De-experimentalize XdsCredentials and XdsServerCredentials API (#26544)

* De-experimentalize XdsCredentials and XdsServerCredentials API

* Use GRPC_DEPRECATED

include/grpc/impl/codegen/port_platform.h

@@ -29,6 +29,13 @@
  *  - some syscalls to be made directly
  */
 
+// [[deprecated]] attribute is only available since C++14
+#if __cplusplus >= 201402L
+#define GRPC_DEPRECATED(reason) [[deprecated(reason)]]
+#else
+#define GRPC_DEPRECATED(reason)
+#endif  // __cplusplus >= 201402L
+
 /*
  * Defines GPR_ABSEIL_SYNC to use synchronization features from Abseil
  */

include/grpcpp/security/credentials.h

@@ -55,11 +55,17 @@ std::shared_ptr<grpc::Channel> CreateCustomChannelWithInterceptors(
         std::unique_ptr<grpc::experimental::ClientInterceptorFactoryInterface>>
         interceptor_creators);
 
-/// Builds XDS Credentials.
+GRPC_DEPRECATED(
+    "Use grpc::XdsCredentials instead. The experimental version will be "
+    "deleted after the 1.41 release.")
 std::shared_ptr<ChannelCredentials> XdsCredentials(
     const std::shared_ptr<ChannelCredentials>& fallback_creds);
 }  // namespace experimental
 
+/// Builds XDS Credentials.
+std::shared_ptr<ChannelCredentials> XdsCredentials(
+    const std::shared_ptr<ChannelCredentials>& fallback_creds);
+
 /// A channel credentials object encapsulates all the state needed by a client
 /// to authenticate with a server for a given channel.
 /// It can make various assertions, e.g., about the client’s identity, role
@@ -80,7 +86,7 @@ class ChannelCredentials : private grpc::GrpcLibraryCodegen {
   // AsSecureCredentials(). Once we are able to remove insecure builds from gRPC
   // (and also internal dependencies on the indirect method of creating a
   // channel through credentials), we would be able to remove this.
-  friend std::shared_ptr<ChannelCredentials> grpc::experimental::XdsCredentials(
+  friend std::shared_ptr<ChannelCredentials> grpc::XdsCredentials(
       const std::shared_ptr<ChannelCredentials>& fallback_creds);
 
   virtual SecureChannelCredentials* AsSecureCredentials() = 0;

include/grpcpp/security/server_credentials.h

@@ -60,10 +60,16 @@ struct SslServerCredentialsOptions {
   grpc_ssl_client_certificate_request_type client_certificate_request;
 };
 
-namespace experimental {
 /// Builds Xds ServerCredentials given fallback credentials
 std::shared_ptr<ServerCredentials> XdsServerCredentials(
     const std::shared_ptr<ServerCredentials>& fallback_credentials);
+
+namespace experimental {
+GRPC_DEPRECATED(
+    "Use grpc::XdsServerCredentials instead. The experimental version will be "
+    "deleted after the 1.41 release.")
+std::shared_ptr<ServerCredentials> XdsServerCredentials(
+    const std::shared_ptr<ServerCredentials>& fallback_credentials);
 }  // namespace experimental
 
 /// Wrapper around \a grpc_server_credentials, a way to authenticate a server.
@@ -83,8 +89,7 @@ class ServerCredentials : private grpc::GrpcLibraryCodegen {
   // We need this friend declaration for access to Insecure() and
   // AsSecureServerCredentials(). When these two functions are no longer
   // necessary, this friend declaration can be removed too.
-  friend std::shared_ptr<ServerCredentials>
-  grpc::experimental::XdsServerCredentials(
+  friend std::shared_ptr<ServerCredentials> grpc::XdsServerCredentials(
       const std::shared_ptr<ServerCredentials>& fallback_credentials);
 
   /// Tries to bind \a server to the given \a addr (eg, localhost:1234,

src/cpp/client/xds_credentials.cc

@@ -19,7 +19,6 @@
 #include "src/cpp/client/secure_credentials.h"
 
 namespace grpc {
-namespace experimental {
 
 std::shared_ptr<ChannelCredentials> XdsCredentials(
     const std::shared_ptr<ChannelCredentials>& fallback_creds) {
@@ -37,5 +36,12 @@ std::shared_ptr<ChannelCredentials> XdsCredentials(
   }
 }
 
