Earlier, the tests just had bazel support. With CMake support added in #36063, we can also add CI CMake support for the tests. A major benefit of this is that we also get coverage for the various platforms that we test from our portability test suite.
Closes#36087
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/36087 from yashykt:OTelCISupport b28fbe02e5
PiperOrigin-RevId: 615543685
<!--
If you know who should review your pull request, please assign it to that
person, otherwise the pull request would get assigned randomly.
If your pull request is for a specific language, please add the appropriate
lang label.
-->
Closes#36100
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/36100 from yijiem:no-logging 970a640475
PiperOrigin-RevId: 615299752
This PR changes how CRLs are handled purely internally. After discussing with davidben@, there are various problems with the `X509_STORE_set_get_crl` API and we shouldn't use it. This change keeps the behavior and external API the same, but instead of bulk pushing CRL information into OpenSSL, we instead iterate through the built chain and check each certificate for revocation, as well as doing the CRL validation ourselves.
Closes#36031
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/36031 from gtcooke94:CrlInternalRefactor 5f4c816648
PiperOrigin-RevId: 615139682
gRPC swift package depends on [boringSSL-SwiftPM](https://github.com/firebase/boringSSL-SwiftPM), which hasn't been updated since more than two years ago (https://github.com/firebase/boringSSL-SwiftPM/pull/8).
Updating it is not trivial as the `Package.swift` file is maintained manually, a recent [upgrade to swift 5.5](https://github.com/firebase/boringSSL-SwiftPM/pull/16) took good amount of time only to repeatedly exclude one (sometimes two) non-code files and retry build to get new errors, until the build succeeds.
This PR uses the gRPC build system to generate the swift package file from the same boringssl version in third_party.
Will use the output to update the boringSSL-SwiftPM repo after this PR is merged.
Tested with
```
cp BoringSSL-Package.swift Package.swift
swift build --target openssl_grpc
swift test
```
Closes#36062
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/36062 from HannahShiSFB:add-boringssl-swift-package ac3e525bf2
PiperOrigin-RevId: 614088802
Changes -
* Add CMake build support to `grpcpp_otel_plugin`. Currently, we are only supporting the `find_package CONFIG` method for depending on `opentelemetry-cpp`.
* Since, `grpcpp_otel_plugin` is an extension of gRPC, it will not be built by default. To enable building of this target, a new CMake option `gRPC_BUILD_GRPCPP_OTEL_PLUGIN` is being added.
* Also add `CMakeLists.txt` to the otel example.
The `otel_plugin_test` can also be built through cmake but, for the CI to work, there are some additional changes. Those will be made in an upcoming PR.
Closes#36063
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/36063 from yashykt:OTelCMakeSupport 3bc783823b
PiperOrigin-RevId: 613734473
PanCakes to the rescue!
We noticed that our 'sanity' test was going to fail, but we think we can fix that automatically, so we put together this PR to do just that!
If you'd like to opt-out of these PR's, add yourself to NO_AUTOFIX_USERS in .github/workflows/pr-auto-fix.yaml
Closes#36059
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/36059 from grpc:create-pull-request/patch-02276f4 fb93164443
PiperOrigin-RevId: 613642099
While we're here, also change the Echo service handler to mutate clients before handling the RPC, mainly so that it can be reasoned about in cases involving client cancellation.
PiperOrigin-RevId: 613029541
There are tests in another change I'm working on for which we need to do things like:
1) waiting for N RPCs to concurrently pile up on a server
2) doing 1) multiple times sequentially on the same server
PiperOrigin-RevId: 612934305
also:
- remove tail recursion from promise endpoint read completion (actually overflowed stack!)
- remove retry filter from benchmark - we probably don't want this long term, but for now nobody else is using this benchmark and our use case doesn't use grpc retries so.... good enough
Closes#36050
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/36050 from ctiller:cgbm 65b1c26767
PiperOrigin-RevId: 612577071
This adds the following new targets:
- `channel`: A virtual interface for a channel.
- `legacy_channel`: A channel implementation that supports the filter stack and call v2.
- `channel_create`: A standalone function to create a channel.
- `server_interface`: A base class with a few accessor methods used in surface/call.cc.
- `server`: The actual server implementation.
- `api_trace`, `call_tracer`, `server_call_tracer_filter`, `call_finalization`: These were split out of `grpc_base` to avoid various dependency problems.
- `compression`: This is a combination of the previously existing `compression_internal` target and the compression code that was part of `grpc_base`.
Closes#35924
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/35924 from markdroth:channel_interface 94a7fffddb
PiperOrigin-RevId: 612512438
Redacting unknown metadata types in debug logs.
<!--
If you know who should review your pull request, please assign it to that
person, otherwise the pull request would get assigned randomly.
If your pull request is for a specific language, please add the appropriate
lang label.
-->
Closes#36006
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/36006 from tanvi-jagtap:tjagtap_redact_01 94c5738bfe
PiperOrigin-RevId: 611334483
This PR adds the Authority Key Identifier to CertificateInfo. This value _can be_ important in finding the right CRLs to use if there are Issuer name overlaps or a more complicated CA setup with multiple signing keys.
We should observe no behavior change in our `CrlProvider` implementations, this is just adding an important field for users who implement it themselves.
Closes#35931
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/35931 from gtcooke94:AkidCheck dd048a53b6
PiperOrigin-RevId: 611143198
The current .NET SDK in these tests is EOL, and we've been seeing strange SSL errors transiently.
Update to a supported version and remove cruft in the docker image that was there to install the older version.
TODO: submitting first with the ubuntu 22.04 image test skipped, need to follow-up with a fix and unskip the test
Closes#35955
PiperOrigin-RevId: 610798209
<!--
If you know who should review your pull request, please assign it to that
person, otherwise the pull request would get assigned randomly.
If your pull request is for a specific language, please add the appropriate
lang label.
-->
Closes#35871
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/35871 from yijiem:grpc-metrics 86ebe484ae
PiperOrigin-RevId: 609533796
<!--
If you know who should review your pull request, please assign it to that
person, otherwise the pull request would get assigned randomly.
If your pull request is for a specific language, please add the appropriate
lang label.
-->
Closes#35573
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/35573 from yijiem:enable-oss-ee-dns-posix-real 1df91d1d84
PiperOrigin-RevId: 609193851
This PR is copied from #34276, since I did not have permissions to add commits to it. That PR has been verified to work (see the top-level description). This PR just makes the gRPC tests pass (e.g. adding includes, clang formatting).
Closes#34874
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/34874 from matthewstevenson88:pull_34276 d5fb73e5b2
PiperOrigin-RevId: 609107146
…p and add some verification helpers (#35641)"
This reverts commit 310770d61d.
It breaks all portability tests.
```
[==========] Running 1 test from 1 test suite.
[----------] Global test environment set-up.
[----------] 1 test from CrlUtils
[ RUN ] CrlUtils.HasCrlSignBitExists
/[var/local/git/grpc/test/core/tsi/ssl_transport_security_utils_test.cc:566](https://cs.corp.google.com/piper///depot/google3/var/local/git/grpc/test/core/tsi/ssl_transport_security_utils_test.cc?l=566): Failure
Value of: HasCrlSignBit(root_ca_)
Actual: false
Expected: true
[ FAILED ] CrlUtils.HasCrlSignBitExists (0 ms)
[----------] 1 test from CrlUtils (0 ms total)
[----------] Global test environment tear-down
[==========] 1 test from 1 test suite ran. (0 ms total)
[ PASSED ] 0 tests.
[ FAILED ] 1 test, listed below:
[ FAILED ] CrlUtils.HasCrlSignBitExists
```
Closes#35962
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/35962 from drfloob:revert-310770d61d3b25d358d877a074bebf6ae85549d0 e6a2f03309
PiperOrigin-RevId: 609075479
This breaks the following pieces out of the `grpc_client_channel` BUILD target:
- backend_metric_parser
- oob_backend_metric
- child_policy_handler
- backup_poller
- service_config_channel_arg_filter
- client_channel_channelz
- client_channel_internal_header
- subchannel_connector
- subchannel_pool_interface
- config_selector
- client_channel_service_config_parser
- retry_service_config_parser
- retry_throttle
The code left in the `grpc_client_channel` target will need more work to pull apart.
Closes#35879
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/35879 from markdroth:client_channel_build_split f388a37edc
PiperOrigin-RevId: 608806548
This change is needed in order to get certain LB-policy-unit-test-framework-based tests to pass, which involve updates on PF policies.
Without this change, in such tests, health watchers on the original subchannel can be left hanging around. The underlying reason is related to 842057d8d5/test/core/client_channel/lb_policy/lb_policy_test_lib.h (L203).
Related: cl/563857636
Closes#35865
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/35865 from apolcyn:update_pf_Test 1a5e6b5591
PiperOrigin-RevId: 607844309
As title. Pulling these additions out from a larger change.
Related: cl/563857636
Closes#35861
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/35861 from apolcyn:xds_test_changes a67f64d93c
PiperOrigin-RevId: 607728140
This PR does 2 distinct things, I can unbundle them if desired
1) Add functions in `ssl_transport_security_utils` and associated tests that will eventually be used for additional Crl validation (the logic of actually doing this will be in a future PR), so other than the tests these fns are currently unused.
2) Remove the use of `X509_NAME_oneline` - it is not a guaranteed stable way to get the issuer name for lookups. Instead, use the DER encoding via `i2d_X509_NAME` - the results in a non-human readable string that is stable for lookup, and necessitated some change to the CrlProvider test code that previously used a human readable string for this value.
Neither should result in behavior changes.
Closes#35641
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/35641 from gtcooke94:CrlRefactor 2b6f63717c
PiperOrigin-RevId: 607701254
As title. Pulling these additions out from a larger change.
Related: cl/563857636
Closes#35860
COPYBARA_INTEGRATE_REVIEW=https://github.com/grpc/grpc/pull/35860 from apolcyn:test_lib_changes 40b6455638
PiperOrigin-RevId: 606708025
Tanvi Jagtap
Yash Tibrewal
Vignesh Babu
Yijie Ma
Mark D. Roth
Eugene Ostroukhov
Gregory Cooke
Hannah Shi
github-actions[bot]
Alexander Polcyn
AJ Heller
Craig Tiller
Xuan Wang
Matthew Stevenson
youyuanwu