options to either put all methods into the same per-cluster
stat, or to whitelist which methods to create stats for.
Additionally, start a deprecation process for the default mode
being to create a stat for all methods, to remove an unsafe
default.
Risk Level: Low
Testing: Unit tests added
Docs Changes: done
Release Notes: added
Fixes#10445
Deprecated: added
Mirrored from https://github.com/envoyproxy/envoy @ 715992f3ac891d87e67566ffbfd6b3af8d8a4e1d
The documentation for the HTTP connection manager `request_timeout`
says it is a timeout for idle requests, but it is actually the time
to receive a complete request from the downstream client.
This fixes#10481.
Signed-off-by: James Peach <jpeach@apache.org>
Mirrored from https://github.com/envoyproxy/envoy @ 986e9413da9b8a03050e3e587bc0cc54a44078fa
Initially the name of the segment defaulted to the local cluster/node
name. But since that too can be empty, and this tracer throws and
crashes if the segment is empty, then it's best to make the field
required and not use defaults.
Signed-off-by: Marco Magdy <mmagdy@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ e8654dbd4ba3b6cc8c33efbef7bf36d85cd882a0
* Automatically derive active protos target used in proto_format.sh from the packages with files
annotated as active.
* Replace some sites with hardcoded v2/v3 with active/next_major_version_candidate.
* Move //docs:BUILD to //versioning:BUILD in API tree. This has already ceased to be used directly
in the docs build, so this makes things a bit clearer.
Risk level: Low (API tooling and build only)
Testing: fix_format (mostly idempotent)
Part of #10355.
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 4403003b9c0888ce81606a2f45fcc1da126514e7
Part of https://github.com/envoyproxy/envoy/issues/10355, this patch introduces additional
annotations to the API to support automatic inference (and developer documentation) of where the
active developer editable version of a file is, and which files are frozen or machine generated.
Risk level: Low (API annotations only)
Testing: CI
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 4c5f4310bb8a19a38e5377d7a2d2dc6aa4560f47
Description: this PR adds the `x-envoy-attempt-count` header to downstream responses.
Risk Level: low, used via new config value that defaults to false.
Testing: updated tests to verify that the header is being set. New unit tests
Docs Changes: updated docs
Release Notes: added.
Signed-off-by: Jose Nino <jnino@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ 1db15db60af37b167b72e3c5e653ffdda9711336
Switch to using a data source for a more usable API
Risk Level: low (just recently merged the API)
Signed-off-by: Kuat Yessenov <kuat@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ abb575aec73b505bddddcb96c5e858088f331bac
The first half of proxying TCP over HTTP/1, sending the TCP over an HTTP connection.
Risk Level: Low (new code config guarded, minor TCP proxy refactors)
Testing: new integration tests, unit tests
Docs Changes: n/a (will land docs when the other half makes it usable)
Release Notes: n/a
Part of #1630
Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Mirrored from https://github.com/envoyproxy/envoy @ 213d09d200d8bc7504f19ab3945cbb6342483d48
This enables "non-strict" header validations, that match the ones in place with Envoy's ASSERT(valid()) code. The default strict: true checks checked for RFC-compliance, which may break previously valid configs.
Part of #10318
Signed-off-by: Asra Ali <asraa@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 97a76d991766d96df2e84a1f2e33b69cae844471
The partial implementation of #10254. Adding a support for http header responsible for injecting faults - aborting requests with x-envoy-fault-abort-request HTTP header set.
Risk Level: low, new feature.
Testing: Added
Docs Changes: Added
Release Notes: Added
Signed-off-by: Rafal Augustyniak <raugustyniak@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ 55971b23978b961da71c80b49ddede4c88f24eab
This filter transform HTTP requests to AWS Lambda invocations.
The filter supports pass-through only. Meaning, the request body
is passed to Lambda as is. Note: Lambda requires the request to be in
JSON format.
In a later iteration, we'll wrap the headers the body in a JSON string
before passing it to Lambda.
The filter requires the ARN of the Lambda function and supports
per-filter-config. When the per-filter configuration is used, the target
cluster must be tagged with specific metadata. This indicates to the
filter whether to process the request or to skip it.
Lambda supports two invocation modes:
- Synchronous (Request-Response)
- Asynchronous (Event)
This initial version of the filter supports the synchronous mode only.
In a later iteration I'll add support for the asynchronous (Event-based)
version.
Signed-off-by: Marco Magdy <mmagdy@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 807401004d500899e9aa4c78fce007cf83b538cd
There were a few things missing to make this filter work with S3:
* empty body requests (e.g.: GET) still need a sha256 content header
(the empty string hash)
* requests for s3 shouldn't sign all headers (especially because some
of them might change, e.g.: x-forwarded-for)
* when proxying requests to s3, HCM's host rewrite won't work so
support it as a filter config option
* ditto for prefix rewrite
Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com>
Mirrored from https://github.com/envoyproxy/envoy @ 28f33a776960dd717d4b57da73b0dbce7dbb3e85
Add a new hash method based on Hashable object in FilterState.
Risk Level: LOW (new method)
Testing: unit tests
Docs Changes: N/A
Release Notes: N/A
Fixes#9701
Signed-off-by: Xin Zhuang <stevenzzz@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ cfa91de1a284a8be848cfbd5844a89157baf64d2
Small update on proto_format path.
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
Mirrored from https://github.com/envoyproxy/envoy @ d78ad5b720e5a9a90304cd5c414772ad6afa88b5
Implement a retry policy for remote data sources.
Risk Level: Low
Testing: Unit test
Docs Changes: N/A
Release Notes: added
Fixes: #9438
Signed-off-by: Yan Xue <yxyan@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ bd7c97858556c2851589d7fb73a25e99b8687df3
Modifies the well-known-names of the built-in listener filters
to use the same names as the extension build system.
Risk Level: low, previous name is still accepted
Testing: existing tests + deprecated tests for old names
Docs Changes: updated names
Release Notes: updated
Deprecated: old names are logged as deprecated
Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 6c2137468c25d167dbbe4719b0ecaf343bfb4233
Ignores RST code blocks, double-backtick literals, and links.
Ignores single-, double- or asterisk-quoted words containing
letters, numbers, hyphens and periods. Single- and double-quoted
words may contain asterisks as well. Ignores code-like expressions
in single backticks (e.g. `namespace::template<T>`). Ignores
tuple-like expressions. Better smart quote handling. Prefix and
suffixes can be stored in the word list but are handled specially.
Risk Level: low, build only
Testing: unit tests
Docs Changes: cleanup
Release Notes: n/a
Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 56cfb638edd241887338816eecda12fc66f57e9e
Modifies the jwt_authn docs to make it clear that the JWT payload
forwarded to the backend service is encoded with base64url and not
regular base64.
Signed-off-by: Joshua Welsh <Jawshua@users.noreply.github.com>
Mirrored from https://github.com/envoyproxy/envoy @ 609458bbd178100f956ee8587c1092abfb9a99f2