+namespace experimental {
+
+std::shared_ptr<ChannelCredentials> XdsCredentials(
+    const std::shared_ptr<ChannelCredentials>& fallback_creds) {
+  return grpc::XdsCredentials(fallback_creds);
+}
+
 }  // namespace experimental
 }  // namespace grpc

src/cpp/server/xds_server_credentials.cc

@@ -19,7 +19,6 @@
 #include "src/cpp/server/secure_server_credentials.h"
 
 namespace grpc {
-namespace experimental {
 
 std::shared_ptr<ServerCredentials> XdsServerCredentials(
     const std::shared_ptr<ServerCredentials>& fallback_credentials) {
@@ -37,5 +36,12 @@ std::shared_ptr<ServerCredentials> XdsServerCredentials(
           fallback_credentials->AsSecureServerCredentials()->c_creds()));
 }
 
+namespace experimental {
+
+std::shared_ptr<ServerCredentials> XdsServerCredentials(
+    const std::shared_ptr<ServerCredentials>& fallback_credentials) {
+  return grpc::XdsServerCredentials(fallback_credentials);
+}
+
 }  // namespace experimental
 }  // namespace grpc

test/cpp/end2end/xds_credentials_end2end_test.cc

@@ -56,7 +56,7 @@ TEST_P(XdsCredentialsEnd2EndFallbackTest, NoXdsSchemeInTarget) {
   ChannelArguments args;
   auto channel = grpc::CreateCustomChannel(
       server_address_,
-      grpc::experimental::XdsCredentials(
+      grpc::XdsCredentials(
           GetCredentialsProvider()->GetChannelCredentials(GetParam(), &args)),
       args);
   auto stub = grpc::testing::EchoTestService::NewStub(channel);
@@ -79,7 +79,7 @@ class XdsServerCredentialsEnd2EndFallbackTest
     server_address_ = "localhost:" + std::to_string(port);
     builder.AddListeningPort(
         server_address_,
-        grpc::experimental::XdsServerCredentials(
+        grpc::XdsServerCredentials(
             GetCredentialsProvider()->GetServerCredentials(GetParam())));
     builder.RegisterService(&service_);
     server_ = builder.BuildAndStart();

test/cpp/end2end/xds_end2end_test.cc

@@ -1890,7 +1890,7 @@ class XdsEnd2endTest : public ::testing::TestWithParam<TestType> {
         GetParam().use_fake_resolver() ? "fake" : "xds", ":///", server_name);
     std::shared_ptr<ChannelCredentials> channel_creds =
         GetParam().use_xds_credentials()
-            ? experimental::XdsCredentials(CreateTlsFallbackCredentials())
+            ? XdsCredentials(CreateTlsFallbackCredentials())
             : std::make_shared<SecureChannelCredentials>(
                   grpc_fake_transport_security_credentials_create());
     return ::grpc::CreateCustomChannel(uri, channel_creds, args);
@@ -2648,8 +2648,7 @@ class XdsEnd2endTest : public ::testing::TestWithParam<TestType> {
       if (GetParam().use_xds_credentials()) {
         if (use_xds_enabled_server()) {
           // We are testing server's use of XdsServerCredentials
-          return experimental::XdsServerCredentials(
-              InsecureServerCredentials());
+          return XdsServerCredentials(InsecureServerCredentials());
         } else {
           // We are testing client's use of XdsCredentials
           std::string root_cert = ReadFile(kCaCertPath);

test/cpp/interop/xds_interop_server.cc

@@ -131,9 +131,9 @@ void RunServer(bool secure_mode, const int port, const int maintenance_port,
   if (secure_mode) {
     grpc::XdsServerBuilder xds_builder;
     xds_builder.RegisterService(&service);
-    xds_builder.AddListeningPort(absl::StrCat("0.0.0.0:", port),
-                                 grpc::experimental::XdsServerCredentials(
-                                     grpc::InsecureServerCredentials()));
+    xds_builder.AddListeningPort(
+        absl::StrCat("0.0.0.0:", port),
+        grpc::XdsServerCredentials(grpc::InsecureServerCredentials()));
     xds_enabled_server = xds_builder.BuildAndStart();
     gpr_log(GPR_INFO, "Server starting on 0.0.0.0:%d", port);
     builder.RegisterService(&health_check_service